last executing test programs:

1m44.509069869s ago: executing program 0 (id=528):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newtaction={0x64, 0x30, 0x1, 0x203, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x6, 0xfffffffb, 0x8, 0xb, 0x3}, 0x7}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0x980912})
close(0x3)

1m44.503915004s ago: executing program 0 (id=531):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000017c0)='./bus/file0\x00', 0x10000, 0x70)
r2 = openat(r1, &(0x7f000000c380)='./file0\x00', 0x2c4240, 0x166)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0) (async)
syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) (async)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000480)=@x={0x94, 0xf, "882316a70681"}) (async)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) (async, rerun: 64)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async, rerun: 64)
timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) (async)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x10018, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYRES8=r2, @ANYRESDEC=0x0, @ANYBLOB=',gRQup_id=', @ANYRESDEC=0x0]) (async, rerun: 64)
lstat(&(0x7f0000000240)='./file0\x00', 0x0) (async, rerun: 64)
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0, 0x0, <r7=>0x0}, 0xfffffffffffffd3c)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x8, 0xffffffffd24b2432, 0x83, 0xffff, 0x0, 0xabe6, 0x0, 0x0, 0x80, 0x8001}}, 0x50)
r8 = syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x103381)
ioctl$USBDEVFS_FREE_STREAMS(r8, 0x8008551d, &(0x7f0000000140)=ANY=[@ANYBLOB="04077cbd9fca3944adad1671adba03dfaf3b0345e49685066ee7ac191f0cec888c59564675ed37ef7c4fc9c4a6a030e75c3a576949c80628f489e9e5ebe6dd4c9721402c5b1bcb43f545ec13c29c77149ee697528ea5e0e515332abc54fc9bb99c393fb5784ff533a9314e31e36cd3f7b58176ddf16c67"]) (async)
syz_fuse_handle_req(r3, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r9=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r9}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYRESDEC=r7, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYBLOB="8897013d64a479a943d8a1c183d3fbaf2a00f704ebb71635d6565d645f2934c11f182eaa827a1879419d3051cefacb1e27a196a7d7a27c6abc7bd5fcadf3df73760a0a2f1fc61469fba7a318ae3c1575c72dddd21b76377e7fd274fb62a6350cde4dbe22d00b162082c9d469fad1f9c6bfe8a70e6b745a2761cd1cba7e2a59d0bd1d5619d9fc94f79c1058b277abe684b50b3909aa9cca83145614c9657a07d76c79022b2a091e96e5c66034f57a7c26ef70b97cb7b687d90d8f59a40fa5490017cea9ad5bceeae6b908fe298d535c17a740353af0037110b3ba87f17aca95ece8b86fb44de8db03ee57cfa353ac4bcc7df93ad27b", @ANYBLOB="0000000079680000020000400603000021872b20c699d6b5b25fb51149cf5b5703ba212a66b8"], 0x48}}, 0x81) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r10, 0x1, 0x49, &(0x7f0000000040), 0x4) (async)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0200"], 0x48}}, 0x40884)
creat(&(0x7f0000000000)='./bus/file0\x00', 0x100) (async)
r11 = syz_genetlink_get_family_id$nbd(&(0x7f0000002780), 0xffffffffffffffff)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r12, &(0x7f0000004080)={0x0, 0x0, &(0x7f0000004040)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002cbd70000180ffff030000000c0002008100000000000000080001000000e6"], 0x28}, 0x1, 0x0, 0x0, 0x4044012}, 0x80) (async)
mount(&(0x7f0000001780)=@rnullb, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0xd8488, &(0x7f0000000100)='trans=rdma,')

1m44.390278467s ago: executing program 0 (id=533):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000000)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x1d, 0x1, 0x6}, [@CGW_SRC_IF={0x8, 0x9, r3}, @CGW_DST_IF={0x8, 0xa, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f000019"], 0xfe33)

1m44.339851027s ago: executing program 0 (id=535):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd)
ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000140)={0x200, 0xab05, {0xffffffffffffffff}, {<r1=>0xee01}, 0x4, 0xcdd})
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b37090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f383b6c090890e0879b0a0ac6e70a9b3361959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x4000)
setresuid(r5, r5, 0x0)
setresuid(r1, r2, r5)
r6 = socket$key(0xf, 0x3, 0x2)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x207)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x810000, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r7, 0x89f0, &(0x7f0000000400)={'erspan0\x00', &(0x7f0000000480)={'syztnl2\x00', <r8=>0x0, 0x80, 0x700, 0x40, 0x1, {{0x16, 0x4, 0x0, 0x6, 0x58, 0x64, 0x0, 0x81, 0x0, 0x0, @empty, @private=0xa010100, {[@lsrr={0x83, 0x1b, 0x83, [@rand_addr=0x64010102, @rand_addr=0x64010101, @broadcast, @loopback, @local, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @end, @end, @lsrr={0x83, 0x27, 0x75, [@private=0xa010100, @remote, @loopback, @multicast1, @broadcast, @dev={0xac, 0x14, 0x14, 0x12}, @empty, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002240)={r7, 0xe0, &(0x7f0000002140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, &(0x7f00000005c0)=[0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0], <r9=>0x0, 0xd5, &(0x7f0000000640)=[{}, {}], 0x10, 0x10, &(0x7f0000002080), &(0x7f00000020c0), 0x8, 0x45, 0x8, 0x8, &(0x7f0000002100)}}, 0x10)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002b40)={0x6, 0x3f, &(0x7f0000002280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x7}, [@map_fd={0x18, 0x8, 0x1, 0x0, r4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x253b8c41}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f0000002480)='GPL\x00', 0x7, 0xd3, &(0x7f00000024c0)=""/211, 0x41100, 0x10, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000025c0)=[r4, r7, r4, r7, r4, r0, 0x1, r7, r4], &(0x7f0000002b00)=[{0x1, 0x3, 0xb}, {0x3, 0x1, 0x6, 0xa}, {0x5, 0x3, 0xa, 0x9}], 0x10, 0x423f}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000002d00)={0xb4dfc05fd2ec96a2, 0x10, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@generic={0xf8, 0x7, 0x8, 0xc, 0x7}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x2f706d7a, 0x0, 0x0, 0x40f00, 0xc, '\x00', r8, @fallback=0x2c, r4, 0x8, &(0x7f0000000500)={0x8, 0x3}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0xb, 0x2a12, 0x9}, 0x10, r9, r10, 0x9, &(0x7f0000002c00)=[0x1, r7, r7], &(0x7f0000002c40)=[{0x1, 0x3, 0xc, 0x3}, {0x4, 0x4, 0x2}, {0x4, 0x2, 0x8, 0xe}, {0x0, 0x4, 0x8, 0x6}, {0x5, 0x4, 0x6, 0x5}, {0x0, 0x3, 0xa, 0xc}, {0x3, 0x4, 0x10, 0x3}, {0x4, 0x4, 0x9, 0x4}, {0x5, 0x3, 0x10, 0xb}], 0x10, 0x2}, 0x94)
write$binfmt_misc(r7, &(0x7f0000000680)="4370ee7378747903703b0827ad61d16971baf8ed2bf35d565f9aed38216ec12fa3ffd3b42335c2290cd8fd458972b65f9a09e99b6aa6a49867690bffc3d24966d200bbff5ed160638ef35abbc43cfbbe5c8093ee6f82f8b476ca3cf583733f1330f796cf9404904ae018c31b3714fa14ed89097c76188b594163d5bdff5917886d9c80de39a5b9cf77b8403335d807a57105782436d56bb93fdbc8ae7daccea721d4ee91ec2f4c1450efcbcd4215bb5e93b9107dd43cb150fff2bd9c72ce7e7f3818a279edd4537eaf38aced5f3845762dbde3e3a041c563c774e287638a59e4dcd0ba33ad13176f0416b0ff5584ff38a504b0a5b1ff3c1738bf381967d96f276078821080f47aa9ac9bedb1913bce99da3c46a7456bb861bba2a49e764c5900e2de9095daf9153e179757d25c2a7d9d9413987b70d19cf90c96665becdea0856db809a417f5f0fa9fe554a339060063fe4d484976c83be61e8afa7581566540ed6378e138e62288278634a390c80b25c015af2e7cd857d0dc895af33a89729b15fd0250f3bc629aa5aa685e43db3c864391af05472c1c872c9ca3e2ce0b7c6fe514c43f1d28efbd9281a75c32ca37306f4197aa1ccaebf6b69398401d8ac1f067550ef15825d49de46357e58d2b81c8904ded6459e230354a9a0917693492393cc2494feaf2d9af7f8474585872641ae66f7d8760e776e119e55d0dadb5c31f392081b60ce7b4892682e277b2e2c2340ac0398d6ad0656c987bc27a648af22cc6e4d035342ac4c6c147dcdd46c01117376fe03369e42ba3c825f7a2020399846d8d3effe77f72a6ec46e7530c1f7edeb147a023d74b73307a282e5b6c9e2543d3ecc1c1beefcbac2226b1a8d753c0d7fbe550a3d5963c812214bf561152f7af2494cad2643f0263a8dacee366f1e90ca5fe986df69854ca03b0aa2b318d420e87fe910ed6a890ab7a8657671ec9cad9ef790334c115dd6688cf772bd072dd682805112cafac15cc0e7aaecf55179eaf7970d2850ae47e1500b920563fa4b3ef65102c270912b1a7ee8bcd3ff070da043eb4e67f2556ac188a4733f104271986efd4006ab6adfbc6d0e5b39f22691457d84a9e55f2be37b37be31f55463162fb4dad3a2761be4e14a5456922b3aa001feaaac77076f98e8c3aa3ce4067a0a4eee7f1a28e47815330b979244c27023c3f881e32effe2396ab6525604e2d7b46de563457201852f420cc68dabf963a37ff801a94062c7651874ec6c428f43153a2b58b7b2b9debd5541879e71c818fef8cc2bc103aa300380ef90f35bbc2067756c5aea3af62e793f4af5854e33231f0405cd04807d6128fae3575fbd9bd8409b73c675b3c1be49d04ecbd7208f4dc979e7ed7348e05067cf155686de959c7b3b3ac7cc0c5416d7e23c0691864327b2bf78014157453269ade44916e9b4a6cdfc01903f403a814143e9931a465bc3c5788c7877f1d34a1a3b1596825d02ae4597bade73cf77bc75c1b17d2c9ac80c7f9f2493b11930992f499afae5dd25746e33de133f9b2624fa90d11affc26b2ccba8b5d65780275bd626d161686d202ea2175600ad53fd6b2acbd2d489c1331efb0519f90c1c2f17dbf8d9b8fe33f4a8967fee3514fc831f13c12ce2ba40be906488a1196bfe40fc88f9d7a0f1ce9201b135d1901bcf7ba16a62555e06341da40e4289e65d27bfbd6170d1cddb3c0825775c42d1e9107f7a1beb1d4e71dd22c7e5c049d8d0b31d35865c019ac14845aec8cbc3249a998cd076925cc244cd4db42d458b245eab75e963782d46a9549f1758ab2f61222ec1de4d215649cf98c651546cf391c38b619857a9c0d115d75d89aa57f8ed9b32ec94a6eb22b08387be7c894d3ec7f6c47dbf9dd5cd53829085134b75e0275621ba6bb39e2247dee4d43314a22f1c8b21e080f67335544a1014ecb52aa5f5ecf2fb070843352c9b6a93c1642fac0ff5fc7fe0e6628a14d9de24493eafdfed9b72380409164d304b196e94ba851a9aac1c6c2bf7d77b69c6b0bab8ef4307cb425066563f948179f5c43eb5c5b9c7b4cf1bb1b50c20c4ab62f90bd201f3b5df586eacdeff6e476f69d4afbb956f6dec124bd7d49290d78991011048020129019b9a81ca8ac7e3a00c9951349784f7942834d990616623501df0fda5299990756f44c9ff18ae7da284ec77be1b5e6823f19f8feac92078b6075b7116ecd82379558539ab68a675a801951526f382457c267b834463cc31b99f291429b7c4050ad45aeb4591d9ec6ee9c5c847c2b387318e9b64241997e74921939ba23f16325e6cb5b331c4d0165f9aa5d3ea6541a31df7c04d15422de9c789ae08d9591efe1fcf6da8f5a2a7efb6bf91eaa3d853338106dc0b574d9411330d708ddcc888a84a25d24166bcc8e26b2c31ed866195295f5b79ac4c8d00f5f9d715e2e0dd2bca6508bc86ec80ef054e6c9607f6d71becb1fb877678c7c91735935e7d362b839472d8a56aeba5bf7381ca4f9184c0b32a94ffdc971ac46278e56e9e9b127a79250353a3e633f2b6c439842b94fbf7b37ffd9d1f022b7ffa7c58de9d11ef1a5e2051446119abd5d67efa932a2356e736a1043c62cab0077a3136e05733dde2c6b6d005b34c09e6c08e8686dcdd416f42f863a65a344ecdbf1095b378dd10e2f224a9505069a1457fd1a6d1f7e4e00f32b805e9ce4e0adb95b12c26f82f7e326e2f3e50d454e3f064de6d4f381a921697d6f4e43d1d46db700b625744a52619c88a99b2b147bef57fdbe017e1b3a27ee795237c165337e9e22d3c7b312e92a1179b06425670b48fc22d91547ad75700792bb06188ad6d4f0b03df2c80df46a6b7098834238b7f9f1509625f01f337cb461e409f44c152c311194a32850870c7d87e7ce56632c6af45dc6eb99d5450cc422de41f0558f264c7522722800da6ffad82d85c49edf199b769e62d7e48a74e783a429d1c45ac3cad60000bb372256800483caebe3d4587eb1a3dd0419bdb62da6aef14df43bd701a10ac77748206db0fb857a870495cfd3b61a5723b36f87f5b261648e03b32c1ce25d8f2431ed1b832bc0d9b1369b6a1513dc2b14c1f22f077da55a9e428c8b0322e7d866361d2562b92ab4fcf82bf10b7dee5382f8c77e9910a192516d56146dcc8fd73a383f2b8b145f1d93f482817f031b7d25f1b83e4442582d69f6bc2d26989b73f6d5430760e98eb1e1a8e40152ec1b3611734b7a9ea3800643f7ad913b04806e2dcdebbb063904412e0bb8e2bb58c457c200b7a15f137d9e681b2cfc7954fb384ac7e217c86b736a095e1d9d16a15cebd3a86e4c2dc6f8e5fd2c2b5cab0fcfd44aaa4743ae2fb12f80807eb5bb02f2a5fad3832d89295481935c8f1a7f0d088dc6b54064487ddce82fb134664444394d81c6079ba5afd5566aaabb95769843032941a4146afac6a87529c111930c8c90315a9f6086946e87055d36120e2981e19f519f1f9b757d018f5ee1f994eb8a54a63a4d1154e8f48f5841e507e314d926e05407f6a1e4a6a799ec82ad128739af56893932570c72fc0273a23bdd92c68bff1dd5de2137286672b735c37b0d6d8ef59ff7ad85d038d283b6159b010911908164d4e703473fac1abfe6048ef906fe8a67f5da355971c5a7618956048e207769ac2bc81a1078a2067463281f526a42e6bf38e9aa83718bf4e0330e4e539425f9c812d9bcc6493a1eb5251cac4134c0f37d26fca49338a67b95adafc74fa61bf682e001b570f7aae5bfc7847745f8a2620cc2058726bfcc3ebed781dc66b7624d5c360274d33599f54ac3570b15fb1be8b3b68c980e24986ccfec8be7940c47c754b01f65095e596adab5b5c4b20685fb5c08cdc54966cbf5ca36e29b9eb3019cc6a8fd0cd9637b94ee10b8bdfd6cfcd94fdbfda8034834ab4d199e9070175ee043a4bc5d18e524339ddeb74fb9bdda4cf24ddd5bc692c6a9ff4339e562e6d3c512c45966af8534cbafa72019ef5c948948e36ef8a5da901a71d354d01ed14037c99380ee957604ba2ae3095a200b456921ea6f0b733de198c2a18ac0bac6601729c699d238355333d9e186fa6a89a5984442b07d3dcc8d32cb4660202db0628edf382d35a9d466b1347868078ca6681bad233f14320e60c611bc41d8727d426a44248a70fa91c92b5b5ced2238528b0abba864c86cb932c620a76e66dbe946c530f765bb493ea419ea85a78dda39061a4b813949b98bf2b6faf434c2cc3fcc3b3cc0504ba131967c2a317a26d5eb35c8a4624dade230ce254f8387510101953e7e6445f76fabbd5e6c5eacaa1d0149b87fa42a50cb9feb816ab0ede0d19b5d2cec11e852d9c821258af9d7246fb78c0e122319425a3fdd76b0b68a35f3153de8903e84529e4c747c9c1ee6db0acd27ca70fbeb8d619179785d66c09b20ac0b623e000ba733d9b099ce851c972e49bb000ed64b690a0bb9094974e28f0cfa0b096c2c46f7bce9e74c19d0d55a262c3ac983b96e86a76f7cc83a8a7df62803101446763e4f8cd515d42939dc9442b56301a22ece0ee18586aa5f6aaa41b75d4c531d94652a12a7d7e8ec3c53b09a9bddc3ec2d9cf8f4efba3ac69a4df734f52f88fa4c36a9416470b17e7f6c7aba6ea2d9fd4147770a6e6f5454ab0de1de373991fea6d720e27c2519e9a68f9c4c1cea49f40afc541c07178d4bf74541b764c89d699f0934af250ac5361f749fe75696b934b9d631b9a4bdeb5b6c9476d7715453b61030f2a6d6d3cc86687488a1f0ef8cc38de7879ad2f7c1953baf56f369ad6b6e2d59037285c4175715b57959fbf8feb01c5bd239fa83afdc086b7f7d010fcdc4683dfbee3fd668b1698ed2eba18353ecda24ebd14c0458206da1f32b6764045d04a803fdab29a6ab44e59e026d6d32ffb681b18c6d6ed876b4fa975aa3cc8dc83c01074435b95f8be56514cb5cf59096cd12a3f7a0daa32f4d5d8161fc2abcfc1a6345cd5ba1eeb32fa2d99d9c10ddac396169b8a22a816ebf57dff8fdd8", 0xdda)
truncate(&(0x7f0000000140)='./file0/file1\x00', 0xe1)
r11 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x2000)
r12 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r12, 0x40086602, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r11, 0xc4c85513, &(0x7f0000002600)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0x7, 0x0, 0x10801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x376, 0x0, 0xc6c, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x81, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7b, 0x6, 0x0, 0xca, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x681, 0x3, 0x9, 0x0, 0x1, 0x4, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x800000000000000, 0x0, 0x8, 0x0, 0xc0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000000003, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0, 0x101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9]})
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff02c}, {0x6, 0x0, 0x0, 0x3}]}, 0x10)

1m44.266101991s ago: executing program 0 (id=536):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000aaf9649adf2ff1db265487e90d0cdddd95b14d95", @ANYRESDEC=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/100}}}}}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010001600"/22, @ANYRES32=0x0, @ANYBLOB="00000000141100001c00128009000100626f6e64000000000c00028005000e0006000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000780)={0x3a8, r4, 0x300, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_REKEY_DATA={0x2c, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="4dd9764f9e72d1b49ebafe3d3fcee736"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="e6c9ba03737f70499ea64dc9bca513a9"}]}, @NL80211_ATTR_REKEY_DATA={0xe4, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="b92551c4ec6022a754168b59495cff31"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="aaa75b1eb0e72b41e4a10deac698494a"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5b75}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="c4daab81e0c5382e9884dbd25791ab26adfe64035188b3cae60fef6628637034"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3a}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="fd7c2d5e62121e7c73564ecea7519f95"}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="4a0e20a3be5015a36d3319ad248d048621e68c54bdfc24f1eb0935611955edb6"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="de349726e29a58c368c70aaad5ce17fd353053d66cba66b0"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="ed2df968e815533f9bbce1a49a506877"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="cdc625f5d8ee6aae9c2e91dbb36cbab044e69808b68e2cf8"}]}, @NL80211_ATTR_REKEY_DATA={0x98, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x1}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x932}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="9ef7475b86ce2edeb54a699184a15b25a801a7479889052822e4ca5057fd1b61"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x3ff}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="c64c135294167994df369a2c4255adde8105b2edfef525ce"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="8744e88880e382f11edece9c32cbc68f"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="1a409bce5e004eb2ba5c0cf4412e81ab0333d3c86988657a"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "60c369e91e49ba31"}]}, @NL80211_ATTR_REKEY_DATA={0x30, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="fae03932e26254cf33b1dd65212efcc041507c018955497a1d5d4d38802b13c1"}]}, @NL80211_ATTR_REKEY_DATA={0x54, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="a4f65a69c58bb2e0c2d33a9bbba2c7a9"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "5a5560d15f987d9f"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="82a914e41c31b413ede9516a1a2bef52118ff20c485e3810"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="319fa584bcf8b5f5a7d92d6144089ba2"}]}, @NL80211_ATTR_REKEY_DATA={0xac, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "1f6c06377fbeee03"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="b3b6bdceaa6a8fe38842860cc54d92891a3748d075c0dd4c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8000}, @NL80211_REKEY_DATA_KEK={0x24, 0x1, @kek_ext="211ad189ef8a37d6002bcf7b0a5fa80a812f78f38ba5781d01d83daf5980c7ce"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x7}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="8dc44e418a4150bbb26c541fc7c734cc"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="3787018ab3f4647231d01e83cd142b8c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="bfaca1fcea8e5c174c2fe883f9e4105c"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x8001}]}, @NL80211_ATTR_REKEY_DATA={0x38, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="94c8d075752355e6d169a917189caf64"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="b5e8d0f6abdf5a847ef97d21e4357222"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "32592647d15a46e8"}]}, @NL80211_ATTR_REKEY_DATA={0x78, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "a847b9b489670b69"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "bcca3e110b03d58d"}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="ce684b1cc167cf81b162fa623872ac5f"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "aef853f14afc9312"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="9f26b6d6bc38100888487b8b4520bbf2b1e00ed7db9bd574"}, @NL80211_REKEY_DATA_REPLAY_CTR={0xc, 0x3, "08c9518a6052d1eb"}, @NL80211_REKEY_DATA_KCK={0x14, 0x2, @kck="d3acd14a23bcf992fb5c88d0bed36c56"}]}, @NL80211_ATTR_REKEY_DATA={0xc, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_AKM={0x8}]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x40}, 0x10)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r6 = socket$kcm(0x10, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000300)={{0x1, 0x1, 0x18, <r7=>r6}, './file0\x00'})
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000ec0)={0x1400, 0x12, 0x300, 0x70bd2b, 0x25dfdbfe, {0x2, 0x4, 0x4, 0x7, {0x4e22, 0x4e24, [0x8, 0x7fffffff, 0x8bf6, 0x7f], [0x8, 0x4, 0x7f, 0x4], 0x0, [0x2, 0x40]}, 0xa, 0x70000000}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "40774c3ad93f1267ad562fe6cd53a938e5ebd453d5461e2b55f43ab4152d11bf480a4357c5c3cdd2fc011c76e39ddfb8cff02c4485751229f8d8de723a09bdc9f85ac089b5f1b8b4bc752cd652f84d3c22c3db672b75ed14ec88256e4b1769e85280b6838cf29ede1e64c95b7d186ccc8761f105ff773ba6c0b1459e19298392a8df763e76a424a9ee7323e9adede61bfd4efc129705b78fe25ca2bb0e0d5c4a502f5b859a897aac83ac967c4459bee9ee63eb15d7f4a7af3d6f9e5aa6d563a4c051e21ec41f4ac2bf6f03f73358e6ffd5ae8460c8cdbcde17b177586e7361c3098aec2ba79110ae5ee6da210e3a1132ce827031bb76455b6f1e78e5bcec6971978fce64cc3339873c378b182ae9bd7710a847cdeb3b3a749f1f038e89c069c76cbc2e834c28386827e907b6acfa9ffb7994d0e37d7b99890a0d0aa4bf5e2924d88ae2dd25944ceec4ce4c8b7ff7c01adeea628ada3f520a86a79701eb5c2f1846479688387598aa0e7e8381f71bd53c54a81aaad5548ff7f01318ee47aa43e4dbca0e2968cfef4cb6a8354bebcb25fb5646c9a3c28d2f40dd3601cdf55fce593bb10e1ce0e4290ae8a577bcb6169e24939c344c9ac6b37a03ad59906643ccf44e94c6be09d7553a694a21e1397f66fb4e3f1be546837f61ce5ded085a5471249e0c5cd273ce1b0008e38698286a58c5605c5ba074319cedaf135abd6bd3d28e4b79b04dc0ce044fef6b16d1736208119ece83f603b098240d39edc31af44b4a613e2d9a803c42b993d147a69506e1e22aa8301487586b28fe089a9880241499049fe6ce02622074bc500c2cd01febb51cb003a23970320753a32acefdda4600922a243cc9eca6ff61b58d6554949414031b9a6ccf57a1ed9e493398ae08db1e469800df6da2268bf80d89fb8b276213d4070e949f7af8e724941a6f55a9941d5516cf7e957b42ebb60a0d53c6439bf01d17193992cef915920d14c2d41ffff1a54a1fc03e39a5d2dfcc09d6a9d30f53563f99c635457d16ecaee83a0abd110edbc47d928a6b2d6dd4f1469af5406f6e739a1ff3d72a5efd5daa9e95a685b5a8f4bbe2f52aefde1f99458f9f172abcc0f2368f8742687e41bf8dc5bda7d706c86380ed47154e7358931030201b00f321f8e69ff6683d1b5a6b0b29b61af6caea6c16d3d7a69707ca0ed82aa8d29256e21b74d0a24548be90933435c91939918345eb14d0d673f76e3fdebb54b7bb5257a8d9f80f770461461e65431725be5c00d1329fe79407c0c9d6a5ffdf934e0454b2177b7e5a072c319903b2485ab54b3b9eb6e53428ec68bdb571209a6715c47307b8a0aabde786c8924e0cf8aff55be238b49f52af2a780794158e0bdeaa5c539abff5f515cd3096e5f8ba5181ecb7eb1d64690296259133be21fad40630b96855a468401fb9ac0ba4d5bf3cf9c49aaa2081b700d7013546a3d46755ab44aa484428077cbcde6ae1cdf3d6f6e2e41e0a54b8f4985e98a2e78ce16fff3c0dd355087f6534ca94af41b581198a758d25922e54b813c5833d233df1a3512072bc2a47c7b748094285b7dd6996967ca421a25ccbc191714998aefbaa06a92b214b2f52c8e118806e9705a82ca1d6480305b395d674794cbabdf417650bd81d06a186a80147263f002fbed2713d8003a7e708f399e57ee17b7ce981a62f8268466a68eba1591ea45bf3bb61e03f1e75ad16569e2bf46a9764e7e87d20b3618c440a5ffdd3206ea950181750c7ae3d14b9c8a3ec9a9e63983b5929a36ff44678e3ff8bf22cf8087c8f0db5c8d9914f7d9b4e0e7e2423fdbb61a56215b129867f95b5b8c139ba49cfd017c754b8973b75aa35509364e946b561b049aed6ca7fc9f137744aee7e2adddbae8e96741b7abc4e1cae1a8611efa0f8018333fc1b0fcbe4fb982d4d47903e23819bcedc8749d7d51bb0e629bde137e7621ffc6d08aec0396413d8eb5304f9ef8b573cc067ad8131eaaeaf3f10f766f3c72b15d84dbdd63c24fe9a35cddcb667152800401c25cfe8f10d9d7bd9edbe47ca3e97fc1a10135a89037cc43b2ac69f0b0f1eb76f49bbfac9b053ff712f919cc9339a1d34f6d9c705bf2f963b6c6ef8aa054dc038d820e844dc919cbab5766919eebd50a7418c180e7bba6718f96ac46df22c55b84ffbc31e9d42d76121f5e54dc326e874f864420e55c71fcee1e4422937b121a9d97bdb77ee6c618c6a7447d8acdde3c376e6d1fed0108859fe13e5f7964269274b6c80dd55d9b4f0154f6f0f6db0904922aa75b6715382c631a84c03a559f33815d3668f1c1ae44d1f91736a256f3531328e821e60d8eda579c0a1c92f12d363ea92df43b9cbcd84b19c9cd61738abc0a3bb5487f22d1574da8b15347cac2f63c24bfbce525352489260f48b521aa3923c988b1238d554c3e22f44fea8a72e9396b434fce5ce3e55ad735e4e06b924609a6a06291b783518f19e28a172603cf37dfadf7b9a95a31087272cedc26b599956dfc16fedddd9c3fab5a528eb60fad1aae8732001149fe5f975e7aeee985cd72095662b0a3e9cf6057ce9a1aea36506e9a67b98ac81bc8a6645cb2aa7586483361d863a74c18dcf36ba8c5f28748b21d830ae74ea6aafebf23a6d0f9a0536b09f2e6b0ccf82d2bd6da45c24d74741e0c6bdf8843595767f82924eaf18568379b8aa891f5155d42e1cefa93abedd0771a6ddc4d2b1c5c1345bda70eb7806dc522ddcca548ea74af7618d4b2b6d8b54257cf1d702a1783f0414d28d996878c73e2fa74694fba09be286b6e28f592ea1ed6912b33bf9619236fbca9263fb15afdd53cf1947d5d122424f9cffb68ac720d2e1cc54b5d95b882c7ee56554b74badfacab91ede15cf6380c6ef3c54ed02877e693ed0ce0c69b7c682427fe4c0e87a0be40572769dc650c9ac9980f6cca508a5931a5f167f0ab0cb87a1461c3ccbd75ce0b1ab3ac843bd29f95ef0d17767913da31e6262cc117c42469fd37b1c791bccadf03e292e5283a856b7a7603cf0bd85ab634d094fa7e3f3b253f21f4bbfbb3a4509cc4e4c54645864c4bc86603a005cf59321778bb2e23ea264c85518a2a17e5778dc94e23a1fc04740d2072ee12d28beaeb91f2d43985f47d09cb8dbfed576d0f2a74856233f70ad60d633f35bb1dd12963762aee0eeba74f92107ff8e60d47bec301414e7070cf69d94c276ce799a703313d213a255d3deeb7316ee3687c48d365347e3eecf63b8931ae200e6af7045c68871326818f6e1bb7a8e6f9194c417f45109a3612c99f6c640288bee7b11c019025845db1bfd3d0ae886b0f005a2109a447a8fb422a26ab043b87c79be5556c02d46d06b534550254cb23dd001e71c648e4f40a5d577f7ebc8bfdb174ac5b52011403ece387c1d3d6595f998c8de1b128f5847eb9ee8709bf5a0c3b1c6a4e0c0a178d009dfca9d2fee63dec4bd367a7bce9639198218f92fc3f0c9a3c379ae06edc7fe922511fab5506c0d6591cd562aba89a1ff000604a4f573ff1dde9c34c877dcdecca2c102fb0fee8a76d469889bb588b8830e0aaa1d34dfe5060007b23fbee2d9d61b62e767890cc85321a6773a87a27a5d9ab7612a16e0a2435c04b56438f4c022f3e436452d825bc825de178c5a8411cd4b9eacc34ad3bd107efed7cb304a6a3697286488293c3d3bcccfe1d960d729671e6b993cc1724ed0c3e76f65501dd617e1a087d004fa032973890f759e421633ec1a348d7a39b4c54f6a25ed339bb8f76c57b977d088a755222fcb2797af068f98e4169e34313b013e5bf87a280e62f8b7258ab7b7316c9a0ea7568cfa69bb8d32d9298d0166cb70016055dcde9ba8b55bc8b8cdaae069e470706aed301c1a813b7cc8a1158c5dcbeb3d30a4330a3185f3b359f6c44133bb5723a50016c33142240786bf816f298ad2c9fdaa13413b9bc2b16f72734c818685587f8ed3a11df89663a3b96eb7edf67be0543059b4e513bde288fde3f2de77b92cf65dac8f18ff93a1440c7820de0ca537754eef0964ff88bf97cdcb49621de5f9ea07df453172428dc6f84aa00ab7d63c02f5ac737a7e3bfd560d53afa9d594501dc2ac330ca67b9934a1b205e1b29ab94f98e7d0ab2e29cdd5af1ceacb4989675f77f7d7fde591621df99f5b772367e248cd7fdd8b228cd6effe25e42241a44ef63cf5b7c3849a21d6cd6f34aa2bf0656783d2cad50fd283ff753f3e37cc571ec5e42c1e407d2c53b4808c85f7b4aa25917c2d6eea52fe59ba2d370f2425a9064fbffc7bf5cf6d644e4e9787f3fa6038e34678e6cd110dc23675226034e7c14d45cc404c5abeb3bbe133633cf045ff335e6d55d23442099018f3267b1c7fc4d20a0fbafbb4e619c2867d71e30fbd13edf46e3a8a5cbbc1969d54fb0396b2752dd32bd7a88c730a33ddccadb05063249739a9eab91b4cd429f44f0413f32c5d4d76899827d114369d276dedf5f205d94ab456b76d56008ab1de61230dcd0691b245a91cf99ef6ccd6912083d9fb494760328fc1620d940ef5eb4735dd9743f248bca9a4a945a98d2613b07173b4e52813b4465acbcfa42521f1dbc8735e1eb4ffdb06c6e8fec129071079aff40487377d0cf87fe515acd4e5ca840933db19e3754c292b33fe833714f7ee5f72106380a18078ce5e73adf5f81b0680032201a1b6c4deb03474ffea365037dcedd0364816292367e901b6876b888b13cd2160b56a208e896f546fbfd2322e7f834607bcf4763e19eb80a89972b94abfa59e67e0b8ee0b326ccd81c248551ec4258d697c73d7e66d12434f257aa650182f37d5bba4260d4b07b1b1af77e36307f2096f0db27ed03e7d3a8ff6be9a0b5fcc6cac31d0a761e5cf6de9a1cfbe57810119733e070135b381f927b664a45d69e6f7e043326812d5f3d45022d4ee36e740946d80f53e681d1f2881a6e43366601a48493645d5617966724a3d59c3a3e0a926f8d80397c2d77116288fffb62c647a3d8dee96f403cf7ccaa60ff2df6ae0805643fc2c43cc06b6568b5927131cd281b3b4b277de753091e30ececbc58b3a2b2e1266083996a885444682e9ac907613b928550dfa5641a8672e093beb14110a81cb8546e64efd74c252c879ff693da4a8ef0e0cb473b90fbaee0de7c150d1b29ffe9fc3ff66f2ff7ddb43f9bd777ff80c4fb6c1401833c8d1f60b06ad098d0974360919117bdf7f4abb42c86b09df2471cd4117c138ccf36453517d3c0cee6e89809a263fe2ec418b2e7f3e23ba5a18b48fa01132d8dd3ff5045a9430510dba491b787cdc53cbf040a97a1723f349db6df2baf67fd690ee335e1ece51215b53202293eb9c8dced066fdfc1cbae6b1aeb0b8aa1dadb4bc7568e3ff211f3a065fc485ee2126b666dd11d89cfa39154878c4498bb8d5e8754b60e3b16cd8848f8767dcc766bd3941ff360830c0a78efe984ae212410e007fa7476d4e93635c847a9af0a561067a3b57553c14d4c0f448ed246541d2701181fbf7fa67bf675edc4e0829918e8583d22dbcafe628ee4154f3b441b564a2af9b66fe671294319964502f5465e0e5a702357e58619392c0d7ae6929a12aa89aeb34ee0a8d74f6ea8c252c2ec2b856db234d9bfdc60ac7fbb18dd669388831714ebac34d77d45de7dfe882310378f89feb208f1a7e01e54981449005c09e8a275b7da2f0205d7a2be5534a7aa438c7bd54ca7d2a1cb9d9b0edc8ff52f23b4c825d3bb908ccbb743ce8cb21eebfab536035b59d1f47a37e8920fd4007b85733fba93a2d34ad8a302156dce5443eca21f2079dcc"}, @INET_DIAG_REQ_BYTECODE={0xa3, 0x1, "d8d19e229dc737a0b44a7362f3648837259122e6a904e57195cfd66d05bfc7d7c20889879a65d6f606fe642ef33ea1759f302191859e76c8d88750217adc3ae08f02baa07004b515b63c8b7bacb3296c82061a4aeefb4a34dfac8151be24a7ad1e78846260362650696387944da8a4cb587aef708778a60eae87b6838dde348f35153a3b772c10ebde3ba9e5875b99ae518b752d37ef2470cb950646344cdc"}, @INET_DIAG_REQ_BYTECODE={0x47, 0x1, "902c67bc169a212b0b7252f57b9a1fd11a69a6a639e5b88c675a4f57218c92667193b1b81ecfa858c5c81f77489a79311d39c4e86a3846f075cf559d5ac100f28430a0"}, @INET_DIAG_REQ_BYTECODE={0xf9, 0x1, "8c436919b88494abfeeceae3a84bd17d7afdc3cea03bbda0b1e13bfbebd618072e8cbffa6489be2b950707b147901cda1536e8dd3b40935ec05bda78cef78c3fc6279b48f7aaad50cbb308de9a5f680886193ae8bcda666d13c228bb38bdfaff6cc2486cca205ea946b54bbe6c4b233ab2c1b665185c58ee7af27b4dfb14b41aa922480f1ee668da727ea5a5775b5542f191f0bebcc1e099faa206a8ee76ebecbb82975ea7c8c0fafe3ea88e22d1d3c9af8d629240dacfe68a8a6f33a79a77ceb02c10409d19d7ea9361e615782db4ece221bc1f1dc4c76b069e95b0c65aaf76f37f7b86e345e84294e04db5e4d96f547755f5e081"}, @INET_DIAG_REQ_BYTECODE={0x8b, 0x1, "35e10da3d854b8d7ce5e3af9916f502f4538f998c176d1d46ed9560ebb067c8eda0406c6fc63cd473d73d9027bf47c5f6618a4afc9f4f68c12eda0d64088d1c00f7e020459c3e057d69ce793f39376f8f9c07276155fc367a3004fdda9fa06e13c8c2590895f63ff7e2686fc5974b08f30831e90339e4593e68e68e89649faffbf205fafab72d7"}, @INET_DIAG_REQ_BYTECODE={0x42, 0x1, "6010c252ba00d47cf16b2ad196b84c3ed1787c0ad36b9af6b890c1114f415f5761d22957ca695326cc4b8551ff18cd7510b47a3309cf85fc3532937cdc2f"}, @INET_DIAG_REQ_BYTECODE={0xf5, 0x1, "8466bf1f7bcfa594a2fd50fe3bfcc56da9c6d658b73b9cab90a43c6e7ab4254c335438e3062995b5c15b71f92e721cf69a6c340902c9e16b0eb811cf1437898e7c165980b940f010c1a1cb25f92c67c96764040b146c4d6e8eaa707862adb57392906d204bbaeed4d0d94a952cad9a2e0e706a78e86c3f268b1fbd0f05703bf9556e77d3af603b19d78f6bc393bd30f1ac38670259c9dd1f2894fadc95e4e989885da20a862232a0bae427ad3ab0ac7a069b25bfc05e40f86f4c937e9d50ac474f3d39c5e25bb58e19df20229a3a89904947409aa38db3227c440917f2d95716693b742010f2787debb6ae73198a8d6214"}]}, 0x1400}, 0x1, 0x0, 0x0, 0x20000084}, 0x4000808)
ioctl$sock_ifreq(r6, 0x8949, &(0x7f0000000100)={'vlan0\x00', @ifru_names='pim6reg1\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8, 0x1, r8}}}}]}, 0x38}}, 0x0)
r9 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r10=>0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$inet6(0xa, 0xa, 0x10001)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r13, 0x4090ae82, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000080)={@remote, 0x80, r10})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

1m43.981158103s ago: executing program 0 (id=541):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)={@cgroup=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r0, 0x2f, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, 0x0, 0x0, &(0x7f0000003680)}, 0x40)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7cb, &(0x7f0000000140)={0x0, 0x0, 0x8})
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)

1m43.939165178s ago: executing program 32 (id=541):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000040)={@cgroup=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback=r0, 0x2f, 0x0, 0x0, &(0x7f0000000140)=[0x0], 0x1, 0x0, 0x0, 0x0, &(0x7f0000003680)}, 0x40)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@hyper})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7cb, &(0x7f0000000140)={0x0, 0x0, 0x8})
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)

1m28.691240447s ago: executing program 2 (id=764):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x20048854)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x30, 0x2, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x30}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001c0001000000000004086aa42d"], 0x30}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)=ANY=[], 0x48}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@fallback=r3, 0x24, 0x1, 0x9, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000240)}, 0x40)
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r4, 0x4048ae9b, &(0x7f0000000080)={0xe0003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x83, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}})
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x83fb, 0x3, 0x29, 0x4, 0x3, 0xcc7, 0x8, 0x68d, 0x8, 0xe, 0x7ff, 0x1, 0x1, 0x1, 0x8026, 0x80, 0x6, 0x1a449, 0x9, 0x40000003, 0x8b, 0xcaa7, 0x0, 0x20001e5c, 0xb, 0xffc00004, 0x3c, 0x8, 0x100006, 0xf7fffff7, 0xfffffff8]})
ioctl$COMEDI_CANCEL(r5, 0x6407)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000)

1m27.741010036s ago: executing program 2 (id=767):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000540), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000000)=@gcm_128={{0x304}, "de7c054cee25f62d", "7cddfcaafc3c0f18097f82cb9ccbe0dd", "30913711", "022451bb9db297e0"}, 0x28) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m27.740366333s ago: executing program 2 (id=768):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000010280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x800c1}, 0x8004)
getsockopt$IP_SET_OP_GET_FNAME(r0, 0x1, 0x53, &(0x7f0000000000)={0x8, 0x7, 0x0, 'syz2\x00'}, &(0x7f0000000040)=0x2c)
accept4(r1, 0x0, 0x0, 0x0)

1m27.677601966s ago: executing program 2 (id=769):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x44004000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0xa}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x890}, 0x24000840)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f000054e000/0x400000)=nil)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
r2 = fsopen(&(0x7f0000000180)='ntfs3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @rand_addr=0xfffffffc}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x800, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000240)="67b20c7b993c92ddffc4f60cf51aeaa026ac51a1a58a5af882b8219a914b281f6a448441ab76812af738df1d2f8dee3f4d2015041bda3b186c557549662f2717e8b3c67f1cceb625809ed98efc822fd9"})
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="17", 0x1}], 0x1}, 0x8c0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000240)='hugetlbfs\x00', 0x2200890, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setflags(r4, 0x2, 0x1)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)

1m27.579498806s ago: executing program 2 (id=771):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x4e24, @private=0xa010100}, {0x306, @remote}, 0x0, {0x2, 0x4e23, @broadcast}, 'veth1_to_team\x00'})
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'syztnl2\x00', &(0x7f0000000100)={'syztnl2\x00', <r2=>0x0, 0x3f19, 0x700, 0x539, 0x7, {{0x3a, 0x4, 0x0, 0x3b, 0xe8, 0x66, 0x0, 0x8, 0x2f, 0x0, @broadcast, @remote, {[@rr={0x7, 0xf, 0x38, [@multicast1, @loopback, @dev={0xac, 0x14, 0x14, 0x28}]}, @ssrr={0x89, 0xf, 0x52, [@multicast2, @local, @private=0xa010100]}, @generic={0x7, 0x8, "47870aaefc37"}, @lsrr={0x83, 0x17, 0xd1, [@dev={0xac, 0x14, 0x14, 0x31}, @loopback, @empty, @private=0xa010100, @broadcast]}, @cipso={0x86, 0x4e, 0xffffffffffffffff, [{0x5, 0xc, "ca61c3296a0c7f120a5c"}, {0x2, 0xa, "68b644128f4c5a79"}, {0x2, 0xb, "5141c3a27aa42563e2"}, {0x6, 0x11, "f0cbc5310d1f5b432eb57aa54f8e4d"}, {0x1, 0x5, ':\x00g'}, {0x5, 0x11, "d31d8fe9a4cbf427cf174d4dc7e88f"}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0xc, 0xa2, 0x0, 0xb, [0x5, 0x4]}, @timestamp={0x44, 0x1c, 0xe3, 0x0, 0x6, [0xfa4, 0x2, 0x21, 0x7, 0x8, 0x5]}, @ssrr={0x89, 0x1b, 0xd5, [@dev={0xac, 0x14, 0x14, 0x18}, @multicast1, @loopback, @empty, @dev={0xac, 0x14, 0x14, 0x3c}, @remote]}]}}}}})
getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000280)={@empty, <r3=>0x0}, &(0x7f00000002c0)=0x14)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000300)={'syztnl2\x00', <r4=>0x0, 0x8000, 0x40, 0x4, 0x7, {{0xd, 0x4, 0x2, 0x3, 0x34, 0x65, 0x0, 0x9, 0x4, 0x0, @empty, @multicast2, {[@rr={0x7, 0x1f, 0xc1, [@private=0xa010102, @multicast2, @remote, @empty, @multicast1, @rand_addr=0x64010101, @empty]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6gre0\x00', <r5=>0x0, 0x2f, 0x7, 0x2, 0x2, 0xb, @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x20, 0xa8, 0x4}})
getpeername$packet(r0, &(0x7f0000000480)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000004c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000580)={'syztnl0\x00', &(0x7f0000000500)={'ip6gre0\x00', <r7=>0x0, 0x29, 0x4, 0x3, 0x6, 0x1a, @mcast1, @remote, 0x80, 0x7, 0x40, 0x6}})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000005c0)={'batadv_slave_0\x00', <r8=>0x0})
getpeername$packet(r0, &(0x7f0000000600)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000640)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000700)={'syztnl1\x00', &(0x7f0000000680)={'syztnl1\x00', <r10=>0x0, 0x4, 0xb3, 0x2, 0x1, 0x40, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x700, 0x8000, 0x6}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000740)={'vxcan1\x00', <r11=>0x0})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000800)={r0, 0x58, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000008c0)={'ip6tnl0\x00', &(0x7f0000000840)={'ip6tnl0\x00', <r13=>0x0, 0x2f, 0x9, 0x3, 0x101, 0x8, @mcast1, @local, 0x40, 0x20, 0x564, 0x6}})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000ac0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000900)={0x164, r1, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xc6df9040ad643ae}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x8004}, 0x8000)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b40), r0)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r14, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x40, r15, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x56}}}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x11}, 0x0)
accept4$phonet_pipe(r0, 0x0, &(0x7f0000000c40), 0x800)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000c80))
getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000cc0)={@rand_addr, @local}, &(0x7f0000000d00)=0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000f00)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000d80)={0x118, 0xa, 0x6, 0x401, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x5}, [@typed={0x8, 0x2e, 0x0, 0x0, @ipv4=@local}, @typed={0x4, 0xa4}, @generic="84b58f022588f7dbbbac8b453e1c741879043fb17b2e108ddca35ed913ac68ab401660816b846726ec81b57437be653650af1535ba27056573d5adad9e0b2735851edc5981d59b0639bf8b45d2b5f93b8a759be6f8924258d9267eb9749d2f158b6b35627baaa921ad207ac672987f5363a9944a7089bc998cc830cc1e33cfaab4dda9360e2999a8eabc823d5a910d7569c9805eddb55a4ffb8c17f2c47157ad39fa215ba213103dad8d1ab50dfafc7dea11e9cde50f5bf2beb0177545cbfdb85e5d54586f5ec6556db372d9f5f87cdcca29a2ef2f7db12146928ee8a6d523f95faea43ecfb660e8378234748df489e28e4b84680dbc6e"]}, 0x118}, 0x1, 0x0, 0x0, 0x20000040}, 0x10)
recvmsg$inet_nvme(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/111, 0x6f}], 0x1}, 0x40010040)
ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, &(0x7f0000001040)={0x12})
syz_genetlink_get_family_id$devlink(&(0x7f0000001380), r14)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000014c0)={@ifindex=r3, 0xa, 0x1, 0x0, &(0x7f00000013c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000001400)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001480)=[0x0, 0x0, 0x0], <r16=>0x0}, 0x40)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000001500)={@cgroup=r0, r0, 0x30, 0x2003, r0, @value=r0, @void, @void, @void, r16}, 0x20)
syz_genetlink_get_family_id$devlink(&(0x7f0000001540), r0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001580)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x3, '\x00', r13, r0, 0x3, 0x1, 0x5}, 0x50)

1m27.261058786s ago: executing program 2 (id=774):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = fsopen(&(0x7f0000000040)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r4=>r2}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2008, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r5 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @remote}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) (async)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async)
fsopen(&(0x7f0000000040)='devpts\x00', 0x0) (async)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2008, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) (async)
accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) (async)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @remote}, 0x10) (async)

1m27.18824257s ago: executing program 33 (id=774):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = fsopen(&(0x7f0000000040)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r4=>r2}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2008, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r5 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @remote}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) (async)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) (async)
fsopen(&(0x7f0000000040)='devpts\x00', 0x0) (async)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x2008, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) (async)
accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) (async)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) (async)
setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000100)={r6, 0x1, 0x6, @remote}, 0x10) (async)

1.710049775s ago: executing program 1 (id=2148):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x3d, 0x28, 0x67, 0x0, 0x9, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x3, 0xbd}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, 0x4, "180f8f", 0x1, "fffb45"}}}}}}, 0x0)

1.709904971s ago: executing program 1 (id=2149):
r0 = fsopen(&(0x7f0000001140)='hugetlbfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x0)

1.640039384s ago: executing program 1 (id=2150):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, 0x0, 0x0)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x10, r2}, 0x10)

1.639641555s ago: executing program 1 (id=2152):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x2000)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
lseek(r0, 0x2000, 0x0)

1.410004463s ago: executing program 4 (id=2155):
r0 = io_uring_setup(0x6c0, &(0x7f0000000880)={0x0, 0xd3d5, 0x10000, 0x5, 0x351})
close_range(r0, 0xffffffffffffffff, 0x0)
rt_sigtimedwait(&(0x7f0000000200)={[0xffffffffffff7ff9]}, 0x0, 0x0, 0x8)

1.290216031s ago: executing program 4 (id=2156):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x14)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000180)={0x23800000, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}])

1.149595473s ago: executing program 3 (id=2161):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=ANY=[@ANYBLOB="840000001800010028bd7000ffdbdf251d01020015000400", @ANYRES16, @ANYBLOB="08000e00", @ANYRES32, @ANYBLOB="0800fc00", @ANYRES32, @ANYBLOB="1500040001"], 0x84}}, 0x4008040)

1.149495362s ago: executing program 4 (id=2162):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000040)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{0x2, 0x0, 0x1}, 0x8, 0x1, 0x0, 0x0, "771a16b92ea6656b"}, 0x10}, 0x1, 0x0, 0x0, 0x48010}, 0xd209f6d814827b13)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000180)=0x4, 0x4)
recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000940)=[{0x0}, {&(0x7f00000008c0)=""/90, 0x5a}], 0x2}, 0x6}], 0x1, 0x10023, 0x0)

1.088839338s ago: executing program 3 (id=2163):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c0000001000010426bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="4254010028000100280012800b00010065727370616e000018000280040012000500160042"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x810)

1.040390442s ago: executing program 3 (id=2164):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8801}, 0x20008850)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x488, 0x2c, 0xd3f, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x45c, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x9, 0x4}]}}, @TCA_BPF_POLICE={0x444, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x7, 0x1, 0x7, 0xd988, 0x3, 0x3, 0xa08b, 0x1, 0x3ff, 0x5, 0x5, 0x6, 0x4, 0x3, 0x92c, 0x7, 0xffffffb2, 0xeaac, 0x2, 0x1ff, 0x4, 0x10000, 0xded, 0x8, 0x10000000, 0x1, 0x10001, 0xc6d, 0x9, 0x9, 0x7, 0x7, 0x7, 0x7, 0x7, 0x800, 0x9, 0x100, 0x8, 0x9, 0x8, 0x3, 0x5, 0x6, 0x8, 0x3, 0xd, 0x7, 0x5, 0x13f6, 0x81, 0x53, 0x17, 0x4, 0x5, 0x6, 0x4, 0x8, 0x800, 0x86e1, 0x8, 0xfffffff9, 0x5, 0x1, 0x3, 0x5, 0x5, 0x80000000, 0xf3, 0xd, 0x8, 0xfffffff9, 0x800, 0x4, 0x6, 0x4, 0x2, 0x6, 0x8, 0x2, 0x7ff, 0x100, 0x1ff, 0x7, 0x3, 0x4, 0x8, 0x5, 0x8000002, 0x3, 0x0, 0x4, 0x3, 0x16, 0xff, 0x1, 0xc, 0x9, 0xb, 0x5, 0x4, 0x8, 0x7, 0xa, 0xfa, 0x3, 0x0, 0x10, 0x1ff, 0x3, 0x4, 0x60000000, 0x8, 0x2, 0x4000000d, 0x3, 0x2, 0x401, 0xa955, 0x2, 0x1, 0xe6, 0x2, 0x9, 0x6e4, 0x1, 0x5, 0x1, 0xb, 0x6, 0x4, 0x80000001, 0x3, 0x99b, 0x9c4, 0x7f, 0x3, 0x70, 0xff800, 0x1, 0x7, 0x5, 0xff, 0x7, 0x6, 0xfff, 0x800, 0xa3, 0x10000, 0xff, 0x80000000, 0xc, 0x7, 0xfffffff9, 0xff, 0x0, 0x0, 0x8, 0x6, 0xe2f3, 0x4, 0x1, 0x9, 0x1, 0xffff, 0x3, 0x9, 0x9, 0x6, 0x5, 0xfffffc00, 0x0, 0x40, 0x400, 0x64c, 0x8, 0x7, 0x8, 0x6, 0x5, 0x6, 0x5, 0x7ff, 0xc7, 0x6, 0xf30, 0x800, 0x0, 0xee3, 0x5, 0xe9e, 0x8, 0x8000008, 0x1000, 0x8, 0x7, 0xa37f, 0x8, 0x9, 0x3, 0x1, 0xff, 0x5, 0x10000, 0xb, 0xcf9, 0x8, 0xfc, 0x40, 0x3, 0x1731, 0x3b, 0xff, 0x6, 0x6ad880, 0x266d, 0x7, 0x2000c28, 0x2, 0x400, 0x7d75, 0x52, 0xd3, 0x8, 0x2, 0x4, 0xfffffff8, 0x200, 0x6, 0x6, 0x8, 0xe, 0xe459, 0x7ff, 0xc7, 0x80, 0x40, 0x0, 0xa, 0x3feb, 0x8, 0x100, 0x100, 0x8, 0xfffffb98, 0xfffffffb, 0x24, 0x20001, 0x3, 0x8, 0x1, 0x15b9, 0x7, 0x100, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x5, 0x17a94, 0x7, 0xb, {0x7, 0x0, 0x1, 0x80, 0xe, 0x6}, {0x2, 0x1, 0x400, 0x8, 0x8}, 0x81, 0x4, 0x7fffffff}}]}]}}]}, 0x488}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

924.40402ms ago: executing program 3 (id=2167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="1400000010000700000e0000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002600000000c0a01080000000000000000010000000900020073797a32000000003400038030000080080003400000000224000b80200001800e000100636f6e6e6c696d69740000000c000280080001400000000009000100"], 0xe4}}, 0x0)

850.163914ms ago: executing program 3 (id=2168):
syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000003bbbbbbbbbbbb080600060810"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_socket_connect_nvme_tcp()
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x70bd28, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_IIF={0x8}, @RTA_SRC={0x8, 0x2, @private=0xa010100}]}, 0x2c}}, 0xea5bc50b6199d77e)
sendto$inet_nvme_pdu(r3, &(0x7f00000001c0)=@data_h2c={{}, 0x0, 0x0, 0x1, 0x0, "cfbf3586"}, 0x80, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, 0x0, 0x4c844)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0)
bind$can_raw(r6, &(0x7f0000000080), 0x10)
setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, 0x0, 0x20000880)

787.188803ms ago: executing program 1 (id=2171):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)={0xb0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x6}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x3, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x20044892}, 0x4040050)
sendmsg$IPCTNL_MSG_CT_GET_DYING(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x2404c031}, 0x20000000)

699.791759ms ago: executing program 1 (id=2172):
msgsnd(0x0, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
msgsnd(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000340)={{0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4, 0xa17}, 0x0, 0x0, 0x9, 0x7fffffffffffffff, 0x7, 0x4, 0x6, 0x5, 0x85c3, 0x3})

296.341841ms ago: executing program 4 (id=2176):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x0, 0xfffffffe, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8801}, 0x20008850)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000c00)=@newtfilter={0x488, 0x2c, 0xd3f, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xfff3, 0xffe0}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x45c, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x9, 0x4}]}}, @TCA_BPF_POLICE={0x444, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x7, 0x1, 0x7, 0xd988, 0x3, 0x3, 0xa08b, 0x1, 0x3ff, 0x5, 0x5, 0x6, 0x4, 0x3, 0x92c, 0x7, 0xffffffb2, 0xeaac, 0x2, 0x1ff, 0x4, 0x10000, 0xded, 0x8, 0x10000000, 0x1, 0x10001, 0xc6d, 0x9, 0x9, 0x7, 0x7, 0x7, 0x7, 0x7, 0x800, 0x9, 0x100, 0x8, 0x9, 0x8, 0x3, 0x5, 0x6, 0x8, 0x3, 0xd, 0x7, 0x5, 0x13f6, 0x81, 0x53, 0x17, 0x4, 0x5, 0x6, 0x4, 0x8, 0x800, 0x86e1, 0x8, 0xfffffff9, 0x5, 0x1, 0x3, 0x5, 0x5, 0x80000000, 0xf3, 0xd, 0x8, 0xfffffff9, 0x800, 0x4, 0x6, 0x4, 0x2, 0x6, 0x8, 0x2, 0x7ff, 0x100, 0x1ff, 0x7, 0x3, 0x4, 0x8, 0x5, 0x8000002, 0x3, 0x0, 0x4, 0x3, 0x16, 0xff, 0x1, 0xc, 0x9, 0xb, 0x5, 0x4, 0x8, 0x7, 0xa, 0xfa, 0x3, 0x0, 0x10, 0x1ff, 0x3, 0x4, 0x60000000, 0x8, 0x2, 0x4000000d, 0x3, 0x2, 0x401, 0xa955, 0x2, 0x1, 0xe6, 0x2, 0x9, 0x6e4, 0x1, 0x5, 0x1, 0xb, 0x6, 0x4, 0x80000001, 0x3, 0x99b, 0x9c4, 0x7f, 0x3, 0x70, 0xff800, 0x1, 0x7, 0x5, 0xff, 0x7, 0x6, 0xfff, 0x800, 0xa3, 0x10000, 0xff, 0x80000000, 0xc, 0x7, 0xfffffff9, 0xff, 0x0, 0x0, 0x8, 0x6, 0xe2f3, 0x4, 0x1, 0x9, 0x1, 0xffff, 0x3, 0x9, 0x9, 0x6, 0x5, 0xfffffc00, 0x0, 0x40, 0x400, 0x64c, 0x8, 0x7, 0x8, 0x6, 0x5, 0x6, 0x5, 0x7ff, 0xc7, 0x6, 0xf30, 0x800, 0x0, 0xee3, 0x5, 0xe9e, 0x8, 0x8000008, 0x1000, 0x8, 0x7, 0xa37f, 0x8, 0x9, 0x3, 0x1, 0xff, 0x5, 0x10000, 0xb, 0xcf9, 0x8, 0xfc, 0x40, 0x3, 0x1731, 0x3b, 0xff, 0x6, 0x6ad880, 0x266d, 0x7, 0x2000c28, 0x2, 0x400, 0x7d75, 0x52, 0xd3, 0x8, 0x2, 0x4, 0xfffffff8, 0x200, 0x6, 0x6, 0x8, 0xe, 0xe459, 0x7ff, 0xc7, 0x80, 0x40, 0x0, 0xa, 0x3feb, 0x8, 0x100, 0x100, 0x8, 0xfffffb98, 0xfffffffb, 0x24, 0x20001, 0x3, 0x8, 0x1, 0x15b9, 0x7, 0x100, 0xffffffff]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x5, 0x5, 0x17a94, 0x7, 0xb, {0x7, 0x0, 0x1, 0x80, 0xe, 0x6}, {0x2, 0x1, 0x400, 0x8, 0x8}, 0x81, 0x4, 0x7fffffff}}]}]}}]}, 0x488}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

296.267709ms ago: executing program 5 (id=2177):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, 0x0, 0x0)

235.138066ms ago: executing program 4 (id=2178):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000600)="63e4ed8e46080000003389f7f986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

167.934349ms ago: executing program 4 (id=2179):
r0 = syz_open_dev$loop(&(0x7f0000000500), 0xee8, 0x5042)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_debug_messages', 0x20940, 0x1de)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000140)={r1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x5, 0xc, "c44ef9682a689185ff07ec0f9eddd770e010a8b62022fd106fa715e63fee8ab07f3c19ed0c04afcaba06f6d9584488da0162d4cc7030ec4f7b9ab89b3e192e4a", "8bc975aabbbbe9e4cbb0e98d43a12e12538b330e6fe3bce73919393417abdc6c58f0abd4f0c29b3c71757f74bc429c808f46e9cda4584203143a0b9705fb16b6", "666f1d5f5c43005b310134ce9a6d0369862b72c1f9f4980a2346c4dd62ad8050", [0x6, 0x61fe]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

167.649155ms ago: executing program 5 (id=2180):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r2, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

59.93798ms ago: executing program 5 (id=2181):
r0 = memfd_create(&(0x7f0000000440)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00uKs\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x141<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r<Y\xa1\xdeP\b\xf1kM\x02\x00\x00\x03\x00eh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\x06]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x05\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\xb7>j0S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ\x00'/1136, 0xc)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x11, r0, 0x54d2e000)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000000)=0x82, 0x4)

59.776852ms ago: executing program 5 (id=2182):
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @dccp={{0x6, 0x4, 0x0, 0x3d, 0x28, 0x67, 0x0, 0x9, 0x21, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ssrr={0x89, 0x3, 0xbd}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, 0x4, "180f8f", 0x1, "fffb45"}}}}}}, 0x0)

357.374µs ago: executing program 5 (id=2183):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x5, 0xe4340000, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000035}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x90)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4084)

121.624µs ago: executing program 5 (id=2184):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00'})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, 0x0, 0x0)

0s ago: executing program 3 (id=2185):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000040)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{0x2, 0x0, 0x1}, 0x8, 0x1, 0x0, 0x0, "771a16b92ea6656b"}, 0x10}, 0x1, 0x0, 0x0, 0x48010}, 0xd209f6d814827b13)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000180)=0x4, 0x4)
recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f0000000940)=[{0x0}, {&(0x7f00000008c0)=""/90, 0x5a}], 0x2}, 0x6}], 0x1, 0x10023, 0x0)

kernel console output (not intermixed with test programs):

 bytes leftover after parsing attributes in process `syz.4.852'.
[  116.220516][ T9012] netlink: 'syz.4.852': attribute type 6 has an invalid length.
[  116.342097][ T9016] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  116.352820][ T9016] netlink: 'syz.4.853': attribute type 11 has an invalid length.
[  116.420075][ T9018] binder: 9017:9018 ioctl c0306201 2000000003c0 returned -14
[  116.425108][ T5286] Bluetooth: hci2: command tx timeout
[  116.585488][ T9021] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  116.593145][ T9021] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  116.600750][ T9021] bond0 (unregistering): Released all slaves
[  116.998317][   T40] kauditd_printk_skb: 210 callbacks suppressed
[  116.998330][   T40] audit: type=1400 audit(116.921:806): avc:  denied  { unmount } for  pid=5922 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  117.026434][ T9027] bond1: Removing last arp target with arp_interval on
[  117.034210][ T9027] macsec1: entered promiscuous mode
[  117.036003][ T9027] macsec1: entered allmulticast mode
[  117.047918][ T9029] bond2: Removing last arp target with arp_interval on
[  117.098241][   T40] audit: type=1400 audit(117.021:807): avc:  denied  { create } for  pid=9036 comm="syz.1.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  117.108539][   T40] audit: type=1400 audit(117.031:808): avc:  denied  { setopt } for  pid=9036 comm="syz.1.858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  117.167947][   T40] audit: type=1400 audit(117.091:809): avc:  denied  { create } for  pid=9041 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  117.181048][   T40] audit: type=1400 audit(117.091:810): avc:  denied  { setopt } for  pid=9041 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  117.300265][ T9053] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.324023][   T40] audit: type=1400 audit(117.241:811): avc:  denied  { getopt } for  pid=9051 comm="syz.4.863" laddr=::ffff:172.20.20.10 lport=59239 faddr=::ffff:172.20.20.187 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  117.338257][   T40] audit: type=1400 audit(117.261:812): avc:  denied  { ioctl } for  pid=9055 comm="syz.1.865" path="socket:[30303]" dev="sockfs" ino=30303 ioctlcmd=0x89a0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  117.362672][   T40] audit: type=1400 audit(117.281:813): avc:  denied  { setopt } for  pid=9055 comm="syz.1.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  117.380528][   T40] audit: type=1400 audit(117.281:814): avc:  denied  { connect } for  pid=9055 comm="syz.1.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  117.395064][   T40] audit: type=1400 audit(117.301:815): avc:  denied  { getopt } for  pid=9055 comm="syz.1.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  117.648417][ T9085] netlink: 'syz.5.877': attribute type 3 has an invalid length.
[  117.719780][ T9094] openvswitch: netlink: Flow key attr not present in new flow.
[  117.782573][ T9099] vxcan1 speed is unknown, defaulting to 1000
[  117.886971][ T9103] netlink: 'syz.4.881': attribute type 10 has an invalid length.
[  117.890136][ T9103] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  117.893325][ T9103] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  117.944871][ T9100] vxcan1 speed is unknown, defaulting to 1000
[  117.992383][ T9114] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  118.121694][ T9123] ptrace attach of "/syz-executor exec"[8706] was attempted by ""[9123]
[  118.266260][ T9136] vxcan1 speed is unknown, defaulting to 1000
[  118.295950][ T9137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.308440][ T9137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.421514][ T9148] xt_ecn: cannot match TCP bits for non-tcp packets
[  118.435742][ T9148] cgroup: name respecified
[  118.506353][ T5286] Bluetooth: hci2: command tx timeout
[  118.549978][ T5971] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  118.563504][ T9153] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9153 comm=syz.4.898
[  118.716693][ T5971] usb 10-1: config 0 has no interfaces?
[  118.730209][ T5971] usb 10-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  118.734193][ T5971] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.745417][ T5971] usb 10-1: Product: syz
[  118.747282][ T5971] usb 10-1: Manufacturer: syz
[  118.749809][ T5971] usb 10-1: SerialNumber: syz
[  118.754188][ T5971] usb 10-1: config 0 descriptor??
[  118.990651][ T8972] usb 10-1: USB disconnect, device number 2
[  119.506925][ T9185] tmpfs: Bad value for 'mpol'
[  119.512818][ T9185] overlayfs: missing 'lowerdir'
[  119.622582][ T9189] loop2: detected capacity change from 0 to 7
[  119.627243][ T6028] Dev loop2: unable to read RDB block 7
[  119.629944][ T6028]  loop2: unable to read partition table
[  119.632025][ T6028] loop2: partition table beyond EOD, truncated
[  119.640185][ T9189] Dev loop2: unable to read RDB block 7
[  119.643202][ T9189]  loop2: unable to read partition table
[  119.648751][ T9189] loop2: partition table beyond EOD, truncated
[  119.658425][ T9189] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  119.878761][ T9194] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  120.046103][ T9202] vcan0: tx address claim with different name
[  120.109340][ T9206] mkiss: ax0: crc mode is auto.
[  120.585359][ T5286] Bluetooth: hci2: command tx timeout
[  120.622058][ T9240] loop6: detected capacity change from 0 to 524288000
[  120.628444][ T9239] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size
[  120.631795][ T9237] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22800 sclass=netlink_route_socket pid=9237 comm=syz.4.924
[  120.714915][ T9244] __nla_validate_parse: 21 callbacks suppressed
[  120.714932][ T9244] netlink: 64 bytes leftover after parsing attributes in process `syz.5.928'.
[  120.721429][ T9247] netlink: 24 bytes leftover after parsing attributes in process `syz.4.927'.
[  120.798786][ T9255] netlink: 24 bytes leftover after parsing attributes in process `syz.3.930'.
[  120.922942][ T9255] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9255 comm=syz.3.930
[  120.926690][ T9263] tipc: Started in network mode
[  120.935345][ T9263] tipc: Node identity 84e, cluster identity 4711
[  120.937898][ T9263] tipc: Node number set to 2126
[  120.945307][ T9265] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  121.024303][ T9261] IPVS: persistence engine module ip_vs_pe_s not found
[  121.066559][ T9281] netlink: 4 bytes leftover after parsing attributes in process `syz.3.937'.
[  121.160651][ T9290] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  121.184516][ T9290] cramfs: wrong magic
[  121.297929][ T9295] netlink: 8 bytes leftover after parsing attributes in process `syz.4.942'.
[  121.301547][ T9295] netlink: 12 bytes leftover after parsing attributes in process `syz.4.942'.
[  121.305187][ T9295] netlink: 'syz.4.942': attribute type 5 has an invalid length.
[  121.314328][ T9295] netlink: 8 bytes leftover after parsing attributes in process `syz.4.942'.
[  121.314362][ T1148] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  121.317306][ T9295] netlink: 12 bytes leftover after parsing attributes in process `syz.4.942'.
[  121.321459][ T1148] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  121.323722][ T9295] netlink: 'syz.4.942': attribute type 5 has an invalid length.
[  121.328685][ T1148] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  121.334503][ T1148] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  121.400598][ T9297] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  121.599013][ T9312] Illegal XDP return value 4294967262 on prog  (id 79) dev N/A, expect packet loss!
[  121.617501][ T9312] netlink: 'syz.1.947': attribute type 1 has an invalid length.
[  121.832428][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.1.948'.
[  121.835566][ T9316] netlink: 224 bytes leftover after parsing attributes in process `syz.1.948'.
[  122.052972][   T40] kauditd_printk_skb: 47 callbacks suppressed
[  122.052984][   T40] audit: type=1800 audit(121.971:863): pid=9337 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.955" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  122.061727][   T40] audit: type=1400 audit(121.981:864): avc:  denied  { mounton } for  pid=9334 comm="syz.4.955" path="/86/file3" dev="tmpfs" ino=472 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  122.113105][   T40] audit: type=1400 audit(122.031:865): avc:  denied  { map } for  pid=9340 comm="syz.5.958" path="pipe:[34094]" dev="pipefs" ino=34094 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  122.121721][ T9341] could not open pipe file descriptor
[  122.201198][ T9349] binder: 9348:9349 ioctl 400c620e 200000000100 returned -22
[  122.351047][   T40] audit: type=1400 audit(122.271:866): avc:  denied  { map } for  pid=9363 comm="syz.4.966" path="socket:[35900]" dev="sockfs" ino=35900 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  122.427884][ T9374] IPv6: NLM_F_CREATE should be specified when creating new route
[  122.431072][ T9374] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  122.434022][ T9374] IPv6: NLM_F_CREATE should be set when creating new route
[  122.493775][ T9380] binder: 9379:9380 ioctl c00c6211 0 returned -14
[  122.546300][   T40] audit: type=1400 audit(122.471:867): avc:  denied  { read } for  pid=9384 comm="syz.5.970" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  122.558686][   T40] audit: type=1400 audit(122.471:868): avc:  denied  { open } for  pid=9384 comm="syz.5.970" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  122.558715][   T40] audit: type=1400 audit(122.481:869): avc:  denied  { ioctl } for  pid=9384 comm="syz.5.970" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 ioctlcmd=0x64ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  122.558738][   T40] audit: type=1400 audit(122.481:870): avc:  denied  { read } for  pid=9384 comm="syz.5.970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  122.720114][   T40] audit: type=1400 audit(122.641:871): avc:  denied  { map } for  pid=9392 comm="syz.5.973" path="/proc/122/net/pfkey" dev="proc" ino=4026533235 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  122.922730][   T40] audit: type=1400 audit(122.841:872): avc:  denied  { map } for  pid=9403 comm="syz.5.977" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  123.934526][ T9418] netlink: 'syz.5.980': attribute type 1 has an invalid length.
[  123.937156][ T9418] netlink: 'syz.5.980': attribute type 4 has an invalid length.
[  124.091912][ T6648] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.095093][ T6645] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.097143][ T9441] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  124.106318][ T9437] Bluetooth: hci4: Frame reassembly failed (-84)
[  124.257734][ T9445] vxcan1 speed is unknown, defaulting to 1000
[  124.376275][ T7546] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  124.514621][ T9449] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9449 comm=syz.5.989
[  124.535292][ T7546] usb 9-1: Using ep0 maxpacket: 8
[  124.538922][ T7546] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  124.543550][ T7546] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  124.548045][ T7546] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.560872][ T7546] usb 9-1: config 0 descriptor??
[  124.755065][ T6009] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  124.918405][ T6009] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84
[  124.923274][ T6009] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024
[  124.931234][ T6009] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024
[  124.938328][ T6009] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  124.942189][ T6009] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.946288][ T6009] usb 10-1: Product: syz
[  124.948122][ T6009] usb 10-1: Manufacturer: syz
[  124.950129][ T6009] usb 10-1: SerialNumber: syz
[  124.954695][ T6009] usb 10-1: config 0 descriptor??
[  124.957743][ T9449] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  125.166747][ T9449] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  125.278843][ T9460] team0: Device gtp0 is up. Set it down before adding it as a team port
[  125.383078][ T8972] usb 10-1: USB disconnect, device number 3
[  125.385770][ T9467] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29037 sclass=netlink_route_socket pid=9467 comm=syz.3.991
[  125.438381][ T9467] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  125.494641][ T9473] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  125.809717][ T9480] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  126.105036][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  126.105106][ T5286] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  126.177387][ T9491] __nla_validate_parse: 5 callbacks suppressed
[  126.177398][ T9491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.995'.
[  126.182795][ T9491] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.186192][ T9491] batadv0: mtu less than device minimum
[  126.189598][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.195865][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.200696][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.204356][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.208248][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.212772][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.217295][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.221350][ T9491] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  126.304753][ T9491] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.306067][ T9494] overlayfs: missing 'lowerdir'
[  126.306108][ T9493] overlayfs: missing 'lowerdir'
[  126.350338][ T9498] netlink: 16 bytes leftover after parsing attributes in process `syz.5.997'.
[  126.534426][ T7546] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  126.535168][ T9506] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  126.539519][ T7546] usb 9-1: USB disconnect, device number 4
[  126.672341][ T9514] Invalid source name
[  126.673663][ T9514] UBIFS error (pid: 9514): cannot open "ubifs", error -22
[  126.709797][ T9519] nilfs2: Unknown parameter 'barrierm'
[  126.716405][ T9519] overlayfs: overlapping lowerdir path
[  126.792874][ T9531] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9531 comm=syz.1.1005
[  126.806329][ T9530] vxcan1 speed is unknown, defaulting to 1000
[  126.978404][ T9530] random: crng reseeded on system resumption
[  127.069958][ T9542] binder: 9539:9542 unknown command 0
[  127.071662][ T9542] binder: 9539:9542 ioctl c0306201 200000000080 returned -22
[  127.078056][ T9542] binder: 9539:9542 ioctl ab02 7 returned -22
[  127.081061][ T9542] binder: 9539:9542 ioctl 0 200000000300 returned -22
[  127.089958][ T9542] binder: 9539:9542 ioctl c004510e 2000000001c0 returned -22
[  127.092709][ T9542] binder: 9539:9542 ioctl 4068aea3 200000000640 returned -22
[  127.197867][   T40] kauditd_printk_skb: 8528 callbacks suppressed
[  127.197885][   T40] audit: type=1400 audit(127.121:9401): avc:  denied  { getopt } for  pid=9546 comm="syz.3.1011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.250829][   T40] audit: type=1400 audit(127.171:9402): avc:  denied  { watch watch_reads } for  pid=9548 comm="syz.3.1012" path="/proc/824/numa_maps" dev="proc" ino=35146 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  127.376617][ T7546] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  127.514099][ T9576] netlink: 'syz.3.1021': attribute type 1 has an invalid length.
[  127.536181][ T9576] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2584 sclass=netlink_route_socket pid=9576 comm=syz.3.1021
[  127.547439][ T7546] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.552257][ T7546] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.562588][ T7546] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  127.584784][ T9576] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9576 comm=syz.3.1021
[  127.585330][ T7546] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  127.593140][ T7546] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.597914][ T7546] usb 9-1: config 0 descriptor??
[  127.610726][ T9576] bridge_slave_1: left promiscuous mode
[  127.613287][ T9576] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.632904][ T9576] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  127.639810][ T9586] nbd: couldn't find device at index -2127233020
[  127.645079][   T40] audit: type=1400 audit(127.561:9403): avc:  denied  { lock } for  pid=9585 comm="syz.1.1024" path="socket:[33521]" dev="sockfs" ino=33521 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  127.681590][ T9590] netlink: 108 bytes leftover after parsing attributes in process `syz.5.1023'.
[  127.684858][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1023'.
[  127.697725][ T9591] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1021'.
[  127.758894][   T40] audit: type=1400 audit(127.681:9404): avc:  denied  { mounton } for  pid=9594 comm="syz.1.1027" path="/202/file0" dev="tmpfs" ino=1085 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  127.758930][ T9595] fuse: Bad value for 'user_id'
[  127.767193][ T9595] fuse: Bad value for 'user_id'
[  127.859598][ T9606] netlink: 'syz.5.1030': attribute type 12 has an invalid length.
[  128.004367][ T7546] usbhid 9-1:0.0: can't add hid device: -71
[  128.006437][ T7546] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  128.011571][ T7546] usb 9-1: USB disconnect, device number 5
[  128.572931][ T9615] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1032'.
[  128.631861][   T40] audit: type=1400 audit(128.551:9405): avc:  denied  { write } for  pid=9620 comm="syz.3.1034" name="2:0:0:0" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  128.679707][ T9623] net_ratelimit: 11 callbacks suppressed
[  128.679725][ T9623] openvswitch: netlink: Tunnel attr 140 out of range max 16
[  128.716484][   T40] audit: type=1400 audit(128.641:9406): avc:  denied  { append } for  pid=9624 comm="syz.3.1036" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  128.740731][ T9628] (syz.4.1037,9628,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  128.740741][   T40] audit: type=1400 audit(128.661:9407): avc:  denied  { create } for  pid=9626 comm="syz.4.1037" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  128.804136][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1039'.
[  128.874313][ T9637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1040'.
[  128.877965][ T9637] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1040'.
[  128.921412][ T9641] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  128.963822][ T9646] vxcan1 speed is unknown, defaulting to 1000
[  128.970825][ T9650] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=49706 sclass=netlink_route_socket pid=9650 comm=syz.3.1045
[  128.976383][   T40] audit: type=1400 audit(128.901:9408): avc:  denied  { execute } for  pid=9648 comm="syz.3.1045" dev="tmpfs" ino=2076 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  128.984171][   T40] audit: type=1400 audit(128.901:9409): avc:  denied  { execute_no_trans } for  pid=9648 comm="syz.3.1045" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=2076 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  129.147974][ T9646] IPVS: You probably need to specify IP address on multicast interface.
[  129.150654][ T9646] IPVS: Error connecting to the multicast addr
[  129.183680][ T9660] input: syz1 as /devices/virtual/input/input23
[  129.186957][ T9660] input: failed to attach handler leds to device input23, error: -6
[  129.193585][   T40] audit: type=1400 audit(129.111:9410): avc:  denied  { read } for  pid=5319 comm="acpid" name="event4" dev="devtmpfs" ino=3056 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  129.245602][ T9662] syzkaller1: entered promiscuous mode
[  129.247435][ T9662] syzkaller1: entered allmulticast mode
[  129.513864][ T9674] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1052'.
[  129.614893][ T9677] 8021q: adding VLAN 0 to HW filter on device bond4
[  129.952602][ T9704] netlink: 'syz.5.1057': attribute type 12 has an invalid length.
[  129.970028][ T9704] netlink: 'syz.5.1057': attribute type 29 has an invalid length.
[  130.001217][ T6648] tipc: Subscription rejected, illegal request
[  130.991090][ T9734] overlayfs: missing 'lowerdir'
[  131.000127][ T9734] FAT-fs (sr0): bogus number of reserved sectors
[  131.002770][ T9734] FAT-fs (sr0): Can't find a valid FAT filesystem
[  131.071138][ T9737] can0: slcan on pty22.
[  131.076787][ T9740] input: syz1 as /devices/virtual/input/input24
[  131.108437][ T9745] SELinux:  Context system_u:object_r:unconfined_execmem_exec_t:s0 is not valid (left unmapped).
[  131.177389][ T9732] can0 (unregistered): slcan off pty22.
[  131.266316][ T9761] SELinux: ebitmap: truncated map
[  131.271284][ T9761] SELinux: failed to load policy
[  131.338778][ T9772] ptrace attach of "/syz-executor exec"[5922] was attempted by "/syz-executor exec"[9772]
[  131.560699][ T9787] netlink: 'syz.3.1076': attribute type 9 has an invalid length.
[  131.612899][ T9790] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  131.616293][ T9790] team0: Device ipvlan2 is already an upper device of the team interface
[  131.858568][ T9808] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.878902][ T9811] sock: sock_timestamping_bind_phc: sock not bind to device
[  131.926230][ T9817] sctp: [Deprecated]: syz.4.1083 (pid 9817) Use of struct sctp_assoc_value in delayed_ack socket option.
[  131.926230][ T9817] Use struct sctp_sack_info instead
[  132.002460][ T9826] mac80211_hwsim hwsim16 syzkaller0: entered promiscuous mode
[  132.009190][ T9826] mac80211_hwsim hwsim16 syzkaller0: entered allmulticast mode
[  132.169881][ T9839] IPVS: set_ctl: invalid protocol: 51 0.0.0.0:20000
[  132.172936][ T9839] IPVS: set_ctl: invalid protocol: 108 224.0.0.2:20003
[  132.176048][ T9840] IPVS: set_ctl: invalid protocol: 108 224.0.0.2:20003
[  132.208673][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  132.208687][   T40] audit: type=1400 audit(132.131:9434): avc:  denied  { ioctl } for  pid=9842 comm="syz.1.1090" path="socket:[36521]" dev="sockfs" ino=36521 ioctlcmd=0x89ea scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  132.243037][   T40] audit: type=1400 audit(132.161:9435): avc:  denied  { append } for  pid=9831 comm="syz.4.1087" name="usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  132.372811][ T9857] FAULT_INJECTION: forcing a failure.
[  132.372811][ T9857] name failslab, interval 1, probability 0, space 0, times 1
[  132.378333][ T9857] CPU: 3 UID: 0 PID: 9857 Comm: syz.4.1093 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  132.378359][ T9857] Tainted: [L]=SOFTLOCKUP
[  132.378365][ T9857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  132.378375][ T9857] Call Trace:
[  132.378382][ T9857]  <TASK>
[  132.378388][ T9857]  dump_stack_lvl+0x100/0x190
[  132.378432][ T9857]  should_fail_ex.cold+0x5/0xa
[  132.378454][ T9857]  ? tomoyo_encode2+0xfb/0x3c0
[  132.378485][ T9857]  should_failslab+0xc2/0x120
[  132.378509][ T9857]  __kmalloc_noprof+0xe0/0x850
[  132.378535][ T9857]  tomoyo_encode2+0xfb/0x3c0
[  132.378561][ T9857]  tomoyo_encode+0x29/0x50
[  132.378584][ T9857]  tomoyo_realpath_from_path+0x18c/0x690
[  132.378614][ T9857]  tomoyo_path_number_perm+0x23c/0x580
[  132.378634][ T9857]  ? tomoyo_path_number_perm+0x22e/0x580
[  132.378661][ T9857]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  132.378706][ T9857]  ? find_held_lock+0x2b/0x80
[  132.378726][ T9857]  ? __fget_files+0x215/0x3d0
[  132.378749][ T9857]  ? hook_file_ioctl_common+0x146/0x410
[  132.378772][ T9857]  ? __fget_files+0x21f/0x3d0
[  132.378799][ T9857]  security_file_ioctl+0xd3/0x230
[  132.378823][ T9857]  __x64_sys_ioctl+0xb7/0x210
[  132.378847][ T9857]  do_syscall_64+0x106/0xf80
[  132.378984][ T9857]  ? clear_bhb_loop+0x40/0x90
[  132.379005][ T9857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.379023][ T9857] RIP: 0033:0x7f21c6f9bf79
[  132.379037][ T9857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.379052][ T9857] RSP: 002b:00007f21c7e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  132.379069][ T9857] RAX: ffffffffffffffda RBX: 00007f21c7215fa0 RCX: 00007f21c6f9bf79
[  132.379080][ T9857] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  132.379089][ T9857] RBP: 00007f21c7e81090 R08: 0000000000000000 R09: 0000000000000000
[  132.379099][ T9857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.379108][ T9857] R13: 00007f21c7216038 R14: 00007f21c7215fa0 R15: 00007ffe23828168
[  132.379132][ T9857]  </TASK>
[  132.379150][ T9857] ERROR: Out of memory at tomoyo_realpath_from_path.
[  132.518167][   T40] audit: type=1400 audit(132.441:9436): avc:  denied  { create } for  pid=9859 comm="syz.1.1094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  132.579774][   T40] audit: type=1400 audit(132.501:9437): avc:  denied  { ioctl } for  pid=9859 comm="syz.1.1094" path="socket:[36534]" dev="sockfs" ino=36534 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  132.600401][   T40] audit: type=1400 audit(132.521:9438): avc:  denied  { ioctl } for  pid=9861 comm="syz.4.1095" path="socket:[37950]" dev="sockfs" ino=37950 ioctlcmd=0xb100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  132.744292][ T9869] __nla_validate_parse: 3 callbacks suppressed
[  132.744309][ T9869] netlink: 588 bytes leftover after parsing attributes in process `syz.1.1096'.
[  132.973338][ T9898] FAULT_INJECTION: forcing a failure.
[  132.973338][ T9898] name failslab, interval 1, probability 0, space 0, times 0
[  132.977797][ T9898] CPU: 0 UID: 0 PID: 9898 Comm: syz.1.1103 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  132.977814][ T9898] Tainted: [L]=SOFTLOCKUP
[  132.977818][ T9898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  132.977825][ T9898] Call Trace:
[  132.977829][ T9898]  <TASK>
[  132.977834][ T9898]  dump_stack_lvl+0x100/0x190
[  132.977856][ T9898]  should_fail_ex.cold+0x5/0xa
[  132.977870][ T9898]  should_failslab+0xc2/0x120
[  132.977887][ T9898]  __kmalloc_cache_noprof+0x7a/0x6f0
[  132.977899][ T9898]  ? vhost_task_create+0xee/0x370
[  132.977917][ T9898]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  132.977934][ T9898]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  132.977951][ T9898]  vhost_task_create+0xee/0x370
[  132.977963][ T9898]  ? __pfx_vhost_task_create+0x10/0x10
[  132.977975][ T9898]  ? trace_contention_end+0x140/0x180
[  132.977989][ T9898]  ? __pfx_vhost_task_fn+0x10/0x10
[  132.978002][ T9898]  ? __pfx___mutex_lock+0x10/0x10
[  132.978016][ T9898]  ? kasan_quarantine_put+0x104/0x240
[  132.978030][ T9898]  ? lockdep_hardirqs_on+0x78/0x100
[  132.978047][ T9898]  kvm_mmu_post_init_vm+0x1b3/0x370
[  132.978060][ T9898]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  132.978074][ T9898]  ? kvm_vcpu_ioctl+0x155c/0x1730
[  132.978093][ T9898]  kvm_vcpu_ioctl+0x730/0x1730
[  132.978110][ T9898]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  132.978127][ T9898]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  132.978142][ T9898]  ? do_vfs_ioctl+0x226/0x13e0
[  132.978157][ T9898]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  132.978171][ T9898]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  132.978193][ T9898]  ? __fget_files+0x215/0x3d0
[  132.978209][ T9898]  ? hook_file_ioctl_common+0x146/0x410
[  132.978224][ T9898]  ? selinux_file_ioctl+0x139/0x290
[  132.978240][ T9898]  ? selinux_file_ioctl+0xb4/0x290
[  132.978257][ T9898]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  132.978273][ T9898]  __x64_sys_ioctl+0x18e/0x210
[  132.978289][ T9898]  do_syscall_64+0x106/0xf80
[  132.978302][ T9898]  ? clear_bhb_loop+0x40/0x90
[  132.978316][ T9898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.978327][ T9898] RIP: 0033:0x7f88ca99bf79
[  132.978337][ T9898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.978348][ T9898] RSP: 002b:00007f88cb935028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  132.978359][ T9898] RAX: ffffffffffffffda RBX: 00007f88cac15fa0 RCX: 00007f88ca99bf79
[  132.978365][ T9898] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  132.978372][ T9898] RBP: 00007f88cb935090 R08: 0000000000000000 R09: 0000000000000000
[  132.978378][ T9898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.978385][ T9898] R13: 00007f88cac16038 R14: 00007f88cac15fa0 R15: 00007ffc4b0c6df8
[  132.978399][ T9898]  </TASK>
[  133.205041][ T2304] usb 9-1: new low-speed USB device number 6 using dummy_hcd
[  133.217972][ T9902] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.1104'.
[  133.365179][ T2304] usb 9-1: Invalid ep0 maxpacket: 64
[  133.505043][ T2304] usb 9-1: new low-speed USB device number 7 using dummy_hcd
[  133.665065][ T2304] usb 9-1: Invalid ep0 maxpacket: 64
[  133.669167][ T2304] usb usb9-port1: attempt power cycle
[  133.725102][    T9] usb 6-1: new low-speed USB device number 14 using dummy_hcd
[  133.886946][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  133.890127][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.894036][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.898001][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.902088][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.908605][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  133.911456][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.916002][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.920998][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.924877][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.930909][    T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  133.933748][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  133.937370][    T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  133.942185][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  133.946323][    T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  133.952961][    T9] usb 6-1: string descriptor 0 read error: -22
[  133.955795][    T9] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  133.959759][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.976546][    T9] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  134.005327][ T2304] usb 9-1: new low-speed USB device number 8 using dummy_hcd
[  134.025867][ T2304] usb 9-1: Invalid ep0 maxpacket: 64
[  134.165089][ T2304] usb 9-1: new low-speed USB device number 9 using dummy_hcd
[  134.186833][ T2304] usb 9-1: Invalid ep0 maxpacket: 64
[  134.189465][ T2304] usb usb9-port1: unable to enumerate USB device
[  135.077229][   T40] audit: type=1400 audit(135.001:9439): avc:  denied  { map } for  pid=9920 comm="syz.3.1109" path="/dev/ttyprintk" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  135.086585][   T40] audit: type=1400 audit(135.001:9440): avc:  denied  { execute } for  pid=9920 comm="syz.3.1109" path="/dev/ttyprintk" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  135.440453][   T40] audit: type=1400 audit(135.361:9441): avc:  denied  { setopt } for  pid=9930 comm="syz.5.1112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  135.488735][ T9936] xt_CT: You must specify a L4 protocol and not use inversions on it
[  135.698654][ T9942] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  135.706073][ T9942] overlayfs: overlapping lowerdir path
[  136.001242][ T9946] loop9: detected capacity change from 0 to 7
[  136.005150][ T6028] buffer_io_error: 23 callbacks suppressed
[  136.005165][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.011994][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.018478][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.021822][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.025300][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.028464][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.031752][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.035273][ T6028] ldm_validate_partition_table(): Disk read failed.
[  136.038095][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.040653][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.043062][ T6028] Buffer I/O error on dev loop9, logical block 0, async page read
[  136.044541][ T9948] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1117'.
[  136.044590][ T9949] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1117'.
[  136.045814][ T6028] Dev loop9: unable to read RDB block 0
[  136.050476][ T9948] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.1117'.
[  136.052551][ T6028]  loop9: unable to read partition table
[  136.060651][ T6028] loop9: partition table beyond EOD, truncated
[  136.063955][ T9946] ldm_validate_partition_table(): Disk read failed.
[  136.068601][ T9946] Dev loop9: unable to read RDB block 0
[  136.071143][ T9946]  loop9: unable to read partition table
[  136.073648][ T9946] loop9: partition table beyond EOD, truncated
[  136.077229][ T9946] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  136.077229][ T9946] 
) failed (rc=-5)
[  136.086657][ T9951] ldm_validate_partition_table(): Disk read failed.
[  136.088801][ T9953] tipc: Enabled bearer <udp:s>, priority 10
[  136.089492][ T9951] Dev loop9: unable to read RDB block 0
[  136.093733][ T9951]  loop9: unable to read partition table
[  136.096455][ T9951] loop9: partition table beyond EOD, truncated
[  136.170537][ T9955] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1121'.
[  136.223296][ T9959] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1122'.
[  136.258135][   T40] audit: type=1400 audit(136.181:9442): avc:  denied  { read write } for  pid=9960 comm="syz.3.1123" name="mouse0" dev="devtmpfs" ino=946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  136.270118][   T40] audit: type=1400 audit(136.181:9443): avc:  denied  { open } for  pid=9960 comm="syz.3.1123" path="/dev/input/mouse0" dev="devtmpfs" ino=946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  137.185275][ T5971] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  137.200477][ T9996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1134'.
[  137.206847][   T34] tipc: Node number set to 1055987828
[  137.335113][ T5971] usb 10-1: Using ep0 maxpacket: 16
[  137.340842][ T5971] usb 10-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  137.344532][ T5971] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.348149][ T5971] usb 10-1: Product: syz
[  137.349963][ T5971] usb 10-1: Manufacturer: syz
[  137.351883][ T5971] usb 10-1: SerialNumber: syz
[  137.571345][ T5971] usb 10-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  137.580332][ T5971] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  137.583932][ T5971] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  137.587581][ T5971] usb 10-1: media controller created
[  137.594288][ T5971] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  137.606279][ T5971] zl10353_read_register: readreg error (reg=127, ret==-71)
[  137.622008][ T5971] dvb_usb_gl861 10-1:157.0: probe with driver dvb_usb_gl861 failed with error -5
[  137.626420][ T5971] usb 10-1: USB disconnect, device number 4
[  137.867725][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  138.101870][T10007] vxcan1 speed is unknown, defaulting to 1000
[  138.138284][T10010] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1138'.
[  138.155511][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  138.155524][   T40] audit: type=1400 audit(138.081:9449): avc:  denied  { read } for  pid=10008 comm="syz.5.1139" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  138.164770][   T40] audit: type=1400 audit(138.081:9450): avc:  denied  { open } for  pid=10008 comm="syz.5.1139" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  138.175603][   T40] audit: type=1400 audit(138.081:9451): avc:  denied  { ioctl } for  pid=10008 comm="syz.5.1139" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  138.220556][T10014] mkiss: ax0: crc mode is auto.
[  138.311644][   T40] audit: type=1326 audit(138.231:9452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10017 comm="syz.4.1142" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21c6f9bf79 code=0x0
[  138.318680][   T40] audit: type=1326 audit(138.231:9453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10017 comm="syz.4.1142" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f21c6f9bf79 code=0x0
[  138.367276][T10025] bond0: Error: Cannot enslave bond to itself.
[  138.370522][T10025] block nbd3: NBD_DISCONNECT
[  138.481632][   T40] audit: type=1400 audit(138.401:9454): avc:  denied  { write } for  pid=10033 comm="syz.4.1147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  138.481701][T10034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1147'.
[  138.497451][T10035] syzkaller1: entered promiscuous mode
[  138.499455][T10035] syzkaller1: entered allmulticast mode
[  138.507632][ T6009] usb 6-1: USB disconnect, device number 14
[  138.630110][T10041] ������: renamed from vlan0
[  138.640883][T10044] netlink: 'syz.3.1151': attribute type 10 has an invalid length.
[  138.644183][T10044] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1151'.
[  138.659161][T10047] netlink: 'syz.1.1152': attribute type 1 has an invalid length.
[  138.661744][T10047] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1152'.
[  138.777088][T10060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1153'.
[  138.780896][T10060] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1153'.
[  138.832611][   T40] audit: type=1400 audit(138.751:9455): avc:  denied  { listen } for  pid=10063 comm="syz.5.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  138.877629][T10074] FAULT_INJECTION: forcing a failure.
[  138.877629][T10074] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  138.882187][T10074] CPU: 2 UID: 0 PID: 10074 Comm: syz.4.1161 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  138.882205][T10074] Tainted: [L]=SOFTLOCKUP
[  138.882209][T10074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  138.882215][T10074] Call Trace:
[  138.882219][T10074]  <TASK>
[  138.882224][T10074]  dump_stack_lvl+0x100/0x190
[  138.882246][T10074]  should_fail_ex.cold+0x5/0xa
[  138.882261][T10074]  _copy_from_iter+0x1f4/0x1690
[  138.882275][T10074]  ? __asan_memset+0x23/0x50
[  138.882288][T10074]  ? __pfx__copy_from_iter+0x10/0x10
[  138.882299][T10074]  ? __pfx___alloc_skb+0x10/0x10
[  138.882316][T10074]  netlink_sendmsg+0x808/0xda0
[  138.882333][T10074]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.882347][T10074]  ? __might_fault+0x20/0x140
[  138.882364][T10074]  ____sys_sendmsg+0xa54/0xc30
[  138.882382][T10074]  ? __pfx_____sys_sendmsg+0x10/0x10
[  138.882403][T10074]  ___sys_sendmsg+0x190/0x1e0
[  138.882421][T10074]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.882453][T10074]  __sys_sendmsg+0x170/0x220
[  138.882466][T10074]  ? __pfx___sys_sendmsg+0x10/0x10
[  138.882487][T10074]  do_syscall_64+0x106/0xf80
[  138.882501][T10074]  ? clear_bhb_loop+0x40/0x90
[  138.882514][T10074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.882525][T10074] RIP: 0033:0x7f21c6f9bf79
[  138.882535][T10074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.882546][T10074] RSP: 002b:00007f21c7e81028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.882556][T10074] RAX: ffffffffffffffda RBX: 00007f21c7215fa0 RCX: 00007f21c6f9bf79
[  138.882563][T10074] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 0000000000000003
[  138.882569][T10074] RBP: 00007f21c7e81090 R08: 0000000000000000 R09: 0000000000000000
[  138.882576][T10074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.882582][T10074] R13: 00007f21c7216038 R14: 00007f21c7215fa0 R15: 00007ffe23828168
[  138.882596][T10074]  </TASK>
[  138.894051][   T40] audit: type=1400 audit(138.811:9456): avc:  denied  { accept } for  pid=10063 comm="syz.5.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  138.922392][T10065] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  138.947697][T10077] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=2337 sclass=netlink_xfrm_socket pid=10077 comm=syz.4.1162
[  139.026187][   T40] audit: type=1400 audit(138.951:9457): avc:  denied  { read } for  pid=10079 comm="syz.3.1163" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  139.038061][   T40] audit: type=1400 audit(138.951:9458): avc:  denied  { open } for  pid=10079 comm="syz.3.1163" path="/dev/fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  139.091722][T10080] bond0: (slave lo): Error: Can not enslave VLAN challenged device to VLAN enabled bond
[  139.236535][ T7546] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  139.405945][ T7546] usb 9-1: Using ep0 maxpacket: 8
[  139.413522][T10077] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1162'.
[  139.416780][T10077] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1162'.
[  139.425961][T10106] dvmrp0: entered allmulticast mode
[  139.505993][T10113] tmpfs: Cannot disable swap on remount
[  139.506741][ T7546] usb 9-1: unable to get BOS descriptor or descriptor too short
[  139.513683][ T7546] usb 9-1: no configurations
[  139.516518][ T7546] usb 9-1: can't read configurations, error -22
[  139.836675][T10125] FAULT_INJECTION: forcing a failure.
[  139.836675][T10125] name failslab, interval 1, probability 0, space 0, times 0
[  139.840822][T10125] CPU: 3 UID: 0 PID: 10125 Comm: syz.5.1179 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  139.840845][T10125] Tainted: [L]=SOFTLOCKUP
[  139.840849][T10125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.840856][T10125] Call Trace:
[  139.840861][T10125]  <TASK>
[  139.840866][T10125]  dump_stack_lvl+0x100/0x190
[  139.840887][T10125]  should_fail_ex.cold+0x5/0xa
[  139.840902][T10125]  should_failslab+0xc2/0x120
[  139.840919][T10125]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  139.840934][T10125]  ? __alloc_skb+0x140/0x710
[  139.840948][T10125]  __alloc_skb+0x140/0x710
[  139.840958][T10125]  ? __alloc_skb+0x5b7/0x710
[  139.840969][T10125]  ? __pfx___alloc_skb+0x10/0x10
[  139.840985][T10125]  netlink_ack+0x117/0xb80
[  139.840999][T10125]  ? avc_has_perm_noaudit+0x145/0x3b0
[  139.841016][T10125]  netlink_rcv_skb+0x333/0x420
[  139.841031][T10125]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  139.841043][T10125]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  139.841064][T10125]  ? ns_capable+0xd2/0xf0
[  139.841077][T10125]  nfnetlink_rcv+0x1b3/0x440
[  139.841095][T10125]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  139.841113][T10125]  ? netlink_deliver_tap+0x1ae/0xcc0
[  139.841130][T10125]  netlink_unicast+0x5aa/0x870
[  139.841146][T10125]  ? __pfx_netlink_unicast+0x10/0x10
[  139.841166][T10125]  netlink_sendmsg+0x8b0/0xda0
[  139.841183][T10125]  ? __pfx_netlink_sendmsg+0x10/0x10
[  139.841197][T10125]  ? __might_fault+0x20/0x140
[  139.841214][T10125]  ____sys_sendmsg+0xa54/0xc30
[  139.841232][T10125]  ? __pfx_____sys_sendmsg+0x10/0x10
[  139.841254][T10125]  ___sys_sendmsg+0x190/0x1e0
[  139.841272][T10125]  ? __pfx____sys_sendmsg+0x10/0x10
[  139.841305][T10125]  __sys_sendmsg+0x170/0x220
[  139.841318][T10125]  ? __pfx___sys_sendmsg+0x10/0x10
[  139.841339][T10125]  do_syscall_64+0x106/0xf80
[  139.841353][T10125]  ? clear_bhb_loop+0x40/0x90
[  139.841366][T10125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.841378][T10125] RIP: 0033:0x7ff62479bf79
[  139.841387][T10125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.841398][T10125] RSP: 002b:00007ff625738028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  139.841409][T10125] RAX: ffffffffffffffda RBX: 00007ff624a15fa0 RCX: 00007ff62479bf79
[  139.841415][T10125] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 0000000000000003
[  139.841422][T10125] RBP: 00007ff625738090 R08: 0000000000000000 R09: 0000000000000000
[  139.841428][T10125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.841434][T10125] R13: 00007ff624a16038 R14: 00007ff624a15fa0 R15: 00007ffcfbc46c58
[  139.841448][T10125]  </TASK>
[  140.058235][T10132] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  140.069261][T10129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1181'.
[  140.120156][T10134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1183'.
[  140.336570][T10142] xt_hashlimit: size too large, truncated to 1048576
[  140.415634][T10150] macsec1: entered promiscuous mode
[  140.418277][T10150] macsec1: entered allmulticast mode
[  140.571638][T10166] 9p: Could not find request transport: fr
[  141.229168][T10192] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  141.233584][T10192] bond0: (slave lo): Error: Device can not be enslaved while up
[  141.370242][T10198] misc userio: No port type given on /dev/userio
[  141.961471][T10219] IPVS: fo: SCTP 172.20.20.187:0 - no destination available
[  143.162564][T10245] macsec1: entered promiscuous mode
[  143.309553][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  143.309564][   T40] audit: type=1400 audit(143.231:9470): avc:  denied  { append } for  pid=10267 comm="syz.5.1218" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  143.311131][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.319606][T10268] geneve2: entered allmulticast mode
[  143.320478][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.327429][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.328074][   T40] audit: type=1400 audit(143.251:9471): avc:  denied  { execute } for  pid=10267 comm="syz.5.1218" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  143.330562][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.342304][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.345205][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.347577][   T40] audit: type=1400 audit(143.271:9472): avc:  denied  { getopt } for  pid=10269 comm="syz.1.1219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  143.347678][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.347732][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.360613][T10259] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  143.368508][T10270] overlay: ./file0 is not a directory
[  143.379536][   T40] audit: type=1400 audit(143.301:9473): avc:  denied  { setattr } for  pid=10269 comm="syz.1.1219" name="tun" dev="devtmpfs" ino=720 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tun_tap_device_t tclass=chr_file permissive=1
[  143.394598][   T40] audit: type=1400 audit(143.311:9474): avc:  denied  { mount } for  pid=10271 comm="syz.5.1220" name="/" dev="autofs" ino=38452 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  143.414889][   T40] audit: type=1400 audit(143.331:9475): avc:  denied  { unmount } for  pid=8706 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  143.571102][T10293] netlink: 'syz.5.1226': attribute type 3 has an invalid length.
[  144.078792][T10342] syzkaller0: entered promiscuous mode
[  144.081209][T10342] syzkaller0: entered allmulticast mode
[  144.081331][   T40] audit: type=1400 audit(143.998:9476): avc:  denied  { create } for  pid=10345 comm="syz.3.1241" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  144.254467][T10362] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  144.262656][T10357] syz.4.1246 (10357): drop_caches: 2
[  144.354766][   T40] audit: type=1400 audit(144.268:9477): avc:  denied  { link } for  pid=10366 comm="syz.4.1248" name="#29" dev="tmpfs" ino=897 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  144.373570][T10369] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  144.373962][   T40] audit: type=1400 audit(144.278:9478): avc:  denied  { rename } for  pid=10366 comm="syz.4.1248" name="#2a" dev="tmpfs" ino=897 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  144.378269][T10369] overlayfs: overlapping lowerdir path
[  144.459906][T10372] QAT: failed to copy from user cfg_data.
[  144.641108][T10375] netlink: 596 bytes leftover after parsing attributes in process `syz.4.1251'.
[  144.644111][   T40] audit: type=1400 audit(144.568:9479): avc:  denied  { write } for  pid=10374 comm="syz.4.1251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  145.668562][T10394] tipc: Can't bind to reserved service type 2
[  145.671874][T10394] tmpfs: Bad value for 'mpol'
[  145.676342][T10394] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  145.873785][T10400] kvm: emulating exchange as write
[  146.038755][T10430] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[  146.089649][T10436] [U] V�3��Fپ"S��/��4:�XTZ�W�T��LW��=
[  146.217524][T10442] 9pnet_fd: Insufficient options for proto=fd
[  146.382444][T10460] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1280'.
[  146.423266][T10460] netlink: 'syz.1.1280': attribute type 1 has an invalid length.
[  146.427293][T10460] netlink: 'syz.1.1280': attribute type 1 has an invalid length.
[  146.430788][T10460] netlink: 9172 bytes leftover after parsing attributes in process `syz.1.1280'.
[  146.587121][T10399] [U] J"�E:��"


[  146.707380][T10469] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1284'.
[  147.851046][T10488] [syz.1.] <== rxrpc_preparse_xdr_yfs_rxgk() = -EKEYREJECTED [d9c19884!=bc, 2c,d9c19820]
[  147.964294][T10491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1290'.
[  148.135928][T10495] netlink: 'syz.1.1292': attribute type 4 has an invalid length.
[  148.153421][T10495] netlink: 'syz.1.1292': attribute type 4 has an invalid length.
[  148.355321][T10510] loop2: detected capacity change from 0 to 7
[  148.365364][T10510] Dev loop2: unable to read RDB block 7
[  148.367149][T10510]  loop2: AHDI p1 p2 p3
[  148.368485][T10510] loop2: partition table partially beyond EOD, truncated
[  148.370888][T10510] loop2: p1 start 1601398130 is beyond EOD, truncated
[  148.373038][T10510] loop2: p2 start 1702059890 is beyond EOD, truncated
[  148.438103][T10515] smc: net device bond0 applied user defined pnetid SYZ2
[  148.444731][T10515] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1295'.
[  148.680919][T10520] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1298'.
[  148.684776][T10520] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1298'.
[  148.691099][T10520] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1298'.
[  148.907201][T10528] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1301'.
[  149.170697][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  149.170709][   T40] audit: type=1400 audit(149.088:9492): avc:  denied  { listen } for  pid=10545 comm="syz.5.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  149.179788][T10546] pim6reg99999999: entered allmulticast mode
[  149.349932][T10557] loop2: detected capacity change from 0 to 7
[  149.352546][T10557] Dev loop2: unable to read RDB block 7
[  149.354375][T10557]  loop2: unable to read partition table
[  149.356346][T10557] loop2: partition table beyond EOD, truncated
[  149.358399][T10557] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  149.458285][T10563] xt_hashlimit: invalid interval
[  149.540348][   T40] audit: type=1400 audit(149.458:9493): avc:  denied  { bind } for  pid=10564 comm="syz.3.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  149.576043][   T40] audit: type=1400 audit(149.498:9494): avc:  denied  { ioctl } for  pid=10568 comm="syz.3.1314" path="socket:[42415]" dev="sockfs" ino=42415 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  149.795164][T10583] __nla_validate_parse: 3 callbacks suppressed
[  149.795176][T10583] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1320'.
[  149.798634][T10588] netlink: 'syz.3.1322': attribute type 9 has an invalid length.
[  149.799888][T10583] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1320'.
[  149.802748][T10588] netlink: 'syz.3.1322': attribute type 11 has an invalid length.
[  149.802760][T10588] netlink: 'syz.3.1322': attribute type 12 has an invalid length.
[  149.802769][T10588] netlink: 210020 bytes leftover after parsing attributes in process `syz.3.1322'.
[  149.802857][T10588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1322'.
[  149.806471][T10583] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1320'.
[  149.823039][T10583] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1320'.
[  149.829528][T10583] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1320'.
[  149.846767][T10589] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  149.852833][T10589] batman_adv: batadv0: Adding interface: gretap1
[  149.857137][T10589] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  149.867536][T10589] batman_adv: batadv0: Interface activated: gretap1
[  149.968922][   T40] audit: type=1400 audit(149.888:9495): avc:  denied  { connect } for  pid=10591 comm="syz.5.1323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  150.141576][T10599] bond0: (slave veth0_vlan): Error: Device is in use and cannot be enslaved
[  150.313271][   T40] audit: type=1400 audit(150.228:9496): avc:  denied  { ioctl } for  pid=10609 comm="syz.5.1330" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  150.366656][   T40] audit: type=1400 audit(150.288:9497): avc:  denied  { mount } for  pid=10611 comm="syz.1.1331" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  150.366997][T10612] devtmpfs: Unknown parameter 'usrquo�͐n��ode_hardlimit'
[  150.376010][   T40] audit: type=1400 audit(150.288:9498): avc:  denied  { remount } for  pid=10611 comm="syz.1.1331" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  150.388695][   T40] audit: type=1400 audit(150.308:9499): avc:  denied  { mounton } for  pid=10611 comm="syz.1.1331" path="mnt:[4026533267]" dev="nsfs" ino=4026533267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  150.404869][   T40] audit: type=1400 audit(150.318:9500): avc:  denied  { unmount } for  pid=5923 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  150.459815][T10623] input: syz0 as /devices/virtual/input/input25
[  150.476503][   T40] audit: type=1400 audit(150.398:9501): avc:  denied  { name_bind } for  pid=10621 comm="syz.5.1334" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  150.576362][T10629] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1335'.
[  150.857464][T10653] netlink: 10 bytes leftover after parsing attributes in process `syz.5.1341'.
[  151.037547][T10663] xt_HMARK: spi-set and port-set can't be combined
[  151.042499][T10664] xt_HMARK: spi-set and port-set can't be combined
[  151.865511][   T63] Bluetooth: hci4: command 0x1003 tx timeout
[  151.868601][ T5286] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  152.056656][T10697] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10697 comm=syz.5.1355
[  152.472562][T10714] overlayfs: missing 'lowerdir'
[  152.517406][T10716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1361'.
[  153.278593][T10760] FAULT_INJECTION: forcing a failure.
[  153.278593][T10760] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.284101][T10760] CPU: 1 UID: 0 PID: 10760 Comm: syz.4.1370 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  153.284128][T10760] Tainted: [L]=SOFTLOCKUP
[  153.284134][T10760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  153.284144][T10760] Call Trace:
[  153.284151][T10760]  <TASK>
[  153.284159][T10760]  dump_stack_lvl+0x100/0x190
[  153.284204][T10760]  should_fail_ex.cold+0x5/0xa
[  153.284228][T10760]  _copy_from_user+0x2e/0xd0
[  153.284257][T10760]  copy_msghdr_from_user+0x9f/0x4f0
[  153.284296][T10760]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  153.284327][T10760]  ? __pfx__kstrtoull+0x10/0x10
[  153.284355][T10760]  ___sys_sendmsg+0x106/0x1e0
[  153.284382][T10760]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.284419][T10760]  ? find_held_lock+0x2b/0x80
[  153.284456][T10760]  __sys_sendmmsg+0x205/0x430
[  153.284479][T10760]  ? __pfx___sys_sendmmsg+0x10/0x10
[  153.284508][T10760]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  153.284542][T10760]  ? fput+0x79/0x100
[  153.284560][T10760]  ? ksys_write+0x1ac/0x250
[  153.284582][T10760]  ? __pfx_ksys_write+0x10/0x10
[  153.284610][T10760]  __x64_sys_sendmmsg+0x9c/0x100
[  153.284629][T10760]  ? lockdep_hardirqs_on+0x78/0x100
[  153.284650][T10760]  do_syscall_64+0x106/0xf80
[  153.284670][T10760]  ? clear_bhb_loop+0x40/0x90
[  153.284692][T10760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.284710][T10760] RIP: 0033:0x7f21c6f9bf79
[  153.284731][T10760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.284747][T10760] RSP: 002b:00007f21c7e81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  153.284764][T10760] RAX: ffffffffffffffda RBX: 00007f21c7215fa0 RCX: 00007f21c6f9bf79
[  153.284776][T10760] RDX: 0000000000000001 RSI: 0000200000002a80 RDI: 0000000000000003
[  153.284786][T10760] RBP: 00007f21c7e81090 R08: 0000000000000000 R09: 0000000000000000
[  153.284796][T10760] R10: 0000000020000001 R11: 0000000000000246 R12: 0000000000000001
[  153.284806][T10760] R13: 00007f21c7216038 R14: 00007f21c7215fa0 R15: 00007ffe23828168
[  153.284831][T10760]  </TASK>
[  153.496742][T10770] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=10770 comm=syz.4.1375
[  153.835080][ T6009] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  153.996940][ T6009] usb 9-1: Using ep0 maxpacket: 32
[  154.001928][ T6009] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  154.009724][ T6009] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  154.013528][ T6009] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  154.017565][ T6009] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  154.022238][ T6009] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  154.025294][T10785] FAULT_INJECTION: forcing a failure.
[  154.025294][T10785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.027466][ T6009] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  154.030688][T10785] CPU: 2 UID: 0 PID: 10785 Comm: syz.3.1380 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  154.030706][T10785] Tainted: [L]=SOFTLOCKUP
[  154.030709][T10785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  154.030716][T10785] Call Trace:
[  154.030720][T10785]  <TASK>
[  154.030725][T10785]  dump_stack_lvl+0x100/0x190
[  154.030757][T10785]  should_fail_ex.cold+0x5/0xa
[  154.030776][T10785]  _copy_from_user+0x2e/0xd0
[  154.030800][T10785]  move_addr_to_kernel+0x65/0x170
[  154.030844][T10785]  copy_msghdr_from_user+0x417/0x4f0
[  154.030861][T10785]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  154.030881][T10785]  ? __pfx__kstrtoull+0x10/0x10
[  154.030898][T10785]  ___sys_sendmsg+0x106/0x1e0
[  154.030916][T10785]  ? __pfx____sys_sendmsg+0x10/0x10
[  154.030939][T10785]  ? find_held_lock+0x2b/0x80
[  154.030961][T10785]  __sys_sendmmsg+0x205/0x430
[  154.030976][T10785]  ? __pfx___sys_sendmmsg+0x10/0x10
[  154.030993][T10785]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  154.031014][T10785]  ? fput+0x79/0x100
[  154.031024][T10785]  ? ksys_write+0x1ac/0x250
[  154.031039][T10785]  ? __pfx_ksys_write+0x10/0x10
[  154.031056][T10785]  __x64_sys_sendmmsg+0x9c/0x100
[  154.031068][T10785]  ? lockdep_hardirqs_on+0x78/0x100
[  154.031082][T10785]  do_syscall_64+0x106/0xf80
[  154.031095][T10785]  ? clear_bhb_loop+0x40/0x90
[  154.031108][T10785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.031120][T10785] RIP: 0033:0x7fcdd699bf79
[  154.031129][T10785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  154.031140][T10785] RSP: 002b:00007fcdd7836028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  154.031151][T10785] RAX: ffffffffffffffda RBX: 00007fcdd6c15fa0 RCX: 00007fcdd699bf79
[  154.031158][T10785] RDX: 0000000000000001 RSI: 0000200000002a80 RDI: 0000000000000003
[  154.031164][T10785] RBP: 00007fcdd7836090 R08: 0000000000000000 R09: 0000000000000000
[  154.031171][T10785] R10: 0000000020000001 R11: 0000000000000246 R12: 0000000000000001
[  154.031180][T10785] R13: 00007fcdd6c16038 R14: 00007fcdd6c15fa0 R15: 00007ffe6084a8b8
[  154.031196][T10785]  </TASK>
[  154.124188][T10788] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  154.127932][ T6009] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  154.144192][ T6009] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.151645][ T6009] usb 9-1: config 0 descriptor??
[  154.318140][T10807] kvm: user requested TSC rate below hardware speed
[  154.361014][ T6009] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  154.376883][ T6009] usb 9-1: USB disconnect, device number 12
[  154.387272][ T6009] usblp0: removed
[  154.815040][ T6009] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  154.995105][ T6009] usb 9-1: Using ep0 maxpacket: 32
[  155.007294][ T6009] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[  155.010219][ T6009] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  155.013157][ T6009] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[  155.016862][ T6009] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  155.020203][ T6009] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  155.024073][ T6009] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  155.028877][ T6009] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  155.031945][ T6009] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.036314][ T6009] usb 9-1: config 0 descriptor??
[  155.168049][T10841] futex_wake_op: syz.3.1389 tries to shift op by 32; fix this program
[  155.235323][T10843] netlink: 'syz.5.1390': attribute type 1 has an invalid length.
[  155.249906][ T6009] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  155.260880][T10843] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  155.264362][T10843] bond1: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  155.269987][T10843] bond1: (slave vxcan3): making interface the new active one
[  155.272716][T10843] bond1: (slave vxcan3): Enslaving as an active interface with an up link
[  155.278975][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  155.278989][   T40] audit: type=1400 audit(155.208:9518): avc:  denied  { mounton } for  pid=10842 comm="syz.5.1390" path="/syzcgroup/unified/syz5" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=dir permissive=1
[  155.291693][T10843] __nla_validate_parse: 3 callbacks suppressed
[  155.291707][T10843] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1390'.
[  155.292628][   T40] audit: type=1400 audit(155.208:9519): avc:  denied  { mount } for  pid=10842 comm="syz.5.1390" name="/" dev="pstore" ino=7345 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  155.308849][T10843] hsr_slave_0: left promiscuous mode
[  155.315320][T10843] hsr_slave_1: left promiscuous mode
[  155.361872][   T40] audit: type=1400 audit(155.278:9520): avc:  denied  { read append } for  pid=10845 comm="syz.1.1391" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  155.456218][   T40] audit: type=1400 audit(155.378:9521): avc:  denied  { read write } for  pid=10771 comm="syz.4.1376" name="lp0" dev="devtmpfs" ino=3108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  155.469457][   T40] audit: type=1400 audit(155.378:9522): avc:  denied  { open } for  pid=10771 comm="syz.4.1376" path="/dev/usb/lp0" dev="devtmpfs" ino=3108 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  155.520818][T10846] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  155.524017][T10846] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  155.536173][T10846] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  155.539740][T10846] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  155.541970][T10846] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  155.545327][T10846] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  155.548498][T10846] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  155.550403][T10846] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  155.567242][T10846] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  155.637377][T10861] loop5: detected capacity change from 0 to 7
[  155.640512][T10861] Dev loop5: unable to read RDB block 7
[  155.642693][T10861]  loop5: unable to read partition table
[  155.644576][T10861] loop5: partition table beyond EOD, truncated
[  155.647314][T10861] loop_reread_partitions: partition scan of loop5 (�被x������ ) failed (rc=-5)
[  155.668012][T10773] nfs4: Unknown parameter 'rdma'
[  155.692016][T10866] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  156.688303][T10920] netlink: 'syz.5.1402': attribute type 1 has an invalid length.
[  156.691528][T10920] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1402'.
[  156.703749][ T6009] usb 9-1: USB disconnect, device number 13
[  156.737218][ T6009] usblp0: removed
[  156.774535][T10927] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  156.781638][T10925] syzkaller0: entered promiscuous mode
[  156.781934][T10927] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1405'.
[  156.783421][T10925] syzkaller0: entered allmulticast mode
[  156.786426][T10927] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1405'.
[  157.555073][ T5286] Bluetooth: hci3: command 0x0c1a tx timeout
[  157.555090][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  157.625075][ T5286] Bluetooth: hci2: command 0x0c1a tx timeout
[  157.637304][T10925] ceph: No mds server is up or the cluster is laggy
[  157.674615][   T40] audit: type=1400 audit(157.588:9523): avc:  denied  { getopt } for  pid=10961 comm="syz.1.1415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  157.797804][   T40] audit: type=1400 audit(157.718:9524): avc:  denied  { setopt } for  pid=10970 comm="syz.1.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  157.825571][T10971] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10971 comm=syz.1.1417
[  157.936748][T10975] netlink: 'syz.1.1418': attribute type 1 has an invalid length.
[  158.317027][T10984] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  158.320720][T10984] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  158.322770][T10984] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  158.565184][ T7546] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  158.715116][ T7546] usb 9-1: Using ep0 maxpacket: 32
[  158.722789][ T7546] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.729489][ T7546] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.732585][ T7546] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  158.737567][ T7546] usb 9-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  158.740472][ T7546] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.746667][ T7546] usb 9-1: config 0 descriptor??
[  159.402507][T11015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1433'.
[  159.429662][ T7546] usbhid 9-1:0.0: can't add hid device: -71
[  159.433457][ T7546] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  159.438415][ T7546] usb 9-1: USB disconnect, device number 14
[  159.508483][T11022] netlink: 'syz.3.1435': attribute type 21 has an invalid length.
[  159.720730][   T40] audit: type=1400 audit(159.638:9525): avc:  denied  { bind } for  pid=11030 comm="syz.1.1438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  159.803776][   T40] audit: type=1400 audit(159.718:9526): avc:  denied  { append } for  pid=11035 comm="syz.3.1439" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  159.841522][   T40] audit: type=1400 audit(159.768:9527): avc:  denied  { read append } for  pid=11042 comm="syz.3.1441" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  160.265381][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  160.344318][T11055] program syz.5.1446 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  160.345043][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  160.345345][ T5286] Bluetooth: hci2: command 0x0c1a tx timeout
[  160.389644][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  160.389659][   T40] audit: type=1400 audit(160.308:9531): avc:  denied  { wake_alarm } for  pid=11056 comm="syz.5.1447" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  160.518226][T11062] tmpfs: Unknown parameter 'nr_anod�L0o����e�p���!	�rt'
[  160.907705][T11078] bridge0: port 4(veth0_to_bridge) entered blocking state
[  160.910595][T11078] bridge0: port 4(veth0_to_bridge) entered disabled state
[  160.913906][T11078] veth0_to_bridge: entered allmulticast mode
[  160.920622][T11078] veth0_to_bridge: entered promiscuous mode
[  160.922654][T11078] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  160.927768][T11078] bridge0: port 4(veth0_to_bridge) entered blocking state
[  160.930168][T11078] bridge0: port 4(veth0_to_bridge) entered listening state
[  160.988282][T11084] vxcan1 speed is unknown, defaulting to 1000
[  161.074148][T11083] vxcan1 speed is unknown, defaulting to 1000
[  161.266654][T11090] mac80211_hwsim hwsim16 syzkaller0: left promiscuous mode
[  161.269514][T11090] mac80211_hwsim hwsim16 syzkaller0: left allmulticast mode
[  161.272528][   T40] audit: type=1400 audit(161.188:9532): avc:  denied  { ioctl } for  pid=11089 comm="syz.4.1456" path="socket:[43980]" dev="sockfs" ino=43980 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  161.705268][    C2] net_ratelimit: 45 callbacks suppressed
[  161.705286][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  161.714298][    C2] bridge0: port 4(veth0_to_bridge) entered blocking state
[  161.772412][T11120] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1467'.
[  161.776567][T11120] unsupported nlmsg_type 40
[  161.776918][   T40] audit: type=1400 audit(161.708:9533): avc:  denied  { write } for  pid=11117 comm="syz.3.1466" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  161.781423][T11120] netlink: 'syz.4.1467': attribute type 9 has an invalid length.
[  161.790338][   T40] audit: type=1400 audit(161.708:9534): avc:  denied  { ioctl } for  pid=11117 comm="syz.3.1466" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4610 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  161.792336][T11120] netlink: 'syz.4.1467': attribute type 11 has an invalid length.
[  161.805089][T11120] netlink: 'syz.4.1467': attribute type 12 has an invalid length.
[  161.808233][T11120] netlink: 150080 bytes leftover after parsing attributes in process `syz.4.1467'.
[  161.857903][T11123] tmpfs: Unknown parameter 'sie'
[  161.859091][   T40] audit: type=1400 audit(161.778:9535): avc:  denied  { execute } for  pid=11117 comm="syz.3.1466" path="/proc/1098/task/1099/net/vlan/vlan1" dev="proc" ino=4026533698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=file permissive=1
[  161.871912][T11123] netlink: 'syz.4.1468': attribute type 12 has an invalid length.
[  161.881587][T11123] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1468'.
[  161.885540][T11123] xt_time: unknown flags 0xf4
[  161.889196][T11123] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  161.892992][T11123] overlayfs: missing 'lowerdir'
[  162.026326][ T6643] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  162.283686][T11148] sp0: Synchronizing with TNC
[  162.303099][T11146] [U] �
[  162.355684][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  162.422325][   T40] audit: type=1400 audit(162.338:9536): avc:  denied  { getopt } for  pid=11157 comm="syz.3.1478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  162.435014][ T5286] Bluetooth: hci2: command 0x0c1a tx timeout
[  162.437672][   T63] Bluetooth: hci3: command 0x0c1a tx timeout
[  162.442682][   T40] audit: type=1400 audit(162.358:9537): avc:  denied  { ioctl } for  pid=11157 comm="syz.3.1478" path="socket:[44964]" dev="sockfs" ino=44964 ioctlcmd=0x9408 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  162.844461][T11185] sp0: Synchronizing with TNC
[  162.909682][T11193] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1488'.
[  162.913062][T11193] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1488'.
[  162.916923][T11193] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1488'.
[  163.039657][   T40] audit: type=1400 audit(162.948:9538): avc:  denied  { read } for  pid=11179 comm="syz.3.1486" laddr=fe80::f lport=56860 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  163.061676][T11197] vxcan1 speed is unknown, defaulting to 1000
[  163.537489][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1502'.
[  163.798762][T11247] netlink: 168 bytes leftover after parsing attributes in process `syz.5.1506'.
[  163.860482][T11255] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=4092076807 (65473228912 ns) > initial count (8987408032 ns). Using initial count to start timer.
[  163.904208][T11255] netlink: 'syz.3.1508': attribute type 21 has an invalid length.
[  163.910499][   T40] audit: type=1400 audit(163.828:9539): avc:  denied  { ioctl } for  pid=11250 comm="syz.1.1509" path="socket:[45784]" dev="sockfs" ino=45784 ioctlcmd=0x4947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  164.013929][T11272] overlayfs: invalid origin (0000)
[  164.166233][   T40] audit: type=1804 audit(164.078:9540): pid=11284 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.1519" name="/newroot/200/file0/file0" dev="9p" ino=72613993 res=1 errno=0
[  164.217020][T11293] pim6reg: entered allmulticast mode
[  165.117568][T11318] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  165.324669][T11333] macsec1: entered promiscuous mode
[  165.585072][T11351] dlm: Unknown command passed to DLM device : 33
[  165.585072][T11351] 
[  165.805782][   T63] Bluetooth: hci3: unexpected event for opcode 0x0413
[  166.454506][T11363] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  166.469518][T11359] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1540'.
[  166.474669][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  166.474678][   T40] audit: type=1400 audit(166.388:9544): avc:  denied  { getopt } for  pid=11357 comm="syz.1.1540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  166.546746][   T40] audit: type=1400 audit(166.468:9545): avc:  denied  { watch_sb } for  pid=11373 comm="syz.5.1542" path="/206/file0" dev="tmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  166.683005][T11376] netlink: 'syz.4.1543': attribute type 3 has an invalid length.
[  166.686235][T11377] netlink: 'syz.4.1543': attribute type 3 has an invalid length.
[  166.698791][T11379] xt_l2tp: wrong L2TP version: 0
[  166.746338][T11379] vxcan1 speed is unknown, defaulting to 1000
[  166.790509][T11389] exFAT-fs (nullb0): mounting with "discard" option, but the device does not support discard
[  166.796833][T11389] exFAT-fs (nullb0): invalid boot record signature
[  166.799523][T11389] exFAT-fs (nullb0): failed to read boot sector
[  166.801891][T11389] exFAT-fs (nullb0): failed to recognize exfat type
[  166.804561][T11389] netlink: 'syz.4.1547': attribute type 21 has an invalid length.
[  166.807459][T11389] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1547'.
[  166.842423][T11389] XFS (nullb0): Invalid superblock magic number
[  166.959480][T11406] netlink: 'syz.5.1550': attribute type 1 has an invalid length.
[  166.974231][T11406] 8021q: adding VLAN 0 to HW filter on device bond2
[  166.991698][T11406] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11406 comm=syz.5.1550
[  167.350540][T11426] ksmbd: Daemon and kernel module version mismatch. ksmbd: 245, kernel module: 1. User-space ksmbd should terminate.
[  167.990675][   T40] audit: type=1400 audit(167.908:9546): avc:  denied  { append } for  pid=11452 comm="syz.3.1567" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  169.005242][ T2304] usb 9-1: new low-speed USB device number 15 using dummy_hcd
[  169.035133][   T40] audit: type=1400 audit(168.958:9547): avc:  denied  { kexec_image_load } for  pid=11468 comm="syz.3.1571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  169.036078][T11469] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1571'.
[  169.104377][T11470] input: syz0 as /devices/virtual/input/input28
[  169.107363][T11470] input: failed to attach handler leds to device input28, error: -6
[  169.145095][   T63] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  169.197222][ T2304] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.200982][ T2304] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  169.204350][ T2304] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  169.210512][ T2304] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10496, setting to 8
[  169.214543][ T2304] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  169.222421][ T2304] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.225319][ T7546] IPVS: starting estimator thread 0...
[  169.227418][T11467] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  169.234695][ T2304] hub 9-1:1.0: bad descriptor, ignoring hub
[  169.237042][ T2304] hub 9-1:1.0: probe with driver hub failed with error -5
[  169.239756][ T2304] cdc_wdm 9-1:1.0: skipping garbage
[  169.241254][ T2304] cdc_wdm 9-1:1.0: skipping garbage
[  169.252093][ T2304] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  169.253828][ T2304] cdc_wdm 9-1:1.0: Unknown control protocol
[  169.316244][T11475] IPVS: using max 43 ests per chain, 103200 per kthread
[  169.431492][   T40] audit: type=1400 audit(169.348:9548): avc:  denied  { read write } for  pid=11466 comm="syz.4.1570" name="cdc-wdm0" dev="devtmpfs" ino=3126 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  169.441953][   T40] audit: type=1400 audit(169.348:9549): avc:  denied  { open } for  pid=11466 comm="syz.4.1570" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3126 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  169.876214][ T5286] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  169.879241][ T5286] Bluetooth: hci3: Injecting HCI hardware error event
[  169.883335][ T5286] Bluetooth: hci3: hardware error 0x00
[  169.985222][T11467] usb 9-1: reset low-speed USB device number 15 using dummy_hcd
[  170.096653][T11504] vxcan1 speed is unknown, defaulting to 1000
[  170.282102][T11489] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  170.290420][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  170.292619][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  170.295412][    C1] cdc_wdm 9-1:1.0: nonzero urb status received: -71
[  170.298204][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes
[  170.300283][    C1] cdc_wdm 9-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  170.492534][T11467] MINIX-fs: blocksize too small for device
[  170.501988][T11467] openvswitch: netlink: Tunnel attr 3 has unexpected len 0 expected 1
[  170.528054][T11521] netlink: 'syz.5.1583': attribute type 4 has an invalid length.
[  170.531666][T11522] netlink: 'syz.5.1583': attribute type 4 has an invalid length.
[  170.570247][   T40] audit: type=1400 audit(170.488:9550): avc:  denied  { read write } for  pid=11466 comm="syz.4.1570" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  170.585149][   T40] audit: type=1400 audit(170.488:9551): avc:  denied  { open } for  pid=11466 comm="syz.4.1570" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  170.638450][T11528] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  170.641538][T11528] IPv6: NLM_F_CREATE should be set when creating new route
[  170.686938][ T7546] usb 9-1: USB disconnect, device number 15
[  171.425625][T11561] netlink: 'syz.1.1597': attribute type 1 has an invalid length.
[  171.449969][T11561] bond4: entered promiscuous mode
[  171.452150][T11561] 8021q: adding VLAN 0 to HW filter on device bond4
[  171.467013][T11561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1597'.
[  171.470077][T11561] bond4: entered allmulticast mode
[  171.488947][T11561] bond4: (slave bridge2): making interface the new active one
[  171.492275][T11561] bridge2: entered promiscuous mode
[  171.494763][T11561] bridge2: entered allmulticast mode
[  171.499592][T11561] bond4: (slave bridge2): Enslaving as an active interface with an up link
[  171.924092][   T40] audit: type=1400 audit(171.838:9552): avc:  denied  { ioctl } for  pid=11600 comm="syz.3.1610" path="socket:[49639]" dev="sockfs" ino=49639 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  171.945630][ T5286] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  172.003986][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1613'.
[  172.004722][T11608] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1612'.
[  172.010020][T11606] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1613'.
[  172.016168][T11608] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1612'.
[  172.023900][T11608] xt_hashlimit: max too large, truncated to 1048576
[  172.027084][T11608] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  172.119421][   T40] audit: type=1400 audit(172.038:9553): avc:  denied  { write } for  pid=11615 comm="syz.1.1616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  172.145658][T11619] kAFS: unable to lookup cell '/,c��L'
[  172.159065][T11616] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  172.163202][T11616] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.185607][T11619] vxcan1 speed is unknown, defaulting to 1000
[  172.225721][T11616] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  172.229129][T11616] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.321337][T11616] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  172.326981][T11616] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.396828][T11616] netdevsim netdevsim1 ������ (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  172.401069][T11616] netdevsim netdevsim1 ������ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.509230][ T6659] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  172.513479][ T6659] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  172.540533][ T6659] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  172.549048][ T6659] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  172.567998][ T6659] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  172.572540][ T6659] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  172.589242][   T74] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  172.592820][   T74] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  172.764170][T11633] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  172.768237][T11633] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  172.846323][T11646] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11646 comm=syz.5.1624
[  172.867627][T11648] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1625'.
[  172.870457][T11648] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1625'.
[  172.874624][T11648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.877875][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.884439][T11648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.887956][ T6659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.895373][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.904118][T11648] comedi comedi0: comedi_config --init_data is deprecated
[  172.922603][T11647] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.926192][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.947903][T11650] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1626'.
[  172.986860][T11650] overlayfs: missing 'lowerdir'
[  172.987750][   T40] audit: type=1400 audit(172.908:9554): avc:  denied  { mounton } for  pid=11649 comm="syz.5.1626" path="/bus" dev="bpf" ino=50314 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  173.106114][T11668] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.154228][T11674] sock: sock_set_timeout: `syz.3.1633' (pid 11674) tries to set negative timeout
[  173.172503][T11676] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  173.174640][T11676] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  173.177654][T11676] vhci_hcd vhci_hcd.0: Device attached
[  173.182818][T11676] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5)
[  173.185171][T11676] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  173.188851][T11676] vhci_hcd vhci_hcd.0: Device attached
[  173.199840][T11676] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(11)
[  173.201998][T11676] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  173.204557][T11676] vhci_hcd vhci_hcd.0: Device attached
[  173.208861][T11681] vhci_hcd: connection closed
[  173.211901][T11679] vhci_hcd: connection closed
[  173.212623][   T12] vhci_hcd vhci_hcd.5: stop threads
[  173.213942][T11677] vhci_hcd: connection closed
[  173.215188][   T12] vhci_hcd vhci_hcd.5: release socket
[  173.215203][   T12] vhci_hcd vhci_hcd.5: disconnect device
[  173.222187][   T40] audit: type=1400 audit(173.138:9555): avc:  denied  { create } for  pid=11683 comm="syz.3.1635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  173.235360][   T40] audit: type=1400 audit(173.138:9556): avc:  denied  { bind } for  pid=11683 comm="syz.3.1635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  173.236646][   T12] vhci_hcd vhci_hcd.5: stop threads
[  173.246083][   T12] vhci_hcd vhci_hcd.5: release socket
[  173.247934][   T12] vhci_hcd vhci_hcd.5: disconnect device
[  173.249957][   T12] vhci_hcd vhci_hcd.5: stop threads
[  173.251746][   T12] vhci_hcd vhci_hcd.5: release socket
[  173.253602][   T12] vhci_hcd vhci_hcd.5: disconnect device
[  173.456960][T11704] netlink: 208240 bytes leftover after parsing attributes in process `syz.1.1640'.
[  173.525000][T11711] sp0: Synchronizing with TNC
[  173.531765][T11711] netlink: 'syz.1.1642': attribute type 1 has an invalid length.
[  173.544374][T11711] 8021q: adding VLAN 0 to HW filter on device bond5
[  173.558791][T11711] bond5: (slave geneve2): making interface the new active one
[  173.562189][T11711] bond5: (slave geneve2): Enslaving as an active interface with an up link
[  173.569510][T11710] [U] �
[  173.670527][T11714] fuse: Unknown parameter 'f�|�xPN���5���d'
[  173.678874][T11714] GUP no longer grows the stack in syz.1.1643 (11714): 200000007000-20000000a000 (200000004000)
[  173.683782][T11714] CPU: 3 UID: 0 PID: 11714 Comm: syz.1.1643 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  173.683813][T11714] Tainted: [L]=SOFTLOCKUP
[  173.683820][T11714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  173.683832][T11714] Call Trace:
[  173.683839][T11714]  <TASK>
[  173.683847][T11714]  dump_stack_lvl+0x100/0x190
[  173.683895][T11714]  gup_vma_lookup.cold+0x83/0x96
[  173.683923][T11714]  __get_user_pages+0x241/0x34d0
[  173.683960][T11714]  ? xdp_umem_create+0x648/0x11e0
[  173.683989][T11714]  ? xsk_setsockopt+0x7d8/0xab0
[  173.684017][T11714]  ? do_sock_setsockopt+0xf3/0x1d0
[  173.684044][T11714]  ? __pfx___get_user_pages+0x10/0x10
[  173.684071][T11714]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.684099][T11714]  __gup_longterm_locked+0x279/0x16f0
[  173.684125][T11714]  ? __lock_acquire+0x480/0x2630
[  173.684155][T11714]  ? __pfx___gup_longterm_locked+0x10/0x10
[  173.684197][T11714]  pin_user_pages+0x13c/0x160
[  173.684227][T11714]  ? __pfx_pin_user_pages+0x10/0x10
[  173.684265][T11714]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  173.684292][T11714]  ? security_capable+0x70/0x260
[  173.684327][T11714]  xdp_umem_create+0x723/0x11e0
[  173.684356][T11714]  xsk_setsockopt+0x7d8/0xab0
[  173.684387][T11714]  ? __pfx_xsk_setsockopt+0x10/0x10
[  173.684415][T11714]  ? find_held_lock+0x2b/0x80
[  173.684437][T11714]  ? __fget_files+0x215/0x3d0
[  173.684469][T11714]  ? selinux_socket_setsockopt+0x6a/0x80
[  173.684493][T11714]  ? __pfx_xsk_setsockopt+0x10/0x10
[  173.684524][T11714]  do_sock_setsockopt+0xf3/0x1d0
[  173.684552][T11714]  __sys_setsockopt+0x195/0x220
[  173.684578][T11714]  __x64_sys_setsockopt+0xbd/0x160
[  173.684597][T11714]  ? do_syscall_64+0x95/0xf80
[  173.684619][T11714]  ? lockdep_hardirqs_on+0x78/0x100
[  173.684642][T11714]  do_syscall_64+0x106/0xf80
[  173.684663][T11714]  ? clear_bhb_loop+0x40/0x90
[  173.684687][T11714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.684706][T11714] RIP: 0033:0x7f88ca99bf79
[  173.684723][T11714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.684741][T11714] RSP: 002b:00007f88cb935028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  173.684760][T11714] RAX: ffffffffffffffda RBX: 00007f88cac15fa0 RCX: 00007f88ca99bf79
[  173.684771][T11714] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000006
[  173.684782][T11714] RBP: 00007f88caa327e0 R08: 0000000000000020 R09: 0000000000000000
[  173.684794][T11714] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000
[  173.684806][T11714] R13: 00007f88cac16038 R14: 00007f88cac15fa0 R15: 00007ffc4b0c6df8
[  173.684833][T11714]  </TASK>
[  173.808926][T11714] x_tables: ip_tables: osf match: only valid for protocol 6
[  173.814300][   T40] audit: type=1400 audit(173.728:9557): avc:  denied  { create } for  pid=11713 comm="syz.1.1643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  173.957746][T11729] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  173.962264][T11729] qnx6: wrong signature (magic) in superblock #1.
[  173.970315][T11729] qnx6: unable to read the first superblock
[  173.974493][T11732] MTD: Attempt to mount non-MTD device "/dev/sr0"
[  173.974869][   T40] audit: type=1400 audit(173.888:9558): avc:  denied  { mounton } for  pid=11731 comm="syz.5.1650" path="/syzcgroup/unified/syz5" dev="pstore" ino=7345 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1
[  173.990397][T11732] cramfs: wrong magic
[  174.078719][T11740] netlink: 'syz.5.1653': attribute type 1 has an invalid length.
[  174.081240][T11740] netlink: 'syz.5.1653': attribute type 4 has an invalid length.
[  174.084064][T11740] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.1653'.
[  174.090047][T11742] random: crng reseeded on system resumption
[  174.090322][   T40] audit: type=1400 audit(174.018:9559): avc:  denied  { ioctl } for  pid=11741 comm="syz.1.1654" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  174.129577][T11745] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1655'.
[  174.191102][T11749] vxcan1 speed is unknown, defaulting to 1000
[  174.362265][   T40] audit: type=1400 audit(174.278:9560): avc:  denied  { bind } for  pid=11759 comm="syz.5.1661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  174.597668][   T40] audit: type=1400 audit(174.518:9561): avc:  denied  { map } for  pid=11776 comm="syz.5.1668" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  174.745298][ T5286] Bluetooth: hci1: command 0x0c1a tx timeout
[  174.827724][ T5286] Bluetooth: hci2: command 0x0c1a tx timeout
[  175.509571][ T1459] IPVS: starting estimator thread 0...
[  175.595459][T11836] IPVS: using max 20 ests per chain, 48000 per kthread
[  175.627704][ T6659] net_ratelimit: 12 callbacks suppressed
[  175.627721][ T6659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.648920][T11846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.052733][T11880] netlink: 'syz.5.1716': attribute type 8 has an invalid length.
[  176.060602][T11880] bond0: entered promiscuous mode
[  176.062747][T11880] bond_slave_0: entered promiscuous mode
[  176.065656][T11880] bond_slave_1: entered promiscuous mode
[  176.069846][T11880] gretap0: entered promiscuous mode
[  176.073009][T11880] veth1_to_bond: entered promiscuous mode
[  176.076291][T11880] debugfs: 'hsr0' already exists in 'hsr'
[  176.078265][T11880] Cannot create hsr debugfs directory
[  176.080562][T11880] hsr0: entered promiscuous mode
[  176.266617][   T74] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.300985][T11900] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  177.629552][T11969] __nla_validate_parse: 7 callbacks suppressed
[  177.629563][T11969] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1755'.
[  177.638354][T11969] bond_slave_0: entered promiscuous mode
[  177.640502][T11969] bond_slave_1: entered promiscuous mode
[  177.642451][T11969] macsec2: entered promiscuous mode
[  177.644170][T11969] bond0: entered promiscuous mode
[  177.646484][T11969] macsec2: entered allmulticast mode
[  177.648589][T11969] bond0: entered allmulticast mode
[  177.650593][T11969] bond_slave_0: entered allmulticast mode
[  177.652683][T11969] bond_slave_1: entered allmulticast mode
[  177.658485][T11969] bond0: left allmulticast mode
[  177.660211][T11969] bond_slave_0: left allmulticast mode
[  177.662050][T11969] bond_slave_1: left allmulticast mode
[  177.663907][T11969] bond0: left promiscuous mode
[  177.666790][T11969] bond_slave_0: left promiscuous mode
[  177.668585][T11969] bond_slave_1: left promiscuous mode
[  178.060656][T11990] vxcan1 speed is unknown, defaulting to 1000
[  178.185285][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.201146][ T1148] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.277170][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  178.277185][   T40] audit: type=1400 audit(178.198:9569): avc:  denied  { map } for  pid=12005 comm="syz.3.1771" path="socket:[50636]" dev="sockfs" ino=50636 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  178.298356][   T40] audit: type=1400 audit(178.198:9570): avc:  denied  { accept } for  pid=12005 comm="syz.3.1771" path="socket:[50636]" dev="sockfs" ino=50636 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  178.324090][ T7546] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.327912][ T7546] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.331333][ T7546] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.334843][ T7546] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.339255][ T7546] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.040325][   T40] audit: type=1400 audit(179.958:9571): avc:  denied  { bind } for  pid=12059 comm="syz.5.1794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  180.095073][   T40] audit: type=1400 audit(180.008:9572): avc:  denied  { write } for  pid=12059 comm="syz.5.1794" path="socket:[50109]" dev="sockfs" ino=50109 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  180.142628][   T40] audit: type=1400 audit(180.058:9573): avc:  denied  { read } for  pid=12059 comm="syz.5.1794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  180.503079][T12083] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1804'.
[  180.922304][T12096] net_ratelimit: 1021 callbacks suppressed
[  180.922316][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.931627][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.936654][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.941397][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.948992][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.955116][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.962733][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.970058][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.976015][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  180.980598][T12096] batman_adv: batadv0: Local translation table size (128) exceeds maximum packet size (-320); Ignoring new local tt entry: 26:8c:b8:9e:14:f0
[  181.280775][T12008] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  181.765282][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  181.878094][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  182.026690][   T40] audit: type=1400 audit(181.948:9574): avc:  denied  { egress } for  pid=15 comm="ksoftirqd/0" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  182.033613][   T40] audit: type=1400 audit(181.948:9575): avc:  denied  { sendto } for  pid=15 comm="ksoftirqd/0" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  182.210877][   T40] audit: type=1400 audit(182.128:9576): avc:  denied  { write } for  pid=12147 comm="syz.3.1832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  182.443349][T12174] mac80211_hwsim hwsim16 syzkaller0: entered promiscuous mode
[  182.447108][T12174] mac80211_hwsim hwsim16 syzkaller0: entered allmulticast mode
[  183.377346][   T40] audit: type=1400 audit(183.298:9577): avc:  denied  { read } for  pid=12238 comm="syz.5.1873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  183.592731][   T40] audit: type=1400 audit(183.508:9578): avc:  denied  { read } for  pid=12255 comm="syz.3.1879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  183.954272][T12277] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1890'.
[  183.996170][T12279] usb usb5: usbfs: process 12279 (syz.4.1891) did not claim interface 0 before use
[  184.187492][   T40] audit: type=1400 audit(184.108:9579): avc:  denied  { accept } for  pid=12296 comm="syz.1.1898" lport=39703 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  184.195066][   T40] audit: type=1400 audit(184.108:9580): avc:  denied  { read } for  pid=12296 comm="syz.1.1898" lport=39703 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  184.245879][   T40] audit: type=1400 audit(184.168:9581): avc:  denied  { setopt } for  pid=12296 comm="syz.1.1898" lport=39703 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  184.464344][T12313] ieee802154 phy1 wpan1: encryption failed: -22
[  184.992490][T12341] random: crng reseeded on system resumption
[  185.064304][T12345] vxcan1 speed is unknown, defaulting to 1000
[  185.204380][T12346] 9p: Could not find request transport: tcp*por0000000004e22
[  185.921850][T12392] netlink: 'syz.3.1937': attribute type 10 has an invalid length.
[  185.925338][T12392] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1937'.
[  185.929016][T12392] team0: entered promiscuous mode
[  185.930578][T12392] team_slave_0: entered promiscuous mode
[  185.932601][T12392] team_slave_1: entered promiscuous mode
[  185.934734][T12392] team0: entered allmulticast mode
[  185.937222][T12392] team_slave_0: entered allmulticast mode
[  185.939683][T12392] team_slave_1: entered allmulticast mode
[  185.942705][T12392] bridge0: port 2(team0) entered blocking state
[  185.947286][T12392] bridge0: port 2(team0) entered disabled state
[  185.952744][T12392] bridge0: port 2(team0) entered blocking state
[  185.954705][T12392] bridge0: port 2(team0) entered forwarding state
[  186.532150][T12415] xt_hashlimit: size too large, truncated to 1048576
[  186.697436][T12420] netlink: 'syz.1.1948': attribute type 29 has an invalid length.
[  186.702414][T12420] netlink: 'syz.1.1948': attribute type 29 has an invalid length.
[  186.922337][   T40] audit: type=1400 audit(186.838:9582): avc:  denied  { read } for  pid=12433 comm="syz.1.1955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  187.050416][T12447] net_ratelimit: 1540 callbacks suppressed
[  187.050435][T12447] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.069750][T12451] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=288 sclass=netlink_route_socket pid=12451 comm=syz.1.1963
[  187.088804][T12451] netlink: 'syz.1.1963': attribute type 6 has an invalid length.
[  187.089876][T12454] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1964'.
[  187.114315][   T40] audit: type=1326 audit(187.028:9583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12435 comm="syz.3.1956" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd699bf79 code=0x7fc00000
[  187.146456][ T6648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.215409][   T40] audit: type=1400 audit(187.128:9584): avc:  denied  { associate } for  pid=12467 comm="syz.4.1968" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  187.756784][   T40] audit: type=1400 audit(187.678:9585): avc:  denied  { write } for  pid=12495 comm="syz.4.1980" name="file0" dev="tmpfs" ino=1979 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  187.764243][   T40] audit: type=1400 audit(187.678:9586): avc:  denied  { open } for  pid=12495 comm="syz.4.1980" path="/376/file0" dev="tmpfs" ino=1979 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  187.787636][ T6645] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.790990][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.935160][T12509] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1986'.
[  187.939621][T12509] ksmbd: Unknown IPC event: 4, ignore.
[  188.104232][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1992'.
[  188.107346][T12522] netlink: 'syz.3.1992': attribute type 4 has an invalid length.
[  188.139980][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.144167][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.148339][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.151479][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.154645][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.158752][T12523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.501852][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  188.501870][   T40] audit: type=1400 audit(188.418:9591): avc:  denied  { block_suspend } for  pid=12531 comm="syz.1.1995" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  189.353201][T12567] Unsupported ieee802154 address type: 0
[  189.998358][   T53] kernel read not supported for file /vcs (pid: 53 comm: kworker/1:1)
[  190.003598][   T53] kernel read not supported for file /vcs (pid: 53 comm: kworker/1:1)
[  190.418852][T12605] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2025'.
[  190.422672][T12605] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2025'.
[  190.691377][T12627] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2035'.
[  190.784593][T12629] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2036'.
[  190.787719][T12629] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2036'.
[  190.793596][T12629] team0: entered promiscuous mode
[  190.795729][T12629] team_slave_0: entered promiscuous mode
[  190.797893][T12629] team_slave_1: entered promiscuous mode
[  190.800894][T12629] bond0: entered promiscuous mode
[  190.802699][T12629] bond_slave_0: entered promiscuous mode
[  190.804709][T12629] bond_slave_1: entered promiscuous mode
[  190.808255][T12629] 8021q: adding VLAN 0 to HW filter on device hsr1
[  191.083582][   T40] audit: type=1400 audit(191.008:9592): avc:  denied  { getopt } for  pid=12642 comm="syz.3.2043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  191.295607][   T40] audit: type=1400 audit(191.218:9593): avc:  denied  { recv } for  pid=23 comm="ksoftirqd/2" saddr=127.0.0.1 src=30000 daddr=127.0.0.1 dest=49982 netif=lo scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  191.304879][   T40] audit: type=1400 audit(191.218:9594): avc:  denied  { recv } for  pid=23 comm="ksoftirqd/2" saddr=127.0.0.1 src=49982 daddr=127.0.0.1 dest=30000 netif=lo scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  191.316769][   T40] audit: type=1400 audit(191.228:9595): avc:  denied  { create } for  pid=12657 comm="syz.5.2049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  191.324251][   T40] audit: type=1400 audit(191.228:9596): avc:  denied  { ioctl } for  pid=12657 comm="syz.5.2049" path="socket:[52699]" dev="sockfs" ino=52699 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  191.335205][   T40] audit: type=1400 audit(191.228:9597): avc:  denied  { module_request } for  pid=12657 comm="syz.5.2049" kmod="netdev-vcan0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  191.342851][   T40] audit: type=1400 audit(191.248:9598): avc:  denied  { sys_module } for  pid=12657 comm="syz.5.2049" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  191.352479][   T40] audit: type=1400 audit(191.268:9599): avc:  denied  { read write } for  pid=5922 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  191.364083][   T40] audit: type=1400 audit(191.268:9600): avc:  denied  { open } for  pid=5922 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  191.381287][T12663] netlink: 'syz.3.2050': attribute type 1 has an invalid length.
[  192.426541][T12739] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2084'.
[  192.907700][   T74] net_ratelimit: 744 callbacks suppressed
[  192.907717][   T74] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.509732][T12752] sit0: left promiscuous mode
[  193.516580][T12752] bridge0: port 2(team0) entered disabled state
[  193.523543][T12752] wg1: left promiscuous mode
[  193.530811][T12752] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.534949][   T40] kauditd_printk_skb: 64 callbacks suppressed
[  193.534960][   T40] audit: type=1400 audit(193.428:9665): avc:  denied  { create } for  pid=12750 comm="syz.3.2088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  193.543837][   T40] audit: type=1400 audit(193.448:9666): avc:  denied  { connect } for  pid=12753 comm="syz.5.2089" lport=256 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.557853][T12752] vlan2: left promiscuous mode
[  193.564527][   T53] vxcan1 speed is unknown, defaulting to 1000
[  193.565406][ T6643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.590681][   T40] audit: type=1400 audit(193.508:9667): avc:  denied  { setopt } for  pid=12753 comm="syz.5.2089" laddr=172.20.20.10 lport=256 faddr=172.20.20.187 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  193.658231][   T40] audit: type=1400 audit(193.578:9668): avc:  denied  { read append } for  pid=12758 comm="syz.5.2091" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  193.681530][   T40] audit: type=1400 audit(193.578:9669): avc:  denied  { open } for  pid=12758 comm="syz.5.2091" path="/dev/input/event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  193.706247][   T40] audit: type=1400 audit(193.578:9670): avc:  denied  { ioctl } for  pid=12758 comm="syz.5.2091" path="/dev/input/event0" dev="devtmpfs" ino=941 ioctlcmd=0x4509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  193.739962][   T40] audit: type=1400 audit(193.658:9671): avc:  denied  { write } for  pid=12760 comm="syz.5.2092" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  193.750957][   T40] audit: type=1400 audit(193.668:9672): avc:  denied  { open } for  pid=12760 comm="syz.5.2092" path="/dev/ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  193.759729][   T40] audit: type=1400 audit(193.668:9673): avc:  denied  { ioctl } for  pid=12760 comm="syz.5.2092" path="/dev/ptp0" dev="devtmpfs" ino=729 ioctlcmd=0x3d10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  194.185767][   T74] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.189340][ T6643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.348940][T12778] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2100'.
[  194.375172][   T40] audit: type=1400 audit(194.298:9674): avc:  denied  { read } for  pid=12779 comm="syz.5.2101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  194.902183][T12807] xt_hashlimit: size too large, truncated to 1048576
[  194.956595][T12809] xt_hashlimit: size too large, truncated to 1048576
[  195.025002][ T7546] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  195.061325][T12818] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.210936][ T7546] usb 10-1: unable to read config index 0 descriptor/start: -71
[  195.215317][ T7546] usb 10-1: can't read configurations, error -71
[  196.183462][   T53] Process accounting resumed
[  196.206778][T12838] Process accounting resumed
[  196.331759][T12842] syzkaller0: entered promiscuous mode
[  196.334001][T12842] syzkaller0: entered allmulticast mode
[  196.702560][T12859] syzkaller0: entered promiscuous mode
[  196.704462][T12859] syzkaller0: entered allmulticast mode
[  196.842968][T12865] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2137'.
[  197.388399][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.753686][T12894] syzkaller0: entered promiscuous mode
[  197.755821][T12894] syzkaller0: entered allmulticast mode
[  198.290541][T12926] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2163'.
[  198.294572][T12926] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2163'.
[  198.351579][T12930] syzkaller0: entered promiscuous mode
[  198.353439][T12930] syzkaller0: entered allmulticast mode
[  198.581971][   T40] kauditd_printk_skb: 36 callbacks suppressed
[  198.581988][   T40] audit: type=1400 audit(198.498:9711): avc:  denied  { read write } for  pid=12942 comm="syz.5.2169" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  198.635782][   T40] audit: type=1400 audit(198.498:9712): avc:  denied  { open } for  pid=12942 comm="syz.5.2169" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  198.647474][   T40] audit: type=1400 audit(198.548:9713): avc:  denied  { create } for  pid=12945 comm="syz.5.2170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  198.657058][   T40] audit: type=1400 audit(198.558:9714): avc:  denied  { bind } for  pid=12947 comm="syz.1.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  198.667422][   T40] audit: type=1400 audit(198.558:9715): avc:  denied  { setopt } for  pid=12947 comm="syz.1.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  198.677092][   T74] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.681245][   T40] audit: type=1400 audit(198.558:9716): avc:  denied  { write } for  pid=12945 comm="syz.5.2170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  198.690968][   T40] audit: type=1400 audit(198.558:9717): avc:  denied  { nlmsg_write } for  pid=12945 comm="syz.5.2170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  198.780099][   T40] audit: type=1400 audit(198.698:9718): avc:  denied  { connect } for  pid=12955 comm="syz.5.2174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  198.788709][   T40] audit: type=1400 audit(198.698:9719): avc:  denied  { write } for  pid=12955 comm="syz.5.2174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  199.212896][T12967] loop6: detected capacity change from 0 to 8
[  199.305753][ T6648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.307911][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  199.309207][ T6648] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.413919][T12711] Dev loop6: unable to read RDB block 8
[  199.415469][T12971] 
[  199.416167][T12711]  loop6: unable to read partition table
[  199.416824][T12971] ======================================================
[  199.418800][T12711] loop6: partition table beyond EOD, 
[  199.421209][T12971] WARNING: possible circular locking dependency detected
[  199.421223][T12971] syzkaller #0 Tainted: G             L     
[  199.421233][T12971] ------------------------------------------------------
[  199.421238][T12971] syz.4.2179/12971 is trying to acquire lock:
[  199.423044][T12711] truncated
[  199.425675][T12971] ffff88801caeea20 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9c/0xf0
[  199.425710][T12971] 
[  199.425710][T12971] but task is already holding lock:
[  199.425714][T12971] ffff888028920060 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  199.425746][T12971] 
[  199.425746][T12971] which lock already depends on the new lock.
[  199.425746][T12971] 
[  199.425749][T12971] 
[  199.425749][T12971] the existing dependency chain (in reverse order) is:
[  199.425764][T12971] 
[  199.425764][T12971] -> #2 (&q->q_usage_counter(io)#23){++++}-{0:0}:
[  199.425784][T12971]        blk_alloc_queue+0x610/0x790
[  199.425796][T12971]        blk_mq_alloc_queue+0x174/0x290
[  199.459593][T12971]        __blk_mq_alloc_disk+0x29/0x120
[  199.461390][T12971]        loop_add+0x498/0xb60
[  199.463350][T12971]        loop_init+0x1d3/0x200
[  199.465332][T12971]        do_one_initcall+0x11d/0x760
[  199.467177][T12971]        kernel_init_freeable+0x6e5/0x7a0
[  199.469470][T12971]        kernel_init+0x1f/0x1e0
[  199.471469][T12971]        ret_from_fork+0x754/0xd80
[  199.473189][T12971]        ret_from_fork_asm+0x1a/0x30
[  199.475278][T12971] 
[  199.475278][T12971] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  199.477972][T12971]        fs_reclaim_acquire+0xc4/0x100
[  199.480049][T12971]        kmem_cache_alloc_noprof+0x4c/0x6e0
[  199.482455][T12971]        __kernfs_iattrs+0x126/0x400
[  199.484207][T12971]        __kernfs_setattr+0x4d/0x3c0
[  199.486370][T12971]        kernfs_iop_setattr+0xda/0x130
[  199.488467][T12971]        notify_change+0xb25/0x1330
[  199.490375][T12971]        do_truncate+0x1df/0x240
[  199.492416][T12971]        path_openat+0x2a55/0x31a0
[  199.494237][T12971]        do_file_open+0x20e/0x430
[  199.496134][T12971]        do_sys_openat2+0x10d/0x1e0
[  199.498221][T12971]        __x64_sys_openat+0x12d/0x210
[  199.500126][T12971]        do_syscall_64+0x106/0xf80
[  199.502117][T12971]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.504741][T12971] 
[  199.504741][T12971] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  199.507795][T12971]        __lock_acquire+0x14b8/0x2630
[  199.509962][T12971]        lock_acquire+0x1cf/0x380
[  199.511723][T12971]        down_read+0x99/0x460
[  199.513530][T12971]        kernfs_iop_getattr+0x9c/0xf0
[  199.515766][T12971]        vfs_getattr_nosec+0x2d4/0x430
[  199.517681][T12971]        vfs_getattr+0x4a/0x60
[  199.519637][T12971]        loop_query_min_dio_size.isra.0+0x117/0x250
[  199.522258][T12971]        lo_ioctl+0x13aa/0x1bc0
[  199.523934][T12971]        blkdev_ioctl+0x5ad/0x6f0
[  199.526040][T12971]        __x64_sys_ioctl+0x18e/0x210
[  199.527977][T12971]        do_syscall_64+0x106/0xf80
[  199.529905][T12971]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.532505][T12971] 
[  199.532505][T12971] other info that might help us debug this:
[  199.532505][T12971] 
[  199.536217][T12971] Chain exists of:
[  199.536217][T12971]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#23
[  199.536217][T12971] 
[  199.541597][T12971]  Possible unsafe locking scenario:
[  199.541597][T12971] 
[  199.544610][T12971]        CPU0                    CPU1
[  199.546446][T12971]        ----                    ----
[  199.548631][T12971]   lock(&q->q_usage_counter(io)#23);
[  199.550785][T12971]                                lock(fs_reclaim);
[  199.553143][T12971]                                lock(&q->q_usage_counter(io)#23);
[  199.556346][T12971]   rlock(&root->kernfs_iattr_rwsem);
[  199.558168][T12971] 
[  199.558168][T12971]  *** DEADLOCK ***
[  199.558168][T12971] 
[  199.561439][T12971] 3 locks held by syz.4.2179/12971:
[  199.563171][T12971]  #0: ffff888028a1f448 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_global_lock_killable+0x30/0xb0
[  199.567248][T12971]  #1: ffff888028920060 (&q->q_usage_counter(io)#23){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  199.571601][T12971]  #2: ffff888028920098 (&q->q_usage_counter(queue)#7){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  199.576030][T12971] 
[  199.576030][T12971] stack backtrace:
[  199.578450][T12971] CPU: 1 UID: 0 PID: 12971 Comm: syz.4.2179 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  199.578476][T12971] Tainted: [L]=SOFTLOCKUP
[  199.578483][T12971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  199.578493][T12971] Call Trace:
[  199.578500][T12971]  <TASK>
[  199.578508][T12971]  dump_stack_lvl+0x100/0x190
[  199.578536][T12971]  print_circular_bug.cold+0x178/0x1c7
[  199.578561][T12971]  check_noncircular+0x146/0x160
[  199.578585][T12971]  __lock_acquire+0x14b8/0x2630
[  199.578612][T12971]  lock_acquire+0x1cf/0x380
[  199.578634][T12971]  ? kernfs_iop_getattr+0x9c/0xf0
[  199.578652][T12971]  ? __pfx___might_resched+0x10/0x10
[  199.578669][T12971]  down_read+0x99/0x460
[  199.578690][T12971]  ? kernfs_iop_getattr+0x9c/0xf0
[  199.578707][T12971]  ? find_held_lock+0x2b/0x80
[  199.578727][T12971]  ? __pfx_down_read+0x10/0x10
[  199.578747][T12971]  ? kernfs_root+0xee/0x2a0
[  199.578765][T12971]  kernfs_iop_getattr+0x9c/0xf0
[  199.578781][T12971]  vfs_getattr_nosec+0x2d4/0x430
[  199.578805][T12971]  ? __pfx_kernfs_iop_getattr+0x10/0x10
[  199.578823][T12971]  vfs_getattr+0x4a/0x60
[  199.578863][T12971]  loop_query_min_dio_size.isra.0+0x117/0x250
[  199.578886][T12971]  ? __pfx_loop_query_min_dio_size.isra.0+0x10/0x10
[  199.578915][T12971]  lo_ioctl+0x13aa/0x1bc0
[  199.578936][T12971]  ? __pfx_lo_ioctl+0x10/0x10
[  199.578954][T12971]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  199.578972][T12971]  ? kasan_quarantine_put+0x104/0x240
[  199.579017][T12971]  ? blk_get_meta_cap+0xd4/0x6c0
[  199.579045][T12971]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  199.579069][T12971]  ? blkdev_common_ioctl+0x515/0x2ba0
[  199.579089][T12971]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  199.579110][T12971]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  199.579130][T12971]  ? do_vfs_ioctl+0x226/0x13e0
[  199.579148][T12971]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  199.579167][T12971]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  199.579193][T12971]  ? __fget_files+0x215/0x3d0
[  199.579216][T12971]  ? __pfx_lo_ioctl+0x10/0x10
[  199.579234][T12971]  blkdev_ioctl+0x5ad/0x6f0
[  199.579253][T12971]  ? __pfx_blkdev_ioctl+0x10/0x10
[  199.579270][T12971]  ? selinux_file_ioctl+0x139/0x290
[  199.579294][T12971]  ? selinux_file_ioctl+0xb4/0x290
[  199.579316][T12971]  ? __pfx_blkdev_ioctl+0x10/0x10
[  199.579335][T12971]  __x64_sys_ioctl+0x18e/0x210
[  199.579354][T12971]  do_syscall_64+0x106/0xf80
[  199.579372][T12971]  ? clear_bhb_loop+0x40/0x90
[  199.579384][T12971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.579396][T12971] RIP: 0033:0x7f21c6f9bf79
[  199.579406][T12971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  199.579416][T12971] RSP: 002b:00007f21c7e60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  199.579427][T12971] RAX: ffffffffffffffda RBX: 00007f21c7216090 RCX: 00007f21c6f9bf79
[  199.579434][T12971] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000003
[  199.579441][T12971] RBP: 00007f21c70327e0 R08: 0000000000000000 R09: 0000000000000000
[  199.579447][T12971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  199.579453][T12971] R13: 00007f21c7216128 R14: 00007f21c7216090 R15: 00007ffe23828168
[  199.579463][T12971]  </TASK>
[  199.700547][    C1] hpet: Lost 17 RTC interrupts
[  199.703631][T12989] syzkaller0: entered promiscuous mode
[  199.706033][T12989] syzkaller0: entered allmulticast mode
[  199.794425][T12967] Dev loop6: unable to read RDB block 8
[  199.797131][T12967]  loop6: unable to read partition table
[  199.799557][T12967] loop6: partition table beyond EOD, truncated
[  199.802241][T12967] loop_reread_partitions: partition scan of loop6 (�N�h*h�������p��� "�o��?<��ʺ��XD��
b��p0�O{���>.) failed (rc=-5)
[  199.897638][T12971] Dev loop6: unable to read RDB block 8
[  199.899687][T12971]  loop6: unable to read partition table
[  199.901951][T12971] loop6: partition table beyond EOD, truncated
[  199.904061][T12971] loop_reread_partitions: partition scan of loop6 (�N�h*h�������p��� "�o��?<��ʺ��XD��
b��p0�O{���>.) failed (rc=-5)
[  199.946051][ T6645] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.425950][   T40] audit: type=1400 audit(204.348:9720): avc:  denied  { egress } for  pid=1148 comm="kworker/u32:8" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  204.426420][ T1148] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.435496][   T40] audit: type=1400 audit(204.348:9721): avc:  denied  { sendto } for  pid=1148 comm="kworker/u32:8" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  205.065398][ T6643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.068687][ T1148] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.071767][ T1148] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.985727][ T5984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog