last executing test programs:

3m37.388322297s ago: executing program 2 (id=539):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000005400e50100000000000700000700000051"], 0x18}}, 0x20044050)

3m37.322029255s ago: executing program 2 (id=541):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="180000003c000bab956cb26f8c7d94f90324fc602f000000", 0x18}], 0x1}, 0x200000c4)

3m37.321803516s ago: executing program 2 (id=542):
syz_open_dev$vcsa(&(0x7f0000000380), 0x7b95b611, 0x802)
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
writev(r0, &(0x7f00000003c0), 0x0)

3m37.318664162s ago: executing program 2 (id=543):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)={0x6c, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x21, 0x1, @in6={0xa, 0x0, 0x1, @dev={0xfe, 0x80, '\x00', 0x13}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, 0x3}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x6c}}, 0x0) (fail_nth: 1)

3m37.189190157s ago: executing program 2 (id=547):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000001680)=@get={0x1, &(0x7f0000000680)=""/4096, 0x9})
iopl(0x3)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@host}, 0x0, 0x2, 0xa5d4})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffeffffff)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4020ae46, 0x0)
unshare(0x62000000)

3m37.029289921s ago: executing program 2 (id=550):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', <r1=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="c4000000190001050000000000002000fc000000000000000000000000000000e000000200000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c00", @ANYRES32=r1, @ANYBLOB="04"], 0xc4}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)

3m36.608400173s ago: executing program 3 (id=569):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="c10bc18beb9a5bda6989dcae0f77d4bf40bb47d7cf924eeea957e28ab61cf8f777d92727634f8ef26af8a10562785b9a90cfec620cf4bf78312f46d526a1ba831141f5b826193125f48791afe076d43bd91a0a953b47a232ea0a0acf38c590bc42ee09c532b45b12f978412f7e42037766132ff4fae3c12a9c80102a2091efbde6ec4597a35d5deff67057081f7c47e49dba31ef1688f24768b729f6fd", 0x9d, 0x8040, &(0x7f0000000000)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @remote}, 0x159}, 0x1c)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000002a00)={0x0, 0x0, &(0x7f00000029c0)={&(0x7f0000000180)={0x34, 0x4, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000004}, 0x24004090)
ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000140)={0x1, 0x1})

3m36.606775151s ago: executing program 3 (id=571):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x1418, 0x1, 0x0, 0x20000000, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x200480c5}, 0x0)

3m36.606540265s ago: executing program 3 (id=573):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="180000003c000bab956cb26f8c7d94f90324fc602f000000", 0x18}], 0x1}, 0x200000c4)

3m36.548655292s ago: executing program 3 (id=575):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000400000000000002e00000008000300", @ANYRES32=r1, @ANYBLOB='\bK\x00\x00I\x00'], 0x2c}}, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r3, 0x114, 0x8, &(0x7f00000008c0), 0x4)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r4, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r4, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x20202, 0x0)
sendfile(r7, r7, 0x0, 0xc3)
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)={0x54, r6, 0x1, 0xffffffff, 0x0, {0x2f}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000041}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x40ead000)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f0000000000)=0x7f)
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x3, 0x0, 0x3, 0x2)
syz_clone(0x900a000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r4, 0x58, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', r8, 0xc, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)

3m36.294486789s ago: executing program 3 (id=583):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21, 0x6000000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_SLAVE2={0x8, 0x2, r1}]}}}]}, 0x40}}, 0x0)

3m35.979382654s ago: executing program 3 (id=585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@getnexthop={0x18, 0x76, 0xb0d, 0x70bd25, 0x0, {0x3}}, 0x18}, 0x1, 0x0, 0x0, 0xa6ffffff}, 0x0)

3m35.951543988s ago: executing program 32 (id=585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@getnexthop={0x18, 0x76, 0xb0d, 0x70bd25, 0x0, {0x3}}, 0x18}, 0x1, 0x0, 0x0, 0xa6ffffff}, 0x0)

3m21.211693692s ago: executing program 33 (id=550):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bond0\x00', <r1=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="c4000000190001050000000000002000fc000000000000000000000000000000e000000200000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c00", @ANYRES32=r1, @ANYBLOB="04"], 0xc4}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)

2m16.498281762s ago: executing program 4 (id=1960):
r0 = socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, 0x0, 0x40800)
openat$tun(0xffffffffffffff9c, 0x0, 0x10200, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@enum={0x2, 0x2, 0x0, 0x6, 0x4, [{0x3, 0xffffffff}, {0x0, 0xb494}]}]}, {0x0, [0x61, 0x2e, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x6}, 0x28)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r2, &(0x7f0000000100)={&(0x7f00000003c0), 0x14, &(0x7f0000000400)={0x0}, 0x7, 0x0, 0x0, 0x6274a5ca71ba6d7a}, 0x4000000)
recvfrom(r2, 0x0, 0x0, 0x42, 0x0, 0x0)
r3 = dup(r1)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="080086dd0001110004000000a60c6eec00be00442ffffe8000000000000000000000000000aaff020000000000000000000000000001042022eb"], 0xfdef)

2m14.606561s ago: executing program 4 (id=1971):
r0 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x8, r0)
r1 = syz_pidfd_open(r0, 0x0)
process_mrelease(r1, 0x700000000000000)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r2=>0x0)
capset(&(0x7f00000000c0)={0x19980330, r2}, &(0x7f0000000180)={0x9, 0x10, 0xcee5237d, 0x3, 0xb, 0x6})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x72d1, &(0x7f0000000500)={0x0, 0xd2a7, 0x10100, 0x0, 0x181}, &(0x7f00000002c0)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x9, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x42}, [@ldst={0x0, 0x0, 0x2}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21)
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000080), 0x2, &(0x7f0000000140)=ANY=[@ANYRES16=r0])

2m14.458490582s ago: executing program 4 (id=1972):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100ffffffff000000002f0000000e0001006e657464657673696d0000000f0002006e657464657673696d3000008dbd4afa7313926a5c61d87a8a64a2137fbdb780f43c76586ecca24cdbeac28cdf4a04d6c4894c17c8346554ab9ef97f33e625fd72095d8a8805d3dba554aef69b1e77a3ef7d92a9020000000000000000d0db8d6f744c6b5b4157290ad01c10111b83b7cd"], 0x34}, 0x1, 0x0, 0x0, 0x20000041}, 0x0)

2m13.966463956s ago: executing program 5 (id=1979):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000005400e50100000000000000040700000051"], 0x18}}, 0x20044050)

2m13.966315159s ago: executing program 5 (id=1980):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x100001)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b80)={0x6, 0x0, [{0xf000, 0x51, &(0x7f00000006c0)=""/81}, {0xd000, 0x2b, &(0x7f0000000640)=""/43}, {0xd000, 0x99, &(0x7f0000000740)=""/153}, {0x1000, 0xe3, &(0x7f0000000800)=""/227}, {0x4000, 0xbf, &(0x7f0000000900)=""/191}, {0xe6e40002, 0xb9, &(0x7f00000009c0)=""/185}]})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/232, &(0x7f00000005c0)=""/106, &(0x7f0000000480)=""/68, 0xc000})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

2m13.545213674s ago: executing program 1 (id=1981):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="180000003c000bab956cb26f8c7d94f90324fc602f000000", 0x18}], 0x1}, 0x200000c4)

2m13.447485738s ago: executing program 1 (id=1982):
readlinkat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010) (async)
readlinkat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000001440), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x2, 0x0, 0x1, 0x0, 0x3}) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x2, 0x0, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000000)=0x1)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=@base={0x1e, 0x4, 0x2, 0xc, 0x1400, 0x1}, 0x50)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r3, &(0x7f0000000400)={0x2020}, 0x2020) (async)
read$FUSE(r3, &(0x7f0000000400)={0x2020}, 0x2020)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r4, 0x0, 0x6, &(0x7f0000937fed), &(0x7f0000000000)=0x2)
r5 = syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x101301)
ioctl$USBDEVFS_CLAIM_PORT(r5, 0x80045518, &(0x7f0000000000)=0x1)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r6, &(0x7f0000000000)="e6", 0x1, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r6, 0x1)
recvfrom(r6, 0x0, 0x0, 0x61, 0x0, 0x0)
ioctl$USBDEVFS_CLAIM_PORT(r5, 0x80045519, &(0x7f0000000480)=0x1)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) (async)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r7, &(0x7f0000002a00)={0x0, 0x0, &(0x7f00000029c0)={&(0x7f0000000180)={0x34, 0x4, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000004}, 0x24004090)
sendmsg(r7, &(0x7f0000002440)={&(0x7f0000000080)=@caif=@util={0x25, "ff92e8d76dc169447b74a6e1d4d95ade"}, 0x80, &(0x7f0000000380)=[{&(0x7f0000002480)='\t', 0x1}, {&(0x7f0000000280)="efe1317cf9d6050c64cfa1b42e6d051325b146679bf91eb49f83fd0d23f935c6856377aa7c51f1868f164f506347b6ecfd53f963ede1edc4163ba1231e64d49bfdeda3e7487b38fe1b777e394ec861b15b65ba27f18985215d150be19d123433edab5808699d48e97db142702cf38435af906d70b4b24532c79f56e6defb7234b8e2153631319f80068ecddd42c91bdda4716f4b4a813749ad7c88df91289fe006df18ddd5c85b8bb08e3ec139cecf6628b55154d2e009e471a493e69c8196497f4c89957043429712896bb22905897a3564ca236038d7f6db878123", 0xdc}, {&(0x7f0000000140)="af64168c53afdbc98ac140d7b5a2e4df5ff8e9b3520489d5", 0x18}, {&(0x7f0000000180)="05b59340ef72292d2a17697ab3e676c1d9db0905c4dbf35ff4a503966b09b2756d854f4a006ca51e06013b43a1738d91fb32c43ae852e9fe2f5190d1c0282da95f7609c3d8c80da482d3a53628cd", 0x4e}], 0x4}, 0x8014) (async)
sendmsg(r7, &(0x7f0000002440)={&(0x7f0000000080)=@caif=@util={0x25, "ff92e8d76dc169447b74a6e1d4d95ade"}, 0x80, &(0x7f0000000380)=[{&(0x7f0000002480)='\t', 0x1}, {&(0x7f0000000280)="efe1317cf9d6050c64cfa1b42e6d051325b146679bf91eb49f83fd0d23f935c6856377aa7c51f1868f164f506347b6ecfd53f963ede1edc4163ba1231e64d49bfdeda3e7487b38fe1b777e394ec861b15b65ba27f18985215d150be19d123433edab5808699d48e97db142702cf38435af906d70b4b24532c79f56e6defb7234b8e2153631319f80068ecddd42c91bdda4716f4b4a813749ad7c88df91289fe006df18ddd5c85b8bb08e3ec139cecf6628b55154d2e009e471a493e69c8196497f4c89957043429712896bb22905897a3564ca236038d7f6db878123", 0xdc}, {&(0x7f0000000140)="af64168c53afdbc98ac140d7b5a2e4df5ff8e9b3520489d5", 0x18}, {&(0x7f0000000180)="05b59340ef72292d2a17697ab3e676c1d9db0905c4dbf35ff4a503966b09b2756d854f4a006ca51e06013b43a1738d91fb32c43ae852e9fe2f5190d1c0282da95f7609c3d8c80da482d3a53628cd", 0x4e}], 0x4}, 0x8014)
fsopen(&(0x7f0000000240)='ubifs\x00', 0x0) (async)
r8 = fsopen(&(0x7f0000000240)='ubifs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000004000180100002800c000180"], 0x28}}, 0x0) (async)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000004000180100002800c000180"], 0x28}}, 0x0)

2m11.81558671s ago: executing program 5 (id=1983):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x100001)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000005c0)=""/106, &(0x7f0000000480)=""/68, 0xc000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

2m8.382349836s ago: executing program 1 (id=1984):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000740)={'syztnl1\x00', &(0x7f00000006c0)={'ip6gre0\x00', <r0=>0x0, 0x4, 0x4, 0x4, 0x0, 0x8, @mcast2, @mcast2, 0x10, 0x8, 0xc54, 0x3}})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000780)={@local, 0x7, r0})
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0xb00, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
r4 = creat(&(0x7f0000000140)='./file0\x00', 0x4)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x5)
r5 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
ioctl$sock_ifreq(r1, 0x0, &(0x7f0000000240)={'veth1\x00', @ifru_ivalue=0x9})
r6 = socket$kcm(0x2d, 0x2, 0x0)
sendmmsg(r6, &(0x7f00000004c0)=[{{&(0x7f0000000080)=@nfc_llcp={0x2d, 0x0, 0x0, 0x7, 0x4, 0x7, "47af57ce8c8e5af84d109ee7a1488bd8c3df97e87f7e771f69ced4c5de6ddeb44ee59bdfb62866129f1338dba84b5d82a121c369a6837123e849c909c16b53", 0x2d}, 0x80, 0x0}}], 0x1, 0x8080)
ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T1(r8, 0x103, 0x1, &(0x7f00000020c0)=0x496, 0x4)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000004c0)=[{0x20, 0x0, 0x0, 0x8002}, {0x6}]}, 0x10)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000001400))
r9 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f00000002c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x7}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x5}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}], &(0x7f0000000300)='GPL\x00', 0x9f48, 0x3a, &(0x7f0000000380)=""/58, 0x41000, 0x41, '\x00', r3, 0x0, r4, 0x8, &(0x7f00000003c0)={0x6, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000400)=[r5, r4, r5], &(0x7f0000000500)=[{0x5, 0x4, 0xa, 0xb}, {0x5, 0x2, 0x8, 0x2}, {0x3, 0x5, 0x0, 0x4}, {0x5, 0x2, 0x8, 0xb}, {0x3, 0x1, 0x5, 0x5}, {0x2, 0x4, 0x0, 0x4}, {0x5, 0x1, 0x7, 0x1}, {0x2, 0x3, 0x7, 0x1}], 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000280)='mm_vmscan_lru_isolate\x00', r10, 0x0, 0x80}, 0x18)
writev(r9, &(0x7f0000000080), 0x36)

2m4.007413309s ago: executing program 5 (id=1986):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[], 0x48)
r0 = socket(0x10, 0x80003, 0x0)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x24)

2m3.826487982s ago: executing program 4 (id=1987):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x421, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad, 0x60e1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0xfe00}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}}, 0x2)

2m1.036311741s ago: executing program 1 (id=1988):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000180)="aabbcc", 0x3}], 0x1}}, {{&(0x7f00000001c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, &(0x7f0000000200)=[{&(0x7f0000000240)="aabbcc", 0x3}], 0x1}, 0x6300}], 0x2, 0x0)

1m59.675122076s ago: executing program 5 (id=1990):
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0xa000000, 0xffffffd, {0x0, 0x0, 0x0, 0x0, {0x1, 0x3}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

1m59.232268939s ago: executing program 1 (id=1991):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c0000001000010025bd7000fddbdf2500000000", @ANYRES32, @ANYBLOB="10080400895504002c001280110001006272696467655f736c6176650000000014000580050028"], 0x4c}, 0x1, 0x0, 0x0, 0x200404c1}, 0x4040010)

1m57.615882088s ago: executing program 4 (id=1992):
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port0\x00', 0xe3, 0xb1c07, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x4})
readv(r1, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x8, 0x8, 0x80, 0x2, 0x3, 0x80, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x0, 0x5, 0x4, 0x0, 0x50, 0x3c5b, 0x1, 0x24, 0xd, 0x2, 0x4, 0xffffffff, 0xe661, 0x0, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x243, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x5, 0x4, 0xfffffff7, 0x3ff, 0x80, 0x0, 0x5, 0x3, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000016f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea1, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x29caad1b, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x4b, 0x8000, 0x1, 0xfe000000, 0x8, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x4000000, 0xbc45, 0x48c93690, 0x100042, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x3038, 0x3e7, 0xb, 0x5, 0x4, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x8620, 0x1, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x7ff, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x3, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x89, 0x7, 0x6, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000001340)="0e9849f1"})
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f00000001c0)={'mangle\x00', 0x2, [{}, {}]}, 0x48)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r9], 0x90}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="6400000002060103000000000000000000000000050001000700000016000300686173683a6e65742c706f72742c6e65740000000900020073797a30000000000500040000000000050005000a000000140007800800124000000000050015"], 0x64}, 0x1, 0x0, 0x0, 0x4000001}, 0x40)
close_range(r0, r1, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)

1m57.026321707s ago: executing program 5 (id=1993):
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

1m52.227128072s ago: executing program 4 (id=1995):
r0 = fsopen(&(0x7f00000009c0)='9p\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(0x3)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x100001)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_STATS(r4, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000340)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [""]}, 0x1c}}, 0x20000000)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0x8000000})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/232, &(0x7f00000005c0)=""/106, &(0x7f0000000480)=""/68, 0xc000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
fsetxattr$security_capability(r1, &(0x7f0000000080), &(0x7f00000000c0)=@v1={0x1000000, [{0x5f, 0x1}]}, 0xc, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
socket$netlink(0x10, 0x3, 0x4)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r5], 0x7c}}, 0x80)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r9, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3f6, 0x100, 0x70bd25, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004091)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

1m51.505172047s ago: executing program 1 (id=1996):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000600)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0x1}, {0x16, 0x4, 0x6}]})
read$FUSE(r0, &(0x7f0000002680)={0x2020}, 0x2020)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000740)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00'], 0x8)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x164)
r5 = fanotify_init(0x2, 0x1000)
write$proc_mixer(r0, &(0x7f0000000240)=[{'PHONEIN', @void}, {'LINE2', @val={' \'', 'Synth Capture'}}, {'ALTPCM', @void}, {'BASS', @val={' \'', 'Capture'}}, {'DIGITAL3', @void}], 0x67)
fanotify_mark(r5, 0x541, 0x4000002b, r4, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/4\x00')
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x14, 0x30, 0x871a15abc695fa3d}, 0x12}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000780)={&(0x7f00000006c0)=[0x0], 0x0, r3, 0x0, '\x00', 0x1})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0xb4, 0x0, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_NAT_DST={0x98, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x34, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x7}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x22}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @rand_addr=0x64010100}, @CTA_NAT_V6_MINIP={0x14, 0x4, @local}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @local}, @CTA_NAT_V4_MINIP={0x8, 0x1, @private=0xa010100}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @loopback}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2a}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4890}, 0x40004)

1m39.626974856s ago: executing program 34 (id=1993):
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

1m35.574949644s ago: executing program 35 (id=1996):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000cf6000/0x4000)=nil, 0x4000, 0x16)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000600)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0x1}, {0x16, 0x4, 0x6}]})
read$FUSE(r0, &(0x7f0000002680)={0x2020}, 0x2020)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000740)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00'], 0x8)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x164)
r5 = fanotify_init(0x2, 0x1000)
write$proc_mixer(r0, &(0x7f0000000240)=[{'PHONEIN', @void}, {'LINE2', @val={' \'', 'Synth Capture'}}, {'ALTPCM', @void}, {'BASS', @val={' \'', 'Capture'}}, {'DIGITAL3', @void}], 0x67)
fanotify_mark(r5, 0x541, 0x4000002b, r4, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/4\x00')
read$FUSE(r6, &(0x7f0000000480)={0x2020}, 0x2020)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0x14, 0x30, 0x871a15abc695fa3d}, 0x12}}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r1, 0xc04064aa, &(0x7f0000000780)={&(0x7f00000006c0)=[0x0], 0x0, r3, 0x0, '\x00', 0x1})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0xb4, 0x0, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_NAT_DST={0x98, 0xd, 0x0, 0x1, [@CTA_NAT_PROTO={0x34, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e22}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e20}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x7}, @CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e23}, @CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x22}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @rand_addr=0x64010100}, @CTA_NAT_V6_MINIP={0x14, 0x4, @local}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @local}, @CTA_NAT_V4_MINIP={0x8, 0x1, @private=0xa010100}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @loopback}, @CTA_NAT_V4_MINIP={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x2a}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @loopback}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x3}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4890}, 0x40004)

1m31.56561107s ago: executing program 36 (id=1995):
r0 = fsopen(&(0x7f00000009c0)='9p\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0)
close(0x3)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x100001)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SHOW_STATS(r4, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000580)={&(0x7f0000000340)={0x1c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [""]}, 0x1c}}, 0x20000000)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0x8000000})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/232, &(0x7f00000005c0)=""/106, &(0x7f0000000480)=""/68, 0xc000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
fsetxattr$security_capability(r1, &(0x7f0000000080), &(0x7f00000000c0)=@v1={0x1000000, [{0x5f, 0x1}]}, 0xc, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
socket$netlink(0x10, 0x3, 0x4)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r7, @ANYBLOB="00000000000000005c001280110001006272696467655f736c61766500000000440005800500050000000000050020000100000005000800000000000600", @ANYRES8=r5], 0x7c}}, 0x80)
ioctl$KVM_CLEAR_DIRTY_LOG(0xffffffffffffffff, 0xc018aec0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r9, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3f6, 0x100, 0x70bd25, 0x25dfdbfd, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x4004091)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

5.766859699s ago: executing program 7 (id=2904):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x10f, 0x1, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="851666ce20db96ab0c7d83e114e7291762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87fc0de3220a4041526a", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0})
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r6, &(0x7f0000000b00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x8, 0x3, 0x5, 0x1635}}, 0x120)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r3, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0)

4.950076762s ago: executing program 7 (id=2911):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000600)={0x4c, 0x0, &(0x7f0000000240)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f00000013c0)={@flat=@weak_handle={0x77682a85, 0x10b}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x30}}, &(0x7f00000002c0)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0})

4.764135957s ago: executing program 6 (id=2914):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000380)="e8", 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
shutdown(r0, 0x1)

4.621289356s ago: executing program 6 (id=2915):
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r2}], 0x1, 0x0, 0x0, 0x0)

4.457044174s ago: executing program 0 (id=2919):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

4.326124884s ago: executing program 0 (id=2922):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

4.325734887s ago: executing program 0 (id=2923):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000580)={0x1, 0x1, 0x0, 0x1000, &(0x7f0000456000/0x1000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.168196795s ago: executing program 0 (id=2924):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000080)='./file0\x00')
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r1, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

4.162508057s ago: executing program 0 (id=2925):
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ppoll(&(0x7f0000000140)=[{}], 0x1, 0x0, 0x0, 0x0)
close(r0)

4.055872208s ago: executing program 7 (id=2926):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
socket$netlink(0x10, 0x3, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x8ef, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r5 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r5, 0x400442c8, &(0x7f0000000100)=ANY=[@ANYRES32=r4])

3.836295795s ago: executing program 0 (id=2927):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, 0x0, 0x821, 0x70bd2c, 0x2ddfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_PAN_ID={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48055}, 0x80)

3.806304149s ago: executing program 37 (id=2927):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, 0x0, 0x821, 0x70bd2c, 0x2ddfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_PAN_ID={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48055}, 0x80)

2.63650555s ago: executing program 7 (id=2933):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan1\x00', <r2=>0x0})
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r2, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000)

2.176938299s ago: executing program 8 (id=2938):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='yeah\x00', 0x5)
shutdown(r0, 0x1)

2.176597491s ago: executing program 8 (id=2939):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)

1.416533254s ago: executing program 6 (id=2940):
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r2}], 0x1, 0x0, 0x0, 0x0)
close(r0)

1.064894413s ago: executing program 7 (id=2941):
r0 = io_uring_setup(0xfc6, &(0x7f00000002c0)={0x0, 0x6c02, 0x0, 0x0, 0x20000004})
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

1.06437882s ago: executing program 8 (id=2942):
syz_emit_ethernet(0x0, 0x0, 0x0)

1.062329919s ago: executing program 8 (id=2948):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000000)=0x1, 0x4)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r1, &(0x7f0000002cc0)=[{{0x0, 0x0, 0x0}, 0x71d8e07a}], 0x1, 0x12020, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000140))
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000000000/0x3000)=nil)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
listen(r2, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x0, 0x10100, 0x0)
socket$pptp(0x18, 0x1, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$sock_buf(r6, 0x1, 0x1c, 0x0, &(0x7f0000000140))

597.034985ms ago: executing program 6 (id=2943):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={0x54, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x10f, 0x1, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="851666ce20db96ab0c7d83e114e7291762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87fc0de3220a4041526a", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0})
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r6, &(0x7f0000000b00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x8, 0x3, 0x5, 0x1635}}, 0x120)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r3, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0)

595.355746ms ago: executing program 7 (id=2951):
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r2}], 0x1, 0x0, 0x0, 0x0)
close(r0)

262.752498ms ago: executing program 9 (id=2928):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})

145.90904ms ago: executing program 9 (id=2944):
r0 = socket$inet6(0xa, 0x3, 0x39)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0xc30, @local, 0x6}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3e, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)

137.938412ms ago: executing program 6 (id=2945):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x88b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x81, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f0000000240)='fd/3\x00')
accept4$rose(r2, 0x0, 0x0, 0x80800)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)

76.22966ms ago: executing program 9 (id=2946):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)

76.064774ms ago: executing program 8 (id=2947):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000600)={0x4c, 0x0, &(0x7f0000000240)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x68, 0x18, &(0x7f00000013c0)={@flat=@weak_handle={0x77682a85, 0x10b}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x33}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x30}}, &(0x7f00000002c0)={0x0, 0x18, 0x40}}, 0x400}], 0x0, 0x0, 0x0})

16.634808ms ago: executing program 8 (id=2949):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11.838959ms ago: executing program 9 (id=2950):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
socket$pptp(0x18, 0x1, 0x2)
syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)

0s ago: executing program 6 (id=2952):
r0 = openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000b00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x8, 0x3, 0x5, 0x1635}}, 0x120)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000c40)={0x8, {"751be3c602a0e5276e79c086adc21270633fb3d067b21d544abb92036ecf489f5b3345ad3d6df45ba403e3d9b1137267182b6c67e967f54aaae1a43f4632e4e173f8ce97adfb7996e5cd702f546f95645b64fc34a8730dc2b3be9d88f47e1f6a862b07ab1d850e3e817f6005dabb3381780aa95a7c31cb78bf8721902712937891e9438cd773ef9e8c64c67bf47ea562d9f71def0c6ea559873b67cbdec5e83ec479104c3b3d54aa973d173522c9779135e0b5d91a1cdec65798dd915f2f59515b9335b256d166d9aace8f6c881272af4514796e6bc6549a4c65a0b1fe100f9136250d114800ff60013f6361bd7a772bdba813242130a6afcd8df14522aeb8ab20c8b7ceaae10e40c273c91c9c6462141ccb4f873279862524f0252c25aabc8386c3e404f0acd9033d24103d662d33be10a409713a13b557843396136ffc3111cbebac293d82cf913a5ea34a5b728d8da1f80327f4386ae7e9c2b6997638c372ef75f40a8688e8c74b2689dafb6b2ad2b3d6b7d558beb22a305e5904ac8a291f188334baeecbabd5d0431d63468e2d456a30da83ce133247a76e72cb1b8794e2967ef0bc18f8fdab10838b725840dba1817f2ba431b5f4ff40c19f5c36195afd79cba926416b0f94283ecb68aab6bf10a562cc3291fd5b2ce009f966fd0a94b388a6c172305e281cfeec6f8688b98b36e9910913b12d7e8c4bee96918f412d409a873a56d863df5c254afed14ce8a8c43fc84d2036b40879290f282faf06a2884c74a79594776f260618a245769ab877c1ef31e27878ea89e4ca8bdd646ce95bab8a7d5a1de735048639a2d3680126211dc9c20085dd8d715e647197a0187d03a985bf06c8da5fd961aa49645b88a927b2a2455cbda4dd3382dd2af7a9430b8606f984f4424d19562d14380b171ef1424b84ea1d22e31555b7758264962a6fa03d39c7887f47a91815189dc63ab0ecef4692b2983025bab06aad0c7ff178aa62cc882a482940f3767ea1c679176a9bd308222625570ce4ce1b49cef27a3e2f50fae9eea4a6819be790a685ede4a36d6eaba696cde1d5b7b05765b84d4b70f750aff9dd455106d816ca6324b85b07d2622150605472b72a36f503dc5e01a5390458747aa3f19c8db247b97cb14222b5e79cc6e3135be812bc8ca7c9a155852cef9dcf017ae378d9ecc9482b4857dc98c403beaf9f8bc4960292777fc58221ad46e9d5976ce2941e4fe427810dfb032c99cef90cf17f4e0083c986d66e0e170c2fea96a7360897a81a57921a9025dd021c2b0f6bbe08f8a49d8ac428a7074930bd2ef7ad28a0f17550b45bbfddd723b710994160bcc0ea2e92dbcbb114fefe22db643b9d392118ec05d7f48807ea1c4b5e39845d8207dc6b24d5d8a573034189b3563cdd14f102e2b41239ad1581a7839981d56cbdb7d8c843560272a075788603ec9b62aec5de81c734e3d8118e271179cfdb9e0ffb460519d769c05ad2b5044c2eca76a2c0824b5275c06b8715c0b6df6625a70ca14cc86ebc401f7abbd6d53e8e5d391371840510a9fb2d515be1bb1581a7e2b3a8610425da60d9ba8a841c324c3e1487036a20bc4d9149cbad2be5ed0e37f5cd21eb0d475f0c5730139d8b790e768ea169ef74069b6ccb4d09c78fcd1f1b791faef2218ce5e2707ffd0e38ada6a96a88a53dfc2ad72c9791a92d6a4d86f0f832062d62d3b425f260f654266196584729971fc3903d24300c9da725d47daa985bddff4b6fe301eb324bf6a35157bd79a0cf213398380de3bd91f583d537415afff80658992a949e433ff048c1d2495dec0461f0dd5bf4c8ac506268cd959f3493d37f8feb754062ca89398ade01f923c850eebc84ba9ee3d8c46d880d6f54f0ceafa451669c44b3e5c64411b0c855c94e8d3c345915412e041d284481e4242a1ae828345d76614979c252316b0f5eec34b98077cf89ff1834c25de73e83ad92873f2da115c02af04b71e7303e6289dbe76aaf9e5400dbbd9952c985283ff18aea8a7cab00ae650d21d235b62d9c21965c9888deebd4102bc75b95d33c6b5548f64c3c3f8fa256f21ab2577354221d5ddbc7247d46fb3532ed6322eef55aa24ac77797a38d1614923e24a9d70f6a24e0a1f28519a202fd91100f4d12ce61c37c819874bfbe5c61b4eb06c1b2b1cce56afaf16d560cf4ea727566f701e10233051dd633f4cca90c09c7aa733ecc0932d855abc08566dffe484de6d498c3625f7c2ba5bb12925d5f12e6194e21df4a4d69e1d0915963a04959348d49de928635128126557f8b5b87e1a47da42b311c47d3f0f969f069404e72d8a0d3cb0147ae6ee87abf994f384959eae9c7a91509f94f53098a8017d62bb1050b28c7976309957c34321d5a9520567970280714857904fb6e8f8c54fcdbb768028e4b37d47fd53ebd9cadb94baecbb54c78c81f7a80dd4c616df98d20ec22a0459844828c18eb7ec6d46cdc535266468bef9cfc6ce844b4b7ec9e3ff9e2619c05b477f72be3448f931312ff85727d8e1f48fbb978cb4b22bf959e97ebf4f25e19710f38a2c518702853410b32e74a68c98d58973a4a5c9d3d99c331f0d918a76fd047bb77a18eb655f72f6867cb3093438a26f080dbff4c4cd9544b9f401da3db9d235921a44c61e8292b83f83e8c9825d50bb0dbe32216e21733da8024343206e571c1d051daa670895566a9a218fb112ab2cdfa6a76bfd6374454ee1c211e5871d4186af9c7fef85af11c5b8a11774a1dd890ed2d5723b8698c339bc32473a1b5a9ec39b093ed24a3ec02b6455479bb34fa5a96c1b38fbe356c36b863e28d1234b64bcc0d071c790283b9b71137948776d6a60b67ff552d64286db810ecb90f1117dbedf6d2ce3162ec4ca4070333d1bce11419c13fdc1772ffe70fb03ad824f285660ec0c1985fff2441eddd0fa4b58dc53256ffa0df94a59a3c4165d4ae8bb883b23a8512d435e026da4583183d5147dfb2e05742803c6e9a3166f9dc40e1565887b3fd5d97c00b97b1ac542c23658d4ff03e8b9f3ecf3e35206e6ab3f38f26b70ee4e101f84ad6e3dce689ebdfa544b27af4a9a78667f6ef3564f1f0ffd0a9ed142c77961c7ae9c9a1b300023b6d79511e65d3db989052be9166b4bf9fc128b05fc500af7e7938f4e7ba7d67a117cde6c6330ca18d57150c2d51281df54d8735410805a92d4e5885a580124ecc54bc49bf451c6110a7fa195ae5691743bc4f0d3ab0a1e434884bbfbe8d0e8a5de217269c54f2f2415dbdb7e9285c7006c21cf3b593eefffd79c52c4a95da668651ed12ffe7ec0d2206588c452d107d543cf90f514a417d67b30082ed8ea7ab609d27b4ef9a7e3ac9c0d32020bca61f1df1c83e0b9625e7d6944f6d1fa3e388fb88dc0fd053fe1f1d2c5fa282a59eb2459475c6f1b556fbc791104a6707b8d37d81e7bdf158417f3e920d07d3b6ff305bafec00291c825ffc7d965e570094853389f6996ef02cc3e2f5ce3468e2d0a4ded990d372c2b234c3c1bbd6b6cff24ce474cdd98c42e7179295ac12740cefaf6e86898fb7180db31116ac7bb6d06a242f1fff5530ac7fc47f6593ac73c1a231a73e28d5b4b90d1a596b981675e4f7e0616095dffa6807c49c9d147f5a81b2822b128b035f4de8e017e54ac06e2e7dd52b3bbd778a76477dbe33e6fce5ae786879ba0739de0dee0987258912445664a405cb12a01bb94a97abccdc6d3afe7b61ba72b403a2e66c4c6b2cad20c427c0daf1d9d2dc57ccd502ff4993367dd0debcadee0e431e9115977e1c51a1905fb54268d25aa71cf056358f6d2c4c8bccdc675e350499f7776a15b41fb9e74d56ce3c82a28e9ee1815e039c6b18c8c551ddd46689e27e4c6b4ec384ee8d7fe1bd0ef40a6c288111fd61f00302f7dc442183e6dc0a2cdbbd6d43e061687989f9fef7ce54b238038461bf941a0706e2dfa8c069f4d90d1381a7429b3e692e346074c4de9e208f473a8794a6aaac2a297c29a396a28a10f4a5fa17863ed592fc39d7e8549af9f952366cee76372cf17812964c7322b370ff7f8f2074cc16b88b7cf8fd44bc3504c77efa6effb0813fe4f8ad6da76054d84d50bd9d7e1ff78b9afb4988d843d298515895d9aeaa29e496492097c79d0ecd887045cbd37cc476decc5836640d9a000e2a0a9e389dd6a996cea1dc0a7f62e2abf25d6ebee990ef19db33783d0485eaf43476b134d6873fd9a4f376ec2e4ae0993407683597ebd9376ca9d9d85d4399b3d24b8b6bf0e4910f257f6f54887f321a3768f82982144c5fe4fdf40068c3c71d34ffec82726e704c40f82f537d41b3621f06c1bb11b1665de3732df4f3eb727c04ad6b25910d9d97163119a2b72ff40109edbc58676682e0f86f75870b6f639d368d11aa1ceae80708288757db2389b16a4420008ce4a7a8487cbb7c922108a1acff54a0da5fc32c4c1e29a483e50ab9818c15c86a4997b4c8ef8dce08f633d2b558823a1c3476e61badcbb4ebcfd5f89f4075f093f5ea52c5c6f6c3025a8558ffb7c38a0662c05b8c44c0af1f15d3df1b1814255e27e9edec3346e2d59202fd643cf51a8ac5fe2a17579433afb9898cdba1c31c6083a8040064cd67c5012738660a09677e2b2156074a6586c76b86b745e7e209884185226fdbc2d826e2264e0b8d9e8896af60d82cc06452366c5dbf959e14a1a12b56bea30e35b1f50cdf95e37e0a5d272a792caec048947dd56abfe85271f0131e8d7f542525230ee0b005fe6bdec05a5f42c7027b555292374b210b7a6d72139574e10500f7db0914270d122ad93a0893c6875008e6b055a0358a48ef9b9309089323a110fcc7c5122c45401532c075957214dd6c86305819ead9cdcddec00faf31b0be040165aee5210c648eb7ac1d856dfce811391876735a05e71f2c8fa0beed3c5489897de524dd52da8a18c5a69d0be29a59dba736addf52ba02bb14121660f973a030d705480ae121b44f6d46441af124982c6b759389977e32de862bf409eeae3eaf7321c779b1c2e32080e031d854c34ce5413a098e18ac7a4b871985c83b0ba4fe68d82061923547d3ea28e004fab11afa63fcd5a6149c4bb3a2480061e5d58899a5d717893c0b73be62d4a42eb3fec479aea240fae76ef79561d4a7bf26c4f67cbe1659557f20f8fce0e183e2b4da3553741cbd764714d3e6ebec6ff0a9fb7efcd99bc71c3938b4142ca0a69faa54bab2b4f7b9143633fd6e9a26f7766b8353f491a0bcb62066df77faaaf7b639d9455bdc8937968c51848e4391c52db579a48dcc3a7f1406053bbf06ee64eb3a5b7d2e0c63efdd5edeef53820e3e52d3d12828e39d698095aa3c3cd84989fc7ca73e541ba7da40aa2297a5e3633096dfb81b5c2ec6fbeb894e41bce4e8ec5096326feece88f5a795cad6097ea7c91ec487092ebad33c06f355a195d64d17afe092a0d7ae2161ad3d33f863336ed1e4055f7f81c065230e0c1fa5b332cd6a57692f3b0f60115dcece23ee7c46a45ac79e8ec19ca091c98f06750c802b103480ebe72849b22b7419ea1e35999d0b374286c20fe64880fc5259c61e300d15659b9f6a43127aaf0587048ca9a4284b2e25f3d079ddc194a7bf12a211bdc8f969be78e6d9a686c8ebdec19bd3518a901fd9bc3ad02065f0b145a8b72abf97d7584c7ebe6054e36d6f095df5a0cfc80e82878c4a5845f31e8f351e7411b0c81880523040585881fd87424e6288fc4b877a39bb81a9a40200c8e7a438d944c268d12d7ff1f234d2a12001d3a97ad15da3d628a420bcecd3f365488120", 0x1000}}, 0x1006)

kernel console output (not intermixed with test programs):

] audit: type=1400 audit(193.613:748): avc:  denied  { mounton } for  pid=11704 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  193.836558][ T5965] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  193.840187][T11704] lo speed is unknown, defaulting to 1000
[  193.904998][   T63] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  193.906579][ T5979] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  193.908446][   T63] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  193.913044][   T63] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  193.913368][ T5979] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  193.915885][   T63] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  193.921122][   T63] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  193.936047][   T63] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  193.941196][ T5977] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  193.998607][T11708] lo speed is unknown, defaulting to 1000
[  194.050090][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  194.052111][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  194.089309][T11704] chnl_net:caif_netlink_parms(): no params data found
[  194.093557][T11710] lo speed is unknown, defaulting to 1000
[  194.235315][T11704] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.237699][T11704] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.240002][T11704] bridge_slave_0: entered allmulticast mode
[  194.242631][T11704] bridge_slave_0: entered promiscuous mode
[  194.248065][T11704] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.250306][T11704] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.252597][T11704] bridge_slave_1: entered allmulticast mode
[  194.256168][T11704] bridge_slave_1: entered promiscuous mode
[  194.303042][T11704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.313710][T11704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.357402][T11704] team0: Port device team_slave_0 added
[  194.361269][T11704] team0: Port device team_slave_1 added
[  194.419382][T11704] batman_adv: batadv0: Adding interface: batadv_slave_0
[  194.421563][T11704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.429562][T11704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  194.449160][T11704] batman_adv: batadv0: Adding interface: batadv_slave_1
[  194.451391][T11704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  194.462485][T11704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  194.499105][T11708] chnl_net:caif_netlink_parms(): no params data found
[  194.557381][T11704] hsr_slave_0: entered promiscuous mode
[  194.559676][T11704] hsr_slave_1: entered promiscuous mode
[  194.561703][T11704] debugfs: 'hsr0' already exists in 'hsr'
[  194.563513][T11704] Cannot create hsr debugfs directory
[  194.601768][T11733] netlink: 'syz.0.2005': attribute type 1 has an invalid length.
[  194.651089][   T40] audit: type=1400 audit(194.523:749): avc:  denied  { map } for  pid=11736 comm="syz.0.2006" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  194.683225][   T40] audit: type=1400 audit(194.553:750): avc:  denied  { bind } for  pid=11738 comm="syz.0.2007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  194.690132][   T40] audit: type=1400 audit(194.553:751): avc:  denied  { node_bind } for  pid=11738 comm="syz.0.2007" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  194.696685][   T40] audit: type=1400 audit(194.553:752): avc:  denied  { read } for  pid=11738 comm="syz.0.2007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  194.702474][   T40] audit: type=1400 audit(194.553:753): avc:  denied  { setopt } for  pid=11738 comm="syz.0.2007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  194.724220][T11708] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.726353][T11708] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.728760][T11708] bridge_slave_0: entered allmulticast mode
[  194.731412][T11708] bridge_slave_0: entered promiscuous mode
[  194.738723][T11710] chnl_net:caif_netlink_parms(): no params data found
[  194.738911][T11744] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2009'.
[  194.745938][T11708] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.748158][T11708] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.750414][T11708] bridge_slave_1: entered allmulticast mode
[  194.753022][T11708] bridge_slave_1: entered promiscuous mode
[  194.792017][T11708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.797709][T11708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.866704][T11744] gretap1: entered allmulticast mode
[  194.869122][T11744] bridge0: port 3(gretap1) entered blocking state
[  194.871201][T11744] bridge0: port 3(gretap1) entered disabled state
[  194.874192][T11744] gretap1: entered promiscuous mode
[  194.876869][T11744] bridge0: port 3(gretap1) entered blocking state
[  194.878972][T11744] bridge0: port 3(gretap1) entered forwarding state
[  194.901233][T11708] team0: Port device team_slave_0 added
[  194.957860][T11708] team0: Port device team_slave_1 added
[  194.959908][T11710] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.962199][T11710] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.964614][T11710] bridge_slave_0: entered allmulticast mode
[  194.967210][T11710] bridge_slave_0: entered promiscuous mode
[  194.970130][   T60] gretap1: left allmulticast mode
[  194.971816][   T60] gretap1: left promiscuous mode
[  194.973490][   T60] bridge0: port 3(gretap1) entered disabled state
[  194.978073][   T60] bridge_slave_1: left allmulticast mode
[  194.979868][   T60] bridge_slave_1: left promiscuous mode
[  194.981946][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.985682][   T60] bridge_slave_0: left allmulticast mode
[  194.987473][   T60] bridge_slave_0: left promiscuous mode
[  194.989301][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.180039][T11755] netlink: 'syz.0.2012': attribute type 21 has an invalid length.
[  195.311205][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  195.314853][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  195.318282][   T60] bond0 (unregistering): Released all slaves
[  195.324614][   T60] bond1 (unregistering): Released all slaves
[  195.330525][   T60] bond2 (unregistering): Released all slaves
[  195.336946][   T60] bond3 (unregistering): (slave bond4): Releasing backup interface
[  195.339818][   T60] bond3 (unregistering): Released all slaves
[  195.407013][   T60] bond4 (unregistering): Released all slaves
[  195.413446][   T60] bond5 (unregistering): (slave bond6): Releasing backup interface
[  195.417689][   T60] bond5 (unregistering): Released all slaves
[  195.478255][   T60] bond6 (unregistering): Released all slaves
[  195.519607][T11710] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.522049][T11710] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.524907][T11710] bridge_slave_1: entered allmulticast mode
[  195.528734][T11710] bridge_slave_1: entered promiscuous mode
[  195.567892][T11708] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.570844][T11708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.581199][T11708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.593292][T11710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  195.601240][T11710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.624977][T11708] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.627192][T11708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.635287][T11708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.635715][   T60] IPVS: stopping backup sync thread 7985 ...
[  195.661588][T11710] team0: Port device team_slave_0 added
[  195.667633][T11710] team0: Port device team_slave_1 added
[  195.768429][T11704] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  195.772381][   T40] audit: type=1400 audit(195.643:754): avc:  denied  { read open } for  pid=11759 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1902 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.772874][T11710] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.780449][   T40] audit: type=1400 audit(195.643:755): avc:  denied  { getattr } for  pid=11759 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1902 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.782421][T11710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.790093][   T40] audit: type=1400 audit(195.663:756): avc:  denied  { add_name } for  pid=11758 comm="dhcpcd-run-hook" name="resolv.conf.eth6.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.799075][T11710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.805136][   T40] audit: type=1400 audit(195.663:757): avc:  denied  { create } for  pid=11758 comm="dhcpcd-run-hook" name="resolv.conf.eth6.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.805689][ T5965] Bluetooth: hci1: command tx timeout
[  195.812211][T11708] hsr_slave_0: entered promiscuous mode
[  195.816237][   T40] audit: type=1400 audit(195.663:758): avc:  denied  { write } for  pid=11758 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.eth6.link" dev="tmpfs" ino=5497 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.818752][T11708] hsr_slave_1: entered promiscuous mode
[  195.820381][   T40] audit: type=1400 audit(195.663:759): avc:  denied  { append } for  pid=11758 comm="dhcpcd-run-hook" name="resolv.conf.eth6.link" dev="tmpfs" ino=5497 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.830339][T11708] debugfs: 'hsr0' already exists in 'hsr'
[  195.831809][   T40] audit: type=1400 audit(195.713:760): avc:  denied  { remove_name } for  pid=11761 comm="rm" name="resolv.conf.eth6.link" dev="tmpfs" ino=5497 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.838978][T11708] Cannot create hsr debugfs directory
[  195.851513][   T40] audit: type=1400 audit(195.713:761): avc:  denied  { unlink } for  pid=11761 comm="rm" name="resolv.conf.eth6.link" dev="tmpfs" ino=5497 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  195.859552][T11704] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  195.868706][T11710] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.870972][T11710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.879450][T11710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.890453][T11704] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  195.894767][T11704] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  195.964234][ T5965] Bluetooth: hci5: command tx timeout
[  195.973995][ T5965] Bluetooth: hci4: command tx timeout
[  195.979881][T11710] hsr_slave_0: entered promiscuous mode
[  195.982193][T11710] hsr_slave_1: entered promiscuous mode
[  195.984804][T11710] debugfs: 'hsr0' already exists in 'hsr'
[  195.986662][T11710] Cannot create hsr debugfs directory
[  196.197739][ T5965] Bluetooth: hci3: unexpected event for opcode 0x2028
[  196.206469][T11708] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  196.210902][T11708] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  196.221463][T11708] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  196.235867][T11704] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.238711][T11708] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  196.283545][T11704] 8021q: adding VLAN 0 to HW filter on device team0
[  196.302670][T11710] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  196.317701][   T95] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.319998][   T95] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.323232][T11710] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  196.328139][T11710] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  196.332126][T11710] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  196.354568][ T1188] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.356895][ T1188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.420555][T11708] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.449517][T11708] 8021q: adding VLAN 0 to HW filter on device team0
[  196.459563][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.462318][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.469525][   T95] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.471850][   T95] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.483287][T11710] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.507178][T11710] 8021q: adding VLAN 0 to HW filter on device team0
[  196.530485][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.532828][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.553377][ T1188] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.555801][ T1188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.589314][T11704] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.700071][T11710] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.713100][T11708] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.803910][   T60] hsr_slave_0: left promiscuous mode
[  196.806414][   T60] hsr_slave_1: left promiscuous mode
[  196.808444][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.811366][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.347943][   T60] team0 (unregistering): Port device team_slave_1 removed
[  197.412190][   T60] team0 (unregistering): Port device team_slave_0 removed
[  197.868588][T11704] veth0_vlan: entered promiscuous mode
[  197.882843][T11704] veth1_vlan: entered promiscuous mode
[  197.885696][ T5965] Bluetooth: hci1: command tx timeout
[  197.900386][T11710] veth0_vlan: entered promiscuous mode
[  197.905259][T11710] veth1_vlan: entered promiscuous mode
[  197.938510][T11704] veth0_macvtap: entered promiscuous mode
[  197.946123][T11708] veth0_vlan: entered promiscuous mode
[  197.951823][T11710] veth0_macvtap: entered promiscuous mode
[  197.955852][T11710] veth1_macvtap: entered promiscuous mode
[  197.958889][T11704] veth1_macvtap: entered promiscuous mode
[  197.966081][T11708] veth1_vlan: entered promiscuous mode
[  197.975942][T11710] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.979444][T11840] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2014'.
[  197.988786][T11710] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.997612][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.005544][T11704] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.030781][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.033628][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.042926][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.044069][ T5965] Bluetooth: hci4: command tx timeout
[  198.047300][T11704] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.053964][ T5965] Bluetooth: hci5: command tx timeout
[  198.056140][T11708] veth0_macvtap: entered promiscuous mode
[  198.060846][   T40] audit: type=1400 audit(197.933:762): avc:  denied  { mount } for  pid=11843 comm="syz.0.2015" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  198.070455][ T1148] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.071745][   T40] audit: type=1400 audit(197.943:763): avc:  denied  { rename } for  pid=11843 comm="syz.0.2015" name="bus" dev="tmpfs" ino=2834 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  198.101830][T11708] veth1_macvtap: entered promiscuous mode
[  198.112824][ T1148] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.121439][ T1148] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.124895][ T1148] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.149931][T11708] batman_adv: batadv0: Interface activated: batadv_slave_0
[  198.158205][T11708] batman_adv: batadv0: Interface activated: batadv_slave_1
[  198.169094][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.171558][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.187370][ T1144] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.190259][ T1144] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.202396][ T1144] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.208372][ T1144] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.213337][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.216023][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.246068][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.250549][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.269486][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.271989][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.298513][   T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.301003][   T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.345198][   T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.347722][   T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.361186][T11866] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2018'.
[  198.395756][T11872] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  198.450831][T11881] binder: 11870:11881 ioctl c0306201 0 returned -14
[  198.456410][T11881] binder: 11870:11881 ioctl 4018620d 0 returned -22
[  198.460589][ T5965] Bluetooth: hci3: unexpected event for opcode 0x200d
[  198.474835][T11883] MINIX-fs: blocksize too small for device
[  198.492380][T11879] batadv_slave_1: entered promiscuous mode
[  198.496259][T11879] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.2021'.
[  198.504623][T11886] netlink: 'syz.6.2020': attribute type 27 has an invalid length.
[  198.539086][T11892] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2024'.
[  198.543653][T11886] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.546172][T11886] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.607878][T11886] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.614493][T11886] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.680833][T11878] batadv_slave_1: left promiscuous mode
[  198.686120][T11895] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  198.688650][   T46] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.691930][   T46] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.717155][   T46] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.720351][   T46] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.743294][T11900] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2026'.
[  198.815531][T11909] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.2028'.
[  198.883498][   T60] bridge_slave_1: left allmulticast mode
[  198.885706][   T60] bridge_slave_1: left promiscuous mode
[  198.887656][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.899102][   T60] bridge_slave_0: left allmulticast mode
[  198.900934][   T60] bridge_slave_0: left promiscuous mode
[  198.902807][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.906582][T11917] netlink: zone id is out of range
[  199.146451][   T61] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  199.165228][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.168828][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.171900][   T60] bond0 (unregistering): Released all slaves
[  199.180196][   T60] bond1 (unregistering): Released all slaves
[  199.186476][   T60] bond2 (unregistering): Released all slaves
[  199.192607][   T60] bond3 (unregistering): Released all slaves
[  199.199104][   T60] bond4 (unregistering): Released all slaves
[  199.205180][   T60] bond5 (unregistering): Released all slaves
[  199.281969][   T60] bond6 (unregistering): Released all slaves
[  199.302852][   T60] bond7 (unregistering): (slave bond8): Releasing backup interface
[  199.302974][   T61] usb 12-1: config index 0 descriptor too short (expected 8192, got 36)
[  199.308633][   T61] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  199.309307][   T60] bond7 (unregistering): Released all slaves
[  199.311788][   T61] usb 12-1: config 0 has no interfaces?
[  199.311807][   T61] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  199.311819][   T61] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.327399][   T61] usb 12-1: config 0 descriptor??
[  199.350427][T11936] comedi comedi0: Minor 3 could not be opened
[  199.421049][   T60] bond8 (unregistering): Released all slaves
[  199.422799][T11943] usb usb8: usbfs: interface 0 claimed by hub while 'syz.6.2041' resets device
[  199.542788][   T61] usb 12-1: string descriptor 0 read error: -71
[  199.551797][   T61] usb 12-1: USB disconnect, device number 2
[  199.567639][   T60] IPVS: stopping backup sync thread 9879 ...
[  199.618144][T11965] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2047'.
[  199.687191][T11955] /dev/sr0: Can't open blockdev
[  199.837567][T11967] /dev/sr0: Can't open blockdev
[  199.882093][   T60] hsr_slave_0: left promiscuous mode
[  199.888802][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.891463][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.965596][ T5965] Bluetooth: hci1: command tx timeout
[  200.124796][ T5965] Bluetooth: hci5: command tx timeout
[  200.124814][ T5977] Bluetooth: hci4: command tx timeout
[  200.405483][   T60] team0 (unregistering): Port device team_slave_1 removed
[  200.470471][   T60] team0 (unregistering): Port device team_slave_0 removed
[  200.471790][T12007] kAFS: Can only specify source 'none' with -o dyn
[  200.957965][   T40] kauditd_printk_skb: 24 callbacks suppressed
[  200.957975][   T40] audit: type=1400 audit(200.833:788): avc:  denied  { unlink } for  pid=5971 comm="syz-executor" name="file0" dev="tmpfs" ino=2874 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  200.999363][   T40] audit: type=1400 audit(200.873:789): avc:  denied  { write } for  pid=12016 comm="syz.0.2059" name="file0" dev="9p" ino=35913881 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  201.001289][T12017] FAULT_INJECTION: forcing a failure.
[  201.001289][T12017] name failslab, interval 1, probability 0, space 0, times 0
[  201.006434][   T40] audit: type=1400 audit(200.873:790): avc:  denied  { open } for  pid=12016 comm="syz.0.2059" path="/553/file0/file0" dev="9p" ino=35913881 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  201.011343][T12017] CPU: 1 UID: 0 PID: 12017 Comm: syz.0.2059 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  201.011360][T12017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  201.011367][T12017] Call Trace:
[  201.011371][T12017]  <TASK>
[  201.011375][T12017]  dump_stack_lvl+0x16c/0x1f0
[  201.011391][T12017]  should_fail_ex+0x512/0x640
[  201.011404][T12017]  ? fs_reclaim_acquire+0xae/0x150
[  201.011420][T12017]  ? p9_fcall_init+0x97/0x260
[  201.011430][T12017]  should_failslab+0xc2/0x120
[  201.011443][T12017]  __kmalloc_noprof+0xd2/0x510
[  201.011454][T12017]  ? rcu_is_watching+0x12/0xc0
[  201.011471][T12017]  p9_fcall_init+0x97/0x260
[  201.011482][T12017]  p9_tag_alloc+0x202/0x640
[  201.011495][T12017]  ? __pfx_p9_tag_alloc+0x10/0x10
[  201.011508][T12017]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  201.011528][T12017]  p9_client_prepare_req+0x19b/0x4d0
[  201.011540][T12017]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  201.011551][T12017]  ? v9fs_file_write_iter+0xbf/0x100
[  201.011567][T12017]  ? __lock_acquire+0xb97/0x1ce0
[  201.011587][T12017]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  201.011603][T12017]  p9_client_rpc+0x1c4/0xc50
[  201.011616][T12017]  ? __pfx_p9_client_rpc+0x10/0x10
[  201.011628][T12017]  ? idr_alloc_u32+0x20f/0x2f0
[  201.011649][T12017]  ? idr_preload_end+0xc2/0x230
[  201.011658][T12017]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  201.011676][T12017]  ? rcu_is_watching+0x12/0xc0
[  201.011691][T12017]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  201.011708][T12017]  p9_client_xattrwalk+0xc0/0x290
[  201.011722][T12017]  ? __pfx_v9fs_xattr_handler_get+0x10/0x10
[  201.011738][T12017]  v9fs_fid_xattr_get+0x10a/0x300
[  201.011755][T12017]  ? __pfx_v9fs_fid_xattr_get+0x10/0x10
[  201.011771][T12017]  ? __pfx_v9fs_fid_find+0x10/0x10
[  201.011792][T12017]  ? v9fs_fid_lookup+0xe9/0xeb0
[  201.011808][T12017]  ? __lock_acquire+0xb97/0x1ce0
[  201.011826][T12017]  v9fs_xattr_handler_get+0x6b/0x120
[  201.011844][T12017]  __vfs_getxattr+0x13d/0x1a0
[  201.011856][T12017]  ? __pfx___vfs_getxattr+0x10/0x10
[  201.011868][T12017]  ? netfs_start_io_direct+0x116/0x260
[  201.011886][T12017]  cap_inode_need_killpriv+0x40/0x60
[  201.011900][T12017]  security_inode_need_killpriv+0x1b9/0x1e0
[  201.011928][T12017]  file_remove_privs_flags+0x331/0x580
[  201.011944][T12017]  ? __pfx_file_remove_privs_flags+0x10/0x10
[  201.011960][T12017]  ? generic_write_checks+0x311/0x480
[  201.011977][T12017]  ? __pfx_generic_write_checks+0x10/0x10
[  201.011997][T12017]  netfs_unbuffered_write_iter+0x1d1/0x6d0
[  201.012013][T12017]  v9fs_file_write_iter+0xbf/0x100
[  201.012028][T12017]  vfs_write+0x7d3/0x11d0
[  201.012038][T12017]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  201.012053][T12017]  ? __pfx___mutex_lock+0x10/0x10
[  201.012065][T12017]  ? __pfx_vfs_write+0x10/0x10
[  201.012087][T12017]  ksys_write+0x12a/0x250
[  201.012098][T12017]  ? __pfx_ksys_write+0x10/0x10
[  201.012112][T12017]  do_syscall_64+0xcd/0x4c0
[  201.012124][T12017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.012136][T12017] RIP: 0033:0x7f109ef8ebe9
[  201.012145][T12017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.012155][T12017] RSP: 002b:00007f109fd3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  201.012165][T12017] RAX: ffffffffffffffda RBX: 00007f109f1b5fa0 RCX: 00007f109ef8ebe9
[  201.012172][T12017] RDX: 0000000000000005 RSI: 00002000000000c0 RDI: 0000000000000003
[  201.012178][T12017] RBP: 00007f109fd3a090 R08: 0000000000000000 R09: 0000000000000000
[  201.012184][T12017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.012189][T12017] R13: 00007f109f1b6038 R14: 00007f109f1b5fa0 R15: 00007ffc243187d8
[  201.012203][T12017]  </TASK>
[  201.012309][T12017] netfs: Couldn't get user pages (rc=-14)
[  201.022242][T11999] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  201.139900][T11999] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  201.142032][T11999] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  201.146683][T11999] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  201.150316][T11999] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  201.152250][T11999] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  201.155668][T11999] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  201.159708][T11999] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  201.162031][T11999] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  201.165570][T11999] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  201.249051][T12043] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2066'.
[  201.344480][   T40] audit: type=1400 audit(201.213:791): avc:  denied  { getopt } for  pid=12045 comm="syz.0.2062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  201.403360][ T1188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.408593][ T1188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.494326][  T839] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  201.542511][   T40] audit: type=1400 audit(201.413:792): avc:  denied  { read } for  pid=12066 comm="syz.0.2072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  201.624751][  T839] usb 13-1: device descriptor read/64, error -71
[  201.863909][  T839] usb 13-1: new high-speed USB device number 3 using dummy_hcd
[  202.012227][  T839] usb 13-1: device descriptor read/64, error -71
[  202.134160][  T839] usb usb13-port1: attempt power cycle
[  202.291945][T12064] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  202.294984][T12064] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  202.297727][T12064] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  202.300577][T12064] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  202.345898][   T40] audit: type=1400 audit(202.223:793): avc:  denied  { bind } for  pid=12102 comm="syz.0.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  202.354844][   T40] audit: type=1400 audit(202.223:794): avc:  denied  { name_bind } for  pid=12102 comm="syz.0.2074" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  202.361752][   T40] audit: type=1400 audit(202.223:795): avc:  denied  { node_bind } for  pid=12102 comm="syz.0.2074" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  202.368399][   T40] audit: type=1400 audit(202.223:796): avc:  denied  { create } for  pid=12102 comm="syz.0.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  202.373083][T12104] lo speed is unknown, defaulting to 1000
[  202.376817][   T40] audit: type=1400 audit(202.233:797): avc:  denied  { sys_admin } for  pid=12102 comm="syz.0.2074" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  202.428482][T12111] FAULT_INJECTION: forcing a failure.
[  202.428482][T12111] name failslab, interval 1, probability 0, space 0, times 0
[  202.432466][T12111] CPU: 3 UID: 0 PID: 12111 Comm: syz.7.2076 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  202.432482][T12111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  202.432488][T12111] Call Trace:
[  202.432492][T12111]  <TASK>
[  202.432496][T12111]  dump_stack_lvl+0x16c/0x1f0
[  202.432527][T12111]  should_fail_ex+0x512/0x640
[  202.432544][T12111]  ? fs_reclaim_acquire+0xae/0x150
[  202.432559][T12111]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  202.432575][T12111]  should_failslab+0xc2/0x120
[  202.432587][T12111]  __kmalloc_noprof+0xd2/0x510
[  202.432601][T12111]  tomoyo_realpath_from_path+0xc2/0x6e0
[  202.432618][T12111]  ? tomoyo_profile+0x47/0x60
[  202.432629][T12111]  tomoyo_path_number_perm+0x245/0x580
[  202.432642][T12111]  ? tomoyo_path_number_perm+0x237/0x580
[  202.432656][T12111]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  202.432669][T12111]  ? find_held_lock+0x2b/0x80
[  202.432694][T12111]  ? find_held_lock+0x2b/0x80
[  202.432706][T12111]  ? hook_file_ioctl_common+0x145/0x410
[  202.432719][T12111]  ? __fget_files+0x20e/0x3c0
[  202.432733][T12111]  security_file_ioctl+0x9b/0x240
[  202.432749][T12111]  __x64_sys_ioctl+0xb7/0x210
[  202.432766][T12111]  do_syscall_64+0xcd/0x4c0
[  202.432778][T12111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.432789][T12111] RIP: 0033:0x7f56f918ebe9
[  202.432799][T12111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.432809][T12111] RSP: 002b:00007f56fa03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.432819][T12111] RAX: ffffffffffffffda RBX: 00007f56f93b5fa0 RCX: 00007f56f918ebe9
[  202.432825][T12111] RDX: 00002000000000c0 RSI: 00000000c0d05604 RDI: 0000000000000003
[  202.432831][T12111] RBP: 00007f56fa03e090 R08: 0000000000000000 R09: 0000000000000000
[  202.432837][T12111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.432843][T12111] R13: 00007f56f93b6038 R14: 00007f56f93b5fa0 R15: 00007fff911f3748
[  202.432856][T12111]  </TASK>
[  202.432860][T12111] ERROR: Out of memory at tomoyo_realpath_from_path.
[  202.494032][  T839] usb 13-1: new high-speed USB device number 4 using dummy_hcd
[  202.526421][  T839] usb 13-1: device descriptor read/8, error -71
[  202.542466][T12121] vlan2: entered promiscuous mode
[  202.545931][T12121] vlan2: entered allmulticast mode
[  202.547853][T12121] hsr_slave_1: entered allmulticast mode
[  202.764393][  T839] usb 13-1: new high-speed USB device number 5 using dummy_hcd
[  202.784423][  T839] usb 13-1: device descriptor read/8, error -71
[  202.894048][  T839] usb usb13-port1: unable to enumerate USB device
[  203.439601][T12128] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  203.441628][T12128] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  203.443568][T12128] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  203.446239][T12128] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  203.448347][T12128] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  203.496256][T12157] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2090'.
[  203.598446][T12165] netlink: 'syz.7.2093': attribute type 1 has an invalid length.
[  203.611379][T12165] bond1 (unregistering): Released all slaves
[  203.671689][   T60] nci: nci_ntf_packet: unknown ntf opcode 0x406
[  203.672266][T12171] binder: 12161:12171 ioctl 80089419 200000000480 returned -22
[  204.355926][T12188] /dev/sr0: Can't open blockdev
[  204.474758][T12188] /dev/sr0: Can't open blockdev
[  204.574516][T12188] /dev/sr0: Can't open blockdev
[  204.664534][T12188] /dev/sr0: Can't open blockdev
[  204.764491][T12188] /dev/sr0: Can't open blockdev
[  204.924676][T12188] /dev/sr0: Can't open blockdev
[  205.001237][T12183] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  205.003286][T12183] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  205.005416][T12183] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  205.007591][T12183] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  205.007637][T12188] /dev/sr0: Can't open blockdev
[  205.037660][T12197] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2101'.
[  205.040562][T12197] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2101'.
[  205.047253][T12199] batadv_slave_0: entered promiscuous mode
[  205.050103][T12199] batadv_slave_0: left promiscuous mode
[  205.102827][T12203] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2104'.
[  205.104778][T12188] /dev/sr0: Can't open blockdev
[  205.163235][T12213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2108'.
[  205.196848][T12228] batadv_slave_0: entered promiscuous mode
[  205.259049][T12237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  205.264669][T12234] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2116'.
[  205.266673][T12239] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2118'.
[  205.267901][T12234] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2116'.
[  205.275937][T12240] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  205.308418][T12243] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.2120'.
[  205.311407][T12245] [U] ^R
[  205.318635][T12243] 0·: renamed from hsr0
[  205.324452][T12243] 0·: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  205.328397][T12243] 0·: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  205.331653][T12243] 0·: entered allmulticast mode
[  205.333291][T12243] hsr_slave_0: entered allmulticast mode
[  205.335863][T12243] hsr_slave_1: entered allmulticast mode
[  205.338421][T12243] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[  205.363849][T12245] vxcan1: tx address claim with dlc 0
[  205.423268][T12262] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.2124' resets device
[  205.433408][T12260] 9pnet: Could not find request transport: vi`tio
[  205.463483][T12264] SELinux:  Context system_u:object_r:clock_device_t:s0 is not valid (left unmapped).
[  205.502854][T12268] veth1_to_batadv: entered promiscuous mode
[  205.585854][T12273] netlink: 'syz.6.2131': attribute type 11 has an invalid length.
[  206.063466][T12306] FAULT_INJECTION: forcing a failure.
[  206.063466][T12306] name failslab, interval 1, probability 0, space 0, times 0
[  206.067701][T12306] CPU: 1 UID: 0 PID: 12306 Comm: syz.8.2145 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  206.067718][T12306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  206.067724][T12306] Call Trace:
[  206.067729][T12306]  <TASK>
[  206.067734][T12306]  dump_stack_lvl+0x16c/0x1f0
[  206.067750][T12306]  should_fail_ex+0x512/0x640
[  206.067762][T12306]  ? fs_reclaim_acquire+0xae/0x150
[  206.067777][T12306]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  206.067793][T12306]  should_failslab+0xc2/0x120
[  206.067805][T12306]  __kmalloc_noprof+0xd2/0x510
[  206.067819][T12306]  tomoyo_realpath_from_path+0xc2/0x6e0
[  206.067836][T12306]  ? tomoyo_profile+0x47/0x60
[  206.067847][T12306]  tomoyo_path_number_perm+0x245/0x580
[  206.067860][T12306]  ? tomoyo_path_number_perm+0x237/0x580
[  206.067874][T12306]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  206.067888][T12306]  ? find_held_lock+0x2b/0x80
[  206.067914][T12306]  ? find_held_lock+0x2b/0x80
[  206.067925][T12306]  ? hook_file_ioctl_common+0x145/0x410
[  206.067939][T12306]  ? __fget_files+0x20e/0x3c0
[  206.067953][T12306]  security_file_ioctl+0x9b/0x240
[  206.067969][T12306]  __x64_sys_ioctl+0xb7/0x210
[  206.067987][T12306]  do_syscall_64+0xcd/0x4c0
[  206.067999][T12306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.068010][T12306] RIP: 0033:0x7fd15bb8ebe9
[  206.068025][T12306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.068035][T12306] RSP: 002b:00007fd15cabe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  206.068045][T12306] RAX: ffffffffffffffda RBX: 00007fd15bdb5fa0 RCX: 00007fd15bb8ebe9
[  206.068052][T12306] RDX: 0000000000000000 RSI: 000000004090ae82 RDI: 0000000000000005
[  206.068058][T12306] RBP: 00007fd15cabe090 R08: 0000000000000000 R09: 0000000000000000
[  206.068064][T12306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.068069][T12306] R13: 00007fd15bdb6038 R14: 00007fd15bdb5fa0 R15: 00007fff62e18938
[  206.068082][T12306]  </TASK>
[  206.068087][T12306] ERROR: Out of memory at tomoyo_realpath_from_path.
[  206.204031][ T8728] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  206.235531][   T40] kauditd_printk_skb: 19 callbacks suppressed
[  206.235544][   T40] audit: type=1400 audit(206.113:817): avc:  denied  { relabelfrom } for  pid=12307 comm="syz.0.2146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  206.243011][   T40] audit: type=1400 audit(206.113:818): avc:  denied  { relabelto } for  pid=12307 comm="syz.0.2146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  206.251602][   T95] syzkaller0: tun_net_xmit 76
[  206.252977][T12309] syzkaller0: create flow: hash 3376247509 index 1
[  206.253582][   T95] syzkaller0: tun_net_xmit 48
[  206.283997][   T61] syzkaller0: tun_net_xmit 76
[  206.286470][T12309] syzkaller0: delete flow: hash 3376247509 index 1
[  206.306210][   T40] audit: type=1400 audit(206.183:819): avc:  denied  { getopt } for  pid=12311 comm="syz.8.2148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  206.333865][ T8728] usb 11-1: device descriptor read/64, error -71
[  206.373945][ T5977] Bluetooth: hci3: command 0x0c1a tx timeout
[  206.573861][ T8728] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  206.703916][ T8728] usb 11-1: device descriptor read/64, error -71
[  206.817086][ T8728] usb usb11-port1: attempt power cycle
[  207.013900][ T5977] Bluetooth: hci1: command 0x0c1a tx timeout
[  207.085013][ T5977] Bluetooth: hci5: command 0x0c1a tx timeout
[  207.087066][ T5977] Bluetooth: hci4: command 0x0c1a tx timeout
[  207.121575][   T40] audit: type=1400 audit(206.993:820): avc:  denied  { map } for  pid=12328 comm="syz.8.2153" path="socket:[46561]" dev="sockfs" ino=46561 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  207.133993][   T40] audit: type=1400 audit(206.993:821): avc:  denied  { accept } for  pid=12328 comm="syz.8.2153" path="socket:[46561]" dev="sockfs" ino=46561 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  207.164337][ T8728] usb 11-1: new high-speed USB device number 4 using dummy_hcd
[  207.168712][   T40] audit: type=1400 audit(207.043:822): avc:  denied  { create } for  pid=12333 comm="syz.8.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  207.194303][ T8728] usb 11-1: device descriptor read/8, error -71
[  207.224661][   T40] audit: type=1400 audit(207.103:823): avc:  denied  { write } for  pid=12333 comm="syz.8.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  207.228044][T12336] __nla_validate_parse: 8 callbacks suppressed
[  207.228055][T12336] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2154'.
[  207.324766][T12340] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2155'.
[  207.394741][   T40] audit: type=1400 audit(207.273:824): avc:  denied  { bind } for  pid=12345 comm="syz.8.2158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  207.395958][T12346] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2158'.
[  207.443965][ T8728] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  207.476361][ T8728] usb 11-1: device descriptor read/8, error -71
[  207.480268][T12346] team0 (unregistering): Failed to send port change of device team_slave_0 via netlink (err -105)
[  207.485543][T12346] team0 (unregistering): Port device team_slave_0 removed
[  207.492286][T12346] team0 (unregistering): Failed to send options change via netlink (err -105)
[  207.495666][T12346] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  207.499436][T12346] team0 (unregistering): Port device team_slave_1 removed
[  207.530307][T12356] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2161'.
[  207.533186][T12356] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2161'.
[  207.556815][T12358] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  207.560183][   T40] audit: type=1400 audit(207.433:825): avc:  denied  { relabelto } for  pid=12357 comm="syz.0.2162" name="575" dev="tmpfs" ino=2988 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  207.569691][   T40] audit: type=1400 audit(207.433:826): avc:  denied  { associate } for  pid=12357 comm="syz.0.2162" name="575" dev="tmpfs" ino=2988 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  207.583946][ T8728] usb usb11-port1: unable to enumerate USB device
[  207.780966][T12374] overlayfs: missing 'lowerdir'
[  207.793264][T12380] nfs: Bad value for 'source'
[  207.819722][T12384] binder: 12383:12384 unknown command 0
[  207.821535][T12384] binder: 12383:12384 ioctl c0306201 200000000080 returned -22
[  207.884459][T12392] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2171'.
[  208.135084][T12409] fuse: Bad value for 'fd'
[  208.630158][T12415] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2178'.
[  208.731450][T12420] netlink: zone id is out of range
[  208.733327][T12420] netlink: zone id is out of range
[  208.736543][T12420] netlink: zone id is out of range
[  208.747312][T12420] netlink: set zone limit has 4 unknown bytes
[  208.775090][T12400] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  208.777116][T12400] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  208.779123][T12400] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  208.781048][T12400] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  208.805346][T12425] netlink: 'syz.8.2182': attribute type 11 has an invalid length.
[  208.964944][T12438] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2187'.
[  208.967820][T12438] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2187'.
[  209.853713][T12451] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  209.856006][T12451] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  209.858062][T12451] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  209.860037][T12451] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  209.889350][T12475] vlan2: entered promiscuous mode
[  209.891120][T12475] vlan2: entered allmulticast mode
[  209.892767][T12475] hsr_slave_1: entered allmulticast mode
[  209.995028][T12480] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2200'.
[  210.104041][ T8728] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  210.114920][ T8959] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  210.233852][ T8728] usb 12-1: device descriptor read/64, error -71
[  210.265048][ T8959] usb 11-1: config index 0 descriptor too short (expected 39, got 27)
[  210.267619][ T8959] usb 11-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  210.270650][ T8959] usb 11-1: config 0 interface 0 has no altsetting 0
[  210.275256][ T8959] usb 11-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  210.278099][ T8959] usb 11-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  210.280681][ T8959] usb 11-1: Product: syz
[  210.282033][ T8959] usb 11-1: Manufacturer: syz
[  210.283645][ T8959] usb 11-1: SerialNumber: syz
[  210.286555][ T8959] usb 11-1: config 0 descriptor??
[  210.289167][ T8959] hub 11-1:0.0: bad descriptor, ignoring hub
[  210.291052][ T8959] hub 11-1:0.0: probe with driver hub failed with error -5
[  210.294917][ T8959] usb 11-1: selecting invalid altsetting 0
[  210.493945][ T8728] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  210.635202][ T8728] usb 12-1: device descriptor read/64, error -71
[  210.756152][ T8728] usb usb12-port1: attempt power cycle
[  211.093954][ T8728] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  211.114274][ T8728] usb 12-1: device descriptor read/8, error -71
[  211.316770][T12500] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  211.318933][T12500] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  211.320880][T12500] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  211.322871][T12500] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  211.341453][ T5965] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  211.348957][ T8954] usb 11-1: USB disconnect, device number 6
[  211.351029][ T5965] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  211.356511][ T8728] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  211.357149][ T5965] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  211.361639][ T5965] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  211.364867][ T5965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  211.379993][ T8728] usb 12-1: device descriptor read/8, error -71
[  211.384770][T12510] lo speed is unknown, defaulting to 1000
[  211.417756][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  211.417767][   T40] audit: type=1400 audit(211.293:847): avc:  denied  { checkpoint_restore } for  pid=12528 comm="syz.8.2212" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  211.450457][   T40] audit: type=1400 audit(211.323:848): avc:  denied  { name_bind } for  pid=12530 comm="syz.8.2213" src=65527 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  211.495117][ T8728] usb usb12-port1: unable to enumerate USB device
[  211.546574][T12510] chnl_net:caif_netlink_parms(): no params data found
[  211.613987][T12510] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.616305][T12510] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.618885][T12510] bridge_slave_0: entered allmulticast mode
[  211.621510][T12510] bridge_slave_0: entered promiscuous mode
[  211.624992][T12510] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.627239][T12510] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.629524][T12510] bridge_slave_1: entered allmulticast mode
[  211.632155][T12510] bridge_slave_1: entered promiscuous mode
[  211.663276][T12510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.668234][T12510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.701135][T12510] team0: Port device team_slave_0 added
[  211.704530][T12510] team0: Port device team_slave_1 added
[  211.732796][T12510] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.736842][T12510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.745230][T12510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.749662][T12510] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.751881][T12510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.759990][T12510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.795466][T12510] hsr_slave_0: entered promiscuous mode
[  211.797703][T12510] hsr_slave_1: entered promiscuous mode
[  212.230412][T12510] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  212.235385][T12510] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  212.239443][T12510] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  212.243442][T12510] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  212.263565][T12510] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.265794][T12510] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.268170][T12510] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.270391][T12510] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.296084][T12510] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.304069][ T1148] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.307375][ T1148] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.318877][T12510] 8021q: adding VLAN 0 to HW filter on device team0
[  212.326018][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.328251][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.333474][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.335789][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.440100][T12510] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.468590][T12510] veth0_vlan: entered promiscuous mode
[  212.473390][T12510] veth1_vlan: entered promiscuous mode
[  212.486981][T12510] veth0_macvtap: entered promiscuous mode
[  212.490678][T12510] veth1_macvtap: entered promiscuous mode
[  212.500513][T12510] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.509925][T12510] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.519475][ T1188] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.522232][ T1188] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.523183][T12582] bio_check_eod: 2 callbacks suppressed
[  212.523194][T12582] syz.8.2219: attempt to access beyond end of device
[  212.523194][T12582] nbd8: rw=4096, sector=0, nr_sectors = 1 limit=0
[  212.528300][ T1188] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.531209][T12582] XFS (nbd8): SB validate failed with error -5.
[  212.542319][ T1188] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.593105][T12582] 9pnet: Could not find request transport: xen
[  212.727335][T12605] ptrace attach of "/syz-executor exec"[11708] was attempted by "                                                                                                                                /dev/cec#                                                       R\x0d       €             ü
  \x07              @    \x5c
œÿ"[12605]
[  212.851592][T12614] overlayfs: failed to resolve './file0': -2
[  212.859157][T12616] __nla_validate_parse: 1 callbacks suppressed
[  212.859168][T12616] netlink: 168 bytes leftover after parsing attributes in process `syz.8.2224'.
[  212.962108][T12567] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  212.966228][T12567] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  212.968234][T12567] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  212.971114][T12567] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  212.973078][T12567] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  212.977478][T12567] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  213.008950][ T1188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.011365][ T1188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.028909][ T1188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.031358][ T1188] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.081063][T12640] 9pnet_fd: Insufficient options for proto=fd
[  213.213902][   T40] audit: type=1400 audit(213.083:849): avc:  denied  { read write } for  pid=12643 comm="syz.6.2229" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  213.220818][   T40] audit: type=1400 audit(213.083:850): avc:  denied  { open } for  pid=12643 comm="syz.6.2229" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  213.227875][ T5972] usb 12-1: new high-speed USB device number 7 using dummy_hcd
[  213.363865][ T5972] usb 12-1: device descriptor read/64, error -71
[  213.453952][ T2303] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  213.583830][ T2303] usb 5-1: device descriptor read/64, error -71
[  213.623849][ T5972] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  213.753957][ T5972] usb 12-1: device descriptor read/64, error -71
[  213.833916][ T2303] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  213.874559][ T5972] usb usb12-port1: attempt power cycle
[  213.964202][ T2303] usb 5-1: device descriptor read/64, error -71
[  214.074141][ T2303] usb usb5-port1: attempt power cycle
[  214.180230][T12663] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2235'.
[  214.183591][T12664] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  214.225624][ T5972] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  214.230340][T12668] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2580 sclass=netlink_route_socket pid=12668 comm=syz.6.2237
[  214.234696][T12668] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=12668 comm=syz.6.2237
[  214.238649][T12668] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2584 sclass=netlink_route_socket pid=12668 comm=syz.6.2237
[  214.242473][T12668] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=12668 comm=syz.6.2237
[  214.251624][T12668] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2237'.
[  214.254869][ T5972] usb 12-1: device descriptor read/8, error -71
[  214.311780][T12673] netlink: 'syz.6.2239': attribute type 1 has an invalid length.
[  214.314574][T12673] netlink: 220 bytes leftover after parsing attributes in process `syz.6.2239'.
[  214.317378][T12673] netlink: 'syz.6.2239': attribute type 1 has an invalid length.
[  214.344368][T12675] usb usb8: usbfs: interface 0 claimed by hub while 'syz.6.2240' resets device
[  214.414285][ T2303] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  214.435056][ T2303] usb 5-1: device descriptor read/8, error -71
[  214.504986][ T5972] usb 12-1: new high-speed USB device number 10 using dummy_hcd
[  214.527817][ T5972] usb 12-1: device descriptor read/8, error -71
[  214.596978][T12660] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  214.599016][T12660] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  214.601119][T12660] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  214.603225][T12660] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  214.634010][ T5972] usb usb12-port1: unable to enumerate USB device
[  214.646294][ T5977] Bluetooth: hci1: unexpected event for opcode 0x2028
[  214.673940][ T2303] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  214.679376][   T40] audit: type=1400 audit(214.553:851): avc:  denied  { append } for  pid=12688 comm="syz.8.2245" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  214.695721][ T2303] usb 5-1: device descriptor read/8, error -71
[  214.806666][ T2303] usb usb5-port1: unable to enumerate USB device
[  214.900116][   T40] audit: type=1400 audit(214.773:852): avc:  denied  { write } for  pid=12693 comm="syz.8.2247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  214.935165][   T40] audit: type=1400 audit(214.813:853): avc:  denied  { create } for  pid=12696 comm="syz.8.2248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  214.941170][   T40] audit: type=1400 audit(214.813:854): avc:  denied  { ioctl } for  pid=12696 comm="syz.8.2248" path="socket:[49454]" dev="sockfs" ino=49454 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  215.416446][T12706] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  215.422854][T12706] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  215.894110][T12703] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  215.896452][T12703] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  215.898512][T12703] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  215.900533][T12703] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  216.055135][T12726] netlink: 'syz.6.2256': attribute type 27 has an invalid length.
[  216.071265][T12728] openvswitch: netlink: IPv4 frag type 255 is out of range max 2
[  216.353889][ T5972] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  216.493832][ T5972] usb 13-1: device descriptor read/64, error -71
[  216.733852][ T5972] usb 13-1: new high-speed USB device number 7 using dummy_hcd
[  216.883793][ T5972] usb 13-1: device descriptor read/64, error -71
[  216.911316][   T40] audit: type=1400 audit(216.783:855): avc:  denied  { read write } for  pid=12740 comm="syz.6.2265" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  216.918626][   T40] audit: type=1400 audit(216.783:856): avc:  denied  { open } for  pid=12740 comm="syz.6.2265" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  216.925641][   T40] audit: type=1400 audit(216.783:857): avc:  denied  { map } for  pid=12740 comm="syz.6.2265" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  216.932522][   T40] audit: type=1400 audit(216.783:858): avc:  denied  { execute } for  pid=12740 comm="syz.6.2265" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  216.971609][T12732] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  216.973709][T12732] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  216.976221][T12732] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  216.978201][T12732] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  216.994608][ T5972] usb usb13-port1: attempt power cycle
[  217.002405][T12747] usb usb8: usbfs: process 12747 (syz.0.2267) did not claim interface 0 before use
[  217.005837][T12747] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2267'.
[  217.009516][T12747] usb usb8: usbfs: process 12747 (syz.0.2267) did not claim interface 0 before use
[  217.009702][T12749] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2267'.
[  217.063315][T12758] vlan2: entered promiscuous mode
[  217.065294][T12758] vlan2: entered allmulticast mode
[  217.066960][T12758] hsr_slave_1: entered allmulticast mode
[  217.353875][ T5972] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  217.374316][ T5972] usb 13-1: device descriptor read/8, error -71
[  217.613899][ T5972] usb 13-1: new high-speed USB device number 9 using dummy_hcd
[  217.634174][ T5972] usb 13-1: device descriptor read/8, error -71
[  217.719653][T12769] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2275'.
[  217.724492][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.726986][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.754096][ T5972] usb usb13-port1: unable to enumerate USB device
[  217.780888][   T61] libceph: connect (1)[c::]:6789 error -101
[  217.782892][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  217.948584][T12762] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  217.950665][T12762] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  217.952649][T12762] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  217.954861][T12762] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  218.001083][   T40] audit: type=1400 audit(217.873:859): avc:  denied  { mount } for  pid=12781 comm="syz.7.2281" name="/" dev="ramfs" ino=50245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  218.002391][T12783] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2281'.
[  218.011275][T12783] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2281'.
[  218.011294][T12783] netlink: 'syz.7.2281': attribute type 7 has an invalid length.
[  218.045854][   T61] libceph: connect (1)[c::]:6789 error -101
[  218.048004][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  218.064417][T12789] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2283'.
[  218.164972][   T40] audit: type=1326 audit(218.043:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12791 comm="syz.0.2284" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad7d8ebe9 code=0x7fc00000
[  218.205050][T12802] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2287'.
[  218.209441][T12802] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.235284][   T40] audit: type=1400 audit(218.113:861): avc:  denied  { append } for  pid=12804 comm="syz.0.2288" name="001" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  218.281493][   T40] audit: type=1400 audit(218.153:862): avc:  denied  { setopt } for  pid=12810 comm="syz.0.2290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  218.287636][   T40] audit: type=1400 audit(218.153:863): avc:  denied  { ioctl } for  pid=12810 comm="syz.0.2290" path="socket:[49620]" dev="sockfs" ino=49620 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  218.554055][   T61] libceph: connect (1)[c::]:6789 error -101
[  218.556106][   T61] libceph: mon0 (1)[c::]:6789 connect error
[  218.608559][T12773] ceph: No mds server is up or the cluster is laggy
[  218.943397][T12798] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  218.945621][T12798] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  218.947607][T12798] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  218.949756][T12798] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  218.977189][T12818] netlink: 'syz.7.2293': attribute type 11 has an invalid length.
[  219.067175][T12836] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2299'.
[  219.113285][   T40] audit: type=1400 audit(218.983:864): avc:  denied  { create } for  pid=12841 comm="syz.0.2302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  219.120138][T12842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=12842 comm=syz.0.2302
[  219.146494][T12847] netlink: 'syz.7.2301': attribute type 27 has an invalid length.
[  219.152841][T12848] vlan2: entered promiscuous mode
[  219.154914][T12848] vlan2: entered allmulticast mode
[  219.156616][T12848] hsr_slave_1: entered allmulticast mode
[  219.187622][T12847] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.190255][T12847] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.247226][T12847] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.257311][T12847] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  219.326737][T12847] vlan2: left promiscuous mode
[  219.328445][T12847] vlan2: left allmulticast mode
[  219.329906][T12847] hsr_slave_1: left allmulticast mode
[  219.336049][T12852] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2306'.
[  219.353332][T12856] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.356221][T12856] 8021q: adding VLAN 0 to HW filter on device team0
[  219.360272][T12856] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  219.365927][   T12] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.368827][   T12] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.372300][   T12] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.375648][   T12] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  219.950250][T12844] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  219.954580][T12844] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  219.958239][T12844] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  219.960348][T12844] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  220.026094][T12863] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  220.313865][ T2303] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  220.404154][ T6053] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  220.463939][ T2303] usb 11-1: Using ep0 maxpacket: 8
[  220.466895][ T2303] usb 11-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  220.470085][ T2303] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  220.472834][ T2303] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.574035][ T6053] usb 5-1: Using ep0 maxpacket: 8
[  220.577803][ T6053] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  220.580920][ T6053] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  220.583827][ T6053] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.052252][T12887] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2319'.
[  221.058608][T12887] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.139173][T12894] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2322'.
[  221.243917][ T5977] Bluetooth: hci1: command 0x0c1a tx timeout
[  221.626162][T12908] netlink: 'syz.7.2328': attribute type 11 has an invalid length.
[  221.676789][T12912] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2330'.
[  221.679616][T12912] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2330'.
[  221.964054][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  221.964229][ T5965] Bluetooth: hci5: command 0x0c1a tx timeout
[  221.964248][   T63] Bluetooth: hci4: command 0x0c1a tx timeout
[  222.217133][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  222.217144][   T40] audit: type=1400 audit(222.093:869): avc:  denied  { bind } for  pid=12929 comm="syz.8.2339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  222.226577][   T40] audit: type=1400 audit(222.093:870): avc:  denied  { listen } for  pid=12929 comm="syz.8.2339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  222.327923][ T5965] Bluetooth: hci4: unexpected event for opcode 0x2028
[  222.446925][   T40] audit: type=1400 audit(222.323:871): avc:  denied  { connect } for  pid=12943 comm="syz.8.2344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  222.449028][T12944] cgroup2: Unknown parameter 'euid'
[  222.456171][   T40] audit: type=1400 audit(222.333:872): avc:  denied  { read } for  pid=12943 comm="syz.8.2344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  222.573442][   T40] audit: type=1400 audit(222.443:873): avc:  denied  { mount } for  pid=12950 comm="syz.7.2346" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  222.580628][   T40] audit: type=1400 audit(222.453:874): avc:  denied  { mounton } for  pid=12950 comm="syz.7.2346" path="/71/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  222.587384][   T40] audit: type=1400 audit(222.453:875): avc:  denied  { remount } for  pid=12950 comm="syz.7.2346" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  222.593305][   T40] audit: type=1400 audit(222.453:876): avc:  denied  { write } for  pid=12950 comm="syz.7.2346" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  222.607543][   T40] audit: type=1400 audit(222.483:877): avc:  denied  { unmount } for  pid=11710 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  222.709679][   T40] audit: type=1400 audit(222.583:878): avc:  denied  { ioctl } for  pid=12955 comm="syz.7.2348" path="/dev/fb0" dev="devtmpfs" ino=637 ioctlcmd=0x4604 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  223.060707][ T6136] usb 11-1: USB disconnect, device number 7
[  223.158347][ T8956] usb 5-1: USB disconnect, device number 11
[  223.227178][ T5965] Bluetooth: hci0: unexpected event for opcode 0x2028
[  223.305788][T12967] __nla_validate_parse: 5 callbacks suppressed
[  223.305801][T12967] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2353'.
[  223.323915][ T5965] Bluetooth: hci1: command 0x0c1a tx timeout
[  223.414015][ T6136] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  223.533349][T12985] batman_adv: batadv0: Adding interface: ipvlan2
[  223.536010][T12985] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  223.544692][T12985] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.548045][T12985] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.551055][T12985] batman_adv: batadv0: Interface activated: ipvlan2
[  223.574470][ T6136] usb 11-1: Using ep0 maxpacket: 8
[  223.577405][ T6136] usb 11-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  223.580636][ T6136] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  223.583452][ T6136] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.603949][T12992] overlayfs: missing 'lowerdir'
[  223.628177][T12995] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2363'.
[  223.656022][T12997] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2364'.
[  223.658984][T12997] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2364'.
[  223.684290][T12999] netlink: 272 bytes leftover after parsing attributes in process `syz.7.2365'.
[  223.737466][T13003] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  223.740927][T13003] QAT: Invalid ioctl -2144835806
[  224.044079][ T5965] Bluetooth: hci5: command 0x0c1a tx timeout
[  224.331755][T12981] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  224.335457][T12981] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  224.337503][T12981] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  224.339491][T12981] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  224.434013][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.436636][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.657174][T13044] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2385'.
[  224.911612][ T5965] Bluetooth: hci5: unexpected event for opcode 0x2028
[  225.051073][T13069] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.054587][T13069] 8021q: adding VLAN 0 to HW filter on device team0
[  225.058551][T13069] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  225.316613][T13079] netlink: 'syz.8.2401': attribute type 11 has an invalid length.
[  225.366165][ T5965] Bluetooth: hci4: unexpected event for opcode 0x2028
[  225.461435][T13088] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2405'.
[  225.563953][ T5965] Bluetooth: hci1: command 0x0c1a tx timeout
[  225.644217][ T5965] Bluetooth: hci0: unexpected event for opcode 0x2028
[  225.866136][T13130] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2422'.
[  225.870997][T13132] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2422'.
[  225.877072][T13127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2421'.
[  225.895739][T13135] FAULT_INJECTION: forcing a failure.
[  225.895739][T13135] name failslab, interval 1, probability 0, space 0, times 0
[  225.900712][T13135] CPU: 3 UID: 0 PID: 13135 Comm: syz.7.2423 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  225.900729][T13135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.900735][T13135] Call Trace:
[  225.900739][T13135]  <TASK>
[  225.900744][T13135]  dump_stack_lvl+0x16c/0x1f0
[  225.900775][T13135]  should_fail_ex+0x512/0x640
[  225.900793][T13135]  ? __kmalloc_noprof+0xbf/0x510
[  225.900805][T13135]  ? tls_get_rec+0xfa/0x730
[  225.900819][T13135]  should_failslab+0xc2/0x120
[  225.900831][T13135]  __kmalloc_noprof+0xd2/0x510
[  225.900847][T13135]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  225.900862][T13135]  tls_get_rec+0xfa/0x730
[  225.900876][T13135]  ? __local_bh_enable_ip+0xa4/0x120
[  225.900892][T13135]  tls_sw_sendmsg+0xff6/0x23f0
[  225.900912][T13135]  ? __pfx_avc_has_perm+0x10/0x10
[  225.900928][T13135]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  225.900943][T13135]  ? selinux_ip_forward+0x487/0x550
[  225.900958][T13135]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  225.900977][T13135]  ? inode_has_perm+0x16f/0x1d0
[  225.900989][T13135]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  225.901006][T13135]  inet6_sendmsg+0x119/0x140
[  225.901020][T13135]  sock_write_iter+0x3e6/0x5b0
[  225.901035][T13135]  ? __pfx_sock_write_iter+0x10/0x10
[  225.901053][T13135]  ? bpf_lsm_file_permission+0x9/0x10
[  225.901067][T13135]  ? security_file_permission+0x71/0x210
[  225.901083][T13135]  ? rw_verify_area+0xcf/0x6c0
[  225.901100][T13135]  vfs_write+0x7d3/0x11d0
[  225.901111][T13135]  ? __pfx_sock_write_iter+0x10/0x10
[  225.901126][T13135]  ? __pfx_vfs_write+0x10/0x10
[  225.901135][T13135]  ? find_held_lock+0x2b/0x80
[  225.901156][T13135]  ksys_write+0x1f8/0x250
[  225.901166][T13135]  ? __pfx_ksys_write+0x10/0x10
[  225.901180][T13135]  do_syscall_64+0xcd/0x4c0
[  225.901192][T13135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.901203][T13135] RIP: 0033:0x7f56f918ebe9
[  225.901212][T13135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.901222][T13135] RSP: 002b:00007f56fa03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  225.901232][T13135] RAX: ffffffffffffffda RBX: 00007f56f93b5fa0 RCX: 00007f56f918ebe9
[  225.901239][T13135] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[  225.901244][T13135] RBP: 00007f56fa03e090 R08: 0000000000000000 R09: 0000000000000000
[  225.901250][T13135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.901256][T13135] R13: 00007f56f93b6038 R14: 00007f56f93b5fa0 R15: 00007fff911f3748
[  225.901269][T13135]  </TASK>
[  226.011041][T13143] binder: 13142:13143 ioctl c0306201 200000000180 returned -22
[  226.087056][ T6053] usb 11-1: USB disconnect, device number 8
[  226.489036][T13176] netlink: 'syz.8.2438': attribute type 27 has an invalid length.
[  226.514152][T13176] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.556219][T13176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  226.564213][T13176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  226.630207][T13176] vlan2: left promiscuous mode
[  226.631866][T13176] vlan2: left allmulticast mode
[  226.633417][T13176] hsr_slave_1: left allmulticast mode
[  226.637502][ T1148] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  226.640620][ T1148] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  226.643656][ T1148] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  226.646543][   T13] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  226.917485][T13151] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  226.919933][T13151] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  226.921979][T13151] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  226.924368][T13151] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  226.950721][T13180] chnl_net:caif_netlink_parms(): no params data found
[  227.151338][ T5965] Bluetooth: hci0: unexpected event for opcode 0x2028
[  227.286620][T13211] netlink: 'syz.0.2452': attribute type 5 has an invalid length.
[  227.290029][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  227.290038][   T40] audit: type=1400 audit(227.163:900): avc:  denied  { bind } for  pid=13210 comm="syz.0.2452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  227.303171][   T40] audit: type=1326 audit(227.173:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13201 comm="syz.7.2448" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f918ebe9 code=0x7fc00000
[  227.326890][T13222] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  227.337088][T13222] CIFS: Unable to determine destination address
[  227.342972][   T40] audit: type=1400 audit(227.213:902): avc:  denied  { write } for  pid=13210 comm="syz.0.2452" path="socket:[50067]" dev="sockfs" ino=50067 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  227.405565][   T40] audit: type=1400 audit(227.283:903): avc:  denied  { read } for  pid=13210 comm="syz.0.2452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  227.456063][ T5965] Bluetooth: hci4: unexpected event for opcode 0x2028
[  227.837546][T13244] netlink: 'syz.0.2463': attribute type 4 has an invalid length.
[  228.024338][T13204] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.026416][T13204] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  228.028480][T13204] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  228.030416][T13204] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  228.058166][   T40] audit: type=1400 audit(227.933:904): avc:  denied  { bind } for  pid=13250 comm="syz.8.2466" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  228.060995][T13253] netlink: 'syz.6.2465': attribute type 11 has an invalid length.
[  228.137446][ T5965] Bluetooth: hci4: unexpected event for opcode 0x2028
[  228.217792][   T40] audit: type=1400 audit(228.093:905): avc:  denied  { bind } for  pid=13284 comm="syz.8.2480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  228.316925][T13297] binder: 13296:13297 unknown command 0
[  228.319098][T13297] binder: 13296:13297 ioctl c0306201 200000000080 returned -22
[  228.356603][T13299] FAULT_INJECTION: forcing a failure.
[  228.356603][T13299] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  228.360730][T13299] CPU: 0 UID: 0 PID: 13299 Comm: syz.8.2482 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  228.360746][T13299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  228.360752][T13299] Call Trace:
[  228.360757][T13299]  <TASK>
[  228.360761][T13299]  dump_stack_lvl+0x16c/0x1f0
[  228.360776][T13299]  should_fail_ex+0x512/0x640
[  228.360790][T13299]  _copy_to_user+0x32/0xd0
[  228.360805][T13299]  simple_read_from_buffer+0xcb/0x170
[  228.360817][T13299]  proc_fail_nth_read+0x197/0x240
[  228.360830][T13299]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.360843][T13299]  ? rw_verify_area+0xcf/0x6c0
[  228.360859][T13299]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  228.360871][T13299]  vfs_read+0x1e1/0xcf0
[  228.360883][T13299]  ? __pfx___mutex_lock+0x10/0x10
[  228.360903][T13299]  ? __pfx_vfs_read+0x10/0x10
[  228.360917][T13299]  ? __fget_files+0x20e/0x3c0
[  228.360932][T13299]  ksys_read+0x12a/0x250
[  228.360942][T13299]  ? __pfx_ksys_read+0x10/0x10
[  228.360956][T13299]  do_syscall_64+0xcd/0x4c0
[  228.360968][T13299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.360980][T13299] RIP: 0033:0x7fd15bb8d5fc
[  228.360990][T13299] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  228.361000][T13299] RSP: 002b:00007fd15ca9d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  228.361010][T13299] RAX: ffffffffffffffda RBX: 00007fd15bdb6090 RCX: 00007fd15bb8d5fc
[  228.361017][T13299] RDX: 000000000000000f RSI: 00007fd15ca9d0a0 RDI: 000000000000000a
[  228.361022][T13299] RBP: 00007fd15ca9d090 R08: 0000000000000000 R09: 0000000000000000
[  228.361028][T13299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.361034][T13299] R13: 00007fd15bdb6128 R14: 00007fd15bdb6090 R15: 00007fff62e18938
[  228.361052][T13299]  </TASK>
[  228.373869][T13302] binder: 13296:13302 ioctl 89f1 2000000001c0 returned -22
[  228.426765][   T40] audit: type=1400 audit(228.303:906): avc:  denied  { call } for  pid=13296 comm="syz.6.2484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  228.432617][   T40] audit: type=1400 audit(228.303:907): avc:  denied  { transfer } for  pid=13296 comm="syz.6.2484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  229.006194][T13282] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  229.008398][T13282] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  229.010370][T13282] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  229.012368][T13282] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  229.040998][   T40] audit: type=1400 audit(228.913:908): avc:  denied  { getopt } for  pid=13305 comm="syz.8.2487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.056631][T13316] __nla_validate_parse: 10 callbacks suppressed
[  229.056641][T13316] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2488'.
[  229.061522][T13316] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2488'.
[  229.108591][T13325] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2485'.
[  229.126357][T13330] netlink: 63670 bytes leftover after parsing attributes in process `syz.6.2494'.
[  229.127255][T13329] netlink: 63670 bytes leftover after parsing attributes in process `syz.6.2494'.
[  229.168917][T13335] netlink: 'syz.7.2493': attribute type 27 has an invalid length.
[  229.196103][T13335] batman_adv: batadv0: Interface deactivated: ipvlan2
[  229.384081][ T2303] usb 13-1: new full-speed USB device number 10 using dummy_hcd
[  229.535549][ T2303] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  229.539733][ T2303] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  229.544482][ T2303] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  229.547386][ T2303] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.755486][ T2303] usb 13-1: usb_control_msg returned -32
[  229.757304][ T2303] usbtmc 13-1:16.0: can't read capabilities
[  229.966023][T13340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2497'.
[  229.994017][T13334] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  229.996088][T13334] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  229.998127][T13334] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  230.000095][T13334] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  231.323916][ T5965] Bluetooth: hci1: command 0x0c1a tx timeout
[  232.043895][ T5965] Bluetooth: hci0: command 0x041b tx timeout
[  232.044081][ T5977] Bluetooth: hci5: command 0x0c1a tx timeout
[  232.044100][   T63] Bluetooth: hci4: command 0x0c1a tx timeout
[  232.099242][ T8954] usb 13-1: USB disconnect, device number 10
[  234.124030][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  235.003915][    C2] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  236.204038][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  238.283996][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  239.594100][ T5977] Bluetooth: hci1: unexpected event for opcode 0x2028
[  239.618114][   T40] audit: type=1400 audit(239.493:909): avc:  denied  { getopt } for  pid=13342 comm="syz.0.2498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  239.625774][   T40] audit: type=1400 audit(239.503:910): avc:  denied  { write } for  pid=13342 comm="syz.0.2498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  239.633522][   T40] audit: type=1400 audit(239.503:911): avc:  denied  { ioctl } for  pid=13342 comm="syz.0.2498" path="socket:[51732]" dev="sockfs" ino=51732 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  239.671486][T13363] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2505'.
[  239.679361][T13366] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  239.752883][T13374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  239.780862][ T5977] Bluetooth: hci0: unexpected event for opcode 0x2028
[  239.973847][   T40] audit: type=1400 audit(239.843:912): avc:  denied  { setopt } for  pid=13402 comm="syz.6.2521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  240.106770][ T5977] Bluetooth: hci1: unexpected event for opcode 0x2028
[  240.132765][   T40] audit: type=1400 audit(240.003:913): avc:  denied  { read } for  pid=13411 comm="syz.6.2525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  240.185505][T13413] geneve1: entered allmulticast mode
[  240.487894][T13423] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2528'.
[  240.520096][T13367] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  240.522641][T13367] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  240.524998][T13367] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  240.526015][T13425] bridge0: entered allmulticast mode
[  240.527907][T13367] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  240.531224][T13425] bridge_slave_1: left allmulticast mode
[  240.533620][T13425] bridge_slave_1: left promiscuous mode
[  240.537544][T13425] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.553273][T13425] bridge_slave_0: left allmulticast mode
[  240.555320][T13425] bridge_slave_0: left promiscuous mode
[  240.559005][T13425] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.560008][T13428] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2530'.
[  240.565679][T13428] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2530'.
[  240.652461][T13445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2537'.
[  240.667442][T13447] netlink: 'syz.8.2536': attribute type 27 has an invalid length.
[  240.805606][T13463] netlink: 'syz.6.2544': attribute type 11 has an invalid length.
[  240.832101][T13466] kAFS: Can only specify source 'none' with -o dyn
[  240.852703][T13469] overlayfs: empty lowerdir
[  241.554559][T13451] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  241.556582][   T40] audit: type=1400 audit(241.433:914): avc:  denied  { name_bind } for  pid=13481 comm="syz.8.2551" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  241.556686][T13451] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  241.562807][T13482] ceph: Path missing in source
[  241.567301][T13451] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  241.569331][T13451] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  241.615140][   T40] audit: type=1400 audit(241.483:915): avc:  denied  { read } for  pid=13490 comm="syz.0.2555" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  241.622596][   T40] audit: type=1400 audit(241.483:916): avc:  denied  { open } for  pid=13490 comm="syz.0.2555" path="/dev/input/mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  241.690992][T13503] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2560'.
[  241.694202][T13503] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2560'.
[  241.697677][T13503] all: renamed from lo
[  241.701116][   T40] audit: type=1400 audit(241.573:917): avc:  denied  { mount } for  pid=13490 comm="syz.0.2555" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  241.710722][T13491] input: syz1 as /devices/virtual/input/input10
[  241.727824][T13507] nft_compat: unsupported protocol 0
[  241.729589][T13504] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2557'.
[  241.767944][   T40] audit: type=1400 audit(241.643:918): avc:  denied  { unmount } for  pid=12510 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  241.891037][T13522] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2566'.
[  242.576677][T13510] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  242.579196][T13510] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  242.581182][T13510] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  242.583140][T13510] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  242.671002][T13547] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.674831][ T5977] Bluetooth: hci0: unexpected event for opcode 0x2028
[  242.699712][T13554] netlink: 'syz.8.2574': attribute type 27 has an invalid length.
[  243.505966][T13550] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  243.508145][T13550] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  243.510102][T13550] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  243.512044][T13550] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  243.521375][T13562] netlink: 'syz.6.2582': attribute type 21 has an invalid length.
[  243.524264][T13562] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2582'.
[  243.532212][T13562] netlink: 'syz.6.2582': attribute type 21 has an invalid length.
[  243.532262][   T60] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  243.539266][   T60] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  243.543407][   T60] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  243.546902][   T60] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  243.549962][T13569] ucma_write: process 333 (syz.7.2584) changed security contexts after opening file descriptor, this is not allowed.
[  243.564583][T13572] fuse: Unknown parameter '0x00000000000000050x0000000000000009'
[  243.575052][T13572] fuseblk: Unknown parameter 'r'
[  243.728997][T13594] lo speed is unknown, defaulting to 1000
[  243.853923][ T8954] usb 13-1: new high-speed USB device number 11 using dummy_hcd
[  243.906195][   T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.013799][ T8954] usb 13-1: Using ep0 maxpacket: 8
[  244.021938][ T8954] usb 13-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  244.025635][ T8954] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  244.028871][ T8954] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  244.032072][ T8954] usb 13-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  244.037756][ T8954] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  244.040689][ T8954] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.046801][ T8954] usbtmc 13-1:16.0: bulk endpoints not found
[  244.766640][ T5965] Bluetooth: hci1: command 0x0c1a tx timeout
[  245.045917][   T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.052835][T13620] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.060945][T13624] wg2: entered promiscuous mode
[  245.062582][T13624] wg2: entered allmulticast mode
[  245.149220][   T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.253701][   T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.574187][ T5965] Bluetooth: hci4: command 0x0c1a tx timeout
[  245.574727][   T63] Bluetooth: hci5: command 0x0c1a tx timeout
[  245.576261][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  246.619056][ T8954] usb 13-1: USB disconnect, device number 11
[  248.678450][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.682556][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  248.686923][   T46] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  248.690748][   T46] bond0 (unregistering): Released all slaves
[  248.697040][   T46] bond1 (unregistering): Released all slaves
[  248.703084][   T46] bond2 (unregistering): Released all slaves
[  248.709262][   T46] bond3 (unregistering): Released all slaves
[  248.715689][   T46] bond4 (unregistering): Released all slaves
[  248.723963][   T46] bond5 (unregistering): Released all slaves
[  248.733247][   T46] bond6 (unregistering): (slave bond7): Releasing backup interface
[  248.736480][   T46] bond6 (unregistering): Released all slaves
[  248.809630][   T46] bond7 (unregistering): Released all slaves
[  248.816389][   T46] bond8 (unregistering): (slave bond9): Releasing backup interface
[  248.819319][   T46] bond8 (unregistering): Released all slaves
[  248.890242][   T46] bond9 (unregistering): Released all slaves
[  248.907214][T13673] lo speed is unknown, defaulting to 1000
[  250.020800][   T46] tipc: Disabling bearer <eth:team0>
[  250.023163][   T46] tipc: Left network mode
[  250.031142][   T46] IPVS: stopping backup sync thread 11269 ...
[  250.051595][T13719] lo speed is unknown, defaulting to 1000
[  251.864106][T13736] lo speed is unknown, defaulting to 1000
[  252.040478][T13752] lo speed is unknown, defaulting to 1000
[  253.258793][   T46] hsr_slave_0: left promiscuous mode
[  253.268073][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  253.271488][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  253.281764][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  253.284712][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  253.332110][   T46] veth1_macvtap: left promiscuous mode
[  253.334069][   T46] veth0_macvtap: left promiscuous mode
[  253.337231][   T46] veth1_vlan: left promiscuous mode
[  253.339024][   T46] veth0_vlan: left promiscuous mode
[  253.974714][   T46] team0 (unregistering): Port device team_slave_1 removed
[  254.043218][   T46] team0 (unregistering): Port device team_slave_0 removed
[  254.565243][T13788] wg2: entered promiscuous mode
[  254.566873][T13788] wg2: entered allmulticast mode
[  254.577715][T13779] lo speed is unknown, defaulting to 1000
[  254.632345][T13797] __nla_validate_parse: 4 callbacks suppressed
[  254.632359][T13797] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2671'.
[  254.949759][T13818] wg2: entered promiscuous mode
[  254.951383][T13818] wg2: entered allmulticast mode
[  255.497189][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.499642][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  257.999247][T13838] pim6reg1: entered promiscuous mode
[  258.001008][T13838] pim6reg1: entered allmulticast mode
[  258.173338][T13848] usb usb8: usbfs: interface 0 claimed by hub while 'syz.8.2688' resets device
[  261.658513][T13935] pim6reg1: entered promiscuous mode
[  261.660350][T13935] pim6reg1: entered allmulticast mode
[  261.663393][T13923] lo speed is unknown, defaulting to 1000
[  261.942724][T13956] wg2: entered promiscuous mode
[  261.949706][T13956] wg2: entered allmulticast mode
[  262.345648][T13982] lo speed is unknown, defaulting to 1000
[  263.796884][T14026] pim6reg1: entered promiscuous mode
[  263.798730][T14026] pim6reg1: entered allmulticast mode
[  266.630161][T14113] lo speed is unknown, defaulting to 1000
[  266.682861][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  266.682873][   T40] audit: type=1400 audit(266.553:924): avc:  denied  { listen } for  pid=14120 comm="syz.8.2807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  266.689651][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  266.697451][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  266.706156][   T40] audit: type=1400 audit(266.583:925): avc:  denied  { accept } for  pid=14120 comm="syz.8.2807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  266.751083][T14127] tipc: Started in network mode
[  266.752742][T14127] tipc: Node identity 065b3ba01106, cluster identity 4711
[  266.755398][T14127] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  266.758043][T14127] syzkaller0: entered promiscuous mode
[  266.759815][T14127] syzkaller0: entered allmulticast mode
[  266.771335][T14127] tipc: Resetting bearer <eth:syzkaller0>
[  266.776451][T14126] tipc: Resetting bearer <eth:syzkaller0>
[  266.786173][T14126] tipc: Disabling bearer <eth:syzkaller0>
[  267.147885][T14150] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.151631][T14150] batadv_slave_0: entered promiscuous mode
[  267.919032][   T40] audit: type=1400 audit(267.783:926): avc:  denied  { setopt } for  pid=14166 comm="syz.7.2824" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  269.026127][T14171] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  269.095555][T14191] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.134024][T14167] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  269.136073][T14167] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  269.138185][T14167] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  269.140704][T14167] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  269.142696][T14167] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  269.174951][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.177902][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.235026][T14191] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.336092][T14191] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.396301][T14191] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  269.471994][   T60] netdevsim netdevsim6 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  269.483495][   T46] netdevsim netdevsim6 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  269.494562][   T46] netdevsim netdevsim6 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  269.503443][ T1148] netdevsim netdevsim6 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  270.079153][T14215] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.100656][   T40] audit: type=1800 audit(269.973:927): pid=14219 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.7.2839" name="bus" dev="overlay" ino=1070 res=0 errno=0
[  270.120864][T14219] macsec2: entered promiscuous mode
[  270.122694][T14219] dummy0: entered promiscuous mode
[  270.127144][T14219] dummy0: left promiscuous mode
[  270.175066][ T8961] kernel read not supported for file /dsp1 (pid: 8961 comm: kworker/0:7)
[  271.164948][   T63] Bluetooth: hci5: command 0x0c1a tx timeout
[  271.167167][ T5977] Bluetooth: hci0: command 0x041b tx timeout
[  271.174265][ T5977] Bluetooth: hci4: command 0x0c1a tx timeout
[  271.174289][   T63] Bluetooth: hci1: command 0x0c1a tx timeout
[  271.259308][T14215] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.362725][T14215] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.390352][T14228] tipc: Started in network mode
[  271.392128][T14228] tipc: Node identity d2e50d0e395a, cluster identity 4711
[  271.395056][T14228] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  271.398186][T14228] syzkaller0: entered promiscuous mode
[  271.399970][T14228] syzkaller0: entered allmulticast mode
[  271.417953][T14228] tipc: Resetting bearer <eth:syzkaller0>
[  271.424106][T14226] tipc: Resetting bearer <eth:syzkaller0>
[  271.435051][T14226] tipc: Disabling bearer <eth:syzkaller0>
[  271.451951][T14215] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.526431][T14236] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2846'.
[  271.552918][ T1188] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  271.572236][   T60] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  271.586183][   T60] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  271.588975][   T60] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  271.632661][T14247] netlink: 'syz.0.2851': attribute type 10 has an invalid length.
[  271.645485][T14247] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  271.974820][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  271.977325][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  271.991135][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  271.997247][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.002431][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.016696][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.027681][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.031364][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.037767][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.043436][ T8961] hid-generic 0000:007F:0005.0005: unknown main item tag 0x0
[  272.066565][ T8961] hid-generic 0000:007F:0005.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  272.350582][T14267] fido_id[14267]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  272.449775][T14275] netlink: 'syz.8.2863': attribute type 10 has an invalid length.
[  272.458646][T14275] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  272.614011][   T40] audit: type=1800 audit(272.483:928): pid=14283 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.7.2867" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  272.739993][T14300] netlink: 'syz.6.2873': attribute type 10 has an invalid length.
[  272.746906][T14300] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  273.017474][T14309] 9pnet_virtio: no channels available for device syz
[  273.020114][   T40] audit: type=1400 audit(272.893:929): avc:  denied  { mounton } for  pid=14294 comm="syz.0.2869" path="/183/file0/file0" dev="9p" ino=35913881 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  273.244940][ T5977] Bluetooth: hci4: command 0x0c1a tx timeout
[  273.295060][T14317] 9pnet_virtio: no channels available for device syz
[  273.707662][   T40] audit: type=1400 audit(273.583:930): avc:  denied  { setopt } for  pid=14318 comm="syz.6.2880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  273.861916][T14330] tipc: Started in network mode
[  273.865270][T14330] tipc: Node identity 52fb3f9baa2f, cluster identity 4711
[  273.867692][T14330] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  273.870519][T14330] syzkaller0: entered promiscuous mode
[  273.872335][T14330] syzkaller0: entered allmulticast mode
[  273.885111][T14330] tipc: Resetting bearer <eth:syzkaller0>
[  273.889892][T14329] tipc: Resetting bearer <eth:syzkaller0>
[  273.899888][T14329] tipc: Disabling bearer <eth:syzkaller0>
[  273.935762][   T40] audit: type=1400 audit(273.813:931): avc:  denied  { getopt } for  pid=14318 comm="syz.6.2880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  273.944946][ T8956] hid-generic 00A0:0008:0003.0006: hidraw1: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  274.218347][   T40] audit: type=1400 audit(274.093:932): avc:  denied  { unmount } for  pid=11708 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  274.380232][T14346] 9pnet_virtio: no channels available for device syz
[  274.683843][ T5979] Bluetooth: hci0: command 0x041b tx timeout
[  275.252137][T14359] 9pnet_virtio: no channels available for device syz
[  275.324921][   T63] Bluetooth: hci5: command 0x0c1a tx timeout
[  275.935074][T14366] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2897'.
[  275.936611][T14363] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  276.867253][T14386] ata1.00: invalid multi_count 1 ignored
[  276.989561][   T29] hid_parser_main: 48 callbacks suppressed
[  276.989574][   T29] hid-generic 00A0:0008:0003.0007: unknown main item tag 0x7
[  276.996167][   T29] hid-generic 00A0:0008:0003.0007: item fetching failed at offset 14/15
[  276.999613][   T29] hid-generic 00A0:0008:0003.0007: probe with driver hid-generic failed with error -22
[  277.266767][T14400] 9pnet_virtio: no channels available for device syz
[  277.275722][   T40] audit: type=1400 audit(277.143:933): avc:  denied  { mount } for  pid=14398 comm="syz.8.2909" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  278.183869][T14426] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  278.187323][T14426] syzkaller0: entered promiscuous mode
[  278.189065][T14426] syzkaller0: entered allmulticast mode
[  278.206016][T14426] tipc: Resetting bearer <eth:syzkaller0>
[  278.210944][T14425] tipc: Resetting bearer <eth:syzkaller0>
[  278.219498][T14425] tipc: Disabling bearer <eth:syzkaller0>
[  278.463683][ T5965] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  278.467386][ T5965] CPU: 3 UID: 0 PID: 5965 Comm: kworker/u33:2 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  278.467406][ T5965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  278.467416][ T5965] Workqueue: hci4 hci_rx_work
[  278.467435][ T5965] Call Trace:
[  278.467441][ T5965]  <TASK>
[  278.467446][ T5965]  dump_stack_lvl+0x16c/0x1f0
[  278.467462][ T5965]  sysfs_warn_dup+0x7f/0xa0
[  278.467483][ T5965]  sysfs_create_dir_ns+0x24b/0x2b0
[  278.467499][ T5965]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  278.467514][ T5965]  ? find_held_lock+0x2b/0x80
[  278.467534][ T5965]  ? do_raw_spin_unlock+0x172/0x230
[  278.467549][ T5965]  kobject_add_internal+0x2c4/0x9b0
[  278.467567][ T5965]  kobject_add+0x16e/0x240
[  278.467582][ T5965]  ? __pfx_kobject_add+0x10/0x10
[  278.467597][ T5965]  ? do_raw_spin_unlock+0x172/0x230
[  278.467610][ T5965]  ? kobject_put+0xab/0x5a0
[  278.467626][ T5965]  device_add+0x288/0x1aa0
[  278.467641][ T5965]  ? __pfx_dev_set_name+0x10/0x10
[  278.467656][ T5965]  ? __pfx_device_add+0x10/0x10
[  278.467670][ T5965]  ? mgmt_send_event_skb+0x2fb/0x460
[  278.467690][ T5965]  hci_conn_add_sysfs+0x17e/0x230
[  278.467702][ T5965]  le_conn_complete_evt+0x1075/0x1d70
[  278.467718][ T5965]  ? preempt_count_sub+0x150/0x160
[  278.467734][ T5965]  ? find_held_lock+0x2b/0x80
[  278.467746][ T5965]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  278.467761][ T5965]  ? hci_event_packet+0x459/0x11c0
[  278.467779][ T5965]  ? __mutex_unlock_slowpath+0x163/0x800
[  278.467794][ T5965]  hci_le_conn_complete_evt+0x23c/0x370
[  278.467813][ T5965]  hci_le_meta_evt+0x354/0x5e0
[  278.467830][ T5965]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  278.467848][ T5965]  hci_event_packet+0x682/0x11c0
[  278.467863][ T5965]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  278.467880][ T5965]  ? __pfx_hci_event_packet+0x10/0x10
[  278.467895][ T5965]  ? __sanitizer_cov_trace_switch+0x40/0x90
[  278.467910][ T5965]  ? kfree_skbmem+0xae/0x1f0
[  278.467925][ T5965]  ? sk_skb_reason_drop+0x136/0x1a0
[  278.467940][ T5965]  hci_rx_work+0x2c5/0x16b0
[  278.467951][ T5965]  ? rcu_is_watching+0x12/0xc0
[  278.467967][ T5965]  process_one_work+0x9cc/0x1b70
[  278.467985][ T5965]  ? __pfx_process_one_work+0x10/0x10
[  278.468001][ T5965]  ? assign_work+0x1a0/0x250
[  278.468013][ T5965]  worker_thread+0x6c8/0xf10
[  278.468030][ T5965]  ? __pfx_worker_thread+0x10/0x10
[  278.468042][ T5965]  kthread+0x3c5/0x780
[  278.468053][ T5965]  ? __pfx_kthread+0x10/0x10
[  278.468064][ T5965]  ? rcu_is_watching+0x12/0xc0
[  278.468077][ T5965]  ? __pfx_kthread+0x10/0x10
[  278.468088][ T5965]  ret_from_fork+0x5d7/0x6f0
[  278.468099][ T5965]  ? __pfx_kthread+0x10/0x10
[  278.468110][ T5965]  ret_from_fork_asm+0x1a/0x30
[  278.468131][ T5965]  </TASK>
[  278.468149][ T5965] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  278.565283][ T5965] Bluetooth: hci4: failed to register connection device
[  278.777164][   T12] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.796383][T14442] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(5)
[  278.798596][T14442] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  278.801410][T14442] vhci_hcd vhci_hcd.0: Device attached
[  278.811934][T14442] futex_wake_op: syz.7.2926 tries to shift op by 144; fix this program
[  278.844815][   T12] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.908561][   T12] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.968639][   T12] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.981020][ T5979] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  278.986095][ T5979] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  278.989109][ T5979] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  278.992722][ T5979] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  278.995861][ T5979] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  279.015842][T14447] lo speed is unknown, defaulting to 1000
[  279.069251][   T12] bridge_slave_1: left allmulticast mode
[  279.072076][   T12] bridge_slave_1: left promiscuous mode
[  279.075155][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.079733][   T12] bridge_slave_0: left allmulticast mode
[  279.081672][   T12] bridge_slave_0: left promiscuous mode
[  279.084039][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.104880][   T29] usb 52-1: SetAddress Request (2) to port 0
[  279.107778][   T29] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd
[  279.251085][   T12] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  279.278811][   T40] audit: type=1400 audit(279.153:934): avc:  denied  { read write } for  pid=14453 comm="syz.8.2930" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  279.285996][   T40] audit: type=1400 audit(279.153:935): avc:  denied  { open } for  pid=14453 comm="syz.8.2930" path="/241/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  279.391697][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  279.396112][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  279.396503][T14459] ata1.00: invalid multi_count 1 ignored
[  279.402061][   T12] bond0 (unregistering): Released all slaves
[  279.420796][T14443] vhci_hcd: connection reset by peer
[  279.425031][ T1148] vhci_hcd: stop threads
[  279.427279][ T1148] vhci_hcd: release socket
[  279.428789][ T1148] vhci_hcd: disconnect device
[  279.479393][   T12] tipc: Left network mode
[  279.508760][ T8961] hid-generic 00A0:0008:0003.0008: unknown main item tag 0x7
[  279.511292][ T8961] hid-generic 00A0:0008:0003.0008: item fetching failed at offset 14/15
[  279.523685][   T12] IPVS: stopping backup sync thread 13366 ...
[  279.525257][T14447] chnl_net:caif_netlink_parms(): no params data found
[  279.528099][ T8961] hid-generic 00A0:0008:0003.0008: probe with driver hid-generic failed with error -22
[  279.617567][T14447] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.619946][T14447] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.622517][T14447] bridge_slave_0: entered allmulticast mode
[  279.626559][T14447] bridge_slave_0: entered promiscuous mode
[  279.649409][T14447] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.652064][T14447] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.655672][T14447] bridge_slave_1: entered allmulticast mode
[  279.658634][T14447] bridge_slave_1: entered promiscuous mode
[  279.697178][T14447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.710216][T14447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.786101][T14447] team0: Port device team_slave_0 added
[  279.795342][   T12] hsr_slave_0: left promiscuous mode
[  279.799959][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.802959][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  279.805793][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.832238][   T12] veth1_macvtap: left promiscuous mode
[  279.835183][   T12] veth0_macvtap: left promiscuous mode
[  279.837058][   T12] veth1_vlan: left promiscuous mode
[  279.839185][   T12] veth0_vlan: left promiscuous mode
[  280.287172][T14475] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  280.573924][ T5965] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  280.778409][   T12] team0 (unregistering): Port device team_slave_1 removed
[  280.865338][   T12] team0 (unregistering): Port device team_slave_0 removed
[  281.006746][   T63] Bluetooth: hci0: command tx timeout
[  281.538658][T14447] team0: Port device team_slave_1 added
[  281.589837][T14447] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.592064][T14447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.602372][T14447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.608317][T14447] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.611273][T14447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.620683][T14447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.704910][T14447] hsr_slave_0: entered promiscuous mode
[  281.707656][T14447] hsr_slave_1: entered promiscuous mode
[  281.862029][T14447] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  281.867405][T14447] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  281.872203][T14447] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  281.879216][T14447] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  281.931930][T14447] 8021q: adding VLAN 0 to HW filter on device bond0
[  281.949019][T14447] 8021q: adding VLAN 0 to HW filter on device team0
[  281.954682][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  281.957118][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  281.963540][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.965925][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.076215][T14447] 8021q: adding VLAN 0 to HW filter on device batadv0
[  282.091629][T14510] ata1.00: invalid multi_count 1 ignored
[  282.196406][ T6025] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x7
[  282.198952][ T6025] hid-generic 00A0:0008:0003.0009: item fetching failed at offset 14/15
[  282.201885][ T6025] hid-generic 00A0:0008:0003.0009: probe with driver hid-generic failed with error -22
[  282.224904][T14447] veth0_vlan: entered promiscuous mode
[  282.230820][T14447] veth1_vlan: entered promiscuous mode
[  282.249871][T14447] veth0_macvtap: entered promiscuous mode
[  282.256521][T14447] veth1_macvtap: entered promiscuous mode
[  282.268230][T14447] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.277691][T14447] batman_adv: batadv0: Interface activated: batadv_slave_1
[  282.285560][ T1188] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.288510][ T1188] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.292008][ T1188] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.298659][ T1188] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.349486][ T1188] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.352694][ T1188] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.372919][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  282.377408][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.591903][T14527] binder_alloc: 14526: binder_alloc_buf, no vma
[  282.634557][T14532] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  282.636603][   T63] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  282.643979][   T63] CPU: 1 UID: 0 PID: 63 Comm: kworker/u33:0 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  282.644001][   T63] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.644011][   T63] Workqueue: hci0 hci_rx_work
[  282.644033][   T63] Call Trace:
[  282.644039][   T63]  <TASK>
[  282.644046][   T63]  dump_stack_lvl+0x16c/0x1f0
[  282.644063][   T63]  sysfs_warn_dup+0x7f/0xa0
[  282.644081][   T63]  sysfs_create_dir_ns+0x24b/0x2b0
[  282.644099][   T63]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  282.644114][   T63]  ? find_held_lock+0x2b/0x80
[  282.644134][   T63]  ? do_raw_spin_unlock+0x172/0x230
[  282.644150][   T63]  kobject_add_internal+0x2c4/0x9b0
[  282.644169][   T63]  kobject_add+0x16e/0x240
[  282.644184][   T63]  ? __pfx_kobject_add+0x10/0x10
[  282.644198][   T63]  ? do_raw_spin_unlock+0x172/0x230
[  282.644210][   T63]  ? kobject_put+0xab/0x5a0
[  282.644227][   T63]  device_add+0x288/0x1aa0
[  282.644243][   T63]  ? __pfx_dev_set_name+0x10/0x10
[  282.644260][   T63]  ? __pfx_device_add+0x10/0x10
[  282.644275][   T63]  ? mgmt_send_event_skb+0x2fb/0x460
[  282.644302][   T63]  hci_conn_add_sysfs+0x17e/0x230
[  282.644314][   T63]  le_conn_complete_evt+0x1075/0x1d70
[  282.644334][   T63]  ? preempt_count_sub+0x150/0x160
[  282.644355][   T63]  ? find_held_lock+0x2b/0x80
[  282.644369][   T63]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  282.644387][   T63]  ? hci_event_packet+0x459/0x11c0
[  282.644408][   T63]  ? __mutex_unlock_slowpath+0x163/0x800
[  282.644425][   T63]  hci_le_conn_complete_evt+0x23c/0x370
[  282.644446][   T63]  hci_le_meta_evt+0x354/0x5e0
[  282.644463][   T63]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  282.644481][   T63]  hci_event_packet+0x682/0x11c0
[  282.644497][   T63]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  282.644514][   T63]  ? __pfx_hci_event_packet+0x10/0x10
[  282.644531][   T63]  ? kcov_remote_start+0x3c9/0x6d0
[  282.644543][   T63]  ? lockdep_hardirqs_on+0x7c/0x110
[  282.644558][   T63]  hci_rx_work+0x2c5/0x16b0
[  282.644568][   T63]  ? rcu_is_watching+0x12/0xc0
[  282.644584][   T63]  process_one_work+0x9cc/0x1b70
[  282.644602][   T63]  ? __pfx_process_one_work+0x10/0x10
[  282.644618][   T63]  ? assign_work+0x1a0/0x250
[  282.644630][   T63]  worker_thread+0x6c8/0xf10
[  282.644648][   T63]  ? __pfx_worker_thread+0x10/0x10
[  282.644659][   T63]  kthread+0x3c5/0x780
[  282.644671][   T63]  ? __pfx_kthread+0x10/0x10
[  282.644682][   T63]  ? rcu_is_watching+0x12/0xc0
[  282.644695][   T63]  ? __pfx_kthread+0x10/0x10
[  282.644706][   T63]  ret_from_fork+0x5d7/0x6f0
[  282.644717][   T63]  ? __pfx_kthread+0x10/0x10
[  282.644728][   T63]  ret_from_fork_asm+0x1a/0x30
[  282.644769][   T63]  </TASK>
[  282.644802][   T63] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  282.752437][   T63] Bluetooth: hci0: failed to register connection device
[  282.759190][   T63] Oops: general protection fault, probably for non-canonical address 0xdffffc000000004b: 0000 [#1] SMP KASAN NOPTI
[  282.763199][   T63] KASAN: null-ptr-deref in range [0x0000000000000258-0x000000000000025f]
[  282.767919][   T63] CPU: 3 UID: 0 PID: 63 Comm: kworker/u33:0 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) 
[  282.769067][   T40] audit: type=1400 audit(282.643:936): avc:  denied  { write } for  pid=5878 comm="syz-executor" path="pipe:[6405]" dev="pipefs" ino=6405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  282.772395][   T63] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  282.783332][   T63] Workqueue: hci0 hci_rx_work
[  282.784930][   T63] RIP: 0010:kasan_byte_accessible+0x15/0x30
[  282.787047][   T63] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00
[  282.793427][   T63] RSP: 0018:ffffc90000b0f610 EFLAGS: 00010286
[  282.795669][   T63] RAX: dffffc0000000000 RBX: 0000000000000258 RCX: 0000000000000000
[  282.798448][   T63] RDX: 0000000000000000 RSI: ffffffff8964dc51 RDI: dffffc000000004b
[  282.800982][   T63] RBP: 0000000000000258 R08: 0000000000000001 R09: 0000000000000000
[  282.803482][   T63] R10: 00000000ffffff80 R11: 0000000000000000 R12: ffffffff8964dc51
[  282.806101][   T63] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.808717][   T63] FS:  0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000
[  282.811559][   T63] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  282.813628][   T63] CR2: 00005555706695c8 CR3: 0000000031913000 CR4: 0000000000352ef0
[  282.816344][   T63] Call Trace:
[  282.817506][   T63]  <TASK>
[  282.818497][   T63]  __kasan_check_byte+0x13/0x50
[  282.820098][   T63]  lock_acquire+0xfc/0x350
[  282.821540][   T63]  ? __pfx___might_resched+0x10/0x10
[  282.823225][   T63]  lock_sock_nested+0x41/0xf0
[  282.824735][   T63]  ? l2cap_sock_ready_cb+0x41/0x170
[  282.826582][   T63]  l2cap_sock_ready_cb+0x41/0x170
[  282.828433][   T63]  l2cap_le_start+0x1ea/0xe40
[  282.829947][   T63]  ? __pfx_l2cap_le_start+0x10/0x10
[  282.831611][   T63]  ? __pfx_l2cap_global_fixed_chan+0x10/0x10
[  282.833590][   T63]  ? __l2cap_chan_add+0x3e6/0xa20
[  282.835362][   T63]  l2cap_connect_cfm+0x8f4/0xf80
[  282.837025][   T63]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  282.838935][   T63]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  282.840812][   T63]  le_conn_complete_evt+0x1662/0x1d70
[  282.842592][   T63]  ? find_held_lock+0x2b/0x80
[  282.844486][   T63]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  282.846314][   T63]  ? hci_event_packet+0x459/0x11c0
[  282.847952][   T63]  ? __mutex_unlock_slowpath+0x163/0x800
[  282.849728][   T63]  hci_le_conn_complete_evt+0x23c/0x370
[  282.851512][   T63]  hci_le_meta_evt+0x354/0x5e0
[  282.853044][   T63]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  282.855106][   T63]  hci_event_packet+0x682/0x11c0
[  282.856706][   T63]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  282.858430][   T63]  ? __pfx_hci_event_packet+0x10/0x10
[  282.860146][   T63]  ? kcov_remote_start+0x3c9/0x6d0
[  282.861761][   T63]  ? lockdep_hardirqs_on+0x7c/0x110
[  282.863435][   T63]  hci_rx_work+0x2c5/0x16b0
[  282.865071][   T63]  ? rcu_is_watching+0x12/0xc0
[  282.866694][   T63]  process_one_work+0x9cc/0x1b70
[  282.868335][   T63]  ? __pfx_process_one_work+0x10/0x10
[  282.870059][   T63]  ? assign_work+0x1a0/0x250
[  282.871696][   T63]  worker_thread+0x6c8/0xf10
[  282.873201][   T63]  ? __pfx_worker_thread+0x10/0x10
[  282.875041][   T63]  kthread+0x3c5/0x780
[  282.876355][   T63]  ? __pfx_kthread+0x10/0x10
[  282.877849][   T63]  ? rcu_is_watching+0x12/0xc0
[  282.879384][   T63]  ? __pfx_kthread+0x10/0x10
[  282.880946][   T63]  ret_from_fork+0x5d7/0x6f0
[  282.882563][   T63]  ? __pfx_kthread+0x10/0x10
[  282.884125][   T63]  ret_from_fork_asm+0x1a/0x30
[  282.885699][   T63]  </TASK>
[  282.886020][   T40] audit: type=1400 audit(282.723:937): avc:  denied  { read } for  pid=5358 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  282.886738][   T63] Modules linked in:
[  282.893376][   T40] audit: type=1400 audit(282.723:938): avc:  denied  { search } for  pid=5358 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  282.895120][   T63] ---[ end trace 0000000000000000 ]---
[  282.903253][   T40] audit: type=1400 audit(282.723:939): avc:  denied  { append } for  pid=5358 comm="syslogd" name="messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  282.903787][   T63] RIP: 0010:kasan_byte_accessible+0x15/0x30
[  282.910482][   T40] audit: type=1400 audit(282.723:940): avc:  denied  { open } for  pid=5358 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  282.912234][   T63] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00
[  282.919149][   T40] audit: type=1400 audit(282.723:941): avc:  denied  { getattr } for  pid=5358 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  282.926022][   T63] RSP: 0018:ffffc90000b0f610 EFLAGS: 00010286
[  282.936068][   T63] RAX: dffffc0000000000 RBX: 0000000000000258 RCX: 0000000000000000
[  282.938507][   T63] RDX: 0000000000000000 RSI: ffffffff8964dc51 RDI: dffffc000000004b
[  282.941172][   T63] RBP: 0000000000000258 R08: 0000000000000001 R09: 0000000000000000
[  282.943941][   T63] R10: 00000000ffffff80 R11: 0000000000000000 R12: ffffffff8964dc51
[  282.946719][   T63] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  282.949272][   T63] FS:  0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000
[  282.952680][   T63] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  282.955305][   T63] CR2: 00005555706695c8 CR3: 0000000031913000 CR4: 0000000000352ef0
[  282.957845][   T63] Kernel panic - not syncing: Fatal exception
[  282.960251][   T63] Kernel Offset: disabled
[  282.961584][   T63] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:37:52  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88806a73fe80 RCX=ffffffff81af8e41 RDX=ffff8880291e0000
RSI=ffffffff81af8e1b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000655f888
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed100d4e7fd1 R14=0000000000000001 R15=0000000000000003
RIP=ffffffff81af8e1d RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055557064e808 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000000000fff Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff2834b1a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff2834b326
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff2834b326 00007fff2834b32c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a02a12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000041 RCX=ffffffff82073e7d RDX=0000000000000041
RSI=0000000000000048 RDI=0000000000000004 RBP=ffff88803b83cfc8 RSP=ffffc90004467600
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000041 R11=0000000000007bcc
R12=0000000000000041 R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81bb8ca3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3cc554 CR3=0000000035d82000 CR4=00352ef0
DR0=0000000000000001 DR1=0000000000000003 DR2=0000000000000e8f DR3=0000000000000007 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff92ce7c56
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff92ce7c56 00007fff92ce7c5c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869012fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8691874a8 00007fb8691874a0 00007fb869187498 00007fb869187470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb869ced100 00007fb869187460 00007fb869180004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb8691874b8 00007fb8691874b0 00007fb8691874a8 00007fb8691874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffff88801ddd5afc RBX=ffff88801ddd5af8 RCX=ffffffff822da2c1 RDX=0000000000000000
RSI=0000000000000004 RDI=ffff88801ddd5afc RBP=0000000000000000 RSP=ffffc90004927758
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000007bcc
R12=ffff88801ddd5ab0 R13=0000000000000001 R14=0000000000000001 R15=ffff88801ddd5afc
RIP=ffffffff8221e3a2 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb1c7ee7d60 CR3=000000003b9dc000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb1c73876c3 00007fb1c73876c3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffce83c23b0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577340e2f 0000555577340a20
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555577332bd4 0000555577332bd0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557732d4a8
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557733b3b0 000055557733b240
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557733d6f4 000055557733d6f0
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800021000301000 060171b009800410 1000000000020806 0601589004100009
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 012c100004800404 0172de0100c90001 133e041008048003 0010000c10000280
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 04018004080172c6 01010101010101ff fffffffffffffff3 0802800300306e61
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c7701ffffffffff fffffff308018003 0408000210003010 00060171b0098004
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1010000000000208 0606015890041000 0980030010000880 8080808080818210
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff85640590 RDI=ffffffff9b10dfa0 RBP=ffffffff9b10df60 RSP=ffffc90000b0ef88
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043
R12=0000000000000000 R13=ffffffff9b10dfb0 R14=ffffffff9b10df60 R15=ffffffff9b10e220
RIP=ffffffff856405b7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69bc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005555706695c8 CR3=0000000031913000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000054 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff911f3c56
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff911f3c56 00007fff911f3c5c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9212fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f93874a8 00007f56f93874a0 00007f56f9387498 00007f56f9387470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f9eed100 00007f56f9387460 00007f56f9380004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56f93874b8 00007f56f93874b0 00007f56f93874a8 00007f56f93874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000