last executing test programs:

9.66040582s ago: executing program 0 (id=472):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @remote}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e23}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)
r1 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
ioctl$TUNSETPERSIST(r3, 0x400454c9, 0x5)
ioctl$TUNSETPERSIST(r3, 0x400454cb, 0x200)
ioctl$TUNSETPERSIST(r3, 0x400454cb, 0xfffffffffffffff5)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_SREG={0x8, 0x7, 0x1, 0x0, 0x9}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x94}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$FE_SET_PROPERTY(r1, 0x40106f52, &(0x7f00000000c0)={0x29, &(0x7f0000000100)=[{0x2b, '\x00', @data=0xc42}]})

9.570567133s ago: executing program 0 (id=473):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e6400"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000305000000000007ffffffffffff", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)

9.469293522s ago: executing program 0 (id=474):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0a00001bbbbbbbbbbbbbaaaaaaaaaa2986dd6d002008001811ff20010000000000000000000000001801ff0200000000000000000000000000014f194e20"], 0x52)

9.258891258s ago: executing program 0 (id=478):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newlink={0x30, 0x10, 0x503, 0x200000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x15a11}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x4}}}]}, 0x30}}, 0x44)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000007000000830704ac14140f000001000000fc00000000000000140000000000000001000000410000000000000000000000c62286575f90522351064d780d1c52d0de176582c31a84470dea1f32a5555169cb0656d7a00cc3060f93dab41baff33132c0f253fe016948ac1348fb2e1e901f7e9b36aca23894322663ce0700d8db61811b0e0b41e037fbb1f8216f9cb13988894db31118fa208bb7c3d8f5844d4ab47057977192ef0a8d0d1033"], 0x4c}, 0x4000800)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000000)={'gretap0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x700, 0x700, 0x0, 0xfffffffe, {{0x5, 0x4, 0x0, 0x3, 0x14, 0x68, 0x0, 0x0, 0x2f, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x16}}}}})

9.170107441s ago: executing program 0 (id=480):
openat$kvm(0xffffffffffffff9c, 0x0, 0x202, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x7d4165c9)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x7d4165c9)
listen(r2, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000780)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xc}}, 0x0, 0x0, 0x1d, 0x0, "9c0fe2154aa786d10084ecfbe8e86f7d312fcc8fde38d5823d22fbbb55a7837e5f2329f4d662f2185f18fae43e09d661d12a01669d6eef2e4733c2c29a3c3d16ef45c7c1c8ecfcc76b47d9ab9a573f11"}, 0xd8)
listen(r5, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000680)={@in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x81}}, 0x0, 0x0, 0x40, 0x0, "2b20a1a47cddc63b223be606d7303a4d4d11e10450d766feb63b382d54bab577021cad5de4fe7630a33b6deca160b1267ff02123bc27830000000000ffff40000000000000b5b29049cb65f00300"}, 0xd8)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)

8.93049351s ago: executing program 0 (id=483):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000100)={'\x00', 0xe0000, 0x1, 0x800})
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty}, 0x20)
recvfrom$inet6(r1, 0x0, 0x0, 0x22, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff020000000000"], 0x0)

8.858159031s ago: executing program 32 (id=483):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PTP_PIN_GETFUNC(r0, 0xc0603d06, &(0x7f0000000100)={'\x00', 0xe0000, 0x1, 0x800})
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @empty}, 0x20)
recvfrom$inet6(r1, 0x0, 0x0, 0x22, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff020000000000"], 0x0)

3.420008248s ago: executing program 2 (id=530):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x28, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x1a}, @NFTA_HOOK_DEV={0x14, 0x3, 'netdevsim0\x00'}]}]}], {0x14}}, 0x9c}}, 0x0)

3.36024774s ago: executing program 2 (id=532):
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000008c0)=0x14)
ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000dc0)={'caif0\x00', 0x9})
mount(&(0x7f00000006c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='ext3\x00', 0x204001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b75000905832ee2"], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x4000)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@gettaction={0x18, 0x32, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x4}]}, 0x18}}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0xb, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = dup(r3)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0)
close(r5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r7, 0x0, 0xffdd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r4, 0x5000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x14)
add_key$keyring(&(0x7f00000002c0), 0x0, 0x0, 0x0, r2)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x1c4f, 0x59, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x81, 0x40, 0x8, "", [{{0x9, 0x4, 0x0, 0xf4, 0x1, 0x3, 0x1, 0x3, 0x3, {0x9, 0x21, 0x0, 0x4, 0x1, {0x22, 0x699}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xaa, 0x2, 0x6}}}}}]}}]}}, 0x0)

1.250521339s ago: executing program 2 (id=561):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="480000002e00010000000000060000000400198034"], 0x48}], 0x1, 0x0, 0x0, 0x40004}, 0x300)

1.150537331s ago: executing program 2 (id=562):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@private2, 0x0, 0xfffd, 0x2, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x35fa86a9, 0xffffffffffffffff, 0x8}, {0x0, 0x0, 0x1}}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000}}}}}}, 0x0)

1.099078983s ago: executing program 2 (id=563):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="54010000100033060000000000000000ffffffff000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="040000000000000000000000000000000000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a002300000000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040007"], 0x154}}, 0x0)
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000000))

1.040540363s ago: executing program 2 (id=564):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r1)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0xc0145b0e, &(0x7f0000000100))

579.813609ms ago: executing program 1 (id=565):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000305000000000007ff8c00000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)

510.359655ms ago: executing program 1 (id=567):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x100002, @ipv4={'\x00', '\xff\xff', @empty}, 0x1e}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1, 0x0, 0x0, 0xf000000}}], 0x1, 0x20000014)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000140), 0x0}, 0x20)

440.105054ms ago: executing program 4 (id=568):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000005c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x18, 0x18, &(0x7f0000000480)={@flat=@handle={0x73682a85, 0x10b, 0x1}, @ptr={0x70742a85, 0x1000000, &(0x7f00000006c0)=""/225, 0xe1, 0x2, 0x14}, @flat=@weak_binder={0x77622a85, 0xb, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0})

439.69292ms ago: executing program 4 (id=569):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x301, 0x0, 0xfffffffd, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x800, 0x3, 0xd, 0x6}, 0x29}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x48020}, 0x20000840)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000001c0)={0x4000}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="140000001600010a00000000000000002d"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f00}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x1, 0xffffffffffffffff}}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0xda32}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000003b40), r3)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r3, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="0903e626bd7000ffdbdf25040000c2b7510ca77a238432af940b6c3d2874eb5b7b058b47f98b67345fd459a28438b33e180555a5a36dcc749095c682e8cbffb0ad6362998b4c14f5dba929f3562199c820d761138f158ccfb29dc1c2ba5af5f937f86f24e8513644f394c5d8c7f1a7153a1c3c18fd003732bcadcf0c93ed9bb9000d02f82c15ab9b01ee833d561f82da16742cb7e92feefcd13cb2e5d4b05c5a5e5b4a11fe7838f1c3eb16421667a24900c1284ec939dce74acba4e4b11db8004868aec3fcd828bbaab7d9b393e7"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4040000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000090000000000000000000009050000000e0000000000000e0100000000000000000000000000000d02000000000000000000000d000000000000000000000200000000000000000000005f0000"], 0x0, 0x61, 0xfffffffffffffef2, 0x1}, 0x28)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x301, 0x0, 0xfffffffd, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x800, 0x3, 0xd, 0x6}, 0x29}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x48020}, 0x20000840) (async)
socket(0x10, 0x3, 0x0) (async)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f00000001c0)={0x4000}, 0x10) (async)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="140000001600010a00000000000000002d"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newtaction={0x70, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_ctinfo={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x3f00}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x1, 0xffffffffffffffff}}, @TCA_CTINFO_PARMS_DSCP_STATEMASK={0x8, 0x6, 0xda32}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000003b40), r3) (async)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r3, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="0903e626bd7000ffdbdf25040000c2b7510ca77a238432af940b6c3d2874eb5b7b058b47f98b67345fd459a28438b33e180555a5a36dcc749095c682e8cbffb0ad6362998b4c14f5dba929f3562199c820d761138f158ccfb29dc1c2ba5af5f937f86f24e8513644f394c5d8c7f1a7153a1c3c18fd003732bcadcf0c93ed9bb9000d02f82c15ab9b01ee833d561f82da16742cb7e92feefcd13cb2e5d4b05c5a5e5b4a11fe7838f1c3eb16421667a24900c1284ec939dce74acba4e4b11db8004868aec3fcd828bbaab7d9b393e7"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4040000) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000004000000040000000090000000000000000000009050000000e0000000000000e0100000000000000000000000000000d02000000000000000000000d000000000000000000000200000000000000000000005f0000"], 0x0, 0x61, 0xfffffffffffffef2, 0x1}, 0x28) (async)

439.341532ms ago: executing program 4 (id=570):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x4}, @ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x20}}, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000380)={0x1, {{0xa, 0x0, 0x3, @mcast2, 0x711}}, {{0xa, 0x4e20, 0x7fff, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x8}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000004c0)={0x1, {{0xa, 0x4e1f, 0x7, @mcast1, 0xabdf}}}, 0x90)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000005c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
socket$kcm(0x29, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000e00), 0x0, 0x0, 0x0})
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f0000000980)=<r8=>0x0)
sendmmsg$sock(r2, &(0x7f0000002e80)=[{{&(0x7f00000001c0)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000300)="a283c42c0acb3af620fb553e8e8663061f00253fb57c029a92c5a2bb659d1f6a238dc5e0e713b13326d0888c23a2ba59a12dd2c340cf5bcba445bd322d8135fb5cc5ee40d0e1dd0bbfaa3e5cc04ae3b16bd141add07df4b272acd1422bebae38531726b33d88a6859a", 0x69}, {&(0x7f0000000600)="9af6690d1e16be5c21c81888d078a40e964eb606cc33c29e76800c82a27eb566661d30441bfb2f9f93570889ee808194d0a972cd0ad30cf734bd022b58e00b78ac4b144ce5355ee1016bac83b6aa8dcb477f4464058e42e246d8c31b4a5677d6d08c7fc87b7b4acc5ae99134cea6524baf8ebbeb9dea4170d1f5b2c44c1ad610e787e8b8cf332085e8518642cd061e55ac7783ffd69d0b9d13dff72f017234f0f92d1782cb34dc63ef4d03d8880f7aaa43e30e582d62cedf6e40bd7cee5e3f3a577a4cd1618e54aad6ba6efab83f05227bb0e84b5e8baeadd4f75ab31d66981fe0716d7a9af7", 0xe6}, {&(0x7f0000000700)="a470dba8c99ccd467adececc6350dc48c2963e9e624918c6b52bbf458af810f3b9628c276c5eaafc1159849dfd36a272c3cddace0c59bcc0e5564bfd61a143fcf417077cbf26144c1afff9799516efdd38b5301236ee2dd0f43be69aa16dbd2dad2814f015ad40336bd1344f2f554b18a0", 0x71}, {&(0x7f0000000780)="dfdcdb73588a6e7747dcc9eaa39c0893b1711fc2b77fc956245bc9e9669b0b5b9e81f352bce7a427b705791a408b649912618175d1e342dc8d5562ce60deb508eb11ab6afe8e2b98357b529f3079f017149e3462b61a", 0x56}, {&(0x7f0000000800)="2aa71e49f03d0125d8ea705320b2a33c3da082c26592c42a8111f9f1e8e9f8420e01712dbdfea38018c13477f797d370ab9b582b5eda7f5b5bbf5931db10fd5f23165dac9b90d7fe082a53aa80fecef2a206594a5c2903411eaeb5e6204e4c0a6ae024a4ec895daff9824db66afbb170c17672cd8f711f8c3e873ef5e1b310eca17125daffd7b1ba1ce75e30cc6bcabb43e76cd1ea28dde47919187f2d8efdc055ab46d333c36b19fc47369d79f0", 0xae}], 0x5, &(0x7f0000000940)=[@txtime={{0x18, 0x1, 0x3d, 0x80000000}}], 0x18}}, {{&(0x7f00000009c0)=@nfc_llcp={0x27, r8, 0x1, 0x4, 0xfd, 0x6, "1c6be444a58b0ecd8a1dc9783b6e56ce7ae4945f95b7592aae6294b9da18c12b624bc4478eeb6ec0e27e96eaa47a8591b07ebfe4537187782b3ebe9ce4ac0f", 0xb}, 0x80, &(0x7f0000002c40)=[{&(0x7f0000000a40)="b71d18c7f753f86f8b04c2d5c538b777ce35df0ebe7a505b604cb34c55ec71b3a744d9c21363618423a051a84b0e6102ae619dd1114617c74a88437b752902b782dda0b5419a939fa4c862d175333602c8875f1d966dcd80acd8b7ac1ef9ac707bab1c7f121695b6a8a14d8763613dfe98ce1a988ba9030f888a26fc3fcf443e7219f6d14964a8605a2fcac3f858902116ee81b0fe3ae10bf7fc26b7ae5880755cb7447ee24762fea2ff", 0xaa}, {&(0x7f0000000b00)="f23cec7531dc75a127d62202c17a090446d8ab2393e6f1dce75f305cfaf2e5be7a9fbe6df9cd8687f7edce3a733b712ab1b41dd9db95a40365c86bde75b8aeae2640abd5ba466d64ec2cbbda5e6646c3445fd06675a25dc650219920c40f1cb03a7c2586", 0x64}, {&(0x7f0000000b80)="955831ad7877166d3fc3c7e30f04b032adeef4407275ebe8ae0b07e00c556f81e15c549f8649783b189f2f14a5ea9e3d54d3abaa8b750a54746711ecb0c4eca2266f58914225e12406ed2acdd53932fb75c1cca700083376054fd4bc6edbce32dcbfb1268da6a978da0de23bcc8a7121f2d5052d13c9a8d5b125f0938a7c84d6f5ee5131bd0a294c11aec28cd286aff723cbc9532a843aaef5a33933864959b5a3bc4639af5c1c95bb94bea8b73174c3e27312fe00e63a9422837367a9e4e99137af1b229c76f6391c5bf38f097b85449ab820dd9b3462ad9a54100bc014c0e8effa8c08f2278d90eba122dc715b7e358e56dcb747b791b8e388cd51499925db94e3bc06ddc54f1ee93b58469dc2b3c949103cc60c0d2e6f98ee255b9cea1c725d0f3ab887016059a990899dcbb0d0f51291db1383d9bb00b444deedb18997aed3885a5d5726b073ed5711c909c98ce3f51edfe39605faa65dbe64f803b447f075c51d2df4b354886376037c01479de2963e44d5c6df4ff5863c10919c6a5c8367099c50b556441efeb4dd72702b31c571898df6fa20db9e7f47b08b1331a34564f14c762be23059a7a114b5dea2c86ccc3973eedbfde37ff7f8935776d2caff6ce5829a8826e27a6366c1e580a0b532f6df107652673aee92ac7d097d8a2c837f7cc318d9c1eb10051bca6cc30492a22f51f92e079f84f182278e980d4dd01f5d6579de79c2c095ffbc34f1e52f8b01c2f4141800cfaa0e9888fac53f6b483bc037de7739477e58214c0bff36328f1fd8267b192e40af0e7fe93c5e58121e34e13f4cb572e9207e441414446353e75efef4227b21674361ad6a7c980e7c44213c26cb575aad733a6a25a173fcb4e6f4df6a0690a2e09c03936b5710d270c97f3eebddca1f3f1b6794b551b67b3ba7b05613b328c6bfaab98510a08e375ccd5835c91ad01bdb45e28caa1586c4462c190730994c7e5e5836a87c5d8290add5a52b7d6000958475be8dd93360e2e8f3bcd57212966431fb94a053f94b620476ab204710cd807cb34b9d55394f902c824f4f49cfed9c1470e1b43f4f50b51cb9365f768ba88a24353f8641d045c98111b3926f6379c5b456e3187323ddd5cec0c2b1dd17b18ff609c76a8b180440c4b0e3f3e1147aac9bf519ad3257cb14f71b7e1a642e6d40bbd09ab0a2c5aebad647ac8abef7946c03a2040712655dde882e7c41bafaff4070852d9c06b0195ac2458d3279ecd865881d0b2990803d5e192744031a238d91033945941d0823c0a265dc1019ff60a3da40cfac73a3024013e97a39b1710b4f7633981096d9aa57c340c27714acb1d51682a2a0f0a3183a0b37a2df255d8e00d2e7bcacacf95fca2e8f6be36f5327dfe479fcfb9d6ad0ca3e6b5bc571c3c8eca94ff9487ec66a7793cae834ad3d0bee5c1b33934de14d813472e6419bbffbd0cd6d1782c8f42df37e888670d26566a66ea32c371998471793817e98150aec9fa72eba4ad959a37d8b00b7a2c1546918c9e49c74e795958f6d482f60b7f9ee3c98acfb34779e1bcfa6994bcf1393360dc4ad53c23e3ad2fb8bf6a411039c70562d98a1c03b034a8d6a8af17055d3facfeb7f1db697cbef84a3fd06c410f02620e4e13f57348fb770ed39ff6b7f3451cd4012b92ed17c6035dfd6471b5dcf714ac45984e3c0b806552771e76f5b2c927392d8e0038d2ee8269ce57ce8426b075f4851ecc84164a0cc21ff170de5b5006e9dd67b2704bccbcf93adce56c0397266fa4c0eb14c53e60b71efc26f79998a889763d40ae90cfdc744ebffb14f7d59e6333ea7dea8d4a593ae4d7a17dae83d5a28031694e04a84dbc823b303d0d2faea1b2c30066b797a2f0a5056f0abab6e1e9b3ccf0e4425bba8f43620feb38fd4e6cc1481f2ad3625c211bc97792fa59602ac79603a84c7543789ddf9c15abc1d5a42043395928404540c3e8914757d6124ad11b115e318d8184d2d3bcf880662f1d9b2e9a9cf9b0cb43487f1e7d98b9cc216fd8e71af00a3ae8b6b536499ec740c9edbc25bf47f36377d8b610512f13b74ecc86097491e978e83a4b2a1695b6d03f8c074e6b3a688aa6c2917f6d51bd18f7c547a7c487fc2b9f366033130734603a7e26a9830277d6d356fbde85521dd4da6caf882544e93f9f5eb2874e084e800bb30746be39364c0070662135e01537068d6de9781c10eb0cb512c9f7568e91041e5b0c28d3f14b26b33062357f7b2df641727cd713c43b99b6515c8b47398186d95854ed4ae9c4e73dc6bce3cbe7d3002ffa7cfd3fbb75935f8fe33382b75636fc4fc282eb1bad3c00f4ecc27c0628cfe6e3b4d2dd99c98d68ad69f1e621c0953675b8b6e8796641905cffd23f11f2bd57626d03e642a79fc64e7a8e1c8c7356e11320610cbd04a48d63b66f7d0f939b9f29d0195c77ac12e229d65a28348680d8e889c9a94ab011975150874642b588216770cb2a32b2ca773ee28e6fb3bb571bbacaf0c00efb0f2f3d182658141871561103b15915d5c437d8b1ab7c66ba1a72baeb93a5ba3bb6bdc5a84a072f77bd89c330199ccb900a684efa57f65609cc1559e20fc218e30b0e25e125575d686e7bc0db57e580fa75f3a8ac75dca5ead2b73c973215748b4a85ed48e623efc2f7b429f6e5ad175e13a728eba4b96a5b16ea9de50a3788e66a7af0fd81b76859e678558dc72b38d82f674131e9f22ab7eb82e75a7c6a809a6e82d7b824a8c80b84622759fb029308b9b3a03838df7d8eb405768d40664273c3693dd174d77cb73aece4cb6cd65035a2842989522152b3c3ded8730859a1c8700b73613e204a7f679bea36cb573adf92e54449d0fd656040b6bc046a7bf5860b3995ac8b383bd51b2002d5cafb0ae7b1b45586b6fda8edf62d8bc05bb4bc9dae8a5829d0cf33b586a07c2f7d8d1e9275f1e7ec4e00d76f03c4d82e7a72276262abd7ac4c050f5dcf03cd2e79fbedb8296b4148e859c797e6851553ddcfbc545171d22e0e83a18057724f51ec2b4513da0d1d2b5134a3fb75fefad8302bf927de79c86ecbc9f060e874d415f11b2295ab7d34f84400586c7831748e61c8665f9b6fd976b1651011096e0fce6e30a61a50cfef530f6e2a5ee4dcb70494e4d78a368060840410a28daebe8273bcfbebd5c3434c61542c2db3b38aaf77b688838c369760ec05585a129ab793ab50a2132f212d7565475ff0dfa5ed54911f34bd7c6fefe52678e2f022b7b323cffaad23854c49a413b907bb82c63e5063d277ffaf75256ac4f3c681447d200d952cc350df7fc860a2521555c48e6f2a45d8b84d3029c7426f2290b66f907b359358ad34e1e9919e561c0fc0566989cebdee78f6fcd7668377a10c6248fdf798d6ace395809c2a237daa754dcbf3026dd30796570bc19fa5673270bc6185392f0474fbbc03802d74206521c3bc863266d3d81a0e3da3c15e6a5fa178b6d8490ccc63e2b2ec53341c4f53574fe2d835f541e3e2bbf0a03e18d576ef2122030ec3acb1bc42eb216f6c154d6e6bc9783c938cab45e24640c430de28cc86042c19087692ef60b2e387d95ade201035a582021005e13c81a1f8e59a1e1f5b7541dd374fa3b23d672010281df5f671a4383e3074263d20e6fe8a1b18fb35bee67fbb09bd4a22ad92339eaeccf6567a452345a305fece8bd0eaf3299ed29c84cd6078a5e59d0397d0257e01136c97f107264c8f901f4e23302b7f4e299e57e4eb866c6f99b8e960b8a13ced3a6549ea686679c7f48b6971440af454044cde2ac46c7f31db602638ccfda97bf36819efc0265d679986ac5e2ebf57d9c035747f92b04360d0dfc5c227a8e50a46b417495f4bfd9cea9c2047045e25521ac2f4d797651797e16d38f695fdbd596a0a2aeaa7210de6f3c8bad42164f9de37df4ddf443e4c5294a7dddb8dc385cc84ee7128fe45a0977a3f094efc22bd0e8abfee411993a5506040abfb9d51914be4f8486e304208e1dc347b3c73f790a42c3ea8741052bab1fd601202e42a4afb7f4518f972712f22b045cdaee439947aa425507914fcc6e0f3a801fdad0e506870eec37c3aaab519b52a4a8ff7c01aa48a065ccab8ba4a1c7a4d32d37f79cf92f72149eaab29d6c03201b898e5de1c01e0f0e69e5798741ee4b7ec48f10c6b96a619a292b93396b50a93ad5662944018ae841e79703b5bf0b046cb9e47b04dbdf5dff5dad92c8f014f49d6b2998e2c5cab4326503756e4d449de31a0e33e81a2fc8000c0caa9c2fa9f87b434c825a3149beac68c6fd050126bef84be544ed91a335992fa558695203aaea60b8f5f11e01c2657380137527cfb6cf1e5a2203f0c51e20fd1195f98e734430c9cabcb6a66c2d4296a714f05a5a38877566dd353a5e19aaa61ec5cf6475d33526853a86b29243bcb2d258b8995c5afa680926c12ef58d435861ea70ed6f6d4e493afa5e3ea76804a48be17d204cd7757b1a017f8289a808800f2e6fabe32a76e29d20994e88e3ce0305a6623940a64bf5adc748cd908377b3bc1ad3b8a0db343cd23e4260a6932ae6ff331d97c420e2b7d8bd0956385467515afccbaec100e79fbb9c6fe674c4db4e151458c18ba38ba8f63d66b66b1f52d9ec6a11ed96fa35f75bbd78285ffcabad53d39dbae5ab5b0813271a1967ca5da86a2cd47f9a9184db37dac28a94fa7c935baa8e775f00060dda4646958a4237fb673fed43d192ba40643c78259cf56b9974630e78a446d49929a6924d470edcec08b7f36097e6e5c98bb57a18b752f69eea038bf8aef3b1ee02be964e0079564c962c612f3d4cefea2b35f6aadaf37155f29b3f76f27a2d071e530f1d8e2cefe7a8ab709be3938a3cba930bc146743049863ad98e82e54ba42441d05143da72652a17988d3e9d813a38460ff210e58b08038889e3f221fa0f0cb744c96e93cbee90aa84b9e969c8e234d96852f69d2012dcfe9d9253952d1f9758959f5988628600b3805be2a62d1905d8fd84c67a89375273ab003814bec4082277e38af925d7408c3eed641f81c1315728a501a9b2f4ac20ece083064a69563bb6a1e794572a25239aa36bfc6c30a5bd0c1049bda83a70d58d31e1b4adc9734c57a7ee9d0178441193b8702089201c83d8db0cf376a2ea0eb81a1e9032cb0e79461d4e51829cf653558ea299546ae3f4dc981165edd7600c5431e50c6b490c2e25bcc8faf183eaeb2ab2ba2344f8c3d5f97b4bd1c296fc9906cbd46a09f01af0cd6adbf01a4e0f559e4f62b80cd0dfaaf36295008c44bee2b1f5e839068a60fa750480533decf37475f851416a34096bf6ec32723756cf0ecad0905fe4e3e3b35cf1fafe1d2f414caa81bdc977ca3f30a71d83288c682c63edc1022e9bdae14da68e083d2e4552252b4cdc6c5190034a821d77b4e0250a5d24020e47d75a7f3bad61f969fa0cf078cfade06ba50605c6222a66c2e36d3e7de52547f7a5626e0c7378309b9695a582c2232c16ac0987ec75b6a49a4a554be1cb7963cb289c47379d40a5699ce1cfbe8d52aba36b69a6d003db18cae4dd4685cbb58ea9a62fb0298967db486154174d5025c3a04cd0868454c2b1339466e6f863cef98fbc6d9e5623408927becb4ef0fa9eb1ba3395a6940985bcd28f04529a4e4d4314a60e8e76f9f4dcec4c23711f11ee41d72331c057a450f8f1a82f8832ea68727f48898818898518215ae00240a9ae641b9c9f76ef75a2662a48a36a1bda2d67086e9c0c1082eaf7f68eb67fc5f12b5f8368d421f140b673934632cddb091e6dd77c5d484814f1b1", 0x1000}, {&(0x7f0000001b80)="cf8f160d6cd72a0c33e78da4ff1a7cd70b8e0b22420d8a3c5e9a667cb3c949e420bfd9c8cc7410aa3a6c913af3b9d3e9095182fb38eadab42cfecfffb0ca718ae18acf3098e58d5af470dc9ee9575e4801bb9e1059f50cc2a55c72eb6f70f40900e02836b2fada4cecbd3ad3258382d12aa47f31da716ac01cdd2c4260b3acd87779b0d4ee83afd9f176312f3400caa8da070a192fe385410eecb257d63f6e8658a828f0e7977e89026b0e0a59c9c3ac2fc550f7faad212f60e6136c4aea74921bb2e5a58bb6770c5e8194d556dbb8567a090b7e186e0cb69044595093807957f9096b3ce573d84d47007218ea843a4c9931bad964660ec9ce97f6c009b0803aa643d35a5fd80c85c93e344763e999727f9a60a76d50ba0ebf90d988a31d4abd23b50fc8ebbad8ca6d05b8e9a43f3175470d81dbf6684ff1f8e1fa997822fe250e359d5e68897bddffaf1c46b490ef7be8058dde77703f0c95a2d2d508e4634fc1d0687f7cfefc1189c886d8ae52dd3387e6066f2e575d485860366a6fbb182853edc7ab47877af1ac9294d0dcaa08f8b943f2149f1720f7108eb6d799d0e29967675ab5bc9a4d2b1212c7ca22bb1cb40b235eb79a8ec62fb38cd3e953ba1edafa7feb1497477da7b4b5a8c4a0de505b8b7f80de344724166281c21efd14a7064774a7bc384c03b24b99ca16222285cbf24757af518b8167c340f44f0437a7ac6baa1ffcb18797ce2072e7efb2b2e0086c91ab46daa861949e53c34d69bdc99cb22948c4c209f031fd35333fb2ecc1b4d9fee376d05a56e4daeff0b0df33f5b13b3839e05e5f3c71e238976d2dbf54cb0118530b35e4e7c32514a0cd895601be0bfe13f9b5a27c73f42346d1ef84bb6eddccf3ab8c063b5aacef443aa1f736fef260afd2e43e0298b4e99a292343a52279d6e8ff96213ba7ef7c91449a4e35e98289738bfa2c711468ec2da02ff719e4550677b3abc95df28784fe373a17c41d94335a10b274dab3eced5ff86dd68c497f79b0c58601079a85e0f708774cb6c8d53c536f62e421158c94b1f61fc7bd810e518dd7a0bd8e129efdf1a15591a8de741b383e46cf1584d2d24a4e19c7e4d772bca219a9d2b7f8b434de32d92745fcba513636fd51b4c01532281a29211444a5bda76033cec080765686c6c02c44babe453bc8e9a9a79de44d07db351a7f8fe2f6129d466c280a08d9f9a01eadf9fb0fd473b3e34169b1025a5b03b622c980586ba5814a70b03c03cdabeaee3942df24ed94de6565d1a86065d8e979d26d7e0b733ca63a3430fa79ae83134b2169b4571735518911ff3b560cc346d589c91def1067ebfc3a3907b63ac235849246dab4bd85f3b1a7dbe6ba0e5cac8a184a4c049ba3886810bc32132258ceb486fee0364624f84c01f2b42c19b1d4b38044700bc850f38782db31a4436b4ac7016124e868074a71eee8a02566c8135c7145b301d2d3d2cd0dfec910a5bb9e0837a2de575dd1396126796cad5df87e102a82d07b3b306b7e21671642d850252fd1285cb84d7adfad36800b19416ca9e846f7360216f48c546b106bddd99d0c13ddc6eb3901f2c425de3b487df0c8ab53feb5658cba1a4d5b44d60804c6a8c4c180bf7baaa130688a3aa1ad72360d5ed6afee1bde08636539bb49ac985116b81c6f83a8b745549b0577a51333101bb0d2a0ed6accab226b3570d5254ff6d94d9cd648d41c03091c8d79ad2d2afd0bb2b9400123a6a76912faec0288d5ff48fea3c1163cacb36d88c76ba9711cae4c7b1159a877b71f46ba1a88a8e231be5e4b22e869c6fa7f544b20f996431ed1e49a41e0e5b62b601bb313cfe07024239d032a218fdae75ce38547a7c0eab66f9e2874958021580823583b69c0ff4da56570cbc7f2580ccfab924f9f37f4abf3cf6fedec5336ae46241b9c3b491f080ae2c13a91246c513a543a5b6aefe33e2827b6d4f7b439a8dc1b9b96ddd7ef7c5c22a1d298fb6fb7c2f0179e0f04ec3b2de0d1e6d6c46439510263364abb1803f8fccd8a1a69ad6019d04d0fe1582efaa02c4bd29bfe669ec9e29b072d82aeec2cb1395dcb9bfc3e3f5e05ad9f21d87faafa906f6657a140c184548d3db6b0fbd6e7f9ebfb1f26103b86cf77cc9563edade8c1d0103f22b0e959a8bcf765231f9fc1989d7a0dff8eec70d0cc19c4feeef50433d5ec0659d7616a508559004d7de007682d88bb9a74b054cd5beeb59b7e81cf281b746d93758be54b9604dad40d0f3e53af7276b7687d0070592e1eed18fe7a19f00f38fe205dc232142ad0db38163e97714e113b9fb591960985dc6e86d01e3f337f45263e240d224859330089f9c630ee76d60c967a167cc21049844d75db33cc556976abe72e6e39062646c48b5310a20f327db2b331af9ab755d55970a1e51382506bc354a625b9204c360797ac3f2899873867918e087a4376ff9eb4d80538133128b7598cb94a83a7269e286fbc112fe1014270290e8f2eeb28e70934bda9da17fe2e74a1bf8ac1782db40465043054b9f66704845e1f610a98333b4f93398be4daaab157a540a23f13f4c842a1091dc1225ce17ef8ca32872b4a8892c0a82fab6142ddc34fb95e768a9ac67f72e931b11a46e213acb73f75f6825a8a50ac57ea2dd6af381bf901114fab764a9d015ad6327d75a8e22cab6eeead1cb17f7756043c9cba69a465eaf5019124d44861c2592d8221aa54c90844ea6f27223ac56f982e15bad251e6830f9629b2e6a6fbbeae7646567a7d0d71fbd13a94fb40fcf545e0c4d7cfceeae3d75ee03c31dc7738eea2a6188f018fa9038b5f2f4e8037ddd22f14832d24e55132f35cc155ab9d3383e8eba7712bc94f6fe2537ff95592d5941a5344d360594a47ef20e4d7bed813877717ffc2b0a1e3f073cee15038a02fbb58c04a9f8b8ca110f7c5e575ad5fd488231908b60444627abfbeee59b20760be01e3e1350b3680e3830231827ebcc855bc9dc9ac3b1b4fc1643882885083285461039f8bcfa31c62949543f328cbba567919467f0434bd00ff44afa91f8907b4ad94e8c52e3c2df8ebcfb584df0833f178edf187c5931b857482614cefbdcf55cfb8676d4158a3dc52f9ae7bd1ac3b2600ac152a2c8004702894a4ccd6b533bdced408898fa8de4c33e8782b6d8e0e31e596556ed854c7515d2ffe7b655bbc5e2cc7b33ad75bc2a98c84255f3cf70eea69a92a00ef352ed57f6937f4220006aa2ed01916ab31f096336ea68f9c64c55346ce85f36d17af1fa05fc2c9ea40297f4accbd247cd0ed1af80b7a2178d1276723e94e5219ce03a1aeab9deaadc090fd3f7da6c20187ec8818e72eaa6ae1e86201710defc43a21a8ca8c36ef2b59d3c684313e8937fc947d76699e87b9a53d1fbb6687feaa31aeb596d0e5d72cb4b094002a71ecbfa774d1f4c88650b33d4b29108e13e08f60c458437461752d0eb3943355b04041230aa5203b02d435216ee99bb2cc142481cd9a5fad84fe28299768fcb0e430232d91531b9fde41cd318c663b447debb53a16cdfa4f9af8a3c4924ace9f00fad3c24ac8e3810347dd27b5e9e14e710803e0a0ac19b4a76024ab903cff237c7ce67345c5ff324fdeefe1af7df1854a96231c2cc2d0c76ae68c92aaa6171e9d53de50ef0dffdd919e41232fcb25625cbfb325d378792759fb5856a4577ba61673376b01f6fd70014888e14479e8e6efd18c50f7cfdb98e0833d407503b645456e490f8110c9af63f5c83ee04bde83f4ef2a1bec084b57b9d727e86195e00505138a4c41a57a7c459336013cd4ae09e1763022213390e321385714fc4d0df1c41f161044475b75f7e032f6647032fc02eb5c91e56fdea3c353585e75d0ed3b3d9cb840e3622fa3a0accae27f1082432fe965e02e9198cb49fecad5e539fb2309ab27e233029cafd47900d6b50a37bf27c58dee48be4b45cdf304ac7c84a149bbb260a7bdf3a5c72f790d60d190e9154da8fceae46d59a3fe2693239e7d51fa0eda3e026960aa49f3d7759ac48f3d6c8c76a7a5a24c3dfe58f6fafd815b92d99d331b76ce60fd9e8695f366400d01a6a606a866408160356423498f8c724901fc9a037ce62b3e82277de70393bcd13b39b386f82e22708b794e36f1bd2b189ca870bf1735e413c57832a94f50847f2f571fe28eeef0511766f354c7fe7b5154cce2fe1daa3a1abe8e8c194076fdbf1be1885938b80fd49165223906bce8a2708539e8f10e5bd87d2a7cf9957e31367539e8cd66f67a32157bcd607a77803af32fef90dab223591f1bfc3b16fff6c80e04990cec3b7776fe250288b46be860e80069e9989468f94e190314739618376e5ddf332e411da129c657a2a4c9ce41cd4671d68d3eff0c38e5cc572089d9c2cee5c31455cf63b04541969b07e5922f3d666038f26e86ce4045361eafe662a904e1a014bc22e715a5ffab4183a33f317d228c79ed2b40b4af135404f80c7df7949720b62f3fb7f3a869b40f92a9abda6f8e180475062eff022aba7165bde38e745c5c959390ae0c6cc1d0884da7cc2a95a38f8ae484ec60525fefd59840e66241255933f5ed86d2fb41cccc8f442c4304892b98db4982be38862d611a529b6c965faf54d4f959b2915452655a2b5e363c88c4350f0c70f778a8b2ce9d4e258a1b696011b20d42067b57731038630de88c2d1ba9503396ec6edf58f8ec249de563d45dface07730cbda271628a438353740a1520179171c041d6903a22b44b1270b7ab51041ed6cb5537b0a23d5984fdcb790da548576c1384be416c51121d525603f44f81b0b9cb9c3349e29b3488ab65b74248d1afc8ae441f0c0c13148c547e261e765d5b85e4b3d6a777a2765d77056ed6221f8fea00e680de4ed321e61866e536bea6c1432c58f924b7f3c150bc2ba877d263f48e4d9201b437c95ba872d09b4cf6cb66e521c575a87e610a8ae75fdb28d619202b08fa7829cf604b15677db71024c6fdba0e3786bc1f1f456a3715071fc78ab90c1f2ac3fda2b5dfaa8e8e5b6b5323005d885e6bfc79cc199f7a56fe677ebbec2700950871b487362228ca158753625f07275291185eb5d5c70d6a9cbc4e082adff136399c07e0bb79f88d5dd87c1692c4863b0e370ab1a3ee3f415f4885032778f5e65273c6a1342293016585f9e0bfce6a398747f6d739730553bfed8ce3eaaa08e59f48bc78b36bf60944ea7189ef50f1759cc2b0d5e1555a9beffdacb45d67bec97f2ec7017c382c5dc8832bf2833f2f427c1ce5336651247fc71e282c2d8f84728e17d49d566a549dccbc34f54a09344c3e4238db098c26955d1539210c1a9434197aa18adf021f7f80925815d113d471ae88bb780c2585f695bb852af5fdbc38f1f822dc02d3de93729cb35839c578e0fb4c4b4981093f311ee64fd80f61b0e84d4094bab27ce1a0af315d6b42bf234161d500f8b47927b2f5ad629de41e3fae7ff232b050425d6d19f1914861dc7046899ff6323ff2b5815292e88987893c2feeddd458d72d0aa9a271fa93452ef44d5a63ab29af1caec01c0fd62d76ac3c49917f331b741ed6dab0b9bc9357f667aa5601d3fffb07e0001e640202faaf92c805d6e46421f3c512464101cb8b28bdf579216b21867903a56a6ecc835e97c4ee84e86df850b9a72873169fd9e6f82bb8bb70b3092601cf0be0148ee3bef94e53594a554c675e0a4cb3d47295a7f0cd6adc911d17e857078e56a3b2e8ffd1fa544ffd5cdd5f248c6a2d5362466e2256b65ca9ece32dbfff860b4500a8e687587a953315a6f1f4da", 0x1000}, {&(0x7f0000002b80)="b2b5bd31262691cba29f459adbbcc9864b7d964a", 0x14}, {&(0x7f0000002bc0)="31364b0e1cf6dfc219746057f255c66b9f12781a8758648de17c4b54800734432c54d6dcce8011eda5b6e8e70fe7a82c67a9eef851830811202ce6bb46c4fcbe0febe14cd8e6c447707236349dfecd62f03509e282897297ffc2e673482ca1465de28e79f4953dd99b7b95", 0x6b}], 0x6, &(0x7f0000002cc0)=[@mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x64c7}}, @timestamping={{0x14, 0x1, 0x25, 0x93}}, @timestamping={{0x14, 0x1, 0x25, 0x998}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}], 0x90}}, {{&(0x7f0000002d80)=@ethernet={0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x80, &(0x7f0000002e40)=[{&(0x7f0000002e00)="14f6519d7d34b06fea1609", 0xb}], 0x1}}], 0x3, 0x4886)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xe1}], 0x0, 0x0, 0x0})

349.189313ms ago: executing program 4 (id=571):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000005c0)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000480)={@flat=@handle={0x73682a85, 0x10b, 0x1}, @ptr={0x66642a85, 0xf0ff, &(0x7f00000006c0)=""/225, 0xe1, 0x2, 0x14}, @flat=@weak_binder={0x77622a85, 0xb, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x40}}}], 0x0, 0x0, 0x0})

348.480831ms ago: executing program 3 (id=572):
socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04000a", 0x15}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x2, &(0x7f00000004c0)=@raw=[@map_fd], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)

347.934425ms ago: executing program 4 (id=573):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)='2', 0x1}], 0x1}}], 0x1, 0x8000)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x100002, @ipv4={'\x00', '\xff\xff', @empty}, 0x1e}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000680)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0xab, @loopback, 0x8}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000900)='2', 0x1}], 0x1}}], 0x1, 0x20000014) (fail_nth: 61)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000140), 0x0}, 0x20)

290.576842ms ago: executing program 1 (id=574):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x400}}, 0x24)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x80}}, 0x0)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x2, 0xff00)

290.314446ms ago: executing program 3 (id=575):
r0 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
accept4$nfc_llcp(r1, 0x0, 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000140)={0x53, 0x0, 0x109, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000001c0)="5538b9edff00000008ffffff01a26ccc143bc638b65f69d33b5ab57cf52671dc2d7b21178e751ed07500d83b77ea4beb9c4d4c362f69d05192fac58367ffe9779c6752fbdfc72b65c241364dee74e143fd791b70a2bbdbf4d0eb9b5ea7d2a2487b11a25a69d07e232a840bb5bacb14fd42890807191c52c541e28eba71ee2994d17e53d06732a861fbe148757981fdb1a412d834198e1aa1f5241010e87578fb4069800e64d8d46304771ab67e0325aa78c0b404aaa733e2eb7ec56870b6932912eb693d2a48fce52a88fa8f1250bda6fb2825d72773800f3ea37fbf9fd2038bd92db025776dbd835b638d3a3972f76886a46f1bbcbefeebbbbb1ccfa26db44577cdee28d0f61a4d4c", 0x0, 0x0, 0x10, 0x0, 0x0})

290.172743ms ago: executing program 3 (id=576):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv6_newrule={0x44, 0x20, 0x1, 0x4, 0x25dfdbfb, {0xa, 0x40, 0x80, 0x0, 0x0, 0x0, 0x0, 0x8, 0x13}, [@FRA_SRC={0x14, 0x2, @private2}, @FRA_DST={0x14, 0x1, @rand_addr=' \x01\x00'}]}, 0x44}}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x4900, 0x0, 0x10, 0x1000}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0xff}}]}}}]}, 0x5c}}, 0x0)

173.764115ms ago: executing program 1 (id=577):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0xe22, 0x8000}, 0x1c)
syz_emit_ethernet(0xd2, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa86dd60010100009c1100fe8000000000000000000000000000bbff0200000000000000000001000000014e200e22009c90"], 0x0)

173.370136ms ago: executing program 1 (id=578):
r0 = socket$inet(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x7c}, [@ldst={0x6}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x3c)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="44000000100001040200"/20, @ANYRES32=0x0, @ANYBLOB="28250200000800001c0012800c0001006d6163766c616e000c0002800800070010000000080005005efbad8d928d524e48ceb12ac4862f5925f0f929fae539dec9ba5b2ffbc21e4ff109e52ba2755ca392782380d34fe47b930f7d8be79e5b755b8b308c68c0d5ead29864e98ee9dcdd9a77de71fdc6104d1cf271ae1b684e07b12426c4aaaa9ea4020095303e5e39ba3de0ca5cc4e113e7f7dfc217a6c577c0278f90e3a9ab23d536415f8f05104c35f1108967bb18", @ANYRES32=r1], 0x44}}, 0x800)
setsockopt$sock_int(r0, 0x1, 0x27, &(0x7f0000000140)=0x1, 0x4)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@gettfilter={0x34, 0x2e, 0x4, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xd, 0xf}, {0xfff1, 0x3}, {0x1, 0xfff1}}, [{0x8, 0xb, 0x4}, {0x8, 0xb, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x8c6)

173.21519ms ago: executing program 3 (id=579):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f00000007c0)="91f8a9849519def28691bbc4173c3d6f357d0272b7319130feaab952ac4703cad04be68907e50e997fc26e4c91ea4feb931647fc5393de2500000000004000000048290ce5394d92694078570947a950a28602d4e4d145425932bb797093ca04841bdaa5c53d1878c3a7bd09107bac84fece2b58ffe4a00680c3663a230dddcea61e02c4cbd1361aca94b013078c", 0x8e}, {&(0x7f00000003c0)="641a6a2b863c0dd898013a3f97a834ebb75a925ab48c844221841a232932fc2e37e327de21450df098c113e179", 0x2d}, {&(0x7f00000001c0)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a", 0x20}], 0x3}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000006c0)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769deb", 0xa4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000c00)="42e013913edbeb683c44e18a52b5a2462064ddd92caaba941de80d06047dedb7eeeff3a27eacf4c416b6979d6c918608807c44d01535dbaab3b3b0086e4fd43c6b5931187023646d6b64d2271b01d2bbf300b70e9aac4e433c910440efd5c669bb2d32096ffeea5a2f4dc1c0260e5a3c0a5200009c149de3f7a0fa37191a56", 0x7f}], 0x1}}], 0x3, 0x40008000)

110.414873ms ago: executing program 4 (id=580):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1, 0x2})
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={<r5=>0x0, 0x0, r3})
ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000300)={r5, <r6=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000140)={r6})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x1, r8, 0x1, 0xffff, 0xa, 0x1ff, 0x1}) (fail_nth: 16)

110.106827ms ago: executing program 1 (id=581):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x2, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4e20, 0x0, 0x4e21, 0x202, 0x2, 0x20, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@remote, 0xfc, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, {0x0, 0x0, 0xc, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {}, 0x70bd28, 0x3500, 0x2, 0x4, 0x0, 0x10}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "217d66d38547aa140db8a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000040)={0xf0, 0x2})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x100000a, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x80a43, 0x108, 0x4}, 0x18)
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000000)='./bus\x00', 0x4427e, 0x9a)
fallocate(r3, 0x0, 0xe, 0x1000f1)
sendfile(r4, r4, 0x0, 0x800000a1e)

110.001375ms ago: executing program 3 (id=582):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_CMD(r0, 0x80506409, &(0x7f0000000180)={0x2, 0x1, 0x20, 0x0, 0x80, 0x6000, 0x40, 0x80000000, 0x4, 0x9899, 0x4, 0x7, &(0x7f0000000000)=[0x4, 0x5], 0x2, &(0x7f0000000040)="f8a7b7e33582a513", 0x8})
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'dt2801\x00', [0x5c22, 0x800, 0x6, 0xffff3244, 0x2, 0x3, 0xc, 0x7, 0x5, 0x1ff, 0x695b, 0x2, 0x41, 0x403, 0x6, 0x1, 0x1000001, 0x0, 0x3, 0x8, 0x90, 0x6, 0x200006, 0x5, 0x8004, 0x8, 0xffffffff, 0x8, 0x5, 0x41, 0xfffffffd]})

0s ago: executing program 3 (id=583):
r0 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x2d}, 0x1, 0x0, 0x0, 0x8801}, 0x8000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x90646}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_FAIL_OVER_MAC={0x5, 0xd, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x20048040)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x10)
getsockname$packet(r6, &(0x7f0000000340)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x66)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=@newlink={0x50, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x300, 0x17e05}, [@IFLA_MASTER={0x8, 0xa, r7}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x4000, 0x640}}}}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x0, 0x3}, {0x4, 0x9}}}, 0x24}}, 0xc00)

kernel console output (not intermixed with test programs):

erm+0x10/0x10
[   78.379732][ T6634]  ? __pfx_sctp_sendmsg+0x10/0x10
[   78.379745][ T6634]  inet_sendmsg+0x11c/0x140
[   78.379760][ T6634]  ____sys_sendmsg+0x98d/0xb70
[   78.379772][ T6634]  ? __pfx_inet_sendmsg+0x10/0x10
[   78.379786][ T6634]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.379800][ T6634]  ? __pfx__kstrtoull+0x10/0x10
[   78.379817][ T6634]  ___sys_sendmsg+0x190/0x1e0
[   78.379837][ T6634]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.379870][ T6634]  ? find_held_lock+0x2b/0x80
[   78.379908][ T6634]  __sys_sendmmsg+0x205/0x430
[   78.379926][ T6634]  ? __pfx___sys_sendmmsg+0x10/0x10
[   78.379946][ T6634]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   78.379967][ T6634]  ? fput+0x79/0x100
[   78.379980][ T6634]  ? ksys_write+0x1ac/0x250
[   78.379996][ T6634]  ? __pfx_ksys_write+0x10/0x10
[   78.380014][ T6634]  __x64_sys_sendmmsg+0x9c/0x100
[   78.380030][ T6634]  ? lockdep_hardirqs_on+0x78/0x100
[   78.380044][ T6634]  do_syscall_64+0x10b/0xf80
[   78.380058][ T6634]  ? clear_bhb_loop+0x40/0x90
[   78.380071][ T6634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.380082][ T6634] RIP: 0033:0x7fbd8179c819
[   78.380092][ T6634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   78.380101][ T6634] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   78.380113][ T6634] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[   78.380119][ T6634] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000004
[   78.380125][ T6634] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[   78.380131][ T6634] R10: 0000000020000014 R11: 0000000000000246 R12: 0000000000000002
[   78.380136][ T6634] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[   78.380151][ T6634]  </TASK>
[   78.409688][ T6637] FAULT_INJECTION: forcing a failure.
[   78.409688][ T6637] name failslab, interval 1, probability 0, space 0, times 0
[   78.411603][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.219'.
[   78.412202][ T6637] CPU: 1 UID: 0 PID: 6637 Comm: syz.3.220 Not tainted syzkaller #0 PREEMPT(full) 
[   78.412217][ T6637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   78.412223][ T6637] Call Trace:
[   78.412227][ T6637]  <TASK>
[   78.412232][ T6637]  dump_stack_lvl+0x100/0x190
[   78.412249][ T6637]  should_fail_ex.cold+0x5/0xa
[   78.412266][ T6637]  should_failslab+0xc2/0x120
[   78.412277][ T6637]  __kmalloc_cache_noprof+0x7a/0x6f0
[   78.412290][ T6637]  ? vkms_atomic_crtc_duplicate_state+0x7a/0x1e0
[   78.412305][ T6637]  ? ww_mutex_lock_interruptible+0x37/0x160
[   78.412325][ T6637]  vkms_atomic_crtc_duplicate_state+0x7a/0x1e0
[   78.412340][ T6637]  drm_atomic_get_crtc_state+0x1de/0x620
[   78.412357][ T6637]  drm_atomic_set_crtc_for_plane+0x1c1/0x560
[   78.412375][ T6637]  drm_atomic_helper_update_plane+0xc5/0x400
[   78.412395][ T6637]  __setplane_atomic+0x22d/0x350
[   78.412415][ T6637]  drm_mode_cursor_universal+0x5e9/0xe20
[   78.412436][ T6637]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[   78.412457][ T6637]  ? __pfx_drm_lease_held+0x10/0x10
[   78.412472][ T6637]  ? modeset_lock+0x114/0x6d0
[   78.412488][ T6637]  drm_mode_cursor_common+0x308/0x970
[   78.412508][ T6637]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[   78.412524][ T6637]  ? avc_has_extended_perms+0x33a/0x1080
[   78.412545][ T6637]  ? __pfx_avc_has_extended_perms+0x10/0x10
[   78.412560][ T6637]  drm_mode_cursor_ioctl+0xd4/0x110
[   78.412570][ T6637]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   78.412580][ T6637]  ? do_raw_spin_lock+0x128/0x260
[   78.412595][ T6637]  ? find_held_lock+0x2b/0x80
[   78.412614][ T6637]  ? do_raw_spin_unlock+0x145/0x1e0
[   78.412630][ T6637]  drm_ioctl_kernel+0x1f3/0x3e0
[   78.412644][ T6637]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   78.412655][ T6637]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   78.412674][ T6637]  drm_ioctl+0x5e6/0xc60
[   78.412691][ T6637]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   78.412701][ T6637]  ? __pfx_drm_ioctl+0x10/0x10
[   78.412737][ T6637]  ? selinux_file_ioctl+0x13b/0x290
[   78.412755][ T6637]  ? selinux_file_ioctl+0xb6/0x290
[   78.412772][ T6637]  ? __pfx_drm_ioctl+0x10/0x10
[   78.412787][ T6637]  __x64_sys_ioctl+0x18e/0x210
[   78.412805][ T6637]  do_syscall_64+0x10b/0xf80
[   78.412819][ T6637]  ? clear_bhb_loop+0x40/0x90
[   78.412832][ T6637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.412843][ T6637] RIP: 0033:0x7fbd8179c819
[   78.412852][ T6637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   78.412861][ T6637] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   78.412872][ T6637] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[   78.412879][ T6637] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[   78.412885][ T6637] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[   78.412891][ T6637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   78.412896][ T6637] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[   78.412910][ T6637]  </TASK>
[   78.473592][   T40] audit: type=1400 audit(1776596333.837:290): avc:  denied  { nlmsg_read } for  pid=6641 comm="syz.3.222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   78.474050][ T6638] netlink: 12 bytes leftover after parsing attributes in process `syz.0.219'.
[   78.476350][ T6642] xt_hashlimit: size too large, truncated to 1048576
[   78.675325][   T40] audit: type=1400 audit(1776596334.047:291): avc:  denied  { read write } for  pid=5938 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   78.682877][   T40] audit: type=1400 audit(1776596334.047:292): avc:  denied  { open } for  pid=5938 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   78.690700][   T40] audit: type=1400 audit(1776596334.047:293): avc:  denied  { ioctl } for  pid=5938 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   78.762835][   T40] audit: type=1400 audit(1776596334.127:294): avc:  denied  { read } for  pid=6652 comm="syz.1.224" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   78.889952][ T6656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.226'.
[   78.894273][ T6656] FAULT_INJECTION: forcing a failure.
[   78.894273][ T6656] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.907562][ T6656] CPU: 2 UID: 0 PID: 6656 Comm: syz.1.226 Not tainted syzkaller #0 PREEMPT(full) 
[   78.907587][ T6656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   78.907607][ T6656] Call Trace:
[   78.907614][ T6656]  <TASK>
[   78.907626][ T6656]  dump_stack_lvl+0x100/0x190
[   78.907655][ T6656]  should_fail_ex.cold+0x5/0xa
[   78.907685][ T6656]  _copy_from_user+0x2e/0xd0
[   78.907706][ T6656]  kstrtouint_from_user+0xd6/0x1d0
[   78.907732][ T6656]  ? __pfx_kstrtouint_from_user+0x10/0x10
[   78.907756][ T6656]  ? __lock_acquire+0x4a5/0x2630
[   78.907787][ T6656]  ? lock_acquire+0x1b1/0x370
[   78.907818][ T6656]  proc_fail_nth_write+0x83/0x220
[   78.907849][ T6656]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   78.907880][ T6656]  vfs_write+0x2aa/0x1070
[   78.907907][ T6656]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   78.907931][ T6656]  ? __pfx_vfs_write+0x10/0x10
[   78.907963][ T6656]  ? __fget_files+0x215/0x3d0
[   78.907987][ T6656]  ? __fget_files+0x21f/0x3d0
[   78.908012][ T6656]  ksys_write+0x12a/0x250
[   78.908038][ T6656]  ? __pfx_ksys_write+0x10/0x10
[   78.908065][ T6656]  ? rcu_is_watching+0x12/0xc0
[   78.908094][ T6656]  do_syscall_64+0x10b/0xf80
[   78.908118][ T6656]  ? clear_bhb_loop+0x40/0x90
[   78.908140][ T6656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.908158][ T6656] RIP: 0033:0x7f1cf1d5d04e
[   78.908173][ T6656] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   78.908189][ T6656] RSP: 002b:00007f1cf2ce7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   78.908206][ T6656] RAX: ffffffffffffffda RBX: 00007f1cf2ce86c0 RCX: 00007f1cf1d5d04e
[   78.908217][ T6656] RDX: 0000000000000001 RSI: 00007f1cf2ce80a0 RDI: 000000000000000b
[   78.908228][ T6656] RBP: 00007f1cf2ce8090 R08: 0000000000000000 R09: 0000000000000000
[   78.908237][ T6656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   78.908248][ T6656] R13: 00007f1cf2016038 R14: 00007f1cf2015fa0 R15: 00007ffe85a18c48
[   78.908272][ T6656]  </TASK>
[   79.273754][   T57] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   79.423599][   T57] usb 7-1: Using ep0 maxpacket: 8
[   79.429208][   T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   79.434487][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   79.438561][   T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   79.442674][   T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   79.448290][   T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   79.452086][   T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.667951][   T57] usb 7-1: GET_CAPABILITIES returned 0
[   79.670159][   T57] usbtmc 7-1:16.0: can't read capabilities
[   79.873722][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.877414][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.880984][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.884614][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.888076][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.891498][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.894981][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.898966][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.902624][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.906237][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.909766][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.913653][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.916908][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.920225][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.923682][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   79.929407][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[   79.935927][   T57] usb 7-1: USB disconnect, device number 3
[   81.473002][ T6642] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   81.598951][ T6699] rdma_rxe: rxe_newlink: failed to add bond0
[   81.625590][ T6699] bond0: entered promiscuous mode
[   81.627265][ T6699] bond_slave_0: entered promiscuous mode
[   81.629193][ T6699] bond_slave_1: entered promiscuous mode
[   81.632240][ T6699] batadv0: entered promiscuous mode
[   81.635109][ T6699] 8021q: adding VLAN 0 to HW filter on device hsr1
[   81.638259][ T6699] bond0: left promiscuous mode
[   81.639897][ T6699] bond_slave_0: left promiscuous mode
[   81.641673][ T6699] bond_slave_1: left promiscuous mode
[   81.644561][ T6699] batadv0: left promiscuous mode
[   82.016722][ T6733] veth0_to_team: entered promiscuous mode
[   82.020160][ T6733] veth0_to_team: left promiscuous mode
[   83.189285][ T6757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'.
[   83.281169][ T6762] sp0: Synchronizing with TNC
[   83.284337][ T6762] [U] č
[   83.339184][   T29] IPVS: starting estimator thread 0...
[   83.341034][ T6763] IPVS: set_ctl: invalid protocol: 115 10.1.1.1:20001
[   83.347596][ T6763] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6763 comm=syz.3.254
[   83.423838][ T6764] IPVS: using max 44 ests per chain, 105600 per kthread
[   83.727453][   T40] kauditd_printk_skb: 21 callbacks suppressed
[   83.727465][   T40] audit: type=1400 audit(1776596339.097:316): avc:  denied  { create } for  pid=6770 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[   83.747690][   T40] audit: type=1400 audit(1776596339.117:317): avc:  denied  { prog_load } for  pid=6772 comm="syz.2.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   83.807401][ T6775] syzkaller0: entered promiscuous mode
[   83.813604][ T6775] syzkaller0: entered allmulticast mode
[   83.821996][   T40] audit: type=1400 audit(1776596339.187:318): avc:  denied  { setopt } for  pid=6774 comm="syz.2.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   83.839919][   T40] audit: type=1400 audit(1776596339.197:319): avc:  denied  { write } for  pid=6774 comm="syz.2.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   83.990483][ T6782] xt_hashlimit: size too large, truncated to 1048576
[   84.037494][ T6784] netlink: 240 bytes leftover after parsing attributes in process `syz.0.263'.
[   84.050122][   T40] audit: type=1400 audit(1776596339.417:320): avc:  denied  { wake_alarm } for  pid=6778 comm="syz.1.262" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   84.094753][   T40] audit: type=1400 audit(1776596339.467:321): avc:  denied  { write } for  pid=6789 comm="syz.0.264" name="usbmon1" dev="devtmpfs" ino=738 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   84.199851][   T40] audit: type=1400 audit(1776596339.567:322): avc:  denied  { mount } for  pid=6801 comm="syz.1.270" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   84.378586][ T6814] comedi comedi0: comedi_config --init_data is deprecated
[   84.432204][ T6816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.276'.
[   84.460273][ T6816] bond1: entered promiscuous mode
[   84.462278][ T6816] 8021q: adding VLAN 0 to HW filter on device bond1
[   84.473337][ T6816] bridge2: entered promiscuous mode
[   84.475872][ T6816] bond1: (slave bridge2): Enslaving as an active interface with an up link
[   84.563623][  T846] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   84.647960][ T6821] Bluetooth: MGMT ver 1.23
[   84.713631][  T846] usb 6-1: Using ep0 maxpacket: 8
[   84.720762][  T846] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   84.725460][  T846] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   84.730058][  T846] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   84.735079][  T846] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   84.741002][  T846] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   84.746442][  T846] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.795001][   T40] audit: type=1400 audit(1776596340.167:323): avc:  denied  { map_create } for  pid=6767 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   84.803183][   T40] audit: type=1400 audit(1776596340.167:324): avc:  denied  { map_read map_write } for  pid=6767 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   84.956427][  T846] usb 6-1: GET_CAPABILITIES returned 0
[   84.958372][  T846] usbtmc 6-1:16.0: can't read capabilities
[   84.999050][ T6826] FAULT_INJECTION: forcing a failure.
[   84.999050][ T6826] name failslab, interval 1, probability 0, space 0, times 0
[   85.004167][ T6826] CPU: 1 UID: 0 PID: 6826 Comm: syz.3.280 Not tainted syzkaller #0 PREEMPT(full) 
[   85.004182][ T6826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   85.004189][ T6826] Call Trace:
[   85.004193][ T6826]  <TASK>
[   85.004197][ T6826]  dump_stack_lvl+0x100/0x190
[   85.004573][ T6826]  should_fail_ex.cold+0x5/0xa
[   85.004601][ T6826]  should_failslab+0xc2/0x120
[   85.004688][ T6826]  __kvmalloc_node_noprof+0xfa/0xa00
[   85.004718][ T6826]  ? __nf_hook_entries_try_shrink+0x164/0x400
[   85.004874][ T6826]  __nf_hook_entries_try_shrink+0x164/0x400
[   85.004902][ T6826]  __nf_unregister_net_hook+0x1d2/0x6a0
[   85.004928][ T6826]  nf_unregister_net_hooks+0x11b/0x170
[   85.004952][ T6826]  ip_vs_unregister_hooks+0xd9/0x140
[   85.004976][ T6826]  ip_vs_unlink_service+0xc73/0x1030
[   85.005004][ T6826]  ip_vs_flush.isra.0+0x2ea/0x3d0
[   85.005029][ T6826]  do_ip_vs_set_ctl+0x9a9/0xc90
[   85.005057][ T6826]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[   85.005082][ T6826]  ? trace_contention_end+0x122/0x170
[   85.005189][ T6826]  ? nf_sockopt_find.isra.0+0x222/0x290
[   85.005218][ T6826]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[   85.005447][ T6826]  ? nf_setsockopt+0x8d/0xf0
[   85.005466][ T6826]  nf_setsockopt+0x8d/0xf0
[   85.005511][ T6826]  ip_setsockopt+0xcb/0xf0
[   85.005534][ T6826]  sctp_setsockopt+0x161/0xb370
[   85.005626][ T6826]  ? __pfx_sctp_setsockopt+0x10/0x10
[   85.005658][ T6826]  ? __fget_files+0x215/0x3d0
[   85.005683][ T6826]  ? selinux_socket_setsockopt+0x6a/0x80
[   85.005829][ T6826]  ? sock_common_setsockopt+0x2e/0xf0
[   85.005906][ T6826]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   85.005924][ T6826]  do_sock_setsockopt+0xf3/0x1d0
[   85.005946][ T6826]  __sys_setsockopt+0x195/0x220
[   85.005978][ T6826]  __x64_sys_setsockopt+0xbd/0x160
[   85.006003][ T6826]  ? do_syscall_64+0x90/0xf80
[   85.006026][ T6826]  ? lockdep_hardirqs_on+0x78/0x100
[   85.006051][ T6826]  do_syscall_64+0x10b/0xf80
[   85.006074][ T6826]  ? clear_bhb_loop+0x40/0x90
[   85.006098][ T6826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.006118][ T6826] RIP: 0033:0x7fbd8179c819
[   85.006136][ T6826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   85.006153][ T6826] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   85.006170][ T6826] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[   85.006179][ T6826] RDX: 0000000000000485 RSI: 0000000000000000 RDI: 0000000000000003
[   85.006189][ T6826] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[   85.006198][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.006207][ T6826] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[   85.006232][ T6826]  </TASK>
[   85.158984][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.161991][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.164814][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.168866][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.172685][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.176229][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.179961][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.183717][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.187505][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.192392][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.196107][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.199341][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.202196][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.204937][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.208626][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   85.211930][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[   85.219049][    T9] usb 6-1: USB disconnect, device number 4
[   85.239103][ T6835] sctp: [Deprecated]: syz.0.284 (pid 6835) Use of struct sctp_assoc_value in delayed_ack socket option.
[   85.239103][ T6835] Use struct sctp_sack_info instead
[   85.470143][   T40] audit: type=1400 audit(1776596340.837:325): avc:  denied  { read } for  pid=6834 comm="syz.0.284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   85.582879][ T6846] bond2: entered allmulticast mode
[   85.608211][ T6846] veth3: entered allmulticast mode
[   85.612939][ T6846] bond2: (slave veth3): Enslaving as an active interface with an up link
[   85.625149][ T6846] bond2 (unregistering): (slave veth3): Releasing backup interface
[   85.631609][ T6846] bond2 (unregistering): Released all slaves
[   85.855864][ T6857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.293'.
[   85.866155][ T6857] netlink: 12 bytes leftover after parsing attributes in process `syz.1.293'.
[   86.110695][ T6875] netlink: 4 bytes leftover after parsing attributes in process `syz.0.299'.
[   86.219531][ T6880] FAULT_INJECTION: forcing a failure.
[   86.219531][ T6880] name failslab, interval 1, probability 0, space 0, times 0
qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xb1000)
[   86.233758][ T6880] CPU: 3 UID: 0 PID: 6880 Comm: syz.0.301 Not tainted syzkaller #0 PREEMPT(full) 
[   86.233787][ T6880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   86.233799][ T6880] Call Trace:
[   86.233805][ T6880]  <TASK>
[   86.233813][ T6880]  dump_stack_lvl+0x100/0x190
[   86.233843][ T6880]  should_fail_ex.cold+0x5/0xa
[   86.233870][ T6880]  should_failslab+0xc2/0x120
[   86.233889][ T6880]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   86.233914][ T6880]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   86.234010][ T6880]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   86.234037][ T6880]  mmu_topup_memory_caches+0x25/0x170
[   86.234124][ T6880]  kvm_mmu_load+0xd6/0x23e0
[   86.234211][ T6880]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   86.234237][ T6880]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   86.234269][ T6880]  ? __pfx_kvm_mmu_load+0x10/0x10
[   86.234291][ T6880]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   86.234312][ T6880]  ? kvm_check_and_inject_events+0x961/0x1070
[   86.234338][ T6880]  ? record_steal_time+0x3d0/0xbc0
[   86.234360][ T6880]  vcpu_run+0x39f4/0x5ca0
[   86.234394][ T6880]  ? __pfx_vcpu_run+0x10/0x10
[   86.234425][ T6880]  ? rcu_is_watching+0x12/0xc0
[   86.234456][ T6880]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   86.234479][ T6880]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   86.234510][ T6880]  kvm_vcpu_ioctl+0x730/0x1720
[   86.234532][ T6880]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   86.234550][ T6880]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   86.234573][ T6880]  ? do_vfs_ioctl+0x226/0x13e0
[   86.234599][ T6880]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   86.234623][ T6880]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   86.234660][ T6880]  ? __fget_files+0x215/0x3d0
[   86.234677][ T6880]  ? hook_file_ioctl_common+0x149/0x410
[   86.234772][ T6880]  ? selinux_file_ioctl+0x13b/0x290
[   86.234797][ T6880]  ? selinux_file_ioctl+0xb6/0x290
[   86.234821][ T6880]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   86.234837][ T6880]  __x64_sys_ioctl+0x18e/0x210
[   86.234861][ T6880]  do_syscall_64+0x10b/0xf80
[   86.234882][ T6880]  ? clear_bhb_loop+0x40/0x90
[   86.234903][ T6880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.234918][ T6880] RIP: 0033:0x7f7fe099c819
[   86.234931][ T6880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   86.234946][ T6880] RSP: 002b:00007f7fe18f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.234962][ T6880] RAX: ffffffffffffffda RBX: 00007f7fe0c15fa0 RCX: 00007f7fe099c819
[   86.234972][ T6880] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   86.234980][ T6880] RBP: 00007f7fe18f4090 R08: 0000000000000000 R09: 0000000000000000
[   86.234989][ T6880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.234999][ T6880] R13: 00007f7fe0c16038 R14: 00007f7fe0c15fa0 R15: 00007ffe525af038
[   86.235020][ T6880]  </TASK>
[   86.406373][ T1122] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[   86.408745][ T1122] ata1: failed to read log page 10h (errno=-5)
[   86.410807][ T1122] ata1.00: exception Emask 0x1 SAct 0xc000 SErr 0x0 action 0x0
[   86.413314][ T1122] ata1.00: irq_stat 0x41000000
[   86.423685][ T1122] ata1.00: failed command: WRITE FPDMA QUEUED
[   86.425694][ T1122] ata1.00: cmd 61/88:70:fe:11:08/05:00:00:00:00/40 tag 14 ncq dma 724992 out
[   86.425694][ T1122]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[   86.435646][ T1122] ata1.00: status: { DRDY }
[   86.437106][ T1122] ata1.00: failed command: WRITE FPDMA QUEUED
[   86.443665][ T1122] ata1.00: cmd 61/40:78:86:17:08/03:00:00:00:00/40 tag 15 ncq dma 425984 out
[   86.443665][ T1122]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[   86.453625][ T1122] ata1.00: status: { DRDY }
[   86.459840][ T1122] ata1.00: configured for UDMA/100
[   86.461710][ T1122] ata1: EH complete
[   86.711082][ T6898] xt_hashlimit: size too large, truncated to 1048576
[   86.714017][ T6899] netlink: 240 bytes leftover after parsing attributes in process `syz.0.308'.
[   87.045617][ T6930] netlink: 12 bytes leftover after parsing attributes in process `syz.0.321'.
[   87.069180][ T6930] bond5: entered promiscuous mode
[   87.071178][ T6930] 8021q: adding VLAN 0 to HW filter on device bond5
[   87.084325][ T6930] bridge3: entered promiscuous mode
[   87.087167][ T6930] bond5: (slave bridge3): Enslaving as an active interface with an up link
[   87.248928][ T1032] cfg80211: failed to load regulatory.db
[   87.381404][  T846] libceph: connect (1)[c::]:6789 error -13
[   87.385713][  T846] libceph: mon0 (1)[c::]:6789 connect error
[   87.391323][  T846] libceph: connect (1)[c::]:6789 error -13
[   87.397307][  T846] libceph: mon0 (1)[c::]:6789 connect error
[   87.434775][ T6941] tipc: Enabling of bearer <ud#:s> rejected, media not registered
[   87.656200][  T846] libceph: connect (1)[c::]:6789 error -13
[   87.660111][  T846] libceph: mon0 (1)[c::]:6789 connect error
[   87.679345][ T6946] comedi comedi0: No hardware detected at I/O base 0x8001
[   87.911726][ T6957] program syz.1.331 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.919425][ T6957] binder: BINDER_SET_CONTEXT_MGR already set
[   87.922109][ T6957] binder: 6956:6957 ioctl 4018620d 2000000002c0 returned -16
[   88.091931][ T6936] ceph: No mds server is up or the cluster is laggy
[   88.859856][ T6986] netlink: 'syz.1.341': attribute type 1 has an invalid length.
[   88.878478][ T6986] bond1: entered promiscuous mode
[   88.880648][ T6986] 8021q: adding VLAN 0 to HW filter on device bond1
[   88.912352][ T6986] bond1: (slave bridge1): making interface the new active one
[   88.915056][ T6986] bridge1: entered promiscuous mode
[   88.917607][ T6986] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   88.925276][ T6989] tipc: Started in network mode
[   88.927593][ T6989] tipc: Node identity 9e29916c93ed, cluster identity 4711
[   88.930893][ T6989] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   88.964545][ T6992] FAULT_INJECTION: forcing a failure.
[   88.964545][ T6992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.983414][ T6992] CPU: 1 UID: 0 PID: 6992 Comm: syz.1.342 Not tainted syzkaller #0 PREEMPT(full) 
[   88.983442][ T6992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   88.983452][ T6992] Call Trace:
[   88.983458][ T6992]  <TASK>
[   88.983466][ T6992]  dump_stack_lvl+0x100/0x190
[   88.983496][ T6992]  should_fail_ex.cold+0x5/0xa
[   88.983539][ T6992]  _copy_to_user+0x32/0xd0
[   88.983560][ T6992]  simple_read_from_buffer+0xcb/0x170
[   88.983583][ T6992]  proc_fail_nth_read+0x1af/0x230
[   88.983614][ T6992]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.983643][ T6992]  ? rw_verify_area+0xce/0x6d0
[   88.983667][ T6992]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   88.983693][ T6992]  vfs_read+0x1e4/0xb30
[   88.983722][ T6992]  ? __pfx_vfs_read+0x10/0x10
[   88.983748][ T6992]  ? __fget_files+0x215/0x3d0
[   88.983774][ T6992]  ? __fget_files+0x21f/0x3d0
[   88.983800][ T6992]  ksys_read+0x12a/0x250
[   88.983831][ T6992]  ? __pfx_ksys_read+0x10/0x10
[   88.983860][ T6992]  ? rcu_is_watching+0x12/0xc0
[   88.983891][ T6992]  do_syscall_64+0x10b/0xf80
[   88.983916][ T6992]  ? clear_bhb_loop+0x40/0x90
[   88.983938][ T6992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.983958][ T6992] RIP: 0033:0x7f1cf1d5d04e
[   88.983973][ T6992] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   88.983990][ T6992] RSP: 002b:00007f1cf2ce7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   88.984008][ T6992] RAX: ffffffffffffffda RBX: 00007f1cf2ce86c0 RCX: 00007f1cf1d5d04e
[   88.984020][ T6992] RDX: 000000000000000f RSI: 00007f1cf2ce80a0 RDI: 0000000000000004
[   88.984030][ T6992] RBP: 00007f1cf2ce8090 R08: 0000000000000000 R09: 0000000000000000
[   88.984041][ T6992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.984052][ T6992] R13: 00007f1cf2016038 R14: 00007f1cf2015fa0 R15: 00007ffe85a18c48
[   88.984077][ T6992]  </TASK>
[   89.067711][ T6989] syzkaller0: entered promiscuous mode
[   89.070176][ T6989] syzkaller0: entered allmulticast mode
[   89.073354][ T6989] tipc: Resetting bearer <eth:syzkaller0>
[   89.160362][   T12] tipc: Resetting bearer <eth:syzkaller0>
[   89.221330][ T6987] tipc: Resetting bearer <eth:syzkaller0>
[   89.341823][ T7009] rdma_rxe: rxe_newlink: failed to add bond0
[   90.306881][ T6987] tipc: Disabling bearer <eth:syzkaller0>
[   90.332324][ T7009] bond0: entered promiscuous mode
[   90.336946][ T7009] bond_slave_0: entered promiscuous mode
[   90.341829][ T7009] bond_slave_1: entered promiscuous mode
[   90.347509][ T7009] batadv0: entered promiscuous mode
[   90.351126][ T7009] 8021q: adding VLAN 0 to HW filter on device hsr1
[   90.356162][ T7009] bond0: left promiscuous mode
[   90.358286][ T7009] bond_slave_0: left promiscuous mode
[   90.360719][ T7009] bond_slave_1: left promiscuous mode
[   90.364759][ T7009] batadv0: left promiscuous mode
[   90.382654][ T1032] tipc: Node number set to 230986092
[   90.401896][ T7019] FAULT_INJECTION: forcing a failure.
[   90.401896][ T7019] name failslab, interval 1, probability 0, space 0, times 0
[   90.414149][ T7019] CPU: 3 UID: 0 PID: 7019 Comm: syz.0.350 Not tainted syzkaller #0 PREEMPT(full) 
[   90.414174][ T7019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   90.414185][ T7019] Call Trace:
[   90.414206][ T7019]  <TASK>
[   90.414214][ T7019]  dump_stack_lvl+0x100/0x190
[   90.414242][ T7019]  should_fail_ex.cold+0x5/0xa
[   90.414269][ T7019]  should_failslab+0xc2/0x120
[   90.414288][ T7019]  __kmalloc_cache_noprof+0x7a/0x6f0
[   90.414311][ T7019]  ? sctp_add_bind_addr+0xae/0x3e0
[   90.414342][ T7019]  sctp_add_bind_addr+0xae/0x3e0
[   90.414370][ T7019]  sctp_copy_local_addr_list+0x349/0x550
[   90.414392][ T7019]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[   90.414413][ T7019]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[   90.414432][ T7019]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   90.414457][ T7019]  sctp_bind_addr_copy+0xe0/0x530
[   90.414489][ T7019]  sctp_connect_new_asoc+0x1c9/0x770
[   90.414512][ T7019]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   90.414535][ T7019]  ? selinux_sctp_bind_connect+0x112/0x2a0
[   90.414570][ T7019]  sctp_sendmsg+0x171a/0x22b0
[   90.414596][ T7019]  ? __lock_acquire+0x4a5/0x2630
[   90.414618][ T7019]  ? __pfx_sctp_sendmsg+0x10/0x10
[   90.414644][ T7019]  ? __pfx_sock_has_perm+0x10/0x10
[   90.414680][ T7019]  ? __pfx_sctp_sendmsg+0x10/0x10
[   90.414703][ T7019]  inet_sendmsg+0x11c/0x140
[   90.414729][ T7019]  ____sys_sendmsg+0x98d/0xb70
[   90.414749][ T7019]  ? __pfx_inet_sendmsg+0x10/0x10
[   90.414773][ T7019]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.414798][ T7019]  ? __pfx__kstrtoull+0x10/0x10
[   90.414827][ T7019]  ___sys_sendmsg+0x190/0x1e0
[   90.414856][ T7019]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.414890][ T7019]  ? find_held_lock+0x2b/0x80
[   90.414934][ T7019]  __sys_sendmmsg+0x205/0x430
[   90.414964][ T7019]  ? __pfx___sys_sendmmsg+0x10/0x10
[   90.414999][ T7019]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   90.415036][ T7019]  ? fput+0x79/0x100
[   90.415057][ T7019]  ? ksys_write+0x1ac/0x250
[   90.415084][ T7019]  ? __pfx_ksys_write+0x10/0x10
[   90.415114][ T7019]  __x64_sys_sendmmsg+0x9c/0x100
[   90.415140][ T7019]  ? lockdep_hardirqs_on+0x78/0x100
[   90.415165][ T7019]  do_syscall_64+0x10b/0xf80
[   90.415188][ T7019]  ? clear_bhb_loop+0x40/0x90
[   90.415210][ T7019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.415228][ T7019] RIP: 0033:0x7f7fe099c819
[   90.415244][ T7019] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.415261][ T7019] RSP: 002b:00007f7fe18f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   90.415279][ T7019] RAX: ffffffffffffffda RBX: 00007f7fe0c15fa0 RCX: 00007f7fe099c819
[   90.415290][ T7019] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000004
[   90.415300][ T7019] RBP: 00007f7fe18f4090 R08: 0000000000000000 R09: 0000000000000000
[   90.415311][ T7019] R10: 0000000020000014 R11: 0000000000000246 R12: 0000000000000002
[   90.415321][ T7019] R13: 00007f7fe0c16038 R14: 00007f7fe0c15fa0 R15: 00007ffe525af038
[   90.415346][ T7019]  </TASK>
[   90.688689][   T40] kauditd_printk_skb: 14 callbacks suppressed
[   90.688706][   T40] audit: type=1400 audit(1776596346.057:340): avc:  denied  { create } for  pid=7039 comm="syz.2.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   90.698294][ T7039] delete_channel: no stack
[   90.710325][   T40] audit: type=1400 audit(1776596346.067:341): avc:  denied  { setopt } for  pid=7039 comm="syz.2.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   90.757503][ T7046] FAULT_INJECTION: forcing a failure.
[   90.757503][ T7046] name failslab, interval 1, probability 0, space 0, times 0
[   90.762897][ T7046] CPU: 3 UID: 0 PID: 7046 Comm: syz.2.359 Not tainted syzkaller #0 PREEMPT(full) 
[   90.762921][ T7046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   90.762932][ T7046] Call Trace:
[   90.762938][ T7046]  <TASK>
[   90.762945][ T7046]  dump_stack_lvl+0x100/0x190
[   90.762976][ T7046]  should_fail_ex.cold+0x5/0xa
[   90.763004][ T7046]  ? vkms_crtc_atomic_check+0x38a/0x7c0
[   90.763125][ T7046]  should_failslab+0xc2/0x120
[   90.763143][ T7046]  __kmalloc_noprof+0xe0/0x850
[   90.763168][ T7046]  ? drm_atomic_add_affected_planes+0x36d/0x450
[   90.763281][ T7046]  vkms_crtc_atomic_check+0x38a/0x7c0
[   90.763310][ T7046]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[   90.763332][ T7046]  drm_atomic_helper_check_planes+0x4dc/0x900
[   90.763366][ T7046]  drm_atomic_helper_check+0xae/0x190
[   90.763394][ T7046]  vkms_atomic_check+0x1d9/0x250
[   90.763412][ T7046]  ? __pfx_vkms_atomic_check+0x10/0x10
[   90.763432][ T7046]  drm_atomic_check_only+0x19ea/0x31b0
[   90.763470][ T7046]  drm_atomic_commit+0x132/0x300
[   90.763496][ T7046]  ? __pfx_drm_atomic_commit+0x10/0x10
[   90.763537][ T7046]  ? __pfx___drm_printfn_info+0x10/0x10
[   90.763705][ T7046]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[   90.763732][ T7046]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[   90.763762][ T7046]  drm_atomic_helper_update_plane+0x314/0x400
[   90.763794][ T7046]  __setplane_atomic+0x22d/0x350
[   90.763828][ T7046]  drm_mode_cursor_universal+0x5e9/0xe20
[   90.763870][ T7046]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[   90.763908][ T7046]  ? __pfx_drm_lease_held+0x10/0x10
[   90.763935][ T7046]  ? modeset_lock+0x114/0x6d0
[   90.763963][ T7046]  drm_mode_cursor_common+0x308/0x970
[   90.763996][ T7046]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[   90.764024][ T7046]  ? avc_has_extended_perms+0x33a/0x1080
[   90.764058][ T7046]  ? __pfx_avc_has_extended_perms+0x10/0x10
[   90.764086][ T7046]  drm_mode_cursor_ioctl+0xd4/0x110
[   90.764105][ T7046]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   90.764123][ T7046]  ? do_raw_spin_lock+0x128/0x260
[   90.764146][ T7046]  ? find_held_lock+0x2b/0x80
[   90.764176][ T7046]  ? do_raw_spin_unlock+0x145/0x1e0
[   90.764202][ T7046]  drm_ioctl_kernel+0x1f3/0x3e0
[   90.764225][ T7046]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   90.764244][ T7046]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   90.764276][ T7046]  drm_ioctl+0x5e6/0xc60
[   90.764304][ T7046]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   90.764324][ T7046]  ? __pfx_drm_ioctl+0x10/0x10
[   90.764360][ T7046]  ? selinux_file_ioctl+0x13b/0x290
[   90.764387][ T7046]  ? selinux_file_ioctl+0xb6/0x290
[   90.764416][ T7046]  ? __pfx_drm_ioctl+0x10/0x10
[   90.764443][ T7046]  __x64_sys_ioctl+0x18e/0x210
[   90.764472][ T7046]  do_syscall_64+0x10b/0xf80
[   90.764495][ T7046]  ? clear_bhb_loop+0x40/0x90
[   90.764518][ T7046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.764536][ T7046] RIP: 0033:0x7f970cf9c819
[   90.764551][ T7046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.764567][ T7046] RSP: 002b:00007f970de17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.764585][ T7046] RAX: ffffffffffffffda RBX: 00007f970d215fa0 RCX: 00007f970cf9c819
[   90.764596][ T7046] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[   90.764607][ T7046] RBP: 00007f970de17090 R08: 0000000000000000 R09: 0000000000000000
[   90.764617][ T7046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.764627][ T7046] R13: 00007f970d216038 R14: 00007f970d215fa0 R15: 00007ffdd25d4228
[   90.764650][ T7046]  </TASK>
[   90.768158][ T7043] bond2: entered allmulticast mode
[   90.975952][ T7047] veth3: entered allmulticast mode
[   90.981465][ T7047] bond2: (slave veth3): Enslaving as an active interface with an up link
[   90.990250][ T7052] bond2 (unregistering): (slave veth3): Releasing backup interface
[   91.000254][ T7052] bond2 (unregistering): Released all slaves
[   91.172432][   T40] audit: type=1326 audit(1776596346.537:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7057 comm="syz.2.363" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f970cf9c819 code=0x0
[   91.299119][ T7064] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[   91.316154][ T7064] Error validating options; rc = [-22]
[   91.405041][ T7067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.364'.
[   91.412440][ T7067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.364'.
[   91.413687][   T57] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   91.564189][   T57] usb 6-1: Using ep0 maxpacket: 8
[   91.568644][   T57] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   91.571857][   T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   91.575199][   T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   91.578320][   T57] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   91.589075][ T7071] xt_connbytes: Forcing CT accounting to be enabled
[   91.591285][   T57] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   91.597184][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.602885][ T7071] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.742230][ T7081] veth0_to_team: entered promiscuous mode
[   91.752137][ T7081] veth0_to_team: left promiscuous mode
[   91.827194][   T40] audit: type=1400 audit(1776596347.197:343): avc:  denied  { create } for  pid=7059 comm="syz.1.362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   91.848074][   T57] usb 6-1: GET_CAPABILITIES returned 0
[   91.849874][   T57] usbtmc 6-1:16.0: can't read capabilities
[   91.886848][ T7086] netlink: 4 bytes leftover after parsing attributes in process `syz.0.371'.
[   92.052593][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.055475][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.058460][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.061247][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.064156][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.066996][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.069844][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.072727][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.076027][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.098566][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.101487][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.104315][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.107216][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.110218][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.113069][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[   92.115915][    C2] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[   92.143204][ T7092] FAULT_INJECTION: forcing a failure.
[   92.143204][ T7092] name failslab, interval 1, probability 0, space 0, times 0
[   92.153618][ T7092] CPU: 0 UID: 0 PID: 7092 Comm: syz.2.374 Not tainted syzkaller #0 PREEMPT(full) 
[   92.153634][ T7092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   92.153641][ T7092] Call Trace:
[   92.153644][ T7092]  <TASK>
[   92.153649][ T7092]  dump_stack_lvl+0x100/0x190
[   92.153667][ T7092]  should_fail_ex.cold+0x5/0xa
[   92.153685][ T7092]  should_failslab+0xc2/0x120
[   92.153696][ T7092]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   92.153711][ T7092]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   92.153727][ T7092]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   92.153743][ T7092]  mmu_topup_memory_caches+0x25/0x170
[   92.153759][ T7092]  kvm_mmu_load+0xd6/0x23e0
[   92.153772][ T7092]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   92.153789][ T7092]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   92.153808][ T7092]  ? __pfx_kvm_mmu_load+0x10/0x10
[   92.153820][ T7092]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   92.153832][ T7092]  ? kvm_check_and_inject_events+0x961/0x1070
[   92.153847][ T7092]  ? record_steal_time+0x3d0/0xbc0
[   92.153859][ T7092]  vcpu_run+0x39f4/0x5ca0
[   92.153878][ T7092]  ? __pfx_vcpu_run+0x10/0x10
[   92.153896][ T7092]  ? rcu_is_watching+0x12/0xc0
[   92.153914][ T7092]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   92.153929][ T7092]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   92.153947][ T7092]  kvm_vcpu_ioctl+0x730/0x1720
[   92.153959][ T7092]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.153970][ T7092]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   92.153983][ T7092]  ? do_vfs_ioctl+0x226/0x13e0
[   92.154000][ T7092]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   92.154020][ T7092]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   92.154043][ T7092]  ? __fget_files+0x215/0x3d0
[   92.154053][ T7092]  ? hook_file_ioctl_common+0x149/0x410
[   92.154069][ T7092]  ? selinux_file_ioctl+0x13b/0x290
[   92.154085][ T7092]  ? selinux_file_ioctl+0xb6/0x290
[   92.154101][ T7092]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.154113][ T7092]  __x64_sys_ioctl+0x18e/0x210
[   92.154129][ T7092]  do_syscall_64+0x10b/0xf80
[   92.154144][ T7092]  ? clear_bhb_loop+0x40/0x90
[   92.154157][ T7092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.154168][ T7092] RIP: 0033:0x7f970cf9c819
[   92.154178][ T7092] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.154188][ T7092] RSP: 002b:00007f970de17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.154199][ T7092] RAX: ffffffffffffffda RBX: 00007f970d215fa0 RCX: 00007f970cf9c819
[   92.154206][ T7092] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   92.154212][ T7092] RBP: 00007f970de17090 R08: 0000000000000000 R09: 0000000000000000
[   92.154218][ T7092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.154224][ T7092] R13: 00007f970d216038 R14: 00007f970d215fa0 R15: 00007ffdd25d4228
[   92.154237][ T7092]  </TASK>
[   92.189804][   T57] usb 6-1: USB disconnect, device number 5
[   92.459103][ T7098] netlink: 28 bytes leftover after parsing attributes in process `syz.2.376'.
[   92.685427][   T40] audit: type=1400 audit(1776596348.057:344): avc:  denied  { connect } for  pid=7106 comm="syz.2.379" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.744638][ T7111] netlink: 240 bytes leftover after parsing attributes in process `syz.2.381'.
[   92.777484][   T40] audit: type=1400 audit(1776596348.147:345): avc:  denied  { getopt } for  pid=7112 comm="syz.1.382" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   92.901365][ T7125] xt_hashlimit: size too large, truncated to 1048576
[   92.927743][   T40] audit: type=1400 audit(1776596348.297:346): avc:  denied  { connect } for  pid=7128 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   92.933561][ T7129] ieee802154 phy0 wpan0: encryption failed: -22
[   92.946191][   T40] audit: type=1400 audit(1776596348.317:347): avc:  denied  { connect } for  pid=7128 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   92.997567][   T40] audit: type=1400 audit(1776596348.367:348): avc:  denied  { getopt } for  pid=7128 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   93.007597][ T7134] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   93.009704][   T40] audit: type=1400 audit(1776596348.377:349): avc:  denied  { connect } for  pid=7128 comm="syz.2.388" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   93.090054][ T7141] netlink: 12 bytes leftover after parsing attributes in process `syz.1.392'.
[   93.127067][ T7141] bond2: entered promiscuous mode
[   93.129023][ T7141] 8021q: adding VLAN 0 to HW filter on device bond2
[   93.144229][ T7141] bridge2: entered promiscuous mode
[   93.146337][ T7141] bond2: (slave bridge2): Enslaving as an active interface with an up link
[   93.253603][   T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   93.361362][ T7167] netlink: 220 bytes leftover after parsing attributes in process `syz.3.400'.
[   93.374895][ T7169] netlink: 64 bytes leftover after parsing attributes in process `syz.0.401'.
[   93.422434][   T10] usb 7-1: Using ep0 maxpacket: 16
[   93.442243][ T7169] IPVS: persistence engine module ip_vs_pe_s not found
[   93.442444][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.457322][   T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.461547][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[   93.464606][   T10] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   93.468686][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.477313][   T10] usb 7-1: config 0 descriptor??
[   94.086861][ T7185] netlink: 52 bytes leftover after parsing attributes in process `syz.1.405'.
[   94.797518][ T7203] capability: warning: `syz.0.411' uses deprecated v2 capabilities in a way that may be insecure
[   95.003879][ T5948] Bluetooth: hci3: command 0x0405 tx timeout
[   95.078138][ T7218] netlink: 'syz.1.414': attribute type 1 has an invalid length.
[   95.104517][ T7218] bond3: entered promiscuous mode
[   95.114296][ T7218] 8021q: adding VLAN 0 to HW filter on device bond3
[   95.128246][ T7218] bond3: (slave bridge3): making interface the new active one
[   95.131212][ T7218] bridge3: entered promiscuous mode
[   95.136023][ T7218] bond3: (slave bridge3): Enslaving as an active interface with an up link
[   95.566549][ T7245] FAULT_INJECTION: forcing a failure.
[   95.566549][ T7245] name failslab, interval 1, probability 0, space 0, times 0
[   95.570737][ T7245] CPU: 0 UID: 0 PID: 7245 Comm: syz.1.420 Not tainted syzkaller #0 PREEMPT(full) 
[   95.570752][ T7245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   95.570758][ T7245] Call Trace:
[   95.570764][ T7245]  <TASK>
[   95.570768][ T7245]  dump_stack_lvl+0x100/0x190
[   95.571162][ T7245]  should_fail_ex.cold+0x5/0xa
[   95.571180][ T7245]  should_failslab+0xc2/0x120
[   95.571250][ T7245]  __kmalloc_cache_noprof+0x7a/0x6f0
[   95.571264][ T7245]  ? sctp_add_bind_addr+0xae/0x3e0
[   95.571457][ T7245]  sctp_add_bind_addr+0xae/0x3e0
[   95.571474][ T7245]  sctp_copy_local_addr_list+0x349/0x550
[   95.571487][ T7245]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[   95.571499][ T7245]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[   95.571511][ T7245]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   95.571578][ T7245]  sctp_bind_addr_copy+0xe0/0x530
[   95.571597][ T7245]  sctp_connect_new_asoc+0x1c9/0x770
[   95.571611][ T7245]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[   95.571624][ T7245]  ? selinux_sctp_bind_connect+0x112/0x2a0
[   95.571755][ T7245]  sctp_sendmsg+0x171a/0x22b0
[   95.571771][ T7245]  ? __lock_acquire+0x4a5/0x2630
[   95.571784][ T7245]  ? __pfx_sctp_sendmsg+0x10/0x10
[   95.571800][ T7245]  ? __pfx_sock_has_perm+0x10/0x10
[   95.571821][ T7245]  ? __pfx_sctp_sendmsg+0x10/0x10
[   95.571834][ T7245]  inet_sendmsg+0x11c/0x140
[   95.571954][ T7245]  ____sys_sendmsg+0x98d/0xb70
[   95.572015][ T7245]  ? __pfx_inet_sendmsg+0x10/0x10
[   95.572030][ T7245]  ? __pfx_____sys_sendmsg+0x10/0x10
[   95.572044][ T7245]  ? __pfx__kstrtoull+0x10/0x10
[   95.572113][ T7245]  ___sys_sendmsg+0x190/0x1e0
[   95.572128][ T7245]  ? __pfx____sys_sendmsg+0x10/0x10
[   95.572147][ T7245]  ? find_held_lock+0x2b/0x80
[   95.572171][ T7245]  __sys_sendmmsg+0x205/0x430
[   95.572189][ T7245]  ? __pfx___sys_sendmmsg+0x10/0x10
[   95.572209][ T7245]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   95.572287][ T7245]  ? fput+0x79/0x100
[   95.572300][ T7245]  ? ksys_write+0x1ac/0x250
[   95.572317][ T7245]  ? __pfx_ksys_write+0x10/0x10
[   95.572335][ T7245]  __x64_sys_sendmmsg+0x9c/0x100
[   95.572351][ T7245]  ? lockdep_hardirqs_on+0x78/0x100
[   95.572366][ T7245]  do_syscall_64+0x10b/0xf80
[   95.572379][ T7245]  ? clear_bhb_loop+0x40/0x90
[   95.572393][ T7245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.572404][ T7245] RIP: 0033:0x7f1cf1d9c819
[   95.572414][ T7245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.572424][ T7245] RSP: 002b:00007f1cf2cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   95.572435][ T7245] RAX: ffffffffffffffda RBX: 00007f1cf2016090 RCX: 00007f1cf1d9c819
[   95.572442][ T7245] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000004
[   95.572448][ T7245] RBP: 00007f1cf2cc7090 R08: 0000000000000000 R09: 0000000000000000
[   95.572454][ T7245] R10: 0000000020000014 R11: 0000000000000246 R12: 0000000000000002
[   95.572460][ T7245] R13: 00007f1cf2016128 R14: 00007f1cf2016090 R15: 00007ffe85a18c48
[   95.572473][ T7245]  </TASK>
[   95.718627][ T7250] rdma_rxe: rxe_newlink: failed to add bond0
[   95.731384][ T7250] bond0: entered promiscuous mode
[   95.733671][ T7250] bond_slave_0: entered promiscuous mode
[   95.736587][ T7250] bond_slave_1: entered promiscuous mode
[   95.748827][ T7250] batadv0: entered promiscuous mode
[   95.752368][ T7250] 8021q: adding VLAN 0 to HW filter on device hsr1
[   95.757109][ T7250] bond0: left promiscuous mode
[   95.759340][ T7250] bond_slave_0: left promiscuous mode
[   95.761897][ T7250] bond_slave_1: left promiscuous mode
[   95.767028][ T7250] batadv0: left promiscuous mode
[   95.885801][ T7262] FAULT_INJECTION: forcing a failure.
[   95.885801][ T7262] name failslab, interval 1, probability 0, space 0, times 0
[   95.890936][ T7262] CPU: 3 UID: 0 PID: 7262 Comm: syz.3.429 Not tainted syzkaller #0 PREEMPT(full) 
[   95.890951][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   95.890958][ T7262] Call Trace:
[   95.890963][ T7262]  <TASK>
[   95.890967][ T7262]  dump_stack_lvl+0x100/0x190
[   95.890986][ T7262]  should_fail_ex.cold+0x5/0xa
[   95.891003][ T7262]  should_failslab+0xc2/0x120
[   95.891014][ T7262]  __kmalloc_cache_noprof+0x7a/0x6f0
[   95.891029][ T7262]  ? drm_atomic_helper_setup_commit+0x56f/0x14f0
[   95.891128][ T7262]  ? drm_atomic_helper_check+0x10f/0x190
[   95.891146][ T7262]  drm_atomic_helper_setup_commit+0x56f/0x14f0
[   95.891168][ T7262]  drm_atomic_helper_commit+0xa9/0x380
[   95.891184][ T7262]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[   95.891201][ T7262]  drm_atomic_commit+0x230/0x300
[   95.891218][ T7262]  ? __pfx_drm_atomic_commit+0x10/0x10
[   95.891232][ T7262]  ? __pfx___drm_printfn_info+0x10/0x10
[   95.891316][ T7262]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[   95.891332][ T7262]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[   95.891350][ T7262]  drm_atomic_helper_update_plane+0x314/0x400
[   95.891368][ T7262]  __setplane_atomic+0x22d/0x350
[   95.891388][ T7262]  drm_mode_cursor_universal+0x5e9/0xe20
[   95.891409][ T7262]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[   95.891430][ T7262]  ? __pfx_drm_lease_held+0x10/0x10
[   95.891446][ T7262]  ? modeset_lock+0x114/0x6d0
[   95.891462][ T7262]  drm_mode_cursor_common+0x308/0x970
[   95.891482][ T7262]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[   95.891498][ T7262]  ? avc_has_extended_perms+0x33a/0x1080
[   95.891520][ T7262]  ? __pfx_avc_has_extended_perms+0x10/0x10
[   95.891535][ T7262]  drm_mode_cursor_ioctl+0xd4/0x110
[   95.891546][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   95.891555][ T7262]  ? do_raw_spin_lock+0x128/0x260
[   95.891570][ T7262]  ? find_held_lock+0x2b/0x80
[   95.891589][ T7262]  ? do_raw_spin_unlock+0x145/0x1e0
[   95.891605][ T7262]  drm_ioctl_kernel+0x1f3/0x3e0
[   95.891619][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   95.891630][ T7262]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   95.891649][ T7262]  drm_ioctl+0x5e6/0xc60
[   95.891665][ T7262]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[   95.891676][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[   95.891696][ T7262]  ? selinux_file_ioctl+0x13b/0x290
[   95.891713][ T7262]  ? selinux_file_ioctl+0xb6/0x290
[   95.891730][ T7262]  ? __pfx_drm_ioctl+0x10/0x10
[   95.891745][ T7262]  __x64_sys_ioctl+0x18e/0x210
[   95.891763][ T7262]  do_syscall_64+0x10b/0xf80
[   95.891782][ T7262]  ? clear_bhb_loop+0x40/0x90
[   95.891795][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.891806][ T7262] RIP: 0033:0x7fbd8179c819
[   95.891815][ T7262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.891825][ T7262] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   95.891836][ T7262] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[   95.891843][ T7262] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[   95.891849][ T7262] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[   95.891855][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   95.891861][ T7262] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[   95.891874][ T7262]  </TASK>
[   96.028776][   T10] usbhid 7-1:0.0: can't add hid device: -71
[   96.031557][   T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[   96.051311][   T10] usb 7-1: USB disconnect, device number 4
[   96.068467][ T7263] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.427'.
[   96.146438][ T7266] bond2: entered allmulticast mode
[   96.238045][ T7266] veth5: entered allmulticast mode
[   96.241517][ T7266] bond2: (slave veth5): Enslaving as an active interface with an up link
[   96.259736][ T7271] bond2 (unregistering): (slave veth5): Releasing backup interface
[   96.275727][ T7271] bond2 (unregistering): Released all slaves
[   96.380960][  T220] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   96.387420][  T220] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   96.397145][  T220] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   96.400637][   T40] kauditd_printk_skb: 4 callbacks suppressed
[   96.400647][   T40] audit: type=1400 audit(1776596351.767:354): avc:  denied  { create } for  pid=7274 comm="syz.2.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   96.403057][  T220] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   96.421513][   T40] audit: type=1400 audit(1776596351.787:355): avc:  denied  { ioctl } for  pid=7274 comm="syz.2.434" path="socket:[17511]" dev="sockfs" ino=17511 ioctlcmd=0x662a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   96.620969][ T7292] __nla_validate_parse: 2 callbacks suppressed
[   96.620982][ T7292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.442'.
[   96.644204][ T7295] xt_hashlimit: size too large, truncated to 1048576
[   96.771746][ T7299] syzkaller0: entered promiscuous mode
[   96.774910][ T7299] syzkaller0: entered allmulticast mode
[   97.017314][ T7308] FAULT_INJECTION: forcing a failure.
[   97.017314][ T7308] name failslab, interval 1, probability 0, space 0, times 0
[   97.021564][ T7308] CPU: 3 UID: 0 PID: 7308 Comm: syz.0.446 Not tainted syzkaller #0 PREEMPT(full) 
[   97.021580][ T7308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   97.021586][ T7308] Call Trace:
[   97.021591][ T7308]  <TASK>
[   97.021596][ T7308]  dump_stack_lvl+0x100/0x190
[   97.021615][ T7308]  should_fail_ex.cold+0x5/0xa
[   97.021631][ T7308]  should_failslab+0xc2/0x120
[   97.021642][ T7308]  __kmalloc_cache_noprof+0x7a/0x6f0
[   97.021656][ T7308]  ? binder_transaction+0x1c15/0x9e50
[   97.021672][ T7308]  binder_transaction+0x1c15/0x9e50
[   97.021690][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021707][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021721][ T7308]  ? __pfx_binder_transaction+0x10/0x10
[   97.021736][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021751][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021769][ T7308]  ? find_held_lock+0x2b/0x80
[   97.021787][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021805][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021818][ T7308]  ? kernel_text_address+0x8d/0x100
[   97.021831][ T7308]  ? __pfx_widen_string+0x10/0x10
[   97.021843][ T7308]  ? __kernel_text_address+0xd/0x30
[   97.021859][ T7308]  ? find_held_lock+0x2b/0x80
[   97.021874][ T7308]  ? __might_fault+0xc5/0x140
[   97.021889][ T7308]  ? __might_fault+0xc5/0x140
[   97.021907][ T7308]  binder_thread_write+0x1303/0x4db0
[   97.021920][ T7308]  ? __kasan_slab_free+0x5f/0x80
[   97.021936][ T7308]  ? kfree+0x223/0x6c0
[   97.021950][ T7308]  ? __lock_acquire+0x4a5/0x2630
[   97.021962][ T7308]  ? __pfx_binder_thread_write+0x10/0x10
[   97.021974][ T7308]  ? binder_debug+0xe0/0x190
[   97.021990][ T7308]  ? __pfx_binder_debug+0x10/0x10
[   97.022006][ T7308]  ? binder_debug+0xe0/0x190
[   97.022021][ T7308]  ? __pfx_binder_debug+0x10/0x10
[   97.022045][ T7308]  binder_ioctl+0x28f8/0x7550
[   97.022061][ T7308]  ? tomoyo_path_number_perm+0x188/0x580
[   97.022081][ T7308]  ? __pfx_binder_ioctl+0x10/0x10
[   97.022093][ T7308]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   97.022107][ T7308]  ? do_vfs_ioctl+0x226/0x13e0
[   97.022123][ T7308]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   97.022139][ T7308]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   97.022161][ T7308]  ? hook_file_ioctl_common+0x149/0x410
[   97.022176][ T7308]  ? selinux_file_ioctl+0x13b/0x290
[   97.022192][ T7308]  ? selinux_file_ioctl+0xb6/0x290
[   97.022209][ T7308]  ? __pfx_binder_ioctl+0x10/0x10
[   97.022220][ T7308]  __x64_sys_ioctl+0x18e/0x210
[   97.022236][ T7308]  do_syscall_64+0x10b/0xf80
[   97.022250][ T7308]  ? clear_bhb_loop+0x40/0x90
[   97.022264][ T7308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.022274][ T7308] RIP: 0033:0x7f7fe099c819
[   97.022284][ T7308] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.022294][ T7308] RSP: 002b:00007f7fe18f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.022305][ T7308] RAX: ffffffffffffffda RBX: 00007f7fe0c15fa0 RCX: 00007f7fe099c819
[   97.022312][ T7308] RDX: 0000200000000140 RSI: 00000000c0306201 RDI: 0000000000000004
[   97.022321][ T7308] RBP: 00007f7fe18f4090 R08: 0000000000000000 R09: 0000000000000000
[   97.022329][ T7308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.022338][ T7308] R13: 00007f7fe0c16038 R14: 00007f7fe0c15fa0 R15: 00007ffe525af038
[   97.022359][ T7308]  </TASK>
[   97.207294][ T7312] veth0_to_team: entered promiscuous mode
[   97.210040][ T7312] veth0_to_team: left promiscuous mode
[   97.331101][ T7315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.450'.
[   97.408401][ T7319] FAULT_INJECTION: forcing a failure.
[   97.408401][ T7319] name failslab, interval 1, probability 0, space 0, times 0
[   97.417442][ T7319] CPU: 2 UID: 0 PID: 7319 Comm: syz.3.451 Not tainted syzkaller #0 PREEMPT(full) 
[   97.417470][ T7319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   97.417481][ T7319] Call Trace:
[   97.417489][ T7319]  <TASK>
[   97.417497][ T7319]  dump_stack_lvl+0x100/0x190
[   97.417528][ T7319]  should_fail_ex.cold+0x5/0xa
[   97.417557][ T7319]  should_failslab+0xc2/0x120
[   97.417578][ T7319]  kmem_cache_alloc_noprof+0x7b/0x6e0
[   97.417602][ T7319]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   97.417643][ T7319]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[   97.417667][ T7319]  mmu_topup_memory_caches+0x25/0x170
[   97.417695][ T7319]  kvm_mmu_load+0xd6/0x23e0
[   97.417720][ T7319]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[   97.417750][ T7319]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   97.417790][ T7319]  ? __pfx_kvm_mmu_load+0x10/0x10
[   97.417813][ T7319]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   97.417835][ T7319]  ? kvm_check_and_inject_events+0x961/0x1070
[   97.417874][ T7319]  ? record_steal_time+0x3d0/0xbc0
[   97.417897][ T7319]  vcpu_run+0x39f4/0x5ca0
[   97.417932][ T7319]  ? __pfx_vcpu_run+0x10/0x10
[   97.417964][ T7319]  ? rcu_is_watching+0x12/0xc0
[   97.417996][ T7319]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   97.418020][ T7319]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[   97.418052][ T7319]  kvm_vcpu_ioctl+0x730/0x1720
[   97.418073][ T7319]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.418092][ T7319]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   97.418114][ T7319]  ? do_vfs_ioctl+0x226/0x13e0
[   97.418140][ T7319]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   97.418164][ T7319]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   97.418203][ T7319]  ? __fget_files+0x215/0x3d0
[   97.418221][ T7319]  ? hook_file_ioctl_common+0x149/0x410
[   97.418249][ T7319]  ? selinux_file_ioctl+0x13b/0x290
[   97.418275][ T7319]  ? selinux_file_ioctl+0xb6/0x290
[   97.418303][ T7319]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.418322][ T7319]  __x64_sys_ioctl+0x18e/0x210
[   97.418350][ T7319]  do_syscall_64+0x10b/0xf80
[   97.418375][ T7319]  ? clear_bhb_loop+0x40/0x90
[   97.418398][ T7319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.418416][ T7319] RIP: 0033:0x7fbd8179c819
[   97.418433][ T7319] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.418449][ T7319] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.418468][ T7319] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[   97.418480][ T7319] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   97.418490][ T7319] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[   97.418501][ T7319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   97.418511][ T7319] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[   97.418536][ T7319]  </TASK>
[   97.556275][   T40] audit: type=1400 audit(1776596352.927:356): avc:  denied  { ioctl } for  pid=7322 comm="syz.2.452" path="socket:[16873]" dev="sockfs" ino=16873 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   97.620146][   T40] audit: type=1400 audit(1776596352.987:357): avc:  denied  { bind } for  pid=7322 comm="syz.2.452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   97.782735][ T7335] netlink: 12 bytes leftover after parsing attributes in process `syz.3.455'.
[   97.815231][ T7335] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.868353][   T40] audit: type=1400 audit(1776596353.237:358): avc:  denied  { ioctl } for  pid=7344 comm="syz.2.458" path="/dev/ptyq8" dev="devtmpfs" ino=135 ioctlcmd=0x5431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   97.911905][ T7349] netlink: 240 bytes leftover after parsing attributes in process `syz.2.460'.
[   97.952949][ T7355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.462'.
[   97.957311][ T7356] netlink: 12 bytes leftover after parsing attributes in process `syz.2.462'.
[   98.065865][   T40] audit: type=1400 audit(1776596353.437:359): avc:  denied  { name_bind } for  pid=7362 comm="syz.2.465" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   98.076830][ T7363] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   98.096551][ T7363] kernel read not supported for file /file1 (pid: 7363 comm: syz.2.465)
[   98.100572][   T40] audit: type=1800 audit(1776596353.467:360): pid=7363 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.465" name="file1" dev="mqueue" ino=16911 res=0 errno=0
[   98.115074][ T7363] bond2: option primary: mode dependency failed, not supported in mode balance-rr(0)
[   98.119666][ T7363] bond2 (unregistering): Released all slaves
[   98.179300][ T7365] can: request_module (can-proto-0) failed.
[   98.223660][ T6243] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   98.267705][ T7376] xt_hashlimit: size too large, truncated to 1048576
[   98.383729][ T6243] usb 6-1: Using ep0 maxpacket: 8
[   98.390342][ T6243] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   98.401352][ T6243] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   98.409006][ T6243] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   98.414279][ T6243] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   98.421514][ T6243] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   98.432483][ T6243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.475965][ T7384] tun0: tun_chr_ioctl cmd 1074025675
[   98.477729][ T7384] tun0: persist enabled
[   98.483910][ T7384] tun0: tun_chr_ioctl cmd 1074025675
[   98.485686][ T7384] tun0: persist enabled
[   98.496474][ T7384] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[   98.522084][ T7387] netlink: 12 bytes leftover after parsing attributes in process `syz.0.473'.
[   98.556891][ T7387] bond6: entered promiscuous mode
[   98.558927][ T7387] 8021q: adding VLAN 0 to HW filter on device bond6
[   98.575714][ T7387] bridge5: entered promiscuous mode
[   98.578868][ T7387] bond6: (slave bridge5): Enslaving as an active interface with an up link
[   98.654568][ T6243] usb 6-1: GET_CAPABILITIES returned 0
[   98.657300][ T6243] usbtmc 6-1:16.0: can't read capabilities
[   98.726384][ T7393] netlink: 24 bytes leftover after parsing attributes in process `syz.3.475'.
[   98.856814][   T40] audit: type=1400 audit(1776596354.227:361): avc:  denied  { ioctl } for  pid=7351 comm="syz.1.461" path="socket:[17683]" dev="sockfs" ino=17683 ioctlcmd=0x5b0e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   99.067513][ T7407] netlink: 20 bytes leftover after parsing attributes in process `syz.3.482'.
[   99.168072][ T1247] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.172060][ T1247] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.267203][   T40] audit: type=1400 audit(1776596354.637:362): avc:  denied  { execute } for  pid=7409 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   99.281523][   T40] audit: type=1400 audit(1776596354.637:363): avc:  denied  { execute_no_trans } for  pid=7409 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   99.292976][ T7411] random: crng reseeded on system resumption
[   99.306269][ T1247] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.314976][ T1247] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.401394][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   99.406124][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   99.409912][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   99.412635][ T5948] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   99.415354][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   99.455537][ T1247] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.459554][ T1247] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.539603][ T1247] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   99.542888][ T1247] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.809608][ T1247] bridge_slave_1: left allmulticast mode
[   99.811731][ T1247] bridge_slave_1: left promiscuous mode
[   99.815780][ T1247] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.834269][ T1247] bridge_slave_0: left allmulticast mode
[   99.836840][ T1247] bridge_slave_0: left promiscuous mode
[   99.839726][ T1247] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.250336][ T1247] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  100.255988][ T1247] bridge1 (unregistering): left promiscuous mode
[  100.319836][ T1247] bond3 (unregistering): (slave bridge2): Releasing backup interface
[  100.324197][ T1247] bridge2 (unregistering): left promiscuous mode
[  100.379750][ T1247] bond5 (unregistering): (slave bridge3): Releasing backup interface
[  100.384055][ T1247] bridge3 (unregistering): left promiscuous mode
[  100.477782][ T1247] bond6 (unregistering): (slave bridge5): Releasing backup interface
[  100.481536][ T1247] bridge5 (unregistering): left promiscuous mode
[  100.544243][   T12] smc: removing ib device sy‡1
[  100.544362][ T1247] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.551527][ T1247] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.556024][ T1247] bond0 (unregistering): Released all slaves
[  100.561100][ T1247] bond1 (unregistering): Released all slaves
[  100.569420][ T1247] bond2 (unregistering): (slave veth3): Releasing backup interface
[  100.575056][ T1247] bond2 (unregistering): Released all slaves
[  100.585228][ T1247] bond3 (unregistering): Released all slaves
[  100.595312][ T1247] bond4 (unregistering): (slave veth5): Releasing backup interface
[  100.600034][ T1247] bond4 (unregistering): Released all slaves
[  100.608715][ T1247] bond5 (unregistering): Released all slaves
[  100.620431][ T1247] bond6 (unregistering): Released all slaves
[  100.662486][ T7412] chnl_net:caif_netlink_parms(): no params data found
[  100.689045][   T12] smbdirect: ib_dev[sy‡1] removed
[  100.831570][ T7412] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.834452][ T7412] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.836868][ T7412] bridge_slave_0: entered allmulticast mode
[  100.845907][ T7412] bridge_slave_0: entered promiscuous mode
[  100.849357][ T7412] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.851831][ T7412] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.854841][ T7412] bridge_slave_1: entered allmulticast mode
[  100.862116][ T7412] bridge_slave_1: entered promiscuous mode
[  100.900863][ T7412] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.915123][ T7412] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.971407][   T10] usb 6-1: USB disconnect, device number 6
[  101.000631][ T7412] team0: Port device team_slave_0 added
[  101.029710][ T7412] team0: Port device team_slave_1 added
[  101.035828][ T5645] 8021q: adding VLAN 0 to HW filter on device eth2
[  101.080415][ T7412] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.087383][ T7412] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.102636][ T7412] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.110712][ T7412] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.115884][ T7412] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  101.127683][ T7412] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.137811][ T7451] netlink: 'syz.1.493': attribute type 1 has an invalid length.
[  101.224032][ T7451] bond4: entered promiscuous mode
[  101.225972][ T7451] 8021q: adding VLAN 0 to HW filter on device bond4
[  101.255865][ T7412] hsr_slave_0: entered promiscuous mode
[  101.258306][ T7412] hsr_slave_1: entered promiscuous mode
[  101.260531][ T7412] debugfs: 'hsr0' already exists in 'hsr'
[  101.262417][ T7412] Cannot create hsr debugfs directory
[  101.299475][ T7453] bond4: (slave bridge4): making interface the new active one
[  101.301986][ T7453] bridge4: entered promiscuous mode
[  101.304472][ T7453] bond4: (slave bridge4): Enslaving as an active interface with an up link
[  101.475294][   T62] Bluetooth: hci2: command tx timeout
[  101.540611][ T5645] 8021q: adding VLAN 0 to HW filter on device eth3
[  101.700243][ T1247] IPVS: stopping backup sync thread 6626 ...
[  101.715168][ T7412] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  101.782679][ T7412] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  101.840201][ T7412] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  101.855709][ T7412] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  101.860787][ T7412] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  101.869098][ T7412] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  101.872528][ T7412] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  101.888818][ T7412] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  101.989614][ T7412] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.009551][ T7412] 8021q: adding VLAN 0 to HW filter on device team0
[  102.026543][ T7496] FAULT_INJECTION: forcing a failure.
[  102.026543][ T7496] name failslab, interval 1, probability 0, space 0, times 0
[  102.030476][ T7496] CPU: 1 UID: 0 PID: 7496 Comm: syz.3.500 Not tainted syzkaller #0 PREEMPT(full) 
[  102.030492][ T7496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.030499][ T7496] Call Trace:
[  102.030504][ T7496]  <TASK>
[  102.030508][ T7496]  dump_stack_lvl+0x100/0x190
[  102.030526][ T7496]  should_fail_ex.cold+0x5/0xa
[  102.030543][ T7496]  should_failslab+0xc2/0x120
[  102.030554][ T7496]  __kmalloc_cache_noprof+0x7a/0x6f0
[  102.030568][ T7496]  ? sctp_add_bind_addr+0xae/0x3e0
[  102.030586][ T7496]  ? __sctp_v6_cmp_addr+0x206/0x530
[  102.030599][ T7496]  sctp_add_bind_addr+0xae/0x3e0
[  102.030615][ T7496]  sctp_copy_local_addr_list+0x349/0x550
[  102.030628][ T7496]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  102.030640][ T7496]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  102.030652][ T7496]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  102.030666][ T7496]  sctp_bind_addr_copy+0xe0/0x530
[  102.030684][ T7496]  sctp_connect_new_asoc+0x1c9/0x770
[  102.030698][ T7496]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  102.030712][ T7496]  ? selinux_sctp_bind_connect+0x112/0x2a0
[  102.030736][ T7496]  sctp_sendmsg+0x171a/0x22b0
[  102.030752][ T7496]  ? __lock_acquire+0x4a5/0x2630
[  102.030765][ T7496]  ? __pfx_sctp_sendmsg+0x10/0x10
[  102.030780][ T7496]  ? __pfx_sock_has_perm+0x10/0x10
[  102.030800][ T7496]  ? __pfx_sctp_sendmsg+0x10/0x10
[  102.030813][ T7496]  inet_sendmsg+0x11c/0x140
[  102.030829][ T7496]  ____sys_sendmsg+0x98d/0xb70
[  102.030840][ T7496]  ? __pfx_inet_sendmsg+0x10/0x10
[  102.030855][ T7496]  ? __pfx_____sys_sendmsg+0x10/0x10
[  102.030869][ T7496]  ? __pfx__kstrtoull+0x10/0x10
[  102.030886][ T7496]  ___sys_sendmsg+0x190/0x1e0
[  102.030900][ T7496]  ? __pfx____sys_sendmsg+0x10/0x10
[  102.030919][ T7496]  ? find_held_lock+0x2b/0x80
[  102.030943][ T7496]  __sys_sendmmsg+0x205/0x430
[  102.030960][ T7496]  ? __pfx___sys_sendmmsg+0x10/0x10
[  102.030981][ T7496]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  102.031002][ T7496]  ? fput+0x79/0x100
[  102.031015][ T7496]  ? ksys_write+0x1ac/0x250
[  102.031031][ T7496]  ? __pfx_ksys_write+0x10/0x10
[  102.031049][ T7496]  __x64_sys_sendmmsg+0x9c/0x100
[  102.031065][ T7496]  ? lockdep_hardirqs_on+0x78/0x100
[  102.031079][ T7496]  do_syscall_64+0x10b/0xf80
[  102.031093][ T7496]  ? clear_bhb_loop+0x40/0x90
[  102.031106][ T7496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.031117][ T7496] RIP: 0033:0x7fbd8179c819
[  102.031126][ T7496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.031137][ T7496] RSP: 002b:00007fbd82639028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  102.031148][ T7496] RAX: ffffffffffffffda RBX: 00007fbd81a15fa0 RCX: 00007fbd8179c819
[  102.031154][ T7496] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000004
[  102.031160][ T7496] RBP: 00007fbd82639090 R08: 0000000000000000 R09: 0000000000000000
[  102.031166][ T7496] R10: 0000000020000014 R11: 0000000000000246 R12: 0000000000000002
[  102.031172][ T7496] R13: 00007fbd81a16038 R14: 00007fbd81a15fa0 R15: 00007ffd78dec948
[  102.031185][ T7496]  </TASK>
[  102.140505][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.143665][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.203375][ T1158] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.206297][ T1158] bridge0: port 2(bridge_slave_1) entered forwarding state
[  102.221068][ T5645] 8021q: adding VLAN 0 to HW filter on device eth4
[  102.335006][ T7512] virtiofs: Unknown parameter 'bí'
[  102.439960][ T7412] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.448333][ T5645] 8021q: adding VLAN 0 to HW filter on device eth5
[  102.505923][ T7528] bond0: entered promiscuous mode
[  102.510431][ T7528] bond_slave_0: entered promiscuous mode
[  102.515234][ T7528] bond_slave_1: entered promiscuous mode
[  102.520569][ T7528] batadv0: entered promiscuous mode
[  102.526468][ T7528] 8021q: adding VLAN 0 to HW filter on device hsr1
[  102.529619][ T7528] bond0: left promiscuous mode
[  102.531429][ T7528] bond_slave_0: left promiscuous mode
[  102.533370][ T7528] bond_slave_1: left promiscuous mode
[  102.535953][ T7528] batadv0: left promiscuous mode
[  102.691363][ T7523] infiniband sy‡1: set active
[  102.710207][ T7523] infiniband sy‡1: added bond0
[  102.725372][ T7523] smbdirect: ib_dev[sy‡1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  102.730375][ T7523] smbdirect: ib_dev[sy‡1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  102.731197][ T7541] FAULT_INJECTION: forcing a failure.
[  102.731197][ T7541] name failslab, interval 1, probability 0, space 0, times 0
[  102.736036][ T7523] smbdirect: ib_dev[sy‡1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  102.741988][ T7541] CPU: 1 UID: 0 PID: 7541 Comm: syz.2.508 Not tainted syzkaller #0 PREEMPT(full) 
[  102.742004][ T7541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.742011][ T7541] Call Trace:
[  102.742015][ T7541]  <TASK>
[  102.742020][ T7541]  dump_stack_lvl+0x100/0x190
[  102.742039][ T7541]  should_fail_ex.cold+0x5/0xa
[  102.742057][ T7541]  should_failslab+0xc2/0x120
[  102.742069][ T7541]  __kmalloc_cache_noprof+0x7a/0x6f0
[  102.742083][ T7541]  ? drm_atomic_helper_setup_commit+0x56f/0x14f0
[  102.742102][ T7541]  ? drm_atomic_helper_check+0x10f/0x190
[  102.742124][ T7541]  drm_atomic_helper_setup_commit+0x56f/0x14f0
[  102.742157][ T7541]  drm_atomic_helper_commit+0xa9/0x380
[  102.742183][ T7541]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  102.742211][ T7541]  drm_atomic_commit+0x230/0x300
[  102.742239][ T7541]  ? __pfx_drm_atomic_commit+0x10/0x10
[  102.742265][ T7541]  ? __pfx___drm_printfn_info+0x10/0x10
[  102.742291][ T7541]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  102.742308][ T7541]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  102.742327][ T7541]  drm_atomic_helper_update_plane+0x314/0x400
[  102.742347][ T7541]  __setplane_atomic+0x22d/0x350
[  102.742368][ T7541]  drm_mode_cursor_universal+0x5e9/0xe20
[  102.742391][ T7541]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  102.742413][ T7541]  ? __pfx_drm_lease_held+0x10/0x10
[  102.742430][ T7541]  ? modeset_lock+0x114/0x6d0
[  102.742447][ T7541]  drm_mode_cursor_common+0x308/0x970
[  102.742467][ T7541]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  102.742485][ T7541]  ? avc_has_extended_perms+0x33a/0x1080
[  102.742506][ T7541]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  102.742541][ T7541]  drm_mode_cursor_ioctl+0xd4/0x110
[  102.742553][ T7541]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  102.742563][ T7541]  ? do_raw_spin_lock+0x128/0x260
[  102.742579][ T7541]  ? find_held_lock+0x2b/0x80
[  102.742599][ T7541]  ? do_raw_spin_unlock+0x145/0x1e0
[  102.742616][ T7541]  drm_ioctl_kernel+0x1f3/0x3e0
[  102.742632][ T7541]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  102.742643][ T7541]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  102.742664][ T7541]  drm_ioctl+0x5e6/0xc60
[  102.742682][ T7541]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  102.742693][ T7541]  ? __pfx_drm_ioctl+0x10/0x10
[  102.742715][ T7541]  ? selinux_file_ioctl+0x13b/0x290
[  102.742737][ T7541]  ? selinux_file_ioctl+0xb6/0x290
[  102.742755][ T7541]  ? __pfx_drm_ioctl+0x10/0x10
[  102.742772][ T7541]  __x64_sys_ioctl+0x18e/0x210
[  102.742790][ T7541]  do_syscall_64+0x10b/0xf80
[  102.742806][ T7541]  ? clear_bhb_loop+0x40/0x90
[  102.742820][ T7541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.742831][ T7541] RIP: 0033:0x7f970cf9c819
[  102.742842][ T7541] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.742852][ T7541] RSP: 002b:00007f970de17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.742863][ T7541] RAX: ffffffffffffffda RBX: 00007f970d215fa0 RCX: 00007f970cf9c819
[  102.742869][ T7541] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  102.742875][ T7541] RBP: 00007f970de17090 R08: 0000000000000000 R09: 0000000000000000
[  102.742881][ T7541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.742887][ T7541] R13: 00007f970d216038 R14: 00007f970d215fa0 R15: 00007ffdd25d4228
[  102.742901][ T7541]  </TASK>
[  102.862695][ T1247] hsr_slave_0: left promiscuous mode
[  102.870526][ T1247] hsr_slave_1: left promiscuous mode
[  102.872645][ T7523] RDS/IB: sy‡1: added
[  102.872759][ T1247] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.874446][ T7523] smc: adding ib device sy‡1 with port count 1
[  102.879420][ T7523] smc:    ib device sy‡1 port 1 has no pnetid
[  102.880140][ T1247] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.885947][ T1247] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.888778][ T1247] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.904171][ T1247] veth1_macvtap: left promiscuous mode
[  102.906590][ T1247] veth0_macvtap: left promiscuous mode
[  102.908444][ T1247] veth1_vlan: left promiscuous mode
[  102.910260][ T1247] veth0_vlan: left promiscuous mode
[  103.111728][ T1247] team0 (unregistering): Port device team_slave_1 removed
[  103.121548][ T1247] team0 (unregistering): Port device team_slave_0 removed
[  103.197096][ T7544] bond2: entered allmulticast mode
[  103.222550][ T7545] veth7: entered allmulticast mode
[  103.226694][ T7545] bond2: (slave veth7): Enslaving as an active interface with an up link
[  103.238419][ T7546] bond2 (unregistering): (slave veth7): Releasing backup interface
[  103.246501][ T7546] bond2 (unregistering): Released all slaves
[  103.309685][ T7412] veth0_vlan: entered promiscuous mode
[  103.325846][ T7412] veth1_vlan: entered promiscuous mode
[  103.372298][ T7412] veth0_macvtap: entered promiscuous mode
[  103.378163][ T7412] veth1_macvtap: entered promiscuous mode
[  103.393260][ T7556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.511'.
[  103.394697][ T7412] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.401446][ T7556] netlink: 12 bytes leftover after parsing attributes in process `syz.1.511'.
[  103.402967][ T7412] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.422125][ T1166] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.428552][ T1166] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.436405][ T1166] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.449753][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.540860][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.545242][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.553909][   T62] Bluetooth: hci2: command tx timeout
[  103.611804][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.619401][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.642334][ T1247] IPVS: stop unused estimator thread 0...
[  103.651554][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.2.516'.
[  103.748866][ T7583] syzkaller0: entered promiscuous mode
[  103.751329][ T7583] syzkaller0: entered allmulticast mode
[  104.152612][ T7597] FAULT_INJECTION: forcing a failure.
[  104.152612][ T7597] name failslab, interval 1, probability 0, space 0, times 0
[  104.157162][ T7597] CPU: 1 UID: 0 PID: 7597 Comm: syz.2.522 Not tainted syzkaller #0 PREEMPT(full) 
[  104.157178][ T7597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.157184][ T7597] Call Trace:
[  104.157189][ T7597]  <TASK>
[  104.157193][ T7597]  dump_stack_lvl+0x100/0x190
[  104.157212][ T7597]  should_fail_ex.cold+0x5/0xa
[  104.157230][ T7597]  should_failslab+0xc2/0x120
[  104.157242][ T7597]  __kmalloc_cache_noprof+0x7a/0x6f0
[  104.157255][ T7597]  ? binder_alloc_new_buf+0x1bb/0x30b0
[  104.157270][ T7597]  binder_alloc_new_buf+0x1bb/0x30b0
[  104.157282][ T7597]  ? binder_debug+0xe0/0x190
[  104.157298][ T7597]  ? __pfx_binder_debug+0x10/0x10
[  104.157317][ T7597]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[  104.157333][ T7597]  binder_transaction+0x1f70/0x9e50
[  104.157350][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157366][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157380][ T7597]  ? __pfx_binder_transaction+0x10/0x10
[  104.157413][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157428][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157447][ T7597]  ? find_held_lock+0x2b/0x80
[  104.157465][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157478][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157490][ T7597]  ? kernel_text_address+0x8d/0x100
[  104.157504][ T7597]  ? __pfx_widen_string+0x10/0x10
[  104.157515][ T7597]  ? __kernel_text_address+0xd/0x30
[  104.157531][ T7597]  ? find_held_lock+0x2b/0x80
[  104.157547][ T7597]  ? __might_fault+0xc5/0x140
[  104.157561][ T7597]  ? __might_fault+0xc5/0x140
[  104.157579][ T7597]  binder_thread_write+0x1303/0x4db0
[  104.157592][ T7597]  ? __kasan_slab_free+0x5f/0x80
[  104.157609][ T7597]  ? kfree+0x223/0x6c0
[  104.157623][ T7597]  ? __lock_acquire+0x4a5/0x2630
[  104.157635][ T7597]  ? __pfx_binder_thread_write+0x10/0x10
[  104.157647][ T7597]  ? binder_debug+0xe0/0x190
[  104.157662][ T7597]  ? __pfx_binder_debug+0x10/0x10
[  104.157678][ T7597]  ? binder_debug+0xe0/0x190
[  104.157693][ T7597]  ? __pfx_binder_debug+0x10/0x10
[  104.157716][ T7597]  binder_ioctl+0x28f8/0x7550
[  104.157737][ T7597]  ? tomoyo_path_number_perm+0x188/0x580
[  104.157756][ T7597]  ? __pfx_binder_ioctl+0x10/0x10
[  104.157768][ T7597]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.157782][ T7597]  ? do_vfs_ioctl+0x226/0x13e0
[  104.157798][ T7597]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.157813][ T7597]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  104.157835][ T7597]  ? hook_file_ioctl_common+0x149/0x410
[  104.157851][ T7597]  ? selinux_file_ioctl+0x13b/0x290
[  104.157866][ T7597]  ? selinux_file_ioctl+0xb6/0x290
[  104.157883][ T7597]  ? __pfx_binder_ioctl+0x10/0x10
[  104.157895][ T7597]  __x64_sys_ioctl+0x18e/0x210
[  104.157911][ T7597]  do_syscall_64+0x10b/0xf80
[  104.157925][ T7597]  ? clear_bhb_loop+0x40/0x90
[  104.157938][ T7597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.157949][ T7597] RIP: 0033:0x7f970cf9c819
[  104.157959][ T7597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.157969][ T7597] RSP: 002b:00007f970de17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.157980][ T7597] RAX: ffffffffffffffda RBX: 00007f970d215fa0 RCX: 00007f970cf9c819
[  104.157986][ T7597] RDX: 0000200000000140 RSI: 00000000c0306201 RDI: 0000000000000004
[  104.157993][ T7597] RBP: 00007f970de17090 R08: 0000000000000000 R09: 0000000000000000
[  104.157999][ T7597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.158005][ T7597] R13: 00007f970d216038 R14: 00007f970d215fa0 R15: 00007ffdd25d4228
[  104.158017][ T7597]  </TASK>
[  104.340791][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  104.340804][   T40] audit: type=1400 audit(1776596359.707:367): avc:  denied  { create } for  pid=7598 comm="syz.2.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  104.363588][   T40] audit: type=1400 audit(1776596359.727:368): avc:  denied  { connect } for  pid=7598 comm="syz.2.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  104.402249][ T7605] veth0_to_team: entered promiscuous mode
[  104.415916][ T7605] veth0_to_team: left promiscuous mode
[  104.554629][   T40] audit: type=1400 audit(1776596359.927:369): avc:  denied  { lock } for  pid=7609 comm="syz.3.526" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  104.565700][ T7612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.527'.
[  104.659882][ T7616] netlink: 16 bytes leftover after parsing attributes in process `syz.4.529'.
[  104.685977][ T7617] xt_hashlimit: size too large, truncated to 1048576
[  104.723499][ T7621] FAULT_INJECTION: forcing a failure.
[  104.723499][ T7621] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  104.728920][ T7621] CPU: 3 UID: 0 PID: 7621 Comm: syz.4.531 Not tainted syzkaller #0 PREEMPT(full) 
[  104.728937][ T7621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.728943][ T7621] Call Trace:
[  104.728947][ T7621]  <TASK>
[  104.728951][ T7621]  dump_stack_lvl+0x100/0x190
[  104.728970][ T7621]  should_fail_ex.cold+0x5/0xa
[  104.728985][ T7621]  ? prepare_alloc_pages+0x16d/0x5f0
[  104.728999][ T7621]  should_fail_alloc_page+0xeb/0x140
[  104.729011][ T7621]  prepare_alloc_pages+0x1f0/0x5f0
[  104.729025][ T7621]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  104.729041][ T7621]  ? stack_depot_save_flags+0x27/0x9d0
[  104.729057][ T7621]  ? kasan_save_stack+0x3f/0x50
[  104.729073][ T7621]  ? kasan_save_stack+0x30/0x50
[  104.729087][ T7621]  ? kasan_save_track+0x14/0x30
[  104.729101][ T7621]  ? __kasan_kmalloc+0xaa/0xb0
[  104.729115][ T7621]  ? __kvmalloc_node_noprof+0x360/0xa00
[  104.729130][ T7621]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  104.729143][ T7621]  ? mmu_topup_memory_caches+0xbc/0x170
[  104.729157][ T7621]  ? kvm_mmu_load+0xd6/0x23e0
[  104.729169][ T7621]  ? vcpu_run+0x39f4/0x5ca0
[  104.729182][ T7621]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.729196][ T7621]  ? kvm_vcpu_ioctl+0x730/0x1720
[  104.729206][ T7621]  ? __x64_sys_ioctl+0x18e/0x210
[  104.729222][ T7621]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  104.729247][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.729261][ T7621]  ? policy_nodemask+0xed/0x4f0
[  104.729273][ T7621]  alloc_pages_mpol+0x1fb/0x540
[  104.729283][ T7621]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  104.729295][ T7621]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  104.729309][ T7621]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  104.729322][ T7621]  alloc_pages_noprof+0x1a/0x160
[  104.729335][ T7621]  get_free_pages_noprof+0x10/0xb0
[  104.729344][ T7621]  __kvm_mmu_topup_memory_cache+0x278/0x5f0
[  104.729360][ T7621]  mmu_topup_memory_caches+0xbc/0x170
[  104.729375][ T7621]  kvm_mmu_load+0xd6/0x23e0
[  104.729407][ T7621]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  104.729424][ T7621]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  104.729443][ T7621]  ? __pfx_kvm_mmu_load+0x10/0x10
[  104.729455][ T7621]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  104.729467][ T7621]  ? kvm_check_and_inject_events+0x961/0x1070
[  104.729481][ T7621]  ? record_steal_time+0x3d0/0xbc0
[  104.729493][ T7621]  vcpu_run+0x39f4/0x5ca0
[  104.729512][ T7621]  ? __pfx_vcpu_run+0x10/0x10
[  104.729530][ T7621]  ? rcu_is_watching+0x12/0xc0
[  104.729549][ T7621]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.729563][ T7621]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  104.729582][ T7621]  kvm_vcpu_ioctl+0x730/0x1720
[  104.729594][ T7621]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.729604][ T7621]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.729617][ T7621]  ? do_vfs_ioctl+0x226/0x13e0
[  104.729633][ T7621]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.729648][ T7621]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  104.729671][ T7621]  ? __fget_files+0x215/0x3d0
[  104.729682][ T7621]  ? hook_file_ioctl_common+0x149/0x410
[  104.729698][ T7621]  ? selinux_file_ioctl+0x13b/0x290
[  104.729718][ T7621]  ? selinux_file_ioctl+0xb6/0x290
[  104.729734][ T7621]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.729745][ T7621]  __x64_sys_ioctl+0x18e/0x210
[  104.729762][ T7621]  do_syscall_64+0x10b/0xf80
[  104.729777][ T7621]  ? clear_bhb_loop+0x40/0x90
[  104.729790][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.729806][ T7621] RIP: 0033:0x7f1c9999c819
[  104.729815][ T7621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.729829][ T7621] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.729840][ T7621] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  104.729847][ T7621] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  104.729853][ T7621] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  104.729859][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.729865][ T7621] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  104.729878][ T7621]  </TASK>
[  104.782326][ T7626] EXT4-fs (sr0): VFS: Can't find ext4 filesystem
[  105.133759][   T57] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  105.146920][   T40] audit: type=1400 audit(1776596360.517:370): avc:  denied  { create } for  pid=7633 comm="syz.4.535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  105.149606][ T7634] netlink: 'syz.4.535': attribute type 1 has an invalid length.
[  105.155758][   T62] Bluetooth: Unknown BR/EDR signaling command 0x10
[  105.160238][   T62] Bluetooth: Wrong link type (-22)
[  105.163240][   T62] Bluetooth: Unknown BR/EDR signaling command 0x10
[  105.166112][   T62] Bluetooth: Wrong link type (-22)
[  105.167933][   T62] Bluetooth: Unknown BR/EDR signaling command 0x0e
[  105.170043][   T62] Bluetooth: Wrong link type (-22)
[  105.184964][ T7634] team0: Port device veth3 added
[  105.192701][   T40] audit: type=1400 audit(1776596360.557:371): avc:  denied  { read } for  pid=7633 comm="syz.4.535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  105.244507][ T7641] netlink: 240 bytes leftover after parsing attributes in process `syz.4.537'.
[  105.283650][   T57] usb 7-1: Using ep0 maxpacket: 16
[  105.286597][   T57] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 226
[  105.286728][ T7643] vxlan0: entered promiscuous mode
[  105.291481][   T57] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  105.292004][ T7643] vxlan0: entered allmulticast mode
[  105.295388][   T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.295400][   T57] usb 7-1: Product: syz
[  105.295408][   T57] usb 7-1: Manufacturer: syz
[  105.295415][   T57] usb 7-1: SerialNumber: syz
[  105.299740][   T57] usb 7-1: config 0 descriptor??
[  105.302218][ T7643] nfs4: Unknown parameter '
mpfs'
[  105.302631][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  105.314094][ T7627] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  105.318523][   T57] hub 7-1:0.0: bad descriptor, ignoring hub
[  105.320573][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  105.323489][   T57] hub 7-1:0.0: probe with driver hub failed with error -5
[  105.326496][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  105.331328][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  105.338814][   T57] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input6
[  105.354031][   T40] audit: type=1400 audit(1776596360.727:372): avc:  denied  { read } for  pid=5328 comm="acpid" name="mouse2" dev="devtmpfs" ino=3167 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.371979][   T40] audit: type=1400 audit(1776596360.727:373): avc:  denied  { open } for  pid=5328 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=3167 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.378737][    C1] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1
[  105.385328][   T40] audit: type=1400 audit(1776596360.727:374): avc:  denied  { ioctl } for  pid=5328 comm="acpid" path="/dev/input/mouse2" dev="devtmpfs" ino=3167 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  105.393727][   T10] IPVS: starting estimator thread 0...
[  105.484492][ T7649] IPVS: using max 43 ests per chain, 103200 per kthread
[  105.633719][   T62] Bluetooth: hci2: command tx timeout
[  105.664122][ T7664] xt_hashlimit: size too large, truncated to 1048576
[  105.691285][   T40] audit: type=1400 audit(1776596361.057:375): avc:  denied  { open } for  pid=7660 comm="syz.3.544" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=18912 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  105.794687][ T7675] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  105.796806][ T7675] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  105.800010][ T7675] vhci_hcd vhci_hcd.0: Device attached
[  105.820630][ T7676] vhci_hcd: connection closed
[  105.822607][   T13] vhci_hcd vhci_hcd.4: stop threads
[  105.829153][   T13] vhci_hcd vhci_hcd.4: release socket
[  105.830962][   T13] vhci_hcd vhci_hcd.4: disconnect device
[  105.857791][ T7680] netlink: 12 bytes leftover after parsing attributes in process `syz.4.548'.
[  105.859495][ T7626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.875978][ T7626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.017689][   T40] audit: type=1400 audit(1776596361.387:376): avc:  denied  { connect } for  pid=7689 comm="syz.3.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  106.184499][   T57] usb 7-1: USB disconnect, device number 5
[  106.473991][   T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  106.635346][   T24] usb 6-1: not running at top speed; connect to a high speed hub
[  106.640763][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  106.643874][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.646507][   T24] usb 6-1: Product: syz
[  106.647868][   T24] usb 6-1: Manufacturer: syz
[  106.649394][   T24] usb 6-1: SerialNumber: syz
[  106.667032][ T7706] binder: 7705:7706 ioctl c0306201 200000000140 returned -14
[  106.911200][   T24] cdc_ncm 6-1:1.0: bind() failure
[  106.920223][   T24] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  106.925010][   T24] cdc_ncm 6-1:1.1: bind() failure
[  106.933767][   T24] usb 6-1: USB disconnect, device number 7
[  107.001179][ T7719] netlink: 28 bytes leftover after parsing attributes in process `syz.2.563'.
[  107.293616][    T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  107.443638][    T9] usb 7-1: Using ep0 maxpacket: 8
[  107.449462][    T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  107.452644][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  107.456051][    T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  107.459500][    T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  107.463963][    T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  107.466957][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.522182][ T7734] netlink: 'syz.1.565': attribute type 1 has an invalid length.
[  107.541755][ T7734] bond5: entered promiscuous mode
[  107.546383][ T7734] 8021q: adding VLAN 0 to HW filter on device bond5
[  107.566412][ T7734] bond5: (slave bridge5): making interface the new active one
[  107.568931][ T7734] bridge5: entered promiscuous mode
[  107.571716][ T7734] bond5: (slave bridge5): Enslaving as an active interface with an up link
[  107.672673][    T9] usb 7-1: GET_CAPABILITIES returned 0
[  107.674658][    T9] usbtmc 7-1:16.0: can't read capabilities
[  107.723875][   T62] Bluetooth: hci2: command tx timeout
[  107.784974][ T7759] netlink: 'syz.3.572': attribute type 1 has an invalid length.
[  107.787591][ T7759] netlink: 'syz.3.572': attribute type 4 has an invalid length.
[  107.790029][ T7759] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.572'.
[  107.842267][ T7764] FAULT_INJECTION: forcing a failure.
[  107.842267][ T7764] name failslab, interval 1, probability 0, space 0, times 0
[  107.847196][ T7764] CPU: 1 UID: 0 PID: 7764 Comm: syz.4.573 Not tainted syzkaller #0 PREEMPT(full) 
[  107.847217][ T7764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  107.847226][ T7764] Call Trace:
[  107.847232][ T7764]  <TASK>
[  107.847238][ T7764]  dump_stack_lvl+0x100/0x190
[  107.847262][ T7764]  should_fail_ex.cold+0x5/0xa
[  107.847289][ T7764]  should_failslab+0xc2/0x120
[  107.847305][ T7764]  __kmalloc_cache_noprof+0x7a/0x6f0
[  107.847326][ T7764]  ? sctp_add_bind_addr+0xae/0x3e0
[  107.847348][ T7764]  ? __sctp_v6_cmp_addr+0x206/0x530
[  107.847368][ T7764]  sctp_add_bind_addr+0xae/0x3e0
[  107.847393][ T7764]  sctp_copy_local_addr_list+0x349/0x550
[  107.847411][ T7764]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  107.847432][ T7764]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  107.847450][ T7764]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  107.847471][ T7764]  sctp_bind_addr_copy+0xe0/0x530
[  107.847501][ T7764]  sctp_connect_new_asoc+0x1c9/0x770
[  107.847524][ T7764]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  107.847546][ T7764]  ? selinux_sctp_bind_connect+0x112/0x2a0
[  107.847579][ T7764]  sctp_sendmsg+0x171a/0x22b0
[  107.847601][ T7764]  ? __lock_acquire+0x4a5/0x2630
[  107.847618][ T7764]  ? __pfx_sctp_sendmsg+0x10/0x10
[  107.847638][ T7764]  ? __pfx_sock_has_perm+0x10/0x10
[  107.847666][ T7764]  ? __pfx_sctp_sendmsg+0x10/0x10
[  107.847684][ T7764]  inet_sendmsg+0x11c/0x140
[  107.847709][ T7764]  ____sys_sendmsg+0x98d/0xb70
[  107.847728][ T7764]  ? __pfx_inet_sendmsg+0x10/0x10
[  107.847748][ T7764]  ? __pfx_____sys_sendmsg+0x10/0x10
[  107.847771][ T7764]  ? __pfx__kstrtoull+0x10/0x10
[  107.847800][ T7764]  ___sys_sendmsg+0x190/0x1e0
[  107.847818][ T7764]  ? __pfx____sys_sendmsg+0x10/0x10
[  107.847846][ T7764]  ? find_held_lock+0x2b/0x80
[  107.847881][ T7764]  __sys_sendmmsg+0x205/0x430
[  107.847900][ T7764]  ? __pfx___sys_sendmmsg+0x10/0x10
[  107.847920][ T7764]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  107.847942][ T7764]  ? fput+0x79/0x100
[  107.847955][ T7764]  ? ksys_write+0x1ac/0x250
[  107.847971][ T7764]  ? __pfx_ksys_write+0x10/0x10
[  107.847995][ T7764]  __x64_sys_sendmmsg+0x9c/0x100
[  107.848011][ T7764]  ? lockdep_hardirqs_on+0x78/0x100
[  107.848025][ T7764]  do_syscall_64+0x10b/0xf80
[  107.848039][ T7764]  ? clear_bhb_loop+0x40/0x90
[  107.848053][ T7764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.848064][ T7764] RIP: 0033:0x7f1c9999c819
[  107.848074][ T7764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  107.848084][ T7764] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  107.848095][ T7764] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  107.848102][ T7764] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000004
[  107.848108][ T7764] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  107.848114][ T7764] R10: 0000000020000014 R11: 0000000000000246 R12: 0000000000000002
[  107.848120][ T7764] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  107.848138][ T7764]  </TASK>
[  107.950602][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.953962][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.956960][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.959947][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.962996][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.965981][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.969001][    C2] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.989088][ T7777] FAULT_INJECTION: forcing a failure.
[  107.989088][ T7777] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  107.993902][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.993928][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.993948][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.993976][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.994012][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.994039][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.994223][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.994242][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  107.994262][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  108.021313][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.4.580 Not tainted syzkaller #0 PREEMPT(full) 
[  108.021329][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  108.021336][ T7777] Call Trace:
[  108.021341][ T7777]  <TASK>
[  108.021345][ T7777]  dump_stack_lvl+0x100/0x190
[  108.021390][ T7777]  should_fail_ex.cold+0x5/0xa
[  108.021412][ T7777]  ? prepare_alloc_pages+0x16d/0x5f0
[  108.021427][ T7777]  should_fail_alloc_page+0xeb/0x140
[  108.021439][ T7777]  prepare_alloc_pages+0x1f0/0x5f0
[  108.021453][ T7777]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  108.021469][ T7777]  ? lock_release+0x245/0x310
[  108.021482][ T7777]  ? bpf_ksym_find+0x128/0x1c0
[  108.021562][ T7777]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  108.021574][ T7777]  ? is_bpf_text_address+0x94/0x1a0
[  108.021588][ T7777]  ? kernel_text_address+0x8d/0x100
[  108.021602][ T7777]  ? __kernel_text_address+0xd/0x30
[  108.021615][ T7777]  ? unwind_get_return_address+0x59/0xa0
[  108.021681][ T7777]  ? arch_stack_walk+0xa6/0xf0
[  108.021748][ T7777]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  108.021767][ T7777]  ? stack_trace_save+0x8e/0xc0
[  108.021781][ T7777]  ? check_noncircular+0x97/0x160
[  108.021793][ T7777]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  108.021806][ T7777]  ? policy_nodemask+0xed/0x4f0
[  108.021818][ T7777]  alloc_pages_mpol+0x1fb/0x540
[  108.021829][ T7777]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  108.021839][ T7777]  ? __kasan_kmalloc+0xaa/0xb0
[  108.021853][ T7777]  ? __get_vm_area_node+0x101/0x330
[  108.021868][ T7777]  alloc_pages_noprof+0x1a/0x160
[  108.021880][ T7777]  get_free_pages_noprof+0x10/0xb0
[  108.021891][ T7777]  __kasan_populate_vmalloc+0xa0/0x210
[  108.021955][ T7777]  alloc_vmap_area+0x95d/0x2b70
[  108.021972][ T7777]  ? __pfx_alloc_vmap_area+0x10/0x10
[  108.021987][ T7777]  __get_vm_area_node+0x1ca/0x330
[  108.022001][ T7777]  __vmalloc_node_range_noprof+0x228/0x1630
[  108.022014][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.022122][ T7777]  ? rcu_is_watching+0x12/0xc0
[  108.022139][ T7777]  ? trace_contention_end+0x122/0x170
[  108.022152][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.022164][ T7777]  ? system_heap_vmap+0xab/0x5d0
[  108.022176][ T7777]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  108.022189][ T7777]  ? __pfx___mutex_lock+0x10/0x10
[  108.022210][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.022221][ T7777]  __vmalloc_node_noprof+0xad/0xf0
[  108.022233][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.022245][ T7777]  system_heap_vmap+0x227/0x5d0
[  108.022259][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.022269][ T7777]  ? trace_contention_end+0x122/0x170
[  108.022287][ T7777]  dma_buf_vmap+0x275/0x430
[  108.022298][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.022309][ T7777]  ? __pfx_dma_buf_vmap+0x10/0x10
[  108.022324][ T7777]  drm_gem_shmem_vmap_locked+0x113/0x860
[  108.022339][ T7777]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  108.022354][ T7777]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  108.022366][ T7777]  drm_gem_vmap_locked+0xc8/0x1c0
[  108.022380][ T7777]  drm_gem_vmap+0x4a/0xa0
[  108.022392][ T7777]  drm_gem_fb_vmap+0xc7/0x450
[  108.022411][ T7777]  vkms_prepare_fb+0x87/0xb0
[  108.022476][ T7777]  drm_atomic_helper_prepare_planes+0x1f2/0xbe0
[  108.022491][ T7777]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  108.022505][ T7777]  drm_atomic_helper_commit+0x191/0x380
[  108.022522][ T7777]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  108.022538][ T7777]  drm_atomic_commit+0x230/0x300
[  108.022555][ T7777]  ? __pfx_drm_atomic_commit+0x10/0x10
[  108.022569][ T7777]  ? __pfx___drm_printfn_info+0x10/0x10
[  108.022586][ T7777]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  108.022603][ T7777]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  108.022621][ T7777]  drm_atomic_helper_update_plane+0x314/0x400
[  108.022640][ T7777]  __setplane_atomic+0x22d/0x350
[  108.022660][ T7777]  drm_mode_cursor_universal+0x5e9/0xe20
[  108.022681][ T7777]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  108.022702][ T7777]  ? __pfx_drm_lease_held+0x10/0x10
[  108.022718][ T7777]  ? modeset_lock+0x114/0x6d0
[  108.022737][ T7777]  drm_mode_cursor_common+0x308/0x970
[  108.022757][ T7777]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  108.022773][ T7777]  ? avc_has_extended_perms+0x33a/0x1080
[  108.022794][ T7777]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  108.022810][ T7777]  drm_mode_cursor_ioctl+0xd4/0x110
[  108.022820][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.022830][ T7777]  ? do_raw_spin_lock+0x128/0x260
[  108.022845][ T7777]  ? find_held_lock+0x2b/0x80
[  108.022863][ T7777]  ? do_raw_spin_unlock+0x145/0x1e0
[  108.022879][ T7777]  drm_ioctl_kernel+0x1f3/0x3e0
[  108.022893][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.022904][ T7777]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  108.022923][ T7777]  drm_ioctl+0x5e6/0xc60
[  108.022940][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.022951][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.022972][ T7777]  ? selinux_file_ioctl+0x13b/0x290
[  108.022991][ T7777]  ? selinux_file_ioctl+0xb6/0x290
[  108.023008][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.023023][ T7777]  __x64_sys_ioctl+0x18e/0x210
[  108.023041][ T7777]  do_syscall_64+0x10b/0xf80
[  108.023055][ T7777]  ? clear_bhb_loop+0x40/0x90
[  108.023071][ T7777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.023087][ T7777] RIP: 0033:0x7f1c9999c819
[  108.023099][ T7777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.023113][ T7777] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  108.023129][ T7777] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  108.023136][ T7777] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  108.023142][ T7777] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  108.023148][ T7777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.023154][ T7777] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  108.023168][ T7777]  </TASK>
[  108.023339][ T7777] syz.4.580: vmalloc error: size 264, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[  108.032277][   T57] usb 7-1: USB disconnect, device number 6
[  108.220176][ T7777] ,cpuset=/,mems_allowed=0-1
[  108.222502][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.4.580 Not tainted syzkaller #0 PREEMPT(full) 
[  108.222517][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  108.222524][ T7777] Call Trace:
[  108.222529][ T7777]  <TASK>
[  108.222533][ T7777]  dump_stack_lvl+0x100/0x190
[  108.222551][ T7777]  warn_alloc.cold+0x95/0x1c1
[  108.222563][ T7777]  ? __pfx_warn_alloc+0x10/0x10
[  108.222578][ T7777]  ? lockdep_hardirqs_on+0x78/0x100
[  108.222595][ T7777]  ? __get_vm_area_node+0x2c5/0x330
[  108.222609][ T7777]  ? __get_vm_area_node+0x208/0x330
[  108.222623][ T7777]  __vmalloc_node_range_noprof+0xccd/0x1630
[  108.222638][ T7777]  ? rcu_is_watching+0x12/0xc0
[  108.222654][ T7777]  ? trace_contention_end+0x122/0x170
[  108.222672][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.222685][ T7777]  ? system_heap_vmap+0xab/0x5d0
[  108.222699][ T7777]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  108.222711][ T7777]  ? __pfx___mutex_lock+0x10/0x10
[  108.222731][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.222742][ T7777]  __vmalloc_node_noprof+0xad/0xf0
[  108.222754][ T7777]  ? system_heap_vmap+0x227/0x5d0
[  108.222766][ T7777]  system_heap_vmap+0x227/0x5d0
[  108.222779][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.222790][ T7777]  ? trace_contention_end+0x122/0x170
[  108.222808][ T7777]  dma_buf_vmap+0x275/0x430
[  108.222819][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.222830][ T7777]  ? __pfx_dma_buf_vmap+0x10/0x10
[  108.222844][ T7777]  drm_gem_shmem_vmap_locked+0x113/0x860
[  108.222858][ T7777]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  108.222873][ T7777]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  108.222886][ T7777]  drm_gem_vmap_locked+0xc8/0x1c0
[  108.222899][ T7777]  drm_gem_vmap+0x4a/0xa0
[  108.222911][ T7777]  drm_gem_fb_vmap+0xc7/0x450
[  108.222930][ T7777]  vkms_prepare_fb+0x87/0xb0
[  108.222942][ T7777]  drm_atomic_helper_prepare_planes+0x1f2/0xbe0
[  108.222957][ T7777]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  108.222985][ T7777]  drm_atomic_helper_commit+0x191/0x380
[  108.223003][ T7777]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  108.223019][ T7777]  drm_atomic_commit+0x230/0x300
[  108.223035][ T7777]  ? __pfx_drm_atomic_commit+0x10/0x10
[  108.223050][ T7777]  ? __pfx___drm_printfn_info+0x10/0x10
[  108.223068][ T7777]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  108.223084][ T7777]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  108.223102][ T7777]  drm_atomic_helper_update_plane+0x314/0x400
[  108.223120][ T7777]  __setplane_atomic+0x22d/0x350
[  108.223141][ T7777]  drm_mode_cursor_universal+0x5e9/0xe20
[  108.223162][ T7777]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  108.223183][ T7777]  ? __pfx_drm_lease_held+0x10/0x10
[  108.223198][ T7777]  ? modeset_lock+0x114/0x6d0
[  108.223215][ T7777]  drm_mode_cursor_common+0x308/0x970
[  108.223235][ T7777]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  108.223251][ T7777]  ? avc_has_extended_perms+0x33a/0x1080
[  108.223273][ T7777]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  108.223289][ T7777]  drm_mode_cursor_ioctl+0xd4/0x110
[  108.223299][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.223309][ T7777]  ? do_raw_spin_lock+0x128/0x260
[  108.223323][ T7777]  ? find_held_lock+0x2b/0x80
[  108.223342][ T7777]  ? do_raw_spin_unlock+0x145/0x1e0
[  108.223359][ T7777]  drm_ioctl_kernel+0x1f3/0x3e0
[  108.223373][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.223384][ T7777]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  108.223403][ T7777]  drm_ioctl+0x5e6/0xc60
[  108.223420][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.223431][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.223451][ T7777]  ? selinux_file_ioctl+0x13b/0x290
[  108.223468][ T7777]  ? selinux_file_ioctl+0xb6/0x290
[  108.223485][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.223500][ T7777]  __x64_sys_ioctl+0x18e/0x210
[  108.223518][ T7777]  do_syscall_64+0x10b/0xf80
[  108.223532][ T7777]  ? clear_bhb_loop+0x40/0x90
[  108.223545][ T7777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.223556][ T7777] RIP: 0033:0x7f1c9999c819
[  108.223566][ T7777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.223576][ T7777] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  108.223586][ T7777] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  108.223592][ T7777] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  108.223599][ T7777] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  108.223605][ T7777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.223611][ T7777] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  108.223624][ T7777]  </TASK>
[  108.411717][ T7777] Mem-Info:
[  108.413235][ T7777] active_anon:2050 inactive_anon:7039 isolated_anon:0
[  108.413235][ T7777]  active_file:6675 inactive_file:24342 isolated_file:0
[  108.413235][ T7777]  unevictable:1768 dirty:51 writeback:0
[  108.413235][ T7777]  slab_reclaimable:8252 slab_unreclaimable:76998
[  108.413235][ T7777]  mapped:25068 shmem:1972 pagetables:8322
[  108.413235][ T7777]  sec_pagetables:294 bounce:0
[  108.413235][ T7777]  kernel_misc_reclaimable:0
[  108.413235][ T7777]  free:293176 free_pcp:17163 free_cma:0
[  108.432394][ T7777] Node 0 active_anon:6668kB inactive_anon:28156kB active_file:17632kB inactive_file:97116kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:91888kB dirty:184kB writeback:0kB shmem:4304kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13376kB pagetables:5904kB sec_pagetables:1168kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  108.437311][ T7783] bond1: entered allmulticast mode
[  108.447077][ T7777] Node 1 active_anon:1532kB inactive_anon:0kB active_file:9068kB inactive_file:252kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8384kB dirty:20kB writeback:0kB shmem:3584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:288kB pagetables:27260kB sec_pagetables:8kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  108.468287][ T7777] Node 0 DMA free:5304kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:100kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:288kB local_pcp:52kB free_cma:0kB
[  108.480962][ T7777] lowmem_reserve[]: 0 1229 1229 1229 1229
[  108.482002][ T7784] veth3: entered allmulticast mode
[  108.483592][ T7777] Node 0 DMA32 free:34216kB boost:0kB min:27472kB low:34340kB high:41208kB reserved_highatomic:0KB free_highatomic:0KB active_anon:6568kB inactive_anon:28156kB active_file:17632kB inactive_file:96284kB unevictable:3536kB writepending:184kB zspages:0kB present:2080628kB managed:1259172kB mlocked:0kB bounce:0kB free_pcp:24096kB local_pcp:6644kB free_cma:0kB
[  108.492810][ T7784] bond1: (slave veth3): Enslaving as an active interface with an up link
[  108.496807][ T7777] lowmem_reserve[]: 0 0 0 0 0
[  108.501620][ T7777] Node 1 Normal free:1084952kB boost:0kB min:39764kB low:49704kB high:59644kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1532kB inactive_anon:0kB active_file:9068kB inactive_file:252kB unevictable:3536kB writepending:20kB zspages:5352kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:42716kB local_pcp:792kB free_cma:0kB
[  108.513029][ T7777] lowmem_reserve[]: 0 0 0 0 0
[  108.517962][ T7785] bond1 (unregistering): (slave veth3): Releasing backup interface
[  108.519616][ T7777] Node 0 DMA: 2*4kB (UM) 6*8kB (UM) 2*16kB (M) 7*32kB (UM) 4*64kB (UM) 1*128kB (M) 0*256kB 3*512kB (UM) 1*1024kB (U) 1*2048kB (M) 0*4096kB = 5304kB
[  108.527007][ T7777] Node 0 DMA32: 267*4kB (UME) 387*8kB (UME) 134*16kB (UME) 92*32kB (ME) 57*64kB (UME) 35*128kB (UME) 18*256kB (ME) 8*512kB (ME) 4*1024kB (UM) 2*2048kB (UM) 0*4096kB = 34276kB
[  108.529518][ T7785] bond1 (unregistering): Released all slaves
[  108.533069][ T7777] Node 1 Normal: 3*4kB (UME) 2*8kB (UE) 10*16kB (UME) 7*32kB (ME) 8*64kB (ME) 5*128kB (ME) 9*256kB (ME) 8*512kB (ME) 6*1024kB (UME) 1*2048kB (M) 255*4096kB (UM) = 1060636kB
[  108.541286][ T7777] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  108.544686][ T7777] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  108.547956][ T7777] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  108.551141][ T7777] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  108.554737][ T7777] 33119 total pagecache pages
[  108.556589][ T7777] 134 pages in swap cache
[  108.558401][ T7777] Free swap  = 107060kB
[  108.560050][ T7777] Total swap = 124996kB
[  108.561459][ T7777] 1048443 pages RAM
[  108.562747][ T7777] 0 pages HighMem/MovableOnly
[  108.564991][ T7777] 284339 pages reserved
[  108.566416][ T7777] 0 pages cma reserved
[  108.570909][ T7777] ------------[ cut here ]------------
[  108.572880][ T7777] ret
[  108.572888][ T7777] WARNING: drivers/dma-buf/dma-buf.c:1649 at dma_buf_vmap+0x3c5/0x430, CPU#0: syz.4.580/7777
[  108.578214][ T7777] Modules linked in:
[  108.579641][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.4.580 Not tainted syzkaller #0 PREEMPT(full) 
[  108.582523][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  108.585774][ T7777] RIP: 0010:dma_buf_vmap+0x3c5/0x430
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  108.587450][ T7777] Code: fc e9 22 fd ff ff 48 8b 3c 24 e8 16 ff 21 fc e9 30 ff ff ff e8 0c 28 b5 fb 90 0f 0b e8 04 28 b5 fb 90 0f 0b e8 fc 27 b5 fb 90 <0f> 0b 90 e9 3f fe ff ff e8 ee 89 43 05 4c 89 ff e8 26 fe 21 fc e9
[  108.593682][ T7777] RSP: 0018:ffffc900026af3f8 EFLAGS: 00010293
[  108.595610][ T7777] RAX: 0000000000000000 RBX: ffff8880586fc800 RCX: ffffffff86544021
[  108.598139][ T7777] RDX: ffff88805e3ba500 RSI: ffffffff86544164 RDI: ffff88805e3ba500
[  108.600622][ T7777] RBP: ffffc900026af498 R08: 0000000000000005 R09: 0000000000000000
[  108.603280][ T7777] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88802caad4d0
[  108.605994][ T7777] R13: 1ffff920004d5e82 R14: 00000000fffffff4 R15: ffff8880586fc830
[  108.608491][ T7777] FS:  00007f1c9a86a6c0(0000) GS:ffff8880d62ef000(0000) knlGS:0000000000000000
[  108.611451][ T7777] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  108.613615][ T7777] CR2: 000000110c41f92c CR3: 0000000108de1000 CR4: 0000000000352ef0
[  108.616122][ T7777] Call Trace:
[  108.617197][ T7777]  <TASK>
[  108.618155][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.619858][ T7777]  ? __pfx_dma_buf_vmap+0x10/0x10
[  108.621491][ T7777]  drm_gem_shmem_vmap_locked+0x113/0x860
[  108.623273][ T7777]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  108.625343][ T7777]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  108.627402][ T7777]  drm_gem_vmap_locked+0xc8/0x1c0
[  108.628998][ T7777]  drm_gem_vmap+0x4a/0xa0
[  108.630377][ T7777]  drm_gem_fb_vmap+0xc7/0x450
[  108.631903][ T7777]  vkms_prepare_fb+0x87/0xb0
[  108.633387][ T7777]  drm_atomic_helper_prepare_planes+0x1f2/0xbe0
[  108.635409][ T7777]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  108.637093][ T7777]  drm_atomic_helper_commit+0x191/0x380
[  108.638864][ T7777]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  108.640779][ T7777]  drm_atomic_commit+0x230/0x300
[  108.642389][ T7777]  ? __pfx_drm_atomic_commit+0x10/0x10
[  108.644342][ T7777]  ? __pfx___drm_printfn_info+0x10/0x10
[  108.646180][ T7777]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  108.648101][ T7777]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  108.650028][ T7777]  drm_atomic_helper_update_plane+0x314/0x400
[  108.651996][ T7777]  __setplane_atomic+0x22d/0x350
[  108.653739][ T7777]  drm_mode_cursor_universal+0x5e9/0xe20
[  108.655560][ T7777]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  108.657933][ T7777]  ? __pfx_drm_lease_held+0x10/0x10
[  108.659613][ T7777]  ? modeset_lock+0x114/0x6d0
[  108.661103][ T7777]  drm_mode_cursor_common+0x308/0x970
[  108.662849][ T7777]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  108.664829][ T7777]  ? avc_has_extended_perms+0x33a/0x1080
[  108.666632][ T7777]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  108.668494][ T7777]  drm_mode_cursor_ioctl+0xd4/0x110
[  108.670150][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.672006][ T7777]  ? do_raw_spin_lock+0x128/0x260
[  108.673753][ T7777]  ? find_held_lock+0x2b/0x80
[  108.675258][ T7777]  ? do_raw_spin_unlock+0x145/0x1e0
[  108.676902][ T7777]  drm_ioctl_kernel+0x1f3/0x3e0
[  108.678458][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.680292][ T7777]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  108.681997][ T7777]  drm_ioctl+0x5e6/0xc60
[  108.683347][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.685267][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.686850][ T7777]  ? selinux_file_ioctl+0x13b/0x290
[  108.688504][ T7777]  ? selinux_file_ioctl+0xb6/0x290
[  108.690154][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.691699][ T7777]  __x64_sys_ioctl+0x18e/0x210
[  108.693225][ T7777]  do_syscall_64+0x10b/0xf80
[  108.694784][ T7777]  ? clear_bhb_loop+0x40/0x90
[  108.696295][ T7777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.698174][ T7777] RIP: 0033:0x7f1c9999c819
[  108.699588][ T7777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.705797][ T7777] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  108.708417][ T7777] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  108.710903][ T7777] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  108.713413][ T7777] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  108.716461][ T7777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.719531][ T7777] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  108.722235][ T7777]  </TASK>
[  108.723450][ T7777] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  108.725998][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.4.580 Not tainted syzkaller #0 PREEMPT(full) 
[  108.729493][ T7777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  108.732670][ T7777] Call Trace:
[  108.733780][ T7777]  <TASK>
[  108.734963][ T7777]  dump_stack_lvl+0x100/0x190
[  108.736632][ T7777]  vpanic+0x552/0x970
[  108.737912][ T7777]  ? __pfx_vpanic+0x10/0x10
[  108.739365][ T7777]  panic+0xd1/0xe0
[  108.740855][ T7777]  ? __pfx_panic+0x10/0x10
[  108.742470][ T7777]  ? check_panic_on_warn+0x1f/0x90
[  108.744081][ T7777]  check_panic_on_warn.cold+0x19/0x34
[  108.746037][ T7777]  ? dma_buf_vmap+0x3c5/0x430
[  108.747775][ T7777]  __warn.cold+0x191/0x328
[  108.749203][ T7777]  __report_bug+0x296/0x3d0
[  108.750733][ T7777]  ? dma_buf_vmap+0x3c5/0x430
[  108.752241][ T7777]  ? __pfx___report_bug+0x10/0x10
[  108.753842][ T7777]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  108.755741][ T7777]  ? __vmalloc_node_noprof+0xad/0xf0
[  108.757427][ T7777]  ? dma_buf_vmap+0x3c5/0x430
[  108.758936][ T7777]  report_bug+0xb2/0x220
[  108.760287][ T7777]  ? dma_buf_vmap+0x3c5/0x430
[  108.761804][ T7777]  handle_bug+0x16a/0x2a0
[  108.763185][ T7777]  exc_invalid_op+0x17/0x50
[  108.764647][ T7777]  asm_exc_invalid_op+0x1a/0x20
[  108.766111][ T7777] RIP: 0010:dma_buf_vmap+0x3c5/0x430
[  108.767815][ T7777] Code: fc e9 22 fd ff ff 48 8b 3c 24 e8 16 ff 21 fc e9 30 ff ff ff e8 0c 28 b5 fb 90 0f 0b e8 04 28 b5 fb 90 0f 0b e8 fc 27 b5 fb 90 <0f> 0b 90 e9 3f fe ff ff e8 ee 89 43 05 4c 89 ff e8 26 fe 21 fc e9
[  108.774808][ T7777] RSP: 0018:ffffc900026af3f8 EFLAGS: 00010293
[  108.776771][ T7777] RAX: 0000000000000000 RBX: ffff8880586fc800 RCX: ffffffff86544021
[  108.779284][ T7777] RDX: ffff88805e3ba500 RSI: ffffffff86544164 RDI: ffff88805e3ba500
[  108.781778][ T7777] RBP: ffffc900026af498 R08: 0000000000000005 R09: 0000000000000000
[  108.784238][ T7777] R10: 00000000fffffff4 R11: 0000000000000000 R12: ffff88802caad4d0
[  108.786725][ T7777] R13: 1ffff920004d5e82 R14: 00000000fffffff4 R15: ffff8880586fc830
[  108.789194][ T7777]  ? dma_buf_vmap+0x281/0x430
[  108.790685][ T7777]  ? dma_buf_vmap+0x3c4/0x430
[  108.792193][ T7777]  ? dma_buf_vmap+0x3c4/0x430
[  108.793679][ T7777]  ? __pfx_system_heap_vmap+0x10/0x10
[  108.795357][ T7777]  ? __pfx_dma_buf_vmap+0x10/0x10
[  108.796945][ T7777]  drm_gem_shmem_vmap_locked+0x113/0x860
[  108.798714][ T7777]  ? __pfx_drm_gem_shmem_vmap_locked+0x10/0x10
[  108.800643][ T7777]  ? __pfx_drm_gem_shmem_object_vmap+0x10/0x10
[  108.802591][ T7777]  drm_gem_vmap_locked+0xc8/0x1c0
[  108.804187][ T7777]  drm_gem_vmap+0x4a/0xa0
[  108.805450][ T7777]  drm_gem_fb_vmap+0xc7/0x450
[  108.806946][ T7777]  vkms_prepare_fb+0x87/0xb0
[  108.808408][ T7777]  drm_atomic_helper_prepare_planes+0x1f2/0xbe0
[  108.810377][ T7777]  ? __pfx_vkms_prepare_fb+0x10/0x10
[  108.812054][ T7777]  drm_atomic_helper_commit+0x191/0x380
[  108.813797][ T7777]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  108.815687][ T7777]  drm_atomic_commit+0x230/0x300
[  108.817249][ T7777]  ? __pfx_drm_atomic_commit+0x10/0x10
[  108.818967][ T7777]  ? __pfx___drm_printfn_info+0x10/0x10
[  108.820699][ T7777]  ? drm_atomic_set_fb_for_plane+0x144/0x280
[  108.822603][ T7777]  ? drm_atomic_set_fb_for_plane+0x186/0x280
[  108.824500][ T7777]  drm_atomic_helper_update_plane+0x314/0x400
[  108.826420][ T7777]  __setplane_atomic+0x22d/0x350
[  108.827985][ T7777]  drm_mode_cursor_universal+0x5e9/0xe20
[  108.829764][ T7777]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  108.831710][ T7777]  ? __pfx_drm_lease_held+0x10/0x10
[  108.833351][ T7777]  ? modeset_lock+0x114/0x6d0
[  108.834860][ T7777]  drm_mode_cursor_common+0x308/0x970
[  108.836547][ T7777]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  108.838436][ T7777]  ? avc_has_extended_perms+0x33a/0x1080
[  108.840209][ T7777]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  108.842101][ T7777]  drm_mode_cursor_ioctl+0xd4/0x110
[  108.843732][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.845580][ T7777]  ? do_raw_spin_lock+0x128/0x260
[  108.847190][ T7777]  ? find_held_lock+0x2b/0x80
[  108.848694][ T7777]  ? do_raw_spin_unlock+0x145/0x1e0
[  108.850447][ T7777]  drm_ioctl_kernel+0x1f3/0x3e0
[  108.852036][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.853894][ T7777]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  108.855605][ T7777]  drm_ioctl+0x5e6/0xc60
[  108.857181][ T7777]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  108.859052][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.860575][ T7777]  ? selinux_file_ioctl+0x13b/0x290
[  108.862237][ T7777]  ? selinux_file_ioctl+0xb6/0x290
[  108.863898][ T7777]  ? __pfx_drm_ioctl+0x10/0x10
[  108.865423][ T7777]  __x64_sys_ioctl+0x18e/0x210
[  108.867022][ T7777]  do_syscall_64+0x10b/0xf80
[  108.868485][ T7777]  ? clear_bhb_loop+0x40/0x90
[  108.869990][ T7777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.871856][ T7777] RIP: 0033:0x7f1c9999c819
[  108.873311][ T7777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.879254][ T7777] RSP: 002b:00007f1c9a86a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  108.881876][ T7777] RAX: ffffffffffffffda RBX: 00007f1c99c15fa0 RCX: 00007f1c9999c819
[  108.884335][ T7777] RDX: 0000200000000280 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  108.886816][ T7777] RBP: 00007f1c9a86a090 R08: 0000000000000000 R09: 0000000000000000
[  108.889266][ T7777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.891781][ T7777] R13: 00007f1c99c16038 R14: 00007f1c99c15fa0 R15: 00007fffe7616a58
[  108.894252][ T7777]  </TASK>
[  108.896083][ T7777] Kernel Offset: disabled
[  108.897484][ T7777] Rebooting in 86400 seconds..