last executing test programs:

913.125472ms ago: executing program 0 (id=1884):
syz_open_dev$video(&(0x7f0000000300), 0x9, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ff1000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1c6c, &(0x7f0000000040)={0x0, 0xaebb, 0xd000, 0x20000a, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xa, 0xd}, {0xb, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x40885}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r3}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x7c, 0x2, 0x4, 0x2, "07000000008000"}, 0x3d}}, 0x0)
getsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

912.503875ms ago: executing program 0 (id=1886):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newtaction={0xc64, 0x30, 0xffff, 0x0, 0x0, {}, [{0xc50, 0x1, [@m_police={0x994, 0x17, 0x0, 0x0, {{0xb}, {0x934, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xf}], [@TCA_POLICE_RATE={0x404, 0x2, [0xffffffc0, 0x100000, 0xffff, 0x7fffffff, 0x9b8, 0xe, 0x38c, 0xffff, 0x1, 0x807, 0x9, 0x6, 0x7, 0x5, 0xbdea, 0x7fffffff, 0x7, 0x1ff, 0xfffffffe, 0x10000, 0x35df8fe7, 0x7fffffff, 0x9, 0x0, 0x8, 0x1, 0xe, 0x8, 0x3, 0x5000000, 0xbfe, 0x1000, 0x4, 0x3ff, 0xff, 0x3, 0x104, 0x0, 0xfffffd0c, 0xfffffffa, 0x2, 0x3, 0x6, 0x7d55, 0x1062839e, 0x6, 0x2, 0x3, 0x3, 0xfffffff7, 0x80000001, 0x7, 0x9, 0x8000, 0xfffffff7, 0x0, 0xe16, 0xa, 0x9, 0xfffffff9, 0x9, 0x0, 0x3, 0x35c, 0xc26, 0x4, 0x80000000, 0x692c, 0x7, 0xd2c, 0x10, 0x6, 0x0, 0x200, 0x0, 0x2, 0xfe66, 0x6, 0x9, 0x80, 0xc, 0x6, 0x38, 0x9, 0x9d, 0x1, 0x8, 0x401, 0x4, 0x7, 0x7, 0x10, 0x7, 0x4, 0xfffffffe, 0x3ff, 0x1ff, 0x1, 0xffffffc0, 0x0, 0x200, 0xa, 0x7, 0x81, 0xfffffff2, 0xffff, 0x800, 0x4, 0xf2ae, 0x3b8, 0xd0000000, 0x8, 0x7ff, 0x4, 0x7, 0x7fffffff, 0x8, 0x4, 0x4000, 0x1, 0x7, 0x8, 0x8, 0x2, 0x6, 0x3ab7, 0x47, 0x2, 0x3, 0x3, 0x7, 0x7, 0xd5, 0x200, 0x60c, 0x5, 0x7, 0x8, 0xcc7, 0xffff, 0xf3e, 0x7, 0x7fff, 0x100, 0x2, 0x5, 0x81, 0x9, 0x0, 0x6, 0x3, 0x128e, 0xe806e6a, 0xfff, 0x0, 0x2, 0x2, 0x8000, 0xcc, 0x6, 0x3, 0x2, 0xd41, 0x4, 0xc786, 0x1d, 0x40, 0x6, 0x8, 0xa73, 0x5, 0x5, 0x6, 0x7, 0x89, 0x26a3fc2a, 0x28, 0xc668, 0x5, 0x6, 0x8, 0x1000, 0x4, 0x3, 0x2, 0x4, 0x9, 0x8, 0x4, 0x2, 0x4, 0x1, 0xb, 0x1000, 0xffffffff, 0x10000, 0x7, 0xfff, 0x401, 0xb, 0x9, 0x4, 0xfb, 0x6, 0x1, 0x6e38, 0x4, 0xd917013c, 0x0, 0x9, 0xdf70, 0x9dee, 0x0, 0x5, 0x7f, 0x9fb, 0x401, 0x4, 0xfffffffb, 0xe7d, 0xa, 0x1, 0x1, 0x8, 0x6, 0x4, 0x7, 0x96, 0x1, 0x6, 0x7f, 0x2, 0x5, 0x8, 0xfffffe02, 0x5, 0x4, 0x88, 0x6, 0x6, 0x1, 0x0, 0x200, 0x5, 0x1, 0x3, 0x80, 0x2, 0x6, 0x9e4, 0x3, 0x6141, 0x6, 0x3148, 0x6, 0x7]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3ff}, @TCA_POLICE_RESULT={0x8, 0x5, 0xfff}, @TCA_POLICE_RATE64={0xc, 0x8, 0x1}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0xfffffffc, 0x0, 0x8, {0xf2, 0x2, 0x8, 0x6, 0x10, 0x7fffffff}, {0xb3, 0x0, 0x5cb, 0xb, 0x1000, 0x4}, 0xfffff50f, 0x7b18, 0x4}}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x4}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x4, 0xc4de, 0x5, 0xe, {0x3, 0x0, 0x8, 0x6, 0x8, 0x7}, {0x6, 0x1, 0x3, 0x1, 0xd, 0x5}, 0x6, 0x800, 0x5}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x3f, 0x5, 0xe, 0xbe54, 0x7fffffff, 0x9, 0x2, 0x9, 0x2, 0x4, 0xffffffff, 0x4, 0x3, 0x1, 0x2, 0x7fffffff, 0x0, 0x7f, 0xa1, 0xff, 0x4bcc, 0xf, 0x7, 0x7fff, 0xffff, 0x7, 0x12a, 0x0, 0xd2, 0x200, 0x18e0, 0x1, 0x50a, 0x6, 0x9, 0x4, 0x0, 0x3, 0x8, 0x2, 0x0, 0x81, 0x9, 0x2, 0x1, 0x2, 0xb, 0x5, 0x2786, 0x7, 0x2, 0x3ff, 0x7, 0x4, 0x6, 0x1, 0x81, 0xc064, 0x659, 0x4da8f43c, 0x7, 0x80000000, 0x4, 0x9, 0x9, 0x0, 0x9, 0x81, 0x0, 0x0, 0x3, 0x7fff, 0x0, 0x5, 0x2, 0x1, 0x1, 0x33, 0x9, 0x8, 0x3ff, 0x1d6a, 0xe, 0x6, 0x9, 0x1, 0x231f, 0xfffffffd, 0xa19, 0xb, 0x35cc, 0x2, 0x81, 0xd, 0x10001, 0x2, 0x9df, 0xff, 0x8, 0xe, 0xffffffc7, 0x9, 0x5, 0x3, 0x1000, 0x7, 0x1000, 0x9e0, 0x9, 0x0, 0x2, 0x7, 0xb07, 0x7, 0x7, 0x7, 0x6, 0x6, 0x9, 0x1, 0x1, 0x3ff, 0x0, 0x800, 0x6, 0xe0, 0x8, 0x1, 0x4, 0x0, 0xd3, 0x3, 0x1e77, 0x10001, 0x80000000, 0x54, 0x9, 0x3, 0x4, 0x3e3d, 0xfffffff6, 0x6, 0xffff, 0x8001, 0x2, 0x4, 0xfa7, 0xffff4ab8, 0x10000, 0x1, 0x5, 0x8, 0x8, 0xff, 0xc, 0xfffffff3, 0xaa, 0x4, 0x20000000, 0xe, 0x8001, 0x68e7, 0x9, 0x5, 0x25f, 0x7, 0x7ff, 0x7fff, 0x0, 0x9, 0xd63d, 0x0, 0xfffffffa, 0xbf5, 0x3, 0xffffffff, 0x3, 0x7, 0x9, 0x1f, 0xffffff00, 0x1, 0x5e8, 0xfffffff9, 0x4, 0xfffffffc, 0x9, 0x1, 0x401, 0xfff, 0x0, 0xfffeffff, 0x1, 0x8, 0x7, 0x1, 0x6, 0xf, 0x0, 0x1ff, 0x8, 0x3, 0x3800000, 0x5, 0xfffffff4, 0x200800, 0x7fff, 0x7, 0x4, 0x2, 0x3, 0x4, 0x101, 0x17, 0x7, 0x8000, 0x7, 0x8, 0x6, 0x6, 0x3, 0x7ff, 0x5, 0x2, 0x7, 0xb, 0x0, 0xff, 0x9, 0x80000000, 0xa0, 0x6, 0x3, 0x4, 0x2, 0xe7d, 0x7f, 0x8, 0x5, 0x0, 0x976, 0x6, 0xa, 0x8001, 0x0, 0x80000000, 0x7c18105b, 0x6, 0xffffffff, 0x3, 0x8, 0x6, 0x4a, 0x97, 0x1]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x4a20}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7f1, 0x1, 0xe, 0x1, 0xd, {0xed, 0x1, 0x2, 0xfb, 0x1, 0x2}, {0x5, 0x1, 0x3, 0xff, 0x80d, 0x1}, 0xe84, 0x3, 0x9}}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffb}]]}, {0x36, 0x6, "b7a6c938fd7a19cba48326f9f8ad2683092e463715376ad3b1c308cc36d53945bb708306736a6701612cc2e1d6a1899012c1"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_connmark={0x17c, 0x15, 0x0, 0x0, {{0xd}, {0x74, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0x6, 0x4, 0xe4, 0x401}, 0x1}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x800, 0x7, 0x2, 0x5, 0x9}, 0xfffc}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x9, 0x9, 0x5, 0x2, 0xfffffff8}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0xc3e, 0x7, 0x4, 0xffff0001}, 0x601}}]}, {0xda, 0x6, "c66bdb357112326474ff2ebb359cbf0f4bda1defc76175f70a9ba87b0aa085729a9da0b1d6262272868972ba667f1facfc84dbb628161c181d6ec3232c56bd2959029ae392213fb4aa9be5a3c9d0db97b3af2e61f86234f93c5799c43a745cfefc2aa8b53f321e7ca42bdd303f389fddd8abfdc97f6bfef68d49af23135bd1d2cdb36f006f6813aa0b9ce806d1ceb8f29947df42903003fbda6617aba89dc78e666b072e84a26965adb8fa3cc16b6cb0ce6078634b0f1ffa702b072ca8965e718b4478b193ff658b6eba68e0b25de9c21c779830234c"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_csum={0x13c, 0x15, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xeaa4, 0x8559, 0x3, 0x9, 0x7}, 0x3}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x8, 0xfffffff7, 0x0, 0xfffffff9, 0x3}, 0x5b}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x4, 0xa27ff5649dadd27f, 0x1, 0x437}, 0x6f}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffff9, 0x1, 0x5, 0xd8, 0x5ad}, 0x38}}]}, {0x9f, 0x6, "8a9336b5411efc659347915409af3ad640fe948c1e01ce400f9a8085f292c4c53b8d310106528d82b9f7aaa67f7a024ce2e1ccccf485a7289b432b6da9d6057556e87e79a05fbd80df2ea07ae6dc4cecea72c8cdeefe964d603602aef987b3628aa62775923fec0c785f61a92959290d64590addf126dc6a96b9514835e9644782307923c83e1731c9910bfc7e30b6bd26126b00d56fa4c1d1cce6"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xc64}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x2, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffe}}}]}, 0x38}}, 0x0)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000080), 0x4)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x58, 0x2c, 0xf3f, 0x70bd2b, 0x25dfdbbd, {0x0, 0x0, 0x0, r3, {0xffe0, 0xc}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x8, 0x7, 0x6}, {{0x1, 0x0, 0x1}, {0x0, 0x0, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x4890)

814.24702ms ago: executing program 0 (id=1887):
r0 = syz_clone(0x10000, &(0x7f0000000000)="f5c174325ea2056c27d012f1a5139ac6d1d22fa3bc45f458a8c89cc543f94e7c6ab28bd25e4bb69554250382c5314601308dc54d0b9956e5d2e8ce7b4f08eb0cfa94e81c52350f38eb56f9c667341e8f147337feb78e4c4f35f479f2bd90de1accbb6ebbf0f65dfe13dae2403ca2fb75c0942c8a2c7b6e4382ab33b90ed64ac27e8771fea7a2c11a485210ad3ba30111f5a479aa5252e2be89c6673fd2c4385c36af4d2d17bd099cbcee4644dec96e2c546c988772b01dd68a556d3fc62ac53fc8a0755c9318ec24249eddfc7bfe4d12a690622900a09df89cb4", 0xda, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="ac3a7a5c0f19f4abf875506becfb40fe62860de131c195a54ec68898dac43745505757c648b4210fddcdaca301ebb407cd3667cfa189f5ff9f04bd2283e01b6120d7022e8fe02d9832b6afa5757b250a7582ae396cbbaf3b348d18d942f55e33aa71721edfbf7cd32b05eb971824f9c63202cf53c62b1b98c3a26bffb4dc45319ecc4febcb2fa2859db8cbf925823a73e19406051d030baf3d5bdb6c7d76042b26f9fc3d8598f2923b49c40bb07d7e00b14ad2e9f34dfc3645a8e7cafcba0570f9942c412ed805c46ee017f27a9368a6e51539d0ce82d3fc7a53d9c8cb1a6b34a232c5def62c364143b9c81cbebe") (async)
r1 = socket$inet6(0xa, 0x80000, 0x8)
ptrace$getregset(0x4204, r0, 0x1, &(0x7f0000000300)={&(0x7f0000000280)=""/113, 0x71})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x254040, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000380)={'virt_wifi0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x24}}) (async)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f00000003c0)={{0xa, 0x4e21, 0xfffffe01, @mcast1}, {0xa, 0x4e23, 0xd, @private2, 0x1}, 0xffffffffffffffff, {[0x4, 0x9, 0x80, 0x10000, 0xd, 0x24, 0xe8a, 0xd]}}, 0x5c) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000440)={'wg1\x00', <r5=>0x0})
sendmsg$sock(r1, &(0x7f0000000600)={&(0x7f0000000480)=@ll={0x11, 0x4, r5, 0x1, 0xcc, 0x6, @multicast}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000500)="f9625a09b00a728372a084f5c0c4e0d21054361a046e16e1f5375e4f0b719a79c4eeec822b9409bb70364803040a7b12c7f5a9639fdc262f51845b4adeb1f92fa449aa32e08106207af11db805675539bbe971154e", 0x55}], 0x1, &(0x7f00000005c0)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x18}, 0x4) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
connect$pptp(0xffffffffffffffff, &(0x7f0000000640)={0x18, 0x2, {0x1, @private=0xa010100}}, 0x1e) (async)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000b00)={&(0x7f0000000680)=@l2tp6={0xa, 0x0, 0x3, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x4, 0x4}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000700)="75b3014e62fb05fdb0cf8ac9491981e0d1a1292ded0923c2178ca768d08b7db6393cc02997e405a08bd3d5a955b2dd0aca0c622a46398dcd8b9314a3ee2e1c3ca15390e16776cfd29e09c5f31bde51bb3064537f9b8dca98f91a57c120d78d9b558a77627760d458985a9c41c10dc45c808ceb7e531778a6a1f8cc741d2debc0b391089a3ddaf174e4e8fd04d6c388f99cffaa95ba0542203c510040c1baaebfa51ea54d1fc47dc68923e4756710bc3c24c54928eb36b4c1eb3bd863d08c94b13d30ba9d0f950574822e8ac4ec644e", 0xcf}, {&(0x7f0000000800)="f97f0dc235c293f24f82722d691be0f80f63681c4f27b1414b3a630fd29028d2a1c069b65e47b556ff5fcc04d0a0cefb020670bfa1df92daf54a4b432381320d5f691219d6c9e8934018e213f1f6ea0cc83038dd0bfc425b61eb362deb51c87276570846de4e0db0b45f8919c2afe51177011a2556eb88052dd56224c80a06ab64338f9fdeea3b587511c858ad072f5584273b8e04cd4a634a", 0x99}, {&(0x7f00000008c0)="8ce9401e018366e85bc700a97e9870266155989f5ca25ce737510b0ab26d78808c49f2624e0ef6f1993cbd03d7d56afadbc8545569368f0038315c65ae36625d5c5cf1d6f739d38c91a9bf46473a6eca6bc6ed2f38cc9b8cbaa982b01baa7325c2afb5ab469b9246f4557ff3c90488db51d0cb1da2b4ef440b38c69d6d624a68d7cdbbbd1e3fb4ed789a06623b7bdfadba0571aad8c23b5ad4174d1cac381bb676e5ee37686547064ba4341583a0d0ce0dfd82bf6b", 0xb5}, {&(0x7f0000000980)="450e22ec62d6cb99bac5e7f19502ded32f35d6623c2ecbb997ef2f459b5d2a6252e8b16e828e5eb948bf7b0157432718e6a40bd724155da9f33dbe07f9c72e949c8fbac521be2a49397fa9588272315e511c59f1cb1b69fe6bc526004799676b89e69ad553d44b4d312c62fac9a2dbeab4c3e51faea09b", 0x77}, {&(0x7f0000000a00)="9c8244b685c5c4374582f6f2b3bbb50c2da8d404c35a98324bb327cf0deff9b1e668396e9aa7e429045c88094733", 0x2e}], 0x5, &(0x7f0000000ac0)=[@mark={{0x14}}], 0x18}, 0x85) (async, rerun: 64)
r6 = socket(0x25, 0x2, 0x7fffffff) (rerun: 64)
pwritev2(r2, &(0x7f0000000d00)=[{&(0x7f0000000b40)="600a3d0432b402bdebd7a38b9ceadecbbad2c4f8ef1cbf5326807cc5b067b315a8d578fb4d7bced3beda70051e6e96977b3f790dce3ad900726fd40335b59bbef755fe1f2efbe077219da03e9e49c0c1d106041488aa073fb0ce4f932f5916ba7e08c703c9f8797e00227059802a254b1d710ce0045e8523fade03d21b40238c7289ba4f3c5a9377bbdc0248555034389d584fe046ba96974f35dded0dfd173dd9fce4c831d53dc813f410c5649fc4d901b6d35564af008fbb94be4b61c3e461b1cf0f93c827e3959691a9849ad939d0e7eb9f57f66fe4d382f4f830a988bf8baf7a0a721b653e6654bb9d", 0xeb}, {&(0x7f0000000c40)="d8d98ecd3b7610c078dc1452629aa3da294339ab425df264c1ad37fd408d78551953e29addca95db73480525456df762d70e03866d51b3999f706ed1f3a2885f1d5f5c4467bff0a2fac19dc3634c56ef39b33a2f2fbe180600776ed4ba3cda027058dc3609ec97c80142b29c7c4df8a3bb6a9a93415fe89ff724ebe9e9050914484d23e34fcd4f6d2c8f02a1f23e667eace5b7670a842613807285d1a99d8de128152275688e7f71", 0xa8}], 0x2, 0x8001, 0x7, 0x4)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d80), r6)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000f40)={&(0x7f0000000d40)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000dc0)={0x104, r7, 0x8, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x9c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}]}, @TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_SOCK={0x30, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xf26}]}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x4040010}, 0x192c9099ff5d0f33) (async)
r8 = openat2(0xffffffffffffffff, &(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0)={0x42003, 0x20, 0x26}, 0x18)
ioctl$DVB_DEMUX_DMX_REQBUFS(r8, 0xc0086f3c, &(0x7f0000001000)={0x3, 0x8}) (async)
r9 = dup3(r6, r3, 0x80000) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xc, 0x22aa, 0xf, 0x2, 0x40480, r8, 0x2f, '\x00', r5, 0xffffffffffffffff, 0x1, 0x3, 0x2}, 0x50)
r10 = accept4$bt_l2cap(r9, &(0x7f00000010c0)={0x1f, 0x0, @fixed}, &(0x7f0000001100)=0xe, 0x80000)
recvfrom(r10, &(0x7f0000001140)=""/72, 0x48, 0x12020, &(0x7f00000011c0)=@ieee802154={0x24, @short={0x2, 0x3, 0xaaa1}}, 0x80) (async)
ioctl$DRM_IOCTL_MODE_GETENCODER(r8, 0xc01464a6, &(0x7f0000001240)={0x0, 0x0, <r11=>0x0}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000012c0)={0x0, <r12=>0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001280)=[0x0]}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r8, 0xc01064b5, &(0x7f0000001340)={&(0x7f0000001300)=[0x0, <r13=>0x0], 0x2}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000001380)={0x0, 0x0, <r14=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r8, 0xc01864c6, &(0x7f0000001400)={&(0x7f00000013c0)=[r11, r12, r13, r14], 0x4, 0x80c00, 0x0, <r15=>0xffffffffffffffff})
ioctl$TUNSETIFF(r15, 0x400454ca, &(0x7f0000001440)={'syzkaller0\x00', 0x100}) (async)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001480), 0x1, 0x0)

683.886902ms ago: executing program 0 (id=1889):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c832, 0xffffffffffffffff, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0x2)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f00000006c0)=[{0x3, 0x3, {0x0, 0x1, 0x3}, {0x1, 0x0, 0x2}, 0xfe, 0xff}], 0x20)
setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000000)='\x00\xdb\xf9}\x94\xd7\xe5\x1f\xab{\xd0E\xbc\x1f\xb5<\xe4f=\b\x00\x00\x00\x00\x00\x00\x00\xe2\xde\x8c\x10boj\xd3X\x86\v\x8clx=\xbc0F\x94k\x8d\xe0\xeeP\xa8\xa9\x10\xd4\x0f\x1eL!\x82\x8d\x80\xd0#\xca\xaf#\xf6\x95\xf4\xf2\xce\x8f\x8c\xa4\t\xac\x96\x13\x96\xf76\xc1', 0x53)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000140)={<r4=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r3, 0xc01064c1, &(0x7f0000000100)={r4, 0x0, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r3, 0xc01864c2, &(0x7f0000000640)={0x0, 0x0, r5})
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r2)
sendmsg$DEVLINK_CMD_PORT_GET(r6, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x88, r9, 0x1, 0x70bd26, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000844}, 0x800)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={<r10=>0x0, @in={{0x2, 0x4e23, @loopback}}, 0x3, 0xea}, &(0x7f0000000140)=0x90)
r11 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r11, &(0x7f0000000080)={0xa, 0x0, 0x7, @remote, 0x0, 0x4}, 0x20)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)={r10, 0xd}, &(0x7f00000001c0)=0x8)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000200), 0x282402, 0x0)

683.656195ms ago: executing program 0 (id=1890):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x439, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x802}}, 0x20}}, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x727, 0x5, 0x1, 0x5, 0x382, 0x4, 0x1, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2400c8d1}, 0x0) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r6, &(0x7f0000000280)={0x1f, 0xfffe}, 0xe)
listen(r6, 0x0)
shutdown(r6, 0x0) (async)
ppoll(&(0x7f0000000000)=[{r6, 0xb22d}], 0x1, 0x0, 0x0, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180400000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x2a, 0xc, @val=@uprobe_multi={0x0, 0x0}}, 0x40) (async, rerun: 32)
sendto$packet(r4, &(0x7f00000002c0)="05031c00d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) (rerun: 32)

532.885475ms ago: executing program 3 (id=1892):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$XFS_IOC_SCRUBV_METADATA(r0, 0xc0285840, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r8, 0x5411, &(0x7f0000000080))
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000002000100fffe0900010073797a300000000040000000030a01020000000000000000010000000900030073797a310000000014000480080002400000000008000140000000040900010073797a300000000064000000060a010400000000000000000100000008000b40000000000900010073797a30000000003c00048010000180080001006c6f670004000280280001800800010066696200"], 0xec}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'team0\x00', <r10=>0x0})
sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r10}, @IFLA_ADDRESS={0xa, 0x1, @link_local}]}, 0x48}, 0x1, 0x0, 0x0, 0x45844}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001100)={0x1c, r2, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

531.524059ms ago: executing program 0 (id=1894):
unshare(0x6a040000)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r1, 0xc028564d, &(0x7f0000000000)={0x0, 0x0, [0x0, 0x7, 0x1c, 0x5, 0xfffffff7, 0x80000002, 0x800f6, 0x8000004]})
getsockopt$inet_int(r0, 0x0, 0x33, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f0000000000)="7800000018002507b9409b14ffff00000204be04020506050e0204094300080004000000040010000d0068d0bf46d32345653600648d0a0012000200000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f25232500000", 0x78, 0x0, 0x0, 0x0)
mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x72, 0x0, 0xf}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000ffa000/0x4000)=nil, 0x0, 0x1000009, 0x1010, 0xffffffffffffffff, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000340)={0x400000100002f, {0x0, 0x401, 0x63029573, 0x5668, 0xfffffff6, 0x6}})
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f0000000040)="192662dc068ad087e47afb01343dc7a4809915d38a0ed92a", 0x0, 0x18)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000100)={<r7=>0x0})
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r8, 0xc00864bf, &(0x7f00000000c0)={<r9=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r8, 0xc03064ca, &(0x7f0000000200)={&(0x7f0000000180)=[r9], 0x0, 0xea25, 0x4000000a, 0xb})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000140)={<r10=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000180)={<r11=>0x0})
r12 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r12, 0xc00864bf, &(0x7f0000000000)={<r13=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r12, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r13], 0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r12, 0xc01864cb, &(0x7f00000002c0)={&(0x7f0000000040)=[r13], &(0x7f00000002c0), 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f00000001c0)={0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r6, 0xc01864cd, &(0x7f0000000280)={&(0x7f0000000200)=[r7, r9, 0x0, r10, r11, 0x0, r9, 0x0], &(0x7f0000000240)=[0x3, 0x9, 0x6, 0x800], 0x8})
add_key$keyring(&(0x7f0000002e00), &(0x7f0000002e40)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)

323.460783ms ago: executing program 3 (id=1899):
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000180)={<r0=>0xffffffffffffffff, &(0x7f0000000040)='*-\x00', 0x416700, &(0x7f00000000c0)={@align=0xfff, {0x3, 0x1, 0x7}}, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x7f})
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r2, &(0x7f00000002c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x14, r1, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x14000014)
socket(0x10, 0x3, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000340)={{0x1, 0x1, 0x10000}})
ioctl$SNDRV_TIMER_IOCTL_START(r3, 0x54a0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@ipv6_getmulticast={0x14, 0x3a, 0x800, 0x70bd27, 0x25dfdffc, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4c011}, 0x0)
socket$inet6(0xa, 0x5, 0x1ed)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000000075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xec}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4)
timerfd_gettime(0xffffffffffffffff, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x6, &(0x7f00000003c0)={0x0, 0x0, 0x1, 0x8})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000024c0)=ANY=[@ANYBLOB="2000000010000104000000000000000000480000", @ANYRES32=r8, @ANYBLOB="ae1e"], 0x20}}, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r9)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r9, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})

322.637827ms ago: executing program 1 (id=1900):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x0, 0xc8, 0x3, 0x4000, 0x1}, 0x50) (async)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="00000000000000002702000014005800b7030000000000008500000059000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000c80)='syzkaller\x00'}, 0x94)

321.970648ms ago: executing program 2 (id=1901):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
request_key(0x0, 0x0, 0x0, r0)

272.079301ms ago: executing program 1 (id=1902):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r0, 0x8008662c, &(0x7f0000000040))
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
r2 = mq_open(&(0x7f00000000c0)='/proc/keys\x00', 0x1, 0x40, &(0x7f0000000100)={0x6f, 0xa3a7, 0x9, 0x200})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2)
getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4)
r3 = mq_open(&(0x7f00000001c0)='\x00', 0x2, 0x1a2, &(0x7f0000000200)={0x9, 0x2, 0x2, 0x3})
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, &(0x7f0000000240)=0x4, 0x4)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$BTRFS_IOC_START_SYNC(r4, 0x80089418, &(0x7f0000000280)=<r5=>0x0)
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f00000002c0)={{r2}, r5, 0x3c, @unused=[0x7, 0x7f, 0x8, 0x2000000000], @subvolid=0x8})
ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f00000012c0)={{0x0, 0x2, 0x80, 0x2, 0x4}, 0x101, 0x8000, 'id0\x00', 'timer1\x00', 0x0, 0x35de, 0x80000000, 0x9, 0xf})
io_setup(0x5, &(0x7f00000013c0)=<r6=>0x0)
ioctl$XFS_IOC_START_COMMIT(r1, 0x80585882, &(0x7f0000001580)={<r7=>0xffffffffffffffff})
r8 = eventfd(0xffffffff)
io_submit(r6, 0x7, &(0x7f0000002a00)=[&(0x7f0000001480)={0x0, 0x0, 0x0, 0x2, 0x8, r0, &(0x7f0000001400)="47a878c41d0ae7501b61620d46f3e8aa46302b48be818a585207b357a7983267b5e3da1df2c99ff498cc212816aad711183a0115e8d27cac9426d796d34003eafe11f5c8662dc9ecd0df51277addae4453e8b7ac1af76d0cb19c0da4", 0x5c, 0x1, 0x0, 0x2, r0}, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x7, 0x8, r1, &(0x7f00000014c0)="823f79aa8a412e39736102d2d68e3346797ccf4a8a881cf54a0fe768bf0fb6f08d144f93a9a82923f5f1164690963ab55c71916f9eec0c80c4ec3ef4d42d6390b4df0f4f782dc37119722e2505409a4f5fc24a6237b46e660206c6f7cdfb2e9e51dcff38d440f909afc8a979bb2a44496d18c80ee4956fe02b2540f72549", 0x7e, 0x7fff, 0x0, 0x2, r0}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0x7, 0x401, r7, &(0x7f0000001600)="8728f69be63df704fde55827beb1b8957c51e9c6b3604aa71bb75a83e436b54c3731f2e3422cccffe5573ead1b5f2e92e2eb63449e01cbcbbab5df669e364955f9f9da04ff5a4f5019b64fe40ac7fed1a34533ea4170142d3d23be9d0dc30b22940120ae7ced99bf031ea10f16eb5f407b06aa84a449eb0cb832", 0x7a, 0x9, 0x0, 0x7, r8}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x1ff, r3, &(0x7f00000016c0)="0bd63408d179a1645a0deb95fbe4e8080f06eb39cab57215d6ae3d442c54426dbc59030ab8a0dd91c7c7d861ddc7e5332d2a7d0c9cd659d10085e3e5200e07680360f3427e235517f7fc90b1094aedb192e36625ba1a280bcf5f47e7c7e5dfe387fc2129e14adce6912022dd1899157598b69c1a4de401654675c48b1b7c692de002b996c96420335aea384d87625c2d00b671396a15e3fd4cc651e4f5b37500e60aae5cb7d3ad4b018e5ba7f281b7ce9a2a02fc919dc53c125413581aeb3f565ebfb3f59588ce2928f8454f2d9caa012f96d77c18292c4ce5fbab1e279a510c1b67ed9b03a23c05", 0xe8, 0x4c87, 0x0, 0x2, r0}, &(0x7f0000001880)={0x0, 0x0, 0x0, 0x1, 0x1, r3, &(0x7f0000001800)="d44c78f28d536411ca2e72902cfc3649b21e32258d9fcb597be7ec15e67df8fbcee66d28027c34d26e37842039aa42f9dacb2dff641598c5305d7f96c6d10cb5ad485b57924cf07354ad2566014a692c8012f507fdfe99c4c61eb3248005d0f18bc49810d56990f6e1", 0x69, 0x6, 0x0, 0x2, r0}, &(0x7f0000001980)={0x0, 0x0, 0x0, 0x7, 0x1000, r3, &(0x7f00000018c0)="ab6db43d4fb333ecc8ad0f2c1400dcd3c4ecf328d73ffca4e7e7cb53abef6610f658dbba910defaf02c5b55d0036a399da42f66841cdb9c00d6b25114f13f4e8ae4bf6060efa14909083fd76e9e14f3073b99e36f0fc9b1709d3b36b51b5a267275715ea57597ca36a9c818beda98b5a1458a9a50fdb84d5bf2add233b429248883f246fe7e5daf6fc97d73f71cafddfb3123830679dea69aa2f0af3405d79978a086cb1fb0b480a3edd6300851cc415858682", 0xb3, 0x3, 0x0, 0x0, r0}, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x7, 0x1000, r4, &(0x7f00000019c0)="1e9f96e8a444422bed0734db0d278bbd70ce1c8b5fe8364758dc15d5248813339e995fdcac92bba94b0a31070ceb1c110952a5e4dd4412d58517bcd59712926e5877be024c1095d612f4e464cfe516d573b4258dc409c4e4edc164fec79273289e93733624c750d0da6964839b94d8bfcd620014ab45b8ad74ab40f49f2084601cf2f76156e268f22a5fe2353a2216550a9e489da5657aa6ed08833c912954a6881d968ff87df59c772cffe91ac74e3f2ddd04acce04790bc0e543c2df60bb3d981431c0f1a8b5fed9c2d71847a0ad3bd2a4a3bec2c630a6df58a0c6e5768e22e86c8ca31cb59dcf68229310fb1e73c96b5178faa5c374a3863c2e41a365713877d1ce0530bba7391204cfede8278884c73dd1bb7643109ca7d5f349c28a20868c563c458edc1d09b68f60360fcfca0d0e69c75e40c22a81d9a98ac7cedef7d1bf52adfc762a35862a323c23d6e17cbfef6a6dc5004ba95a9d30a809e5d4b60760384c35622e9abbc695bb6f065e5ab3b57aba210cae045499de165b5d2f7ad44cba43b4757680e3b8b65eec61535dd41450dfc00e650e7cf30632a7222e4bed9507422f8471b82696531979946ce4e6b477cd9854addbf5d21ac6da2b10308f0ce79e1118f316c81fb4cdf20dd666ca37ada4c243ef1e9fe029f34ad2e5d79e376ebbac917632815b81bfc71dfa60e57b650ff6409d408a78f37ca869a5c482a4ef26372583e6afe61984b781c7d4581e51c8cb9c07fa180410e382ff2058f022b1a67beb803750f9206c7e522e3c1b92d5617a22f2dda3257ba4e5bd91b866755b1f0056a4d3bf35f112e0929e817d27d2f5163f9d720ae286ee687512f69b5e8653120a43769761d10cb531709226d67dc4ab1e9976f297db6be0f81a92f84c145667b4c8574f5ecbe6224779418426f19e21f9874c06fb758cf5fff4c2b64cd2532bd0a43c2071d86b028d3903bea1ba9507394956a5e7fb52e00c0895827927aef25fa57db55f379e626e04cffef10cfb4957d1a08a745fa96d12923783bd2f0efba4ace148fec25f2d6ce83be23c800b61110c1c1f89dfbd50f172a1e80311f40774363ab7b778dd9770b7e4f160a99cf53c9e8ea79529db64173d056d6c4f11b9735106d4dbdb292a23ad5b2a94c56f69421b2716a899e751f4e05024871e787d2fc0c145c5b98b9f04315a23b7ee56c4c3cb4859fc6333b54603d6f84ff6d726d1e6d7850eb274d78ffd97bdd83042c9551ae01e6c551bce4051f61e7d12c252883ca22c81f7127bafc227a16213739729de4931f8e993b4003f4a00d6d4ee144b2e0d7638379863d77bb3b220b99854767afed95119e150d6434063f7eef0f835d3041c3ba26a583f66bb4afd3449baa064f917947592fb91e8d81cb835c171bfd8b45941d34c0ac070664bd39cef1d61b328d54f316a815cb7d6d0e97eaf90d2ca32b373a35952bdd5585560d0aa49b44f2c0dd27d5209a8a046f0d9febbb4e95267ad5b631ce93a7e083c1a111255a891f0e6fdce26fb10fb4b93994f7201df759c83986861044c54c6cc8a9715b91b704a39394261f444c8b4ff12de267b47aa7b2e72801ab57d1b5cf54a17c1732dccffdb95f23573f7e7edb96f7fab2d4a8c6bd93ed8d36dfc7c6d89f3df8de54465dfc7a726ddcf0d68299dfc8113ca3bfc9e7f230aca255281bc72d2cbea2db2bd39f0fd27a00d75cd17123874cba397ed115faa5dcf12c0686a17e0bb990f91abc69cf8a7826272d15f075f539bfe82f7b358e37a98da74d26cff0e5757baf80cdfafcfcdc94bfe8326b21e26c8c0c19dd39aadba33f8bb5f76788a7f86e9d9286f1aaec683655a5258d27d0ec20aee32048b4470e0c00d779f38fdd44712858adddb0d04d02e7b7101c66c280cb6018adaefa95cfc93e44bdd8814a4b1840dfc95266356b85277ed3dc9de7e9e89ef552701b216d9d1ac29ba14a8afd3621ad65110584ee532f38288c9445bd134c533a1dbb7be1d59205312827fdee8ee4972a31473252ac74e4da1f5a76c5cbca506aba48132c6e101688be18b5345d79584569ae357c01029297a0c69aaf2bb14894348a271ff2f0b0c8bf0427a3e21bd770b7db5c62b1064b787e72aa30d224b33d848930a2232259a72c11ad3eac4ddcc29ac41762f9819bfd343d3fc6ca3e9058218e76730a0c7b235476cb77a3f3abf7725b48f0a0a3bfcc36d667b77bbbcde45abbc191ec2cc169d5506c7c8626ee84a9801d66b71a9e694576ebe4507eb39e31eaf590f919fe1bdd5625b456d692a5f292013de584aba1cc707c334834e40af08c9bca87628d0439d9988c853d81b62fa7f041f8172f21993126363bdb58184ad7374371fb1fcbfa3da56b17ac6b61a9ea9ddba2d546ce7acd2f1e0c863e5f53c7cd52a771c14192b8cbc25782cef3fe4e7e2270baab5679ec0b2ce8d8110b2c91bfe0d3d2b851ec4232a1d1f881364d83ad8e5f717f9c5fa6feda888ae29514a568933288cd1407ac6b78852872afb7f6f70da2f9a4f376f422e9d26c17b4c4db60c9c821ad531a60fbd291e6122f6803f8775a66ddfc46ebc375a122c4c1f228383a2cb73a613a429008a0867837a3d533f7c91942c1dfda9a1c64b5a22412e1399b1e04416e6a2afc5783e13cae9b2eb78a50e14c593dbfc2b1b070b3dc40de4540b99b8c132a6468dac0eacbe5a5ece4d2203c981a2c1ab5c93b786dca7a66a5fc52df9112b16685a76e847925d91b244a3b391b3c22bcce70db305a0a5c3fba6709f7831f5fc508375eec4f80c58923527a26459def8aa2b4515ce54f1f2fbc0b4d33464c9104d9415e864d3210b17003101c0b44f6320f55fe35329ee1c975731054a2a7b44d957dcf1fb523ec570815081762ec6e8e723732d5833cf7cb23552db972631c3c2880533aa17162fa4771cc5ac95e29a5001793ea7a46b99f13eb780b2f9cf06e9fa59188a38cad4e8af930683fa8d3d473722d53c3fcc0e487572a22b07ed38d09466a31883ce83a54232ca9f1859b99e1b68624496e2d01a1c196cc04a0dff92776a56c68263789def5e47957b2f9922bd4969ecf26a1777ed0fef1966d7a98974be019fd175a87dd6d16e138d6999d5ae6162222bb10cebc1d542954e882586125577dd65cac6d7d9ffbb5994f9fcbf8507c42e7401d6153bac5072a8f67880727f1d30314e70f61a4227c64df7dc73b151ca69e980957f4f20e2fd7f572abad17026996dc898f95184857232d64d36b91f3fd7f08eba9a9bf86d96905a52a40c9ca01d9817b65fda40fc91ffc4f175911687445de0322eb2b5484acb5906c56e2102510c7ca571d636cf7978f33ef491830741dc82215d1cd820d7c37554f4d089aa0037bf3b7e22a50cf1637630676eba271f64d0858f41c44da0d1be6977c839c9853a1722588fc3874b84b8c937ec8997a2e6a5e6fc3fbbd1eda8205899acc6b0ed6730bd57f37ea41b3763804a4fbf1923e0ff89412fb61585f930185e4eec752d0cdd9d8590cfea08292a8450a21960b4a272ae1ae373b77c8c3b3f8a6c94b48288d2cf23373e75d1146aa2d4132a05fad8d8b9d0bc483b39f2645f36ea99985dc77a32d92302b295bfaa2411c88475c63e31c33e6af1fdb7682e27d0aca7e438e44920f0c23d5dc77488047eea226af50e8a127713ae74605a0f12858a797b5a6568f8335fb375fd9a2e79fb2551742c402814fda2dc81f9f4bdcc95d0837e597fa1f3a2ae9d4e4f9eab5c7768fde2ddcfb37270d1fe3d33222639b96ca1643f359475fcac0671e2826c0f6af106e16df0d308610f1075801a8ba2c4910514cf6dbb8d9690453ecc7be6678fbb8102f0ba757832c995aaab096f3314b1f2d89cf163a4cb73f9562edfb3ce34c7b0300c10dcf8ba9efd90341529bdfcbaf9dfe3181b0f9e792a0833ac265efdd3d681a6ec9f4abd332758dba8bdf3169315c9d77080568fa12b5bc9a28b390d974dbcc30fd366f3ae6598011ee53136663f62da9104089d3e254a92b165eeadd770d65839ba5e5b9c12af06beec0877fd08539b437f812dba3b74c2583683c3d655e364dafae7475341b0f454c4e94b6b4bebe2f5d8226682284fb3d042f486b5105b6fe83a3b8e9b1c33dea9f1506913091a7af486134cb1cd8f3cf8149bcacff4e6c21f68c227b1f4513c3b88327e8bf458eeea9644df97df89ee73597f33479846f0528e18a96eb11d0141cfdb381965813ab0f5f49bd8d6870d223ad6a2cfd8123c6d76f3e590c09928ec482b976e91366b233335877d254915eddf60aa85529cc688fe184f594a18b15304bf0ac484c4e8d6a9f63e3bd7428f3e290843d6ac38aad6f9c28546b7b055f9bbea88fa0d7ac8a1ac58f6c3986dc12ba335d44fc6f4054d401feb10f5a2d7cef0ef5b418cf35e2b09dd969a11e4c47060c01ca103022b74fc4f3d75f6746627b76d6e5d6fb3aadf0dd30a4a06d6709f79d5b1d0e1122914b9178c5780e0b7e2f712a02e99483fb8082bfeccf9e3a766ae6f3a8b7dfe290507fe26fb262eea4c0a9926444a4e4b2a189b21da26f1eb6bb58357d000219817fe94e7bc18d87eac40ee50b7c5f2c6914531c747bc00bbad9e464335fc4351ee2266c5991609aa335bf34343331748d1e2729fec01a21b94fcb31d9e4fff263e2b944597f3a563a090a3f2af9a2109811594a89597169398bb947b8bc7757e5e4edcc0d4e5824cff723eb936ae482a0e7bc5367e9de58f09c8efb1382a198ba59966f6f453cd83eae99ff0cd2fa90c205dde981619294efd2ceec332c232e0fe76c610bdf2ed8d82647753316bda73abca8cf168d1bf17f261c505bb1a33c27e45018270e307f455d1af3cf133bba32e1c5655b2a113911cd1a4ea1104f282f91764c8117b00a1946f266d42df1942a98735b96270e98621d0ce707c27af29461260ef638b1b46af5401efa3bbe316713a6416100bcca9c0a0c6a3601235da01cdd4cde47b9aa9acfd075a4d507637d8016f1893295301bfcf26c3382af637b0930a24933e3edea3c77b3f12f73ee9bd830b2c2421e119bd20c3ea8af68a74989abf0259b299586373f3aee00d01257453eab5965cf3a586d5140d9248ebb6a1016156f618c5d2d835605e436e963cbedb20e31c3d68bb624b9325426af5310b38ac38e32fcb7d53bd37b347f7ab098af5b401e800822cb78aa74eff6a16b16d6e4fd2a81927b9d2dce9bf1236e3d46fd63cc41bdea432978aa5fe03e53809e44d08674b5479e2820c2de67704631d8bd7adfedaf5407002548bc870450a8d3ff8c5aaafd6d6103d8e3e2ce02fd28e361a1cabf53afbbbbf8506d1d0b5e5f7cf88c6bb97f0c3afa0d340f53ca951ede32dcba0c6c72300581c3793d84b7a7c3fd7286b3ec1139f0c58f66a0d8675204f4bb5e44a8529a993271e4b40338f56e8516ac745fd9f8d5aab707bb07dbc1cb9c96106bf5a6e46f6aab729aa235fef48db1883cba006260079195841aa90bc9914a04d5899335acf8b53feae4295d4685320b8d6c2a1094b053d42bf64737647a0e141cff9c26338e838c37abd75095867b688e76a4c819ef544ddfc4895242c32a4ce6f8da83182c28e22ea2bc1886dd6cd3018e9618e1c377b732eacf25866c3e61e8175a3770f71cf60a8a9e4619451e86bf1c783c2d479a8bd334bb9b657cbea2e7c6fedc9720393fa4613f250d3379c8d8efc2f518c6ec1f8048c59131426de785daa81e08145be51f92e2b4b0547f5dc1bc669b76f7e897a72f18e230374908adb2747356fdbc9", 0x1000, 0x3, 0x0, 0x3, r0}])
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000002a80), r0)
sendmsg$TIPC_NL_KEY_SET(r9, &(0x7f0000002cc0)={&(0x7f0000002a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002c80)={&(0x7f0000002ac0)={0x1ac, r10, 0x200, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xbe}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x57ad}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffb}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA={0x7c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5d9a}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9b2a}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xcd0}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_NODE={0x1c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x6c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x249}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "423d306b2bc575c6e8edeb01104c700c4381b5a5974ac5dce134198f2f0cb9e1ce142655"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x688}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7f}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}]}, 0x1ac}}, 0x4000)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000002d00)={0x8, 0x6})
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r7, 0x5000940a, &(0x7f0000002d40)={{r11}, "c00fbba62ad883e1924924775ccadac0f604cede18a20fa0a3fe59b4f62e8ae85f240788b589e2c71ef8e9858f3ea016029d2ee286d3620c3d0fd7e7d97357596c18879db44f206bb88fbc997df246d492d06398695ce3b82173068fb1f73788c28f7a63f6f63b82fa6877adf1b079d71ed7bb4078ad4452c82049886db400bbdf2b65fb5dab2d42ad4933153688587786da1bb7b7bb4df25ab6164b8b4b4531697eadeef393b8e2635b4280713b8da3070e2d3a7116e4f1dfae9647929afb5a1583c050cf270ffc10885d916783e198d3662992a916295cdb8aaa8a906c87ad5be1c3419f587f35993e3ed80e21054afed877a5f7dd2e1a2c481c5d4999e068e4dca8090f624cce929d3f36ef63f1b929166c075d4c8bc9b065a65be368c620bab6814dab346b2ee004b09139badc91920289526f8bd83df872640b11ee4307fe7a8a4afb102a6b0ba8a7982f0ee26de5e7f75bd99f054ec9c63416f5b56ed7b1e2c50233797506ea8f34c53ed0e4c9d39b88d19583fcc305b31eb7b9f0f10fe1b75cfe541d6f81170a998fbe774e8b5c2420ca8e321e3aa443ace25d0617aeb9c30a86e27c3114da48a2175cd7bc5275ea3453863d5994c39875d1b07df46e711b34830b449a2c828bbe20375cb1ed7537d45b776d9a64c7d3990ebc47f0eb37a733879e7f23fb9716429f1cc0fee1714c9e316bf821f443b92e1283905783f8d0ca29fb2fd26f2fce16dda948f1850456ad3e0510aa87de310e8ed2641f008e09512ae86657a90047bbc467c91c7f9aff2fb525433a62c990522b3bc11285df4f973f718dffb52726f421b90b0e4173724b8b7a3b78fad2b5951edbbc02a27da08e22335c819898ed3e90e0cf7565db7fc1dda44319190544432bf3c8b843edda233d5a774b1bbcef38adf55a07f3ad1099e3d1b729ad90eff2730216d1baa4e3c2d51aae9ed7ca61dc2ad5a4dbaa7f1c5c73e3c6355287e1d7530f93607ee1ef4d2b49c2c053fc3a456782295413452d5bad305097634ccb142bd538179018da333107a4b048aefae9cf9714be76c5525fea43ec727eb2ae61cdea62f2675f1f3b92c523db8450853a9f4e10345e91260b3c3fe021b11ec515a878a4a20608c5a77c66140dba103cc37611b4fdf266b79cfb4012c23234abd14c31ef7677615e41ce0da479d4a10768604d410c115d56f58f1da0a82bfd43833ebb9a74f31d1c7b5aeec70a0a9711ec8582cd752bb8e9a8eb6ebf2531fe3e4821f8a6f0301b5dcd6c110f71fa1db5d57de6d05a4a45762d93c933b4438d21fb499c3861056e385b95f3fb22355638882182e583b6a29c3e9b7520fd679efe77d2df437c8c8d441e90ec59cd20e1bca71624f35d331a6ac0e2ae4586c6071bf2fe58733936cba22bb0caa0d1af6de65bd3a324c474b539a5c16425df558b5bdc46d6aec3773acfd9426774004dc655c5bea5a7b467529472c2d01fb79e1dc656ea1d437ea679c6a91681d90ca43ddce64d042a91183edd201eea0078d48ea94a80bd029f359a993f3a7b640e5a49764bee0c2fd0e8c4ff90acc72e99bc8ecf1aebf1a5c404e22880f1bef010d7f913212c86ac1f794aca5a806b984fe93ca5a0bee9a2cd033409139151c6692679b903afeb14268a2f4a12f2b04c723a8b6fe1113ef9553a9addb69f21c8e8dc6a8242b555aa79d477b9c4d5d16bf5f5ebeb5763dd8487015730be72f7f6b99654dc8e58a155a9580b4e21c3d30672d26425e89adfdc374a0e3da71b5afa6142b63fc9e7585f67e7476485fc67f44d629e605a5ee974df6858780ec07002fda9b66885b2ebb25842949643bd089dc7872e9ea9d452052596569fbfbb849173b4d9622ed8147256c4d3d473d966183d59705108bb851cbbaaf3710e27c29a4927ce7779e2947c796488f9848326ede3c008ab443550ff962f07ff9256d0a2b3ea41c86f68fc2503562aed65bfd1dfa22e9c0ebb99d129b2283ef146c19578536025ff1bb172e69433bbd00454a314f99dd24a06349f618c87e97019209729201342f3d02f524b0bb391906cd33fc9f4e61fedc0fe4fc99e96f0f214b29ddb768c07d770d93053b040ea001b2d321d28b7d49dfe86ff9185c4b5d9ba33d24401908739a2ce6b3a277dc13cd1714f0e3dee63b189651fba64d520a2f978f78929a49a2681dd436d2b8104971383e16e6a9ba72d3a65f6673fe586b3263017d5bda944d5b5cdc8af393f0117826e010a577acfcb61864b4ea82266fe843e7a37c7aa40cb24acdf499070e39933734da2efd582abbe509058f4b333613becf7273aa915ce69eadc0566e8c479c163758741d0b198b38dab7acc7c1cd303e699de84df0b835bc0c36241f1065e0f30c20e4ce109707fd9b4111b2fcdfb0b7fb8b16f42131d3913646f495087791de04e30e6afe35cdfc2d4174feddc11812ac34fa1edf9411a47aa6f42e8614b73804aedc5b332a795597bfe57e449fd916df39b43a171d84dea9b251cb50ec7cc6a80457f8c00694be1c8c074c15a78dbf23938eaa870a666df10998fdb8fe478cae4ec7f158ff18a5f61ca6e82b1c2090b799a04bf783586dcbb9fbf4a33a876fa3689a722ce2c7094a900fa487da833dc68624d0dba98b2bae5b335ef86ebfbec32c799650a9a290e21beb2e8e9f259a4754a4ba53d075daa03e99a8949771f448abeaf6948bea3bbef029cbd88843545f4e83c1a33df70c8ff023e9f5190ad6afed638f431143ee1dc7e0d35631586d1ca0b351b59835214562d76a429527e326d9b7277ee58538a12fa9f514f19d0ed83021b277753c5dbe8d76e7ada41d1530a667e3efcb5daeb705d9881d9a70d09f89e4deab34e590840103212b54e523582ec3816ec770dec4b27ac052528e86394a158c180d0989e2cd3740551c74c1abc2d1e0a9531a5b5a9ae3080cea39715a65b7987ec00cbbbb3110a5882cdef3c29a151d95c77bc856e40637524eedb493f381a2f5b71fbdcced07dbb844f1a83eba650b1be44fed274498856918063f3755c6c348b8c786c7b4c3fb67ffc763a12e0e6f3d3786d531142cf213c70a736194867f33ffd8b6b6a29429dd50bf236504b620ce59465bc16a824a59ed6ce27a2c68178bf56c01d2a6deff1ce9688d474bae0b7c718d4e36d4ae0a906653f7559a845874557422f8f78e363ca107c4575c4d2ccbf2be17056b4548b4dde276b328f4589c158769e4eb24e9edfe8d7cf17457f575b33280e1a5c40ff0ec1ce0be6f12f4c33258a715b9578347f430936947a503c1e5f936cb67cc05016d3f2106a5e1b184bb0794f24eb9791cc4224e2026b0fac2e825946b90af65456143be3d76d43c2b1a96157ab8af5723df0595b8ebec51a98a753c39c4392d8345f4253bbd64ec15825230e6c0325173a0a4b48e0f571fb2516ecd937e9cff1798908efd5169f5e285a5428f2d18d03c9b36addc0c06a3620af92346b6571c04609e85b989e591da4984e4a6f4c98ab909ac200ef3c2b8c13e964e1dcdc56d8e3283afe1ebf5f1ebf25c2d7cd07d32a2125a9c93408118e46e81332322c366ce70056712eb1df06ab30f3e0739554a61bfb4826426a83779e0039531d5ce7b1b366baa2db4c61d9daad487e3b900069528cf33ca659691da486af9c6cfae6c74d4f308c38b0a2c890e33b7b4424f69a91e826fd76e89c17ce269be9adbc6c7038d94b1c804f56c2fa888a9a57eb1caca3a849bdd00f832f3abf95ad7f58901b9a2554eefce78045eb30457f961148e39f807aff81dae1e4f3fddaccbc9c84f3bbd11ff2a4597c5dfbf0d19feb414251be69c5319126effbd6e5dfc2695646b1f1a4fca916daf0c5a81b8b6105e920f610608cd302e94f1761a26bc394f8a22a2cf48d385c5b70b7198b55df2e1c93d6d559634cde04b233972c78d4199c29109ac85cc2129cfc508bd1547d5b75ca0b78da36a6bc91bdc49a10ec0a89983af37cea22eaecc3e343cd5f1e64c00d4db6483b3a2e5dbc0428f2ae91b5c91c3a06ce92024de4ece1ae75e7b63f15505eb0d8ca95a6510b7c62f37154922f98b04479b953588cbc725e6f44c5ea9cfb5b4c5910a9626200a7b1f52296a4f697eb2a6d72b330afff5bb654c430f142f78c105fa35be9684c249ea57e9cfbfb56615fb79190e45d9cf22c946c4dffb8532e5035dfb3225eb306abe055378aa9e1969865fa4c9d9fd5e9a1a5383d8b4d5ec883a24b008b68dbf5886cfbde28a497c1555652b447aa50aba83c84b1d7c6b90fdc34773c6d2ecd5796cd06658dc9fd0d0c60de4938637e63db8dec556ba5a69ff2c305a61c837cd21c001e06c0e3cd3611146036cf4515ae625de95b5c562143cb8d3feb12271850f62c3141fa4117e630de833959eebddbc34eb5865ebd9d475b2c785c3656f57a27978819e96b4bbc46b02f3bc35730112792e752c727843ecc3fc2df95c30f33105ea997e34684ad0eb314b385afc4d9815f3ea1d235f7013eb761ae5a89181d003d03619dec28bfda60903094990b15b482e1f9e020f2f1f248dd8e06cdfab4c0533056fabc24c4672981fc3472b47500336af08f76c68e3941afb71cac220423603be5bce3de7a63a8f639fd73e820e0b8b27b7539ed7b60d5d15136228b359fa517516d744aaccbae5369e1c7aa2b52879ea650ce0b4fcc762610db5e527a3ac16daebec2eb579197c0aebcf774427b378c7f0ca904c44672a03438b8942d0f05c8acef54f84b6fbf1b78476d97cf6a8282116f16d4edbc8a42cf185da1f072f0c6899ffae6ade223883b6ed2524506f9ec06755e36563520e7d6f85515f5ac387ff1db5f6277bbb662adcc59a65200707c0d58f0933af649ed431041b3edcc30f1f36bef6ffed0d0b9af92476ac792e7f34376ed4ad897a4f53682a0156d0825d6732979d0366bac9b361ac23f582405191bf3f617711e78d3e45f3419666b23ca0fe62661f1fbabf5df671c08d858e7912c27b46feeda0704dfa24a9787c65f55ad77cb9b4d32f265b5afd214b8ca0bf31609c1a29be2aa6276c794cd550ba8bf29503265a4b5c6c2c3afb047f31f72fef8fc1d8a6efadc984c1797ecfcaf7616b424a36a591a9827e8de89643d6a94b6a073a863d580e7fc88a615c42d9d70e70fda6c23e14d9ad47a3396c17c7e5e45322e469ad871e7c9a4bfeaa56f462400ace94394476a9557b61b0e0378529594db48fda32d05faa174d4e4a99d7f32b1774e6fd6c41979834732cd1c763b81b74fb00836ca2a482cf00587c1925f1a01dcaec1aa9189c7e0b98db2b23dfff0779d9badb79c752d8b30fa2af550b6cd9dfc6177a32524332b5893230d9bc6a9c59c44de27a0a85c5950687f3909165c492e194f73494e6a389879ad5f4b09a75836cd69bd8e9510806c83a987d50cfb62edd32e8609c564a796e87c09ce8976984ea016c09ee6647edf70d1b46b545b57bbdcda98ed17f01595bfffb8cdb561f18bee111eca2eecea5d0a6abe03e281e62414be552f84d450dd50504117b53c1638dee6bcf05774aaafd98510fb3dec0d03f4199e2b703196859c332c21a6d2a40c55ed07daba0bca8f6fb03b137d1b42832f404912ed2072e9e26bb4141f0143208d235d924f5c499ba5d3be8f67010a564a97b618edb2839ac358cdc88b4b20763be518dfb2719dd90ea3a75e767ee252fdfd257253d7da5889a17df6c033daf5ecf5b2996f12773c994610dacbb79c308bb4dcf770620cec97d347cbf0099fbf1c63280bee43a0ba398f1a6771"})
close(r4)
ioctl$XFS_IOC_DIOINFO(r3, 0x800c581e, &(0x7f0000003d40))
ioctl$F2FS_IOC_DEFRAGMENT(r11, 0xc010f508, &(0x7f0000003d80)={0x3, 0xa1})
ioctl$BTRFS_IOC_ENCODED_WRITE(r8, 0x40809440, &(0x7f0000004140)={&(0x7f00000040c0)=[{&(0x7f0000003dc0)="4bc872f51bd0b8df57877e2c0a0e6857895e51bd94a2992f1f22880fd698efe6b65938d9e74a18711da64dc07466666a438a71b61a375a602179306e3ce40a207f889807087ead1d892fdb97bd87c8b0bf462273e1f4a918d4eda5a834bbb52c9216c9f9e9a919ffa799518407101d", 0x6f}, {&(0x7f0000003e40)="ab2d23d6", 0x4}, {&(0x7f0000003e80)="503deeac34399de57028ffb657428469c714ed8bf70ab9cf2c82750927b8e7111bfaf40a592a50a02b2a6df54cae3c333efc2872aa2865c3bacc12f259a90ab6bd4b5b82074d39c27e06409d5211745965a6e6f1e64e81c6f4b2d2cffd2d6cebcc1a58e87db5", 0x66}, {&(0x7f0000003f00)="1556c66141c62413b878782178cd870fc4d9adf0db29d99ca91eb6efcb5d9ca2b119a42cab653581c06a9c14a1cee39517dc2db449653ea29026", 0x3a}, {&(0x7f0000003f40)="d21417f4613e012543b7f52e8471c36b1d6dc01e9c817e32947bec2fc358c2067d2be271d534faa72b158cce8bc5f7c1e4b96d9f891d9d3dadd556e43c894876d9cf8a750e5e3eff13d6d7d0278e59cf7481c29b9d4ac7f96940be4f8e9b3fee034aa15c1fd8d3b00142628d29fbb029533b10e05a963cf376b18a6ee691984cf7c1aae78e3f98976822259916368d886b99b3184ae0de2e1af0475dfe6b93384bc25609285b8eff7dc946254d66d952e5efda6bb9c337166a4122f0f20668213399a6a72370a80bd0144942983a3b7ab355da8eed301eebe2441bd4", 0xdc}, {&(0x7f0000004040)="0d6d7f207fd750ea8a223ab36861bbe77b7f3a9412132590c47ead0172ca0a5b3104f7ee845b7ce7edd97fa614704007f07a723d5224a8d930e84562d0539ac7a656bd1241b7e487493477f0dd824ad8370885e72c4d181af620d623dfb41344670cad2b62bb59d57c94345483", 0x6d}], 0x6, 0x9, 0x0, 0x8, 0x4, 0x7, 0x7, 0x5})
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r7, 0xc1004110, &(0x7f00000041c0)={0x729e71b7, [0x1, 0x10, 0x5], [{0x5, 0x6}, {0x800, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x1, 0x1, 0x1, 0x0, 0x1, 0x1}, {0x9, 0x2, 0x0, 0x1, 0x1, 0x1}, {0x24, 0xe62, 0x0, 0x1}, {0x0, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x1, 0x6, 0x1, 0x0, 0x1}, {0xc, 0x3d2bc68b, 0x1, 0x1, 0x1}, {0x8, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x7f, 0x1, 0x1}, {0x101, 0x1000, 0x1, 0x1, 0x1, 0x1}, {0x9, 0x69fcaf28, 0x0, 0x1}], 0x4})
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000042c0), &(0x7f0000004300)=0x4)
r12 = fspick(r0, &(0x7f0000004340)='./file0\x00', 0x1)
fsmount(r12, 0x0, 0x2)

271.555264ms ago: executing program 2 (id=1903):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$OCFS2_IOC_INFO(0xffffffffffffffff, 0x80106f05, &(0x7f0000008680)={&(0x7f00000084c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006180)=@freeinode={{0x4f32494e, 0x8, 0x10, 0x80000000}, [{0x0, 0xf5f5}, {0x9, 0xffffffffffffffff}, {0x200, 0x6c5}, {0x8d, 0x2}, {0x0, 0x8}, {0x4, 0x4}, {0x101, 0x1}, {0xe}, {0x9, 0x6}, {0x11, 0x101}, {0x6, 0x81}, {0x1, 0x3a}, {0x7, 0x2}, {0x0, 0x8}, {0x2, 0xffffffff}, {0x1ff, 0x8000000000000001}, {0x7, 0x80}, {0x4, 0x1}, {0xd8, 0x6}, {0x3, 0x2}, {0x1, 0x8}, {0xfffffffffffff800, 0x7e6}, {0xe7, 0x8000000000000001}, {0xffff, 0x2}, {0x8974, 0x15938ae6}, {0x8, 0x9}, {0x7ff, 0x1}, {0x7, 0x81}, {0x1, 0x2}, {0x0, 0x2bd5}, {0x10000, 0x2ddc}, {0x8, 0xb}, {0x70, 0x6}, {0x77, 0x3}, {0xfffffffffffffb83, 0x80000001}, {0x8, 0x3}, {0x5, 0x6}, {0x7fffffff, 0x79}, {0x8, 0x3}, {0xc, 0x8001}, {0x8, 0x2}, {0x7, 0x6}, {0x7, 0x5}, {0x40000000000, 0x1}, {0x40, 0xffffffffffffffff}, {0x4, 0x3}, {0x5, 0xc}, {0xe, 0x7}, {0x800000005, 0x4}, {0xffffffff, 0x80000000009}, {0xffffffffffffffff, 0x3}, {0x6, 0xb846}, {0x4, 0x4}, {0x8, 0x4}, {0xfffffffffffff227, 0x80}, {0x8, 0x8}, {0x5, 0xfffffffffffffffc}, {0x5, 0x8}, {0x4, 0xf975}, {0x1, 0xe7}, {0x5, 0x1f}, {0x0, 0x4}, {0x8, 0xfffffffffffffff7}, {0x80, 0xa59}, {0x3, 0x6b4}, {0xfff, 0xea27860}, {0x888e, 0x387d6368}, {0x5, 0x8}, {0xf93b, 0xfff}, {0xedd5, 0x810}, {0x1b, 0x1}, {0xf1, 0xffffffffffffff20}, {0x6, 0x8}, {0x8, 0x3}, {0x0, 0xfffffffffffff211}, {0x7, 0x9ef}, {0xffffffffffffffff, 0x6}, {0x9, 0x6}, {0x8001, 0x4e}, {0x3, 0x2}, {0x0, 0x2}, {0x9, 0x6}, {0x5, 0x6}, {0xb, 0x8}, {0x8cd9, 0x86}, {0x3, 0xe}, {0x9, 0xeb}, {0x283, 0x8}, {0x80000001, 0x7f}, {0x0, 0x5}, {0xf6, 0x8}, {0x5, 0x7}, {0x6, 0x2}, {0x6}, {0x52, 0x3d}, {0x7fffffff, 0x4}, {0x8, 0x30e}, {0x3b6, 0x4}, {0x5, 0x1}, {0x4, 0x5}, {0xdd, 0x4}, {0x7f, 0xe}, {0x0, 0xffffffff}, {0x9, 0x8}, {0x1, 0xfff}, {0x4, 0x8}, {0xffffffff00000000, 0x80}, {0x8, 0x81}, {0x8, 0x5}, {0x7, 0x9}, {0x400, 0x8}, {0x5, 0x7}, {0x80000001, 0x401}, {0x3, 0x2}, {0x9, 0x80000000}, {0x9, 0x3ff}, {0x4, 0xcf}, {0x6, 0x5}, {0x1, 0x6a}, {0xfffffffffffffffd, 0x6}, {0x6, 0x3}, {0x1af4148}, {0x66f, 0x3}, {0x4, 0xc}, {0xa1, 0x3}, {0x4, 0xe}, {0x1, 0x800}, {0x6, 0x5}, {0x6, 0xa45d}, {0x9, 0x1}, {0x3, 0x7}, {0x3, 0x65}, {0x6, 0x100}, {0x6, 0x280000}, {0x0, 0x9}, {0x7, 0x5}, {0x7ff, 0x2}, {0x7fff, 0x40}, {0xffffffffffffffae}, {0x6}, {0x0, 0x4}, {0x100000000, 0x5}, {0x10000, 0x9}, {0xfffffffffffffff9, 0x6}, {0x39a6, 0x101}, {0x2, 0x4}, {0x2, 0x117}, {0x4, 0x5}, {0xfffffffffffffffe, 0xffff}, {0x10000, 0x8}, {}, {0x4, 0xfffffffffffffbff}, {0xfffffffffffffffa, 0xffffffffffffffff}, {0x3, 0x7f}, {0x9, 0x7ff}, {0x4, 0x1}, {0x3, 0x6}, {0x9, 0x100}, {0xe87, 0x8001}, {0x9, 0x7f}, {0x4, 0x1}, {0xfffffffffffff16e, 0x4}, {0x5, 0x1000000014}, {0xffffffffffffff9d, 0x401}, {0x8000000000000000, 0x6}, {0x9, 0x2}, {0xdb, 0xfffffffffffffff9}, {0x80, 0xfffffffffffffffb}, {0xc1c}, {0x8, 0x100000001}, {0x10001, 0x4}, {0x0, 0xff}, {0x5}, {0x3, 0x101}, {0x1, 0x4000000000}, {0x8, 0x8}, {0x8, 0xffff}, {0x7, 0x8}, {0x5, 0x7}, {0x4, 0x4}, {0x24fe, 0x7f}, {0x8001000, 0x5}, {0x1, 0x4}, {0xfffffffffffffffe, 0x3}, {0x7, 0x7fff}, {0x4, 0x3ff}, {0x1c52d055, 0x3bc}, {0xfffffffffffffffd, 0x9}, {0x3, 0x100000001}, {0x7ff, 0x8001}, {0x9, 0x7e0}, {0xdaa, 0xffffffff}, {0x5, 0x9}, {0xbf89, 0x6}, {0x2, 0x10001}, {0xb, 0x4778653b}, {0xeec5, 0xffffffffffffb3a3}, {0x1, 0xf83}, {0x3, 0x3}, {0x8000000000000001, 0x5}, {0x8, 0x1}, {0x4, 0x80000000}, {0x400, 0x3}, {0x7, 0x7}, {0xa5f, 0x6}, {0xe, 0x8}, {0x1000, 0x6176300}, {0x80000000, 0x55b}, {0xfffffffffffffffb}, {0x3ff, 0x5}, {0x9ad, 0x4}, {0x66d8, 0x10001}, {0xffffffffffffff80, 0xfffffffffffffffc}, {0x80000001, 0x2}, {0x4, 0xfffffffffffffc00}, {0xfffc, 0x4}, {0x4f, 0x312}, {0x7ff, 0x9}, {0x7f, 0x1}, {0xe3b, 0xf310}, {0x6, 0xffffffffffffffff}, {0x7fff, 0x8}, {0x3, 0x8}, {0x4, 0x4}, {0x54, 0x81}, {0xb563, 0x9}, {0x8, 0xf6}, {0x8001, 0x5}, {0x8, 0x80000040}, {0x6, 0x8}, {0x100}, {0x8, 0x2}, {0x9, 0x9}, {0x8, 0x3}, {0x8}, {0x6, 0x8000000000000000}, {0xa98, 0xf552}, {0x8, 0xf1}, {0x7, 0xf4}, {0xfa, 0xfffffffffffffff8}, {0x8, 0x6}, {0x5f, 0x7}, {0x3, 0xd}, {0x8, 0x400}, {0x6, 0x7}, {0x3, 0x9}, {0x1, 0x14d}, {0x1, 0x7fffffff}, {0xb4ec, 0xf3}, {0x12000, 0x10001}, {0x7fff, 0x9}, {0x1, 0x7ff}, {0x7, 0x8}, {0x2, 0xd49}, {0xc4, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x32})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000002240)={0x20, r3, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x80)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setneightbl={0x20, 0x43, 0x7f343dd74644d465, 0x3, 0x25dfdbfe, {0x2}, [@NDTA_NAME={0x9, 0x1, '\xdb\x06u\xfb\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x2400c040}, 0x400c024)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0x8}, {0x6, 0x5, 0x0, 0x7}]}, 0x10)

271.290834ms ago: executing program 3 (id=1904):
r0 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
r1 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
write$binfmt_aout(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad00000a"], 0x125)
ioctl$VIDIOC_SUBDEV_G_FMT(r0, 0xc0585604, &(0x7f00000000c0)={0x0, 0x0, {0x9, 0x0, 0x3016, 0x7, 0x1, 0x0, 0x2}}) (async)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001c00)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x1c0, 0x12, 0x60a, 0x1c0, 0x202, 0x290, 0x2e8, 0x2e8, 0x290, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2}}, @common=@inet=@socket2={{0x28}, 0x48}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000040)={0xffffffff, 0x3, 0x9, 0x7, 0x0, 0x2080, 0x6ae0})

182.388656ms ago: executing program 1 (id=1905):
r0 = landlock_create_ruleset(&(0x7f0000000080)={0xc0d8, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x81c0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x1, 0x0)
ftruncate(r2, 0x1)
r3 = socket(0x1e, 0x805, 0x0)
r4 = syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
readv(r4, &(0x7f0000002b80)=[{&(0x7f00000019c0)=""/4096, 0x1000}], 0x1)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000001500010300000000000000000a00000008000200", @ANYRES64=r3], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20000080)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002, 0x0, 0x80}, 0x40)

177.617263ms ago: executing program 1 (id=1906):
r0 = socket$nl_route(0x10, 0x3, 0x0)
memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x2404c8c0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xe, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x6293a, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40845}, 0x4000000)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7b13000000040000300012800b00010067656e657665000020000280060005004e23000004000600050003000b00000005000a00"], 0x50}}, 0x40800)

177.140135ms ago: executing program 1 (id=1907):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r2}, 0x94) (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371c00000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0) (async)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f00000000c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x1, 0x803, 0x0) (async)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r10, r11, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f00000001c0)="440f955324400f08c461b32a95006000000f08400f795f8f36ae0f20c035020000000f22c0c4017d28e248b800000000000000000f23d00f21f8352000000b0f23f8660fc7b52de10000", 0x4a}], 0x1, 0x14, 0x0, 0x0) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r13, 0xae60) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r13, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil}) (async)
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r14, 0x4008ae93, &(0x7f0000000040)=0x4) (async)
syz_kvm_setup_cpu$x86(r13, r14, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_SET_LAPIC(r14, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_RUN(r14, 0xae80, 0x0)

124.218467ms ago: executing program 3 (id=1908):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0xffff, @loopback}, 0x4}}, 0x2e)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x2, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)=0xfffffffe)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x106f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x6, &(0x7f0000000180)=@raw=[@btf_id={0x18, 0x3, 0x3, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
ioctl$PPPIOCGNPMODE(r5, 0xc008744c, &(0x7f0000000080)={0xc223})

114.479735ms ago: executing program 2 (id=1909):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2}}, 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x63)
write$P9_RLERRORu(r3, &(0x7f0000000300)=ANY=[@ANYRESHEX], 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000240)="98750f50aade73db0f0100008005f4ea", 0x10)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, &(0x7f0000000000)="439e10b5498d94e3c3750f4f4afdc6b3", 0x10)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/hibernate_compression_threads', 0x48a82, 0x0)
write$sysctl(r5, &(0x7f0000000000)='7\x00', 0x2)
write$binfmt_misc(r3, &(0x7f0000000040)="d1f59ac3", 0x4)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, r3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r6=>r1}, './file0\x00'})
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000140)={0x1, 0x10, 0xfa00, {0x0, r2}}, 0x18)
r7 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x1)
getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f0000000400)={{{@in6=@dev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@local}, 0x0, @in6=@private1}}, &(0x7f0000000500)=0xe8)
quotactl_fd$Q_QUOTAOFF(r7, 0xffffffff80000302, r8, 0x0)
r9 = openat$null(0xffffffffffffff9c, &(0x7f00000003c0), 0x40, 0x0)
read$FUSE(r9, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r7, 0x0, 0x88)
r11 = openat$cgroup_int(r10, &(0x7f00000002c0)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r11, r11, 0x0, 0x4)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[], 0xd4}}, 0x0)

54.07706ms ago: executing program 2 (id=1910):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c000000070a01030000000000000000020000000900010073797a300000000009000200"], 0x2c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_PROTOCOLS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90001000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x50, 0x0, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x29}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @private0}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}]}, 0x50}}, 0x20008800)

53.334884ms ago: executing program 2 (id=1911):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x59, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r0 = syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x7fa, 0x13500, 0x0, 0x163}, &(0x7f0000000240), &(0x7f0000001880), &(0x7f0000000000))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x21, &(0x7f0000000440), 0x1)
r1 = socket$inet6(0xa, 0x4, 0x7f)
getsockopt$bt_hci(r1, 0x0, 0x1, 0x0, &(0x7f0000001600))

52.86895ms ago: executing program 3 (id=1912):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x46)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='huge='])
pread64(r3, &(0x7f0000002840)=""/4096, 0x1000, 0x4)
pread64(r1, &(0x7f0000002840)=""/4096, 0x1000, 0x4)

3.667072ms ago: executing program 2 (id=1913):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x800000, &(0x7f00000001c0)=ANY=[@ANYBLOB="7472616e733d756e69782c0024a44d771fe2554db9b9243891575e2adc888343bb21818f5c8b4b65498ea4df97ffe3a17430f10c9c66121c15da8e8f5bf50393c354ed9f6bb7e4de8d2b53d179fdeb921465c4892cb1962207c20c29c704bc"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0xd85fd000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x180, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000003c0)={"6b19301c0427b50759dd4115983477404a8d17f0909251b52c0b619a3eae0bf9", 0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000400))
r4 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x5, 0x2, 0x2000, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="b40200008c27009bb03833185000000000008500000027000000950000002500dce4486671533cbe414a919a86084e418de0b7b5458f20924ffeda"], &(0x7f0000003ff6)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x80000}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2}, 0x10}, 0x94)
r5 = syz_usb_connect(0x3, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="7c05179d8becafe31cd9af8db6d1ec1b6756f548aca8bc16394187e15c128a86916f253a193c15f686eef8c89cfe031b671a6fa17964a81845b8006c621b3de4cb35bda7940e4f79d8d2a8d1458e37cbfa9a0bd9ccfe6b111673fa351ac3fdfc03a681a9b3b321eb8320f50dda6db33ab06914dab36d766f868f87a203e08b4e176317025efa874fb7a940661cefc7055baec7986f857ade917f8a9357a96f15aaef03babce3443174a1fc195a"], 0x0)
syz_usb_control_io(r5, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0x80015b11, 0x0)
r7 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000440)=0xe)
writev(r7, &(0x7f00000022c0)=[{&(0x7f0000000c80)="6fec0516", 0x4}], 0x1)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x70, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="3b2972c6172ae09b0b9c1d73974038e62b014a718b6cd59b3c3d31941f5f54fc1d0d60bfa2255120237288412b474b33", 0x30)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

3.410421ms ago: executing program 3 (id=1914):
r0 = socket(0x8000000010, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, &(0x7f0000001500)="267600410f01b00000000066b88e000f00d066420f3a14ce5736430f0164b107b805000000b9060000000f01c1f30f01330f015b7548b80c000000000000000f23d80f21f835800000000f23f8f30fc733", 0x51}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000000)={0x2, 0x0, [{0xa1f, 0x0, 0x8000000000000001}, {0x299, 0x0, 0x2}]})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x44, 0x32, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x60, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}]}, @action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x13, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x240008dd)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_ublk_setup_io_uring(0xed5, &(0x7f0000000200)={0x0, 0x8b2, 0x2000, 0x1, 0x97}, &(0x7f0000000280)=<r5=>0x0, &(0x7f00000003c0), &(0x7f0000000440))
syz_io_uring_setup(0x54be, &(0x7f0000000480)={0x0, 0xeb79, 0x2, 0x3, 0xab}, &(0x7f0000000500), &(0x7f0000000540)=<r6=>0x0, &(0x7f0000000580))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, 0x0, &(0x7f00000005c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2, r7}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

0s ago: executing program 1 (id=1915):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x6)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="66baf80cb8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b805000000b9210000000f01c1c4e17929d8", 0xfffffffffffffed0}], 0x1, 0x11, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x3d, @private1, 0x6}, 0x1c)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x7a, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f00003c8000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f000024a000/0x1000)=nil)

kernel console output (not intermixed with test programs):

[   75.168207][ T5742]  ret_from_fork+0x72b/0xd50
[   75.168223][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.168238][ T5742]  ? __switch_to+0x800/0x10f0
[   75.168249][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.168258][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.168271][ T5742]  </TASK>
[   75.168293][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.257771][ T5742] Bluetooth: hci1: failed to register connection device
[   75.261000][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.264706][ T5742] CPU: 3 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.264730][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.264742][ T5742] Workqueue: hci1 hci_rx_work
[   75.264772][ T5742] Call Trace:
[   75.264777][ T5742]  <TASK>
[   75.264783][ T5742]  dump_stack_lvl+0x100/0x190
[   75.264807][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.264831][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.264856][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.264880][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.264899][ T5742]  ? lock_release+0x24d/0x310
[   75.264918][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.264940][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.264962][ T5742]  kobject_add+0x16a/0x1e0
[   75.264981][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.265002][ T5742]  ? kobject_put+0xb9/0x640
[   75.265018][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.265041][ T5742]  device_add+0x294/0x1970
[   75.265065][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.265081][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.265104][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.265132][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.265157][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.265185][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.265210][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.265232][ T5742]  ? lock_release+0x24d/0x310
[   75.265253][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.265278][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.265302][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.265319][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.265346][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.265369][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.265385][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.265408][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.265434][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.265459][ T5742]  hci_rx_work+0x451/0xfc0
[   75.265484][ T5742]  process_one_work+0xa23/0x1940
[   75.265505][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.265548][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.265576][ T5742]  worker_thread+0x5ef/0xe50
[   75.265597][ T5742]  ? kthread+0x13a/0x450
[   75.265611][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.265628][ T5742]  kthread+0x370/0x450
[   75.265642][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.265657][ T5742]  ret_from_fork+0x72b/0xd50
[   75.265680][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.265702][ T5742]  ? __switch_to+0x800/0x10f0
[   75.265719][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.265735][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.265754][ T5742]  </TASK>
[   75.363293][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.363316][ T5742] Bluetooth: hci1: failed to register connection device
[   75.363625][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.363638][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.363653][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.363660][ T5742] Workqueue: hci1 hci_rx_work
[   75.363684][ T5742] Call Trace:
[   75.363690][ T5742]  <TASK>
[   75.363695][ T5742]  dump_stack_lvl+0x100/0x190
[   75.363739][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.363765][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.363791][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.363830][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.363854][ T5742]  ? lock_release+0x24d/0x310
[   75.363875][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.363901][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.363923][ T5742]  kobject_add+0x16a/0x1e0
[   75.363943][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.363965][ T5742]  ? kobject_put+0xb9/0x640
[   75.363981][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.364014][ T5742]  device_add+0x294/0x1970
[   75.364042][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.364060][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.364079][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.364097][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.364109][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.364127][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.364143][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.364159][ T5742]  ? lock_release+0x24d/0x310
[   75.364172][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.364188][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.364204][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.364215][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.364232][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.364248][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.364258][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.364274][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.364291][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.364308][ T5742]  hci_rx_work+0x451/0xfc0
[   75.364325][ T5742]  process_one_work+0xa23/0x1940
[   75.364339][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.364352][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.364368][ T5742]  worker_thread+0x5ef/0xe50
[   75.364381][ T5742]  ? kthread+0x13a/0x450
[   75.364391][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.364401][ T5742]  kthread+0x370/0x450
[   75.364411][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.364421][ T5742]  ret_from_fork+0x72b/0xd50
[   75.364436][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.364451][ T5742]  ? __switch_to+0x800/0x10f0
[   75.364461][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.364471][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.364483][ T5742]  </TASK>
[   75.364575][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.364591][ T5742] Bluetooth: hci1: failed to register connection device
[   75.364936][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.364949][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.364966][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.364978][ T5742] Workqueue: hci1 hci_rx_work
[   75.365010][ T5742] Call Trace:
[   75.365015][ T5742]  <TASK>
[   75.365022][ T5742]  dump_stack_lvl+0x100/0x190
[   75.365044][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.365065][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.365087][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.365111][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.365131][ T5742]  ? lock_release+0x24d/0x310
[   75.365150][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.365170][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.365190][ T5742]  kobject_add+0x16a/0x1e0
[   75.365208][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.365229][ T5742]  ? kobject_put+0xb9/0x640
[   75.365246][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.365265][ T5742]  device_add+0x294/0x1970
[   75.365288][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.365304][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.365328][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.365352][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.365368][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.365395][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.365438][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.365459][ T5742]  ? lock_release+0x24d/0x310
[   75.365479][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.365505][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.365529][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.365545][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.365571][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.365594][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.365610][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.365634][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.365661][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.365681][ T5742]  hci_rx_work+0x451/0xfc0
[   75.365706][ T5742]  process_one_work+0xa23/0x1940
[   75.365727][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.365746][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.365769][ T5742]  worker_thread+0x5ef/0xe50
[   75.365786][ T5742]  ? kthread+0x13a/0x450
[   75.365800][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.365816][ T5742]  kthread+0x370/0x450
[   75.365830][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.365845][ T5742]  ret_from_fork+0x72b/0xd50
[   75.365863][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.365885][ T5742]  ? __switch_to+0x800/0x10f0
[   75.365901][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.365916][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.365936][ T5742]  </TASK>
[   75.366016][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.366038][ T5742] Bluetooth: hci1: failed to register connection device
[   75.366312][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.366326][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.366346][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.366356][ T5742] Workqueue: hci1 hci_rx_work
[   75.366378][ T5742] Call Trace:
[   75.366383][ T5742]  <TASK>
[   75.366389][ T5742]  dump_stack_lvl+0x100/0x190
[   75.366409][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.366432][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.366455][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.366479][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.366498][ T5742]  ? lock_release+0x24d/0x310
[   75.366515][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.366536][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.366556][ T5742]  kobject_add+0x16a/0x1e0
[   75.366575][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.366629][ T5742]  ? kobject_put+0xb9/0x640
[   75.366647][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.366670][ T5742]  device_add+0x294/0x1970
[   75.366691][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.366707][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.366730][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.366758][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.366774][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.366799][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.366824][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.366847][ T5742]  ? lock_release+0x24d/0x310
[   75.366874][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.366895][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.366918][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.366934][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.366962][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.366982][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.367005][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.367029][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.367053][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.367075][ T5742]  hci_rx_work+0x451/0xfc0
[   75.367100][ T5742]  process_one_work+0xa23/0x1940
[   75.367121][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.367140][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.367161][ T5742]  worker_thread+0x5ef/0xe50
[   75.367180][ T5742]  ? kthread+0x13a/0x450
[   75.367194][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.367211][ T5742]  kthread+0x370/0x450
[   75.367225][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.367240][ T5742]  ret_from_fork+0x72b/0xd50
[   75.367257][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.367280][ T5742]  ? __switch_to+0x800/0x10f0
[   75.367295][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.367310][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.367330][ T5742]  </TASK>
[   75.367343][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.367358][ T5742] Bluetooth: hci1: failed to register connection device
[   75.367605][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.367615][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.367627][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.367634][ T5742] Workqueue: hci1 hci_rx_work
[   75.367650][ T5742] Call Trace:
[   75.367653][ T5742]  <TASK>
[   75.367657][ T5742]  dump_stack_lvl+0x100/0x190
[   75.367670][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.367685][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.367701][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.367716][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.367729][ T5742]  ? lock_release+0x24d/0x310
[   75.367741][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.367756][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.367769][ T5742]  kobject_add+0x16a/0x1e0
[   75.367781][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.367795][ T5742]  ? kobject_put+0xb9/0x640
[   75.367805][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.367820][ T5742]  device_add+0x294/0x1970
[   75.367835][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.367845][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.367861][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.367878][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.367889][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.367906][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.367923][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.367938][ T5742]  ? lock_release+0x24d/0x310
[   75.367950][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.367967][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.367983][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.367999][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.368017][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.368033][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.368043][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.368059][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.368076][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.368092][ T5742]  hci_rx_work+0x451/0xfc0
[   75.368108][ T5742]  process_one_work+0xa23/0x1940
[   75.368121][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.368133][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.368149][ T5742]  worker_thread+0x5ef/0xe50
[   75.368162][ T5742]  ? kthread+0x13a/0x450
[   75.368171][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.368181][ T5742]  kthread+0x370/0x450
[   75.368190][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.368200][ T5742]  ret_from_fork+0x72b/0xd50
[   75.368214][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.368229][ T5742]  ? __switch_to+0x800/0x10f0
[   75.368239][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.368248][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.368260][ T5742]  </TASK>
[   75.368267][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.368279][ T5742] Bluetooth: hci1: failed to register connection device
[   75.368510][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.368520][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.368532][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.368538][ T5742] Workqueue: hci1 hci_rx_work
[   75.368554][ T5742] Call Trace:
[   75.368557][ T5742]  <TASK>
[   75.368561][ T5742]  dump_stack_lvl+0x100/0x190
[   75.368574][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.368589][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.368604][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.368620][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.368632][ T5742]  ? lock_release+0x24d/0x310
[   75.368644][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.368659][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.368672][ T5742]  kobject_add+0x16a/0x1e0
[   75.368685][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.368698][ T5742]  ? kobject_put+0xb9/0x640
[   75.368708][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.368723][ T5742]  device_add+0x294/0x1970
[   75.368738][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.368749][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.368764][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.368781][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.368793][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.368810][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.368826][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.368841][ T5742]  ? lock_release+0x24d/0x310
[   75.368854][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.368871][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.368886][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.368896][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.368913][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.368929][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.368939][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.368955][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.368972][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.368988][ T5742]  hci_rx_work+0x451/0xfc0
[   75.369011][ T5742]  process_one_work+0xa23/0x1940
[   75.369024][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.369037][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.369053][ T5742]  worker_thread+0x5ef/0xe50
[   75.369065][ T5742]  ? kthread+0x13a/0x450
[   75.369074][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.369085][ T5742]  kthread+0x370/0x450
[   75.369094][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.369103][ T5742]  ret_from_fork+0x72b/0xd50
[   75.369117][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.369132][ T5742]  ? __switch_to+0x800/0x10f0
[   75.369142][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.369152][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.369163][ T5742]  </TASK>
[   75.369170][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.369182][ T5742] Bluetooth: hci1: failed to register connection device
[   75.369383][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.369393][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.369404][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.369411][ T5742] Workqueue: hci1 hci_rx_work
[   75.369427][ T5742] Call Trace:
[   75.369430][ T5742]  <TASK>
[   75.369433][ T5742]  dump_stack_lvl+0x100/0x190
[   75.369447][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.369461][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.369476][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.369491][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.369506][ T5742]  ? lock_release+0x24d/0x310
[   75.369518][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.369533][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.369547][ T5742]  kobject_add+0x16a/0x1e0
[   75.369558][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.369572][ T5742]  ? kobject_put+0xb9/0x640
[   75.369582][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.369597][ T5742]  device_add+0x294/0x1970
[   75.369612][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.369622][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.369638][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.369655][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.369667][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.369684][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.369701][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.369716][ T5742]  ? lock_release+0x24d/0x310
[   75.369729][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.369745][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.369760][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.369770][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.369788][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.369804][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.369814][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.369830][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.369847][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.369862][ T5742]  hci_rx_work+0x451/0xfc0
[   75.369879][ T5742]  process_one_work+0xa23/0x1940
[   75.369892][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.369904][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.369920][ T5742]  worker_thread+0x5ef/0xe50
[   75.369933][ T5742]  ? kthread+0x13a/0x450
[   75.369941][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.369952][ T5742]  kthread+0x370/0x450
[   75.369961][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.369970][ T5742]  ret_from_fork+0x72b/0xd50
[   75.369984][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.370006][ T5742]  ? __switch_to+0x800/0x10f0
[   75.370017][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.370026][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.370037][ T5742]  </TASK>
[   75.370045][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.370058][ T5742] Bluetooth: hci1: failed to register connection device
[   75.370251][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.370261][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.370272][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.370279][ T5742] Workqueue: hci1 hci_rx_work
[   75.370295][ T5742] Call Trace:
[   75.370298][ T5742]  <TASK>
[   75.370301][ T5742]  dump_stack_lvl+0x100/0x190
[   75.370315][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.370329][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.370344][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.370360][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.370372][ T5742]  ? lock_release+0x24d/0x310
[   75.370384][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.370399][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.370413][ T5742]  kobject_add+0x16a/0x1e0
[   75.370424][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.370438][ T5742]  ? kobject_put+0xb9/0x640
[   75.370448][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.370463][ T5742]  device_add+0x294/0x1970
[   75.370478][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.370488][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.370506][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.370523][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.370535][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.370552][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.370568][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.370583][ T5742]  ? lock_release+0x24d/0x310
[   75.370634][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.370661][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.370684][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.370694][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.370712][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.370728][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.370738][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.370754][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.370771][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.370786][ T5742]  hci_rx_work+0x451/0xfc0
[   75.370803][ T5742]  process_one_work+0xa23/0x1940
[   75.370816][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.370828][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.370845][ T5742]  worker_thread+0x5ef/0xe50
[   75.370857][ T5742]  ? kthread+0x13a/0x450
[   75.370866][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.370876][ T5742]  kthread+0x370/0x450
[   75.370885][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.370895][ T5742]  ret_from_fork+0x72b/0xd50
[   75.370909][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.370924][ T5742]  ? __switch_to+0x800/0x10f0
[   75.370934][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.370944][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.370955][ T5742]  </TASK>
[   75.370963][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.370976][ T5742] Bluetooth: hci1: failed to register connection device
[   75.371189][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.371199][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.371210][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.371217][ T5742] Workqueue: hci1 hci_rx_work
[   75.371233][ T5742] Call Trace:
[   75.371236][ T5742]  <TASK>
[   75.371240][ T5742]  dump_stack_lvl+0x100/0x190
[   75.371253][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.371267][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.371282][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.371298][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.371310][ T5742]  ? lock_release+0x24d/0x310
[   75.371322][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.371338][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.371351][ T5742]  kobject_add+0x16a/0x1e0
[   75.371363][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.371376][ T5742]  ? kobject_put+0xb9/0x640
[   75.371391][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.371410][ T5742]  device_add+0x294/0x1970
[   75.371430][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.371444][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.371465][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.371494][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.371512][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.371540][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.371560][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.371575][ T5742]  ? lock_release+0x24d/0x310
[   75.371588][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.371605][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.371620][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.371630][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.371647][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.371680][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.371692][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.371707][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.371724][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.371740][ T5742]  hci_rx_work+0x451/0xfc0
[   75.371757][ T5742]  process_one_work+0xa23/0x1940
[   75.371770][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.371782][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.371798][ T5742]  worker_thread+0x5ef/0xe50
[   75.371811][ T5742]  ? kthread+0x13a/0x450
[   75.371819][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.371830][ T5742]  kthread+0x370/0x450
[   75.371839][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.371849][ T5742]  ret_from_fork+0x72b/0xd50
[   75.371863][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.371878][ T5742]  ? __switch_to+0x800/0x10f0
[   75.371888][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.371897][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.371909][ T5742]  </TASK>
[   75.371960][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.371975][ T5742] Bluetooth: hci1: failed to register connection device
[   75.372204][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.372213][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.372225][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.372231][ T5742] Workqueue: hci1 hci_rx_work
[   75.372248][ T5742] Call Trace:
[   75.372250][ T5742]  <TASK>
[   75.372254][ T5742]  dump_stack_lvl+0x100/0x190
[   75.372267][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.372282][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.372297][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.372312][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.372325][ T5742]  ? lock_release+0x24d/0x310
[   75.372337][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.372352][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.372365][ T5742]  kobject_add+0x16a/0x1e0
[   75.372377][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.372390][ T5742]  ? kobject_put+0xb9/0x640
[   75.372401][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.372415][ T5742]  device_add+0x294/0x1970
[   75.372430][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.372440][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.372456][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.372474][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.372485][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.372504][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.372521][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.372536][ T5742]  ? lock_release+0x24d/0x310
[   75.372549][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.372565][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.372580][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.372590][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.372608][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.372624][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.372634][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.372649][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.372666][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.372682][ T5742]  hci_rx_work+0x451/0xfc0
[   75.372698][ T5742]  process_one_work+0xa23/0x1940
[   75.372711][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.372723][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.372740][ T5742]  worker_thread+0x5ef/0xe50
[   75.372752][ T5742]  ? kthread+0x13a/0x450
[   75.372761][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.372772][ T5742]  kthread+0x370/0x450
[   75.372780][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.372790][ T5742]  ret_from_fork+0x72b/0xd50
[   75.372805][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.372819][ T5742]  ? __switch_to+0x800/0x10f0
[   75.372830][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.372839][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.372850][ T5742]  </TASK>
[   75.372857][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.372870][ T5742] Bluetooth: hci1: failed to register connection device
[   75.372974][ T5742] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[   75.372982][ T5742] CPU: 2 UID: 0 PID: 5742 Comm: kworker/u34:3 Not tainted syzkaller #0 PREEMPT(full) 
[   75.373001][ T5742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   75.373007][ T5742] Workqueue: hci1 hci_rx_work
[   75.373023][ T5742] Call Trace:
[   75.373026][ T5742]  <TASK>
[   75.373030][ T5742]  dump_stack_lvl+0x100/0x190
[   75.373042][ T5742]  sysfs_warn_dup.cold+0x1c/0x28
[   75.373057][ T5742]  sysfs_create_dir_ns+0x24b/0x2b0
[   75.373072][ T5742]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   75.373087][ T5742]  ? kobject_add_internal+0x25f/0x930
[   75.373099][ T5742]  ? lock_release+0x24d/0x310
[   75.373111][ T5742]  ? do_raw_spin_unlock+0x145/0x1e0
[   75.373126][ T5742]  kobject_add_internal+0x2c8/0x930
[   75.373139][ T5742]  kobject_add+0x16a/0x1e0
[   75.373151][ T5742]  ? __pfx_kobject_add+0x10/0x10
[   75.373164][ T5742]  ? kobject_put+0xb9/0x640
[   75.373175][ T5742]  ? _raw_spin_unlock+0x28/0x50
[   75.373190][ T5742]  device_add+0x294/0x1970
[   75.373205][ T5742]  ? __pfx_dev_set_name+0x10/0x10
[   75.373215][ T5742]  ? __pfx_device_add+0x10/0x10
[   75.373230][ T5742]  ? mgmt_send_event_skb+0x2fb/0x460
[   75.373248][ T5742]  hci_conn_add_sysfs+0x1a3/0x260
[   75.373259][ T5742]  le_conn_complete_evt+0x11eb/0x1f60
[   75.373276][ T5742]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   75.373292][ T5742]  ? hci_event_packet+0x186/0xcd0
[   75.373307][ T5742]  ? lock_release+0x24d/0x310
[   75.373320][ T5742]  hci_le_enh_conn_complete_evt+0x23d/0x3b0
[   75.373337][ T5742]  ? skb_pull_data+0x15f/0x1e0
[   75.373352][ T5742]  hci_le_meta_evt+0x34a/0x5f0
[   75.373362][ T5742]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[   75.373380][ T5742]  hci_event_packet+0x51c/0xcd0
[   75.373396][ T5742]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   75.373406][ T5742]  ? __pfx_hci_event_packet+0x10/0x10
[   75.373422][ T5742]  ? rcu_is_cpu_rrupt_from_idle+0x250/0x270
[   75.373438][ T5742]  ? trace_irq_enable.constprop.0+0x122/0x160
[   75.373454][ T5742]  hci_rx_work+0x451/0xfc0
[   75.373470][ T5742]  process_one_work+0xa23/0x1940
[   75.373483][ T5742]  ? __pfx_process_one_work+0x10/0x10
[   75.373497][ T5742]  ? __pfx_hci_rx_work+0x10/0x10
[   75.373514][ T5742]  worker_thread+0x5ef/0xe50
[   75.373527][ T5742]  ? kthread+0x13a/0x450
[   75.373535][ T5742]  ? __pfx_worker_thread+0x10/0x10
[   75.373546][ T5742]  kthread+0x370/0x450
[   75.373555][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.373566][ T5742]  ret_from_fork+0x72b/0xd50
[   75.373585][ T5742]  ? __pfx_ret_from_fork+0x10/0x10
[   75.373605][ T5742]  ? __switch_to+0x800/0x10f0
[   75.373619][ T5742]  ? __pfx_kthread+0x10/0x10
[   75.373635][ T5742]  ret_from_fork_asm+0x1a/0x30
[   75.373652][ T5742]  </TASK>
[   75.373665][ T5742] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[   75.447213][   T42] kauditd_printk_skb: 50749 callbacks suppressed
[   75.447229][   T42] audit: type=1400 audit(1782289157.735:179399): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   75.447261][   T42] audit: type=1400 audit(1782289157.745:179400): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   75.449557][ T5742] Bluetooth: hci1: failed to register connection device
[   75.451972][   T42] audit: type=1400 audit(1782289157.745:179401): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   75.452625][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   75.452635][ T5440] audit: audit_lost=174 audit_rate_limit=0 audit_backlog_limit=64
[   75.452642][ T5440] audit: backlog limit exceeded
[   75.452682][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   75.452689][ T5440] audit: audit_lost=175 audit_rate_limit=0 audit_backlog_limit=64
[   75.452695][ T5440] audit: backlog limit exceeded
[   75.452734][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   76.526789][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   76.530880][ T8356] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[   76.532981][ T8356] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   76.535255][ T8357] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(15)
[   76.536405][ T1439] ieee802154 phy0 wpan0: encryption failed: -22
[   76.537439][ T8357] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   76.538232][ T8357] vhci_hcd vhci_hcd.0: Device attached
[   76.539604][ T1439] ieee802154 phy1 wpan1: encryption failed: -22
[   76.542214][ T8356] vhci_hcd vhci_hcd.0: Device attached
[   76.547905][ T8359] vhci_hcd: connection closed
[   76.548065][   T13] vhci_hcd vhci_hcd.0: stop threads
[   76.549109][ T8358] vhci_hcd: connection closed
[   76.549738][   T13] vhci_hcd vhci_hcd.0: release socket
[   76.555530][   T13] vhci_hcd vhci_hcd.0: disconnect device
[   76.557627][   T13] vhci_hcd vhci_hcd.0: stop threads
[   76.559248][   T13] vhci_hcd vhci_hcd.0: release socket
[   76.560878][   T13] vhci_hcd vhci_hcd.0: disconnect device
[   76.583494][ T8367] netlink: 'syz.3.853': attribute type 12 has an invalid length.
[   76.586754][ T8367] __nla_validate_parse: 6 callbacks suppressed
[   76.586764][ T8367] netlink: 132 bytes leftover after parsing attributes in process `syz.3.853'.
[   76.611397][ T8369] netlink: 'syz.3.854': attribute type 1 has an invalid length.
[   76.620255][ T8369] 8021q: adding VLAN 0 to HW filter on device bond3
[   76.627584][ T8369] vlan4: entered allmulticast mode
[   76.629887][ T8369] macsec0: entered allmulticast mode
[   76.631715][ T8369] veth1_macvtap: entered allmulticast mode
[   76.634402][ T8369] bond3: (slave vlan4): Error -34 calling dev_set_mtu
[   76.681223][ T8371] netlink: 24 bytes leftover after parsing attributes in process `syz.3.854'.
[   76.685303][ T8371] netlink: 16 bytes leftover after parsing attributes in process `syz.3.854'.
[   76.788165][ T8387] geneve4: entered promiscuous mode
[   76.843436][ T8397] netlink: 32 bytes leftover after parsing attributes in process `syz.1.864'.
[   76.847726][ T8397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.864'.
[   76.876398][ T8407] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   77.048891][ T8435] bond6: (slave ip6gre0): Device is not bonding slave
[   77.051098][ T8435] bond6: option active_slave: invalid value (ip6gre0)
[   77.055618][ T8435] bond6 (unregistering): Released all slaves
[   77.209511][ T8458] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   77.209511][ T8458] The task syz.1.883 (8458) triggered the difference, watch for misbehavior.
[   77.495445][ T5742] Bluetooth: hci1: command 0x2016 tx timeout
[   78.073538][ T8510] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8510 comm=syz.1.904
[   78.112806][ T8519] netlink: 'syz.3.907': attribute type 11 has an invalid length.
[   78.116447][ T8519] netlink: 132 bytes leftover after parsing attributes in process `syz.3.907'.
[   78.618924][ T8601] veth1_macvtap: left allmulticast mode
[   78.620772][ T8601] veth1_macvtap: left promiscuous mode
[   78.707907][ T8609] syzkaller0: entered promiscuous mode
[   78.709891][ T8609] syzkaller0: entered allmulticast mode
[   78.774478][ T8613] netlink: 12 bytes leftover after parsing attributes in process `syz.1.935'.
[   78.835567][ T8625] netlink: 'syz.1.939': attribute type 10 has an invalid length.
[   78.843180][ T8625] team0 (unregistering): Port device team_slave_0 removed
[   78.847689][ T8625] team0 (unregistering): Port device team_slave_1 removed
[   78.871672][ T8620] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   78.873562][ T8620] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[   78.932446][ T8641] bond0: entered promiscuous mode
[   78.934067][ T8641] bond_slave_0: entered promiscuous mode
[   78.937551][ T8641] bond_slave_1: entered promiscuous mode
[   78.957623][ T8645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.942'.
[   78.960352][ T8645] netlink: 'syz.1.942': attribute type 15 has an invalid length.
[   78.962991][ T8645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.942'.
[   78.965932][ T8645] netlink: 'syz.1.942': attribute type 15 has an invalid length.
[   79.048785][ T8663] netlink: 8 bytes leftover after parsing attributes in process `syz.1.947'.
[   79.102954][ T8679] bond6: option arp_interval: mode dependency failed, not supported in mode balance-alb(6)
[   79.107097][ T8679] bond6 (unregistering): Released all slaves
[   79.211191][ T8694] netlink: 'syz.1.953': attribute type 1 has an invalid length.
[   79.575080][ T5742] Bluetooth: hci1: command 0x2016 tx timeout
[   79.576904][ T8620] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   79.578806][ T8620] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[   79.578934][ T8718] A link change request failed with some changes committed already. Interface ªªªªªª˜‚3êøk… may have been left with an inconsistent configuration, please check.
[   80.454945][   T42] kauditd_printk_skb: 179615 callbacks suppressed
[   80.454957][   T42] audit: type=1400 audit(1782289162.746:224018): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   80.464069][   T42] audit: type=1400 audit(1782289162.746:224019): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   80.467659][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   80.470816][   T42] audit: type=1400 audit(1782289162.756:224020): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   80.472472][ T5440] audit: audit_lost=45176 audit_rate_limit=0 audit_backlog_limit=64
[   80.479077][   T42] audit: type=1400 audit(1782289162.756:224021): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   80.481357][ T5440] audit: backlog limit exceeded
[   80.481588][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   80.488193][   T42] audit: type=1400 audit(1782289162.756:224022): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   80.489447][ T5440] audit: audit_lost=45177 audit_rate_limit=0 audit_backlog_limit=64
[   81.022096][ T8751] macsec0: entered allmulticast mode
[   81.027974][ T8751] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(11)
[   81.030688][ T8751] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   81.033996][ T8751] vhci_hcd vhci_hcd.0: Device attached
[   81.037728][ T8751] veth1_macvtap: entered allmulticast mode
[   81.040275][ T8751] macsec0: left allmulticast mode
[   81.042300][ T8751] veth1_macvtap: left allmulticast mode
[   81.046211][ T8752] vhci_hcd: connection closed
[   81.046438][   T13] vhci_hcd vhci_hcd.0: stop threads
[   81.049878][   T13] vhci_hcd vhci_hcd.0: release socket
[   81.051696][   T13] vhci_hcd vhci_hcd.0: disconnect device
[   81.588281][ T8757] kAFS: unparsable volume name
[   81.646466][   T50] cfg80211: failed to load regulatory.db
[   81.654942][ T5742] Bluetooth: hci1: command 0x2016 tx timeout
[   82.009249][ T8778] netlink: 'syz.0.981': attribute type 6 has an invalid length.
[   82.012497][ T8778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8778 comm=syz.0.981
[   82.148475][ T8789] __nla_validate_parse: 7 callbacks suppressed
[   82.148486][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.0.986'.
[   82.730751][ T8799] netlink: 28 bytes leftover after parsing attributes in process `syz.0.990'.
[   82.733854][ T8799] netlink: 'syz.0.990': attribute type 7 has an invalid length.
[   82.736329][ T8799] netlink: 'syz.0.990': attribute type 8 has an invalid length.
[   82.738597][ T8799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.990'.
[   82.886171][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.0.998'.
[   82.924422][ T5742] Bluetooth: hci1: unexpected event for opcode 0x2011
[   82.972801][ T8831] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1003'.
[   83.006595][ T8836] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=771 sclass=netlink_route_socket pid=8836 comm=syz.0.1005
[   83.232174][ T8852] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1011'.
[   83.736695][ T8620] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   83.738654][ T8620] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[   83.743125][ T8620] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   83.745162][ T8620] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[   83.775031][  T619] Bluetooth: hci4: Frame reassembly failed (-84)
[   83.835669][ T8858] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false
[   84.360238][ T8863] netlink: 'syz.3.1015': attribute type 10 has an invalid length.
[   84.363019][ T8863] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1015'.
[   84.366345][ T8863] team0: entered promiscuous mode
[   84.370228][ T8863] team_slave_0: entered promiscuous mode
[   84.374270][ T8863] team_slave_1: entered promiscuous mode
[   84.377260][ T8863] team0: entered allmulticast mode
[   84.378913][ T8863] team_slave_0: entered allmulticast mode
[   84.380700][ T8863] team_slave_1: entered allmulticast mode
[   84.382906][ T8863] bridge0: port 3(team0) entered blocking state
[   84.385352][ T8863] bridge0: port 3(team0) entered disabled state
[   84.388263][ T8863] bridge0: port 3(team0) entered blocking state
[   84.390303][ T8863] bridge0: port 3(team0) entered forwarding state
[   84.541452][ T8885] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1022'.
[   84.563969][ T8888] netlink: 'syz.0.1023': attribute type 21 has an invalid length.
[   84.566587][ T8888] IPv6: NLM_F_CREATE should be specified when creating new route
[   84.568863][ T8888] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   84.571081][ T8888] IPv6: NLM_F_CREATE should be set when creating new route
[   84.573247][ T8888] IPv6: NLM_F_CREATE should be set when creating new route
[   84.575610][ T8888] IPv6: NLM_F_CREATE should be set when creating new route
[   84.578449][ T8888] netlink: 'syz.0.1023': attribute type 21 has an invalid length.
[   84.580906][ T8888] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   85.250905][ T8924] netlink: 'syz.0.1038': attribute type 5 has an invalid length.
[   85.416810][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   85.436183][ T8972] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.464745][   T42] kauditd_printk_skb: 60071 callbacks suppressed
[   85.465409][   T42] audit: type=1400 audit(1782289167.766:284093): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   85.473653][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   85.475630][   T42] audit: type=1400 audit(1782289167.766:284094): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   85.477029][ T5440] audit: audit_lost=45178 audit_rate_limit=0 audit_backlog_limit=64
[   85.483143][   T42] audit: type=1400 audit(1782289167.766:284095): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   85.486696][ T5440] audit: backlog limit exceeded
[   85.487017][ T5440] audit: audit_backlog=65 > audit_backlog_limit=64
[   85.496414][   T42] audit: type=1400 audit(1782289167.766:284096): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   85.497482][ T5440] audit: audit_lost=45179 audit_rate_limit=0 audit_backlog_limit=64
[   85.499966][   T42] audit: type=1400 audit(1782289167.766:284097): avc:  denied  { read } for  pid=5440 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   85.590831][ T8985] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[   85.716718][ T9009] Process accounting resumed
[   85.789246][ T9021] netlink: 'syz.0.1073': attribute type 4 has an invalid length.
[   85.791721][ T9021] netlink: 'syz.0.1073': attribute type 10 has an invalid length.
[   85.794110][ T9021] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1073'.
[   85.797626][ T9021] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[   85.804299][ T5747] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[   85.804308][ T5742] Bluetooth: hci4: command 0xfc11 tx timeout
[   85.830420][ T9023] netlink: 'syz.1.1074': attribute type 29 has an invalid length.
[   85.933108][ T9049] bond4: option downdelay: invalid value (18446744073709551615)
[   85.936510][ T9049] bond4: option downdelay: allowed values 0 - 2147483647
[   85.939589][ T9049] bond4 (unregistering): Released all slaves
[   86.106222][ T9083] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1096'.
[   86.587422][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   86.591452][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   86.714567][    C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   87.205457][ T9180] bond1: (slave ip6gretap1): making interface the new active one
[   87.208470][ T9180] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[   87.231531][ T9184] __nla_validate_parse: 4 callbacks suppressed
[   87.231542][ T9184] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1132'.
[   87.564452][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   87.766372][ T9190] syzkaller0: entered promiscuous mode
[   87.768174][ T9190] syzkaller0: entered allmulticast mode
[   87.878579][ T9192] netlink: 'syz.1.1135': attribute type 13 has an invalid length.
[   87.881298][ T9192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1135'.
[   87.884190][ T9192] netlink: 'syz.1.1135': attribute type 13 has an invalid length.
[   87.886556][ T9192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1135'.
[   87.929491][ T9200] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1139'.
[   87.995192][ T9207] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9207 comm=syz.0.1142
[   88.192753][ T9249] ptrace attach of "/syz-executor exec"[5738] was attempted by "¶"[9249]
[   88.204530][ T5742] Bluetooth: hci4: command 0x1003 tx timeout
[   88.206549][ T5747] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   88.251644][ T9262] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1160'.
[   88.465212][ T9283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1169'.
[   88.470299][ T9283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1169'.
[   88.895822][ T9326] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   88.899547][ T9326] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.930460][ T8335] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   88.933784][ T8335] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.936916][ T8335] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   88.939908][ T8335] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.943298][ T8335] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   88.946946][ T8335] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.950303][ T8335] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   88.953668][ T8335] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   89.137197][ T9372] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.146671][ T9372] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.203403][ T9390] ublk0: read batch cmd buffer failed
[   89.222005][ T5440] veth1_macvtap: entered promiscuous mode
[   89.225137][ T5440] veth1_macvtap: entered allmulticast mode
[   89.240828][ T9404] SELinux:  policydb table sizes (109,3) do not match mine (8,7)
[   89.244055][ T9404] SELinux: failed to load policy
[   89.295274][ T9413] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   89.299735][ T9413] block device autoloading is deprecated and will be removed.
[   89.341571][ T9425] overlayfs: failed to resolve './file0/file2': -2
[   89.364364][ T9388] tmpfs: Unknown parameter 'usrquota'
[   89.391429][ T9439] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1217'.
[   89.432326][ T9447] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1219'.
[   89.435738][ T9447] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1219'.
[   89.488586][ T9456] binder: BINDER_SET_CONTEXT_MGR already set
[   89.490982][ T9456] binder: 9455:9456 ioctl 4018620d 200000004a80 returned -16
[   90.453924][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   90.478555][ T9485] netlink: 'syz.2.1230': attribute type 10 has an invalid length.
[   90.481069][ T9485] ipvlan0: entered allmulticast mode
[   90.482743][ T9485] veth0_vlan: entered allmulticast mode
[   90.486356][ T9485] team0: Device ipvlan0 failed to register rx_handler
[   90.530647][   T42] kauditd_printk_skb: 42226 callbacks suppressed
[   90.530659][   T42] audit: type=1400 audit(1782289172.817:324799): avc:  denied  { create } for  pid=9489 comm="syz.2.1232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   90.540701][ T9490] can: request_module (can-proto-0) failed.
[   90.614436][   T42] audit: type=1400 audit(1782289172.907:324800): avc:  denied  { connect } for  pid=9496 comm="syz.3.1234" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.621548][   T42] audit: type=1400 audit(1782289172.907:324801): avc:  denied  { write } for  pid=9496 comm="syz.3.1234" path="socket:[23364]" dev="sockfs" ino=23364 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   90.628680][   T42] audit: type=1400 audit(1782289172.907:324802): avc:  denied  { create } for  pid=9498 comm="syz.2.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   90.634752][   T42] audit: type=1400 audit(1782289172.917:324803): avc:  denied  { setopt } for  pid=9498 comm="syz.2.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   90.642798][   T42] audit: type=1400 audit(1782289172.917:324804): avc:  denied  { create } for  pid=9500 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.651417][   T42] audit: type=1400 audit(1782289172.917:324805): avc:  denied  { bind } for  pid=9500 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.658096][   T42] audit: type=1400 audit(1782289172.917:324806): avc:  denied  { setopt } for  pid=9500 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.664466][   T42] audit: type=1400 audit(1782289172.917:324807): avc:  denied  { accept } for  pid=9500 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.670529][   T42] audit: type=1400 audit(1782289172.947:324808): avc:  denied  { write } for  pid=9500 comm="syz.3.1236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   90.688038][ T9507] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2564 sclass=netlink_route_socket pid=9507 comm=syz.2.1238
[   90.999973][ T9544] input: syz1 as /devices/virtual/input/input7
[   91.143780][   T24] usb 7-1: new low-speed USB device number 3 using dummy_hcd
[   91.151758][ T9549] NILFS (nullb0): couldn't find nilfs on the device
[   91.293669][   T24] usb 7-1: Invalid ep0 maxpacket: 64
[   91.443675][   T24] usb 7-1: new low-speed USB device number 4 using dummy_hcd
[   91.483907][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   91.603616][   T24] usb 7-1: Invalid ep0 maxpacket: 64
[   91.605699][   T24] usb usb7-port1: attempt power cycle
[   91.943683][   T24] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[   91.963943][   T24] usb 7-1: Invalid ep0 maxpacket: 64
[   92.093833][   T24] usb 7-1: new low-speed USB device number 6 using dummy_hcd
[   92.114185][   T24] usb 7-1: Invalid ep0 maxpacket: 64
[   92.116692][   T24] usb usb7-port1: unable to enumerate USB device
[   92.172441][ T9560] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   92.175451][ T9560] block device autoloading is deprecated and will be removed.
[   92.322393][ T9574] fuse: Bad value for 'fd'
[   92.324903][ T9574] openvswitch: netlink: Actions may not be safe on all matching packets
[   92.346721][ T9578] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[   92.358253][ T9580] x_tables: ip_tables: .0 target: invalid size 8 (kernel) != (user) 4
[   92.531819][ T9604] CIFS: bad ip= option (‹R¯HÖe'ì»Ë /Ïâµüë1ýC¸ 
£~—1W–쯑ë¨eþxEA®ÁþeSb{~Rð)
[   92.536214][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[   92.553355][ T9600] ptrace attach of "/syz-executor exec"[9605] was attempted by "/syz-executor exec"[9600]
[   92.557863][ T9600] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9600 comm=syz.0.1263
[   92.562721][ T9601] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9601 comm=syz.0.1263
[   92.567752][ T9607] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[   92.571705][ T9608] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[   92.748087][ T9636] netlink: 'syz.0.1276': attribute type 1 has an invalid length.
[   92.750566][ T9636] __nla_validate_parse: 3 callbacks suppressed
[   92.750574][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1276'.
[   92.758207][ T9636] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   92.875093][ T9644] syzkaller0: entered promiscuous mode
[   92.877010][ T9644] syzkaller0: entered allmulticast mode
[   93.058123][ T9653] netlink: 420 bytes leftover after parsing attributes in process `syz.0.1281'.
[   93.563431][ T5841] usb 5-1: new low-speed USB device number 3 using dummy_hcd
[   93.714890][ T5841] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   93.719029][ T5841] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[   93.722017][ T5841] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[   93.726426][ T5841] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   93.729984][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.736351][ T9661] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[   93.740269][ T5841] hub 5-1:1.0: bad descriptor, ignoring hub
[   93.743368][ T5841] hub 5-1:1.0: probe with driver hub failed with error -5
[   93.746590][ T5841] cdc_wdm 5-1:1.0: skipping garbage
[   93.748800][ T5841] cdc_wdm 5-1:1.0: skipping garbage
[   93.750992][ T5841] cdc_wdm 5-1:1.0: skipping garbage
[   93.755007][ T5841] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   93.757411][ T5841] cdc_wdm 5-1:1.0: Unknown control protocol
[   94.131574][ T9682] overlay: ./file0 is not a directory
[   94.213816][ T9682] Process accounting resumed
[   94.523797][ T9661] usb 5-1: reset low-speed USB device number 3 using dummy_hcd
[   94.793217][ T9661] usb 5-1: device descriptor read/64, error -71
[   94.872213][ T9715] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1295'.
[   94.875239][ T9715] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1295'.
[   94.878441][ T9715] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1295'.
[   94.884319][ T9716] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1295'.
[   95.037463][ T9724] tmpfs: Cannot change global quota limit on remount
[   95.193342][ T9661] usb 5-1: reset low-speed USB device number 3 using dummy_hcd
[   95.216912][ T9735] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1301'.
[   95.225949][ T9733] kvm: MWAIT instruction emulated as NOP!
[   95.463260][ T9661] usb 5-1: device descriptor read/64, error -71
[   95.535168][   T42] kauditd_printk_skb: 96 callbacks suppressed
[   95.535179][   T42] audit: type=1400 audit(1782289177.828:324905): avc:  denied  { watch } for  pid=9754 comm="syz.1.1305" path="/373/file0" dev="tmpfs" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   95.545680][   T42] audit: type=1400 audit(1782289177.838:324906): avc:  denied  { watch_sb watch_reads } for  pid=9754 comm="syz.1.1305" path="/373/file0" dev="tmpfs" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   95.637538][   T42] audit: type=1400 audit(1782289177.928:324907): avc:  denied  { create } for  pid=9746 comm="syz.3.1303" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   95.644703][   T42] audit: type=1400 audit(1782289177.938:324908): avc:  denied  { bind } for  pid=9746 comm="syz.3.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   95.681660][ T9766] gfs2: gfs2 mount does not exist
[   95.702725][ T9766] ip6erspan0: entered allmulticast mode
[   95.737837][   T42] audit: type=1400 audit(1782289178.028:324909): avc:  denied  { mmap_zero } for  pid=9770 comm="syz.3.1309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=memprotect permissive=1
[   95.803670][   T42] audit: type=1400 audit(1782289178.098:324910): avc:  denied  { setopt } for  pid=9785 comm="syz.1.1314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   95.811669][   T42] audit: type=1400 audit(1782289178.098:324911): avc:  denied  { read } for  pid=9785 comm="syz.1.1314" path="socket:[25814]" dev="sockfs" ino=25814 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   95.853192][ T9661] usb 5-1: reset low-speed USB device number 3 using dummy_hcd
[   95.873570][ T9661] usb 5-1: device descriptor read/8, error -71
[   95.874179][   T42] audit: type=1400 audit(1782289178.168:324912): avc:  denied  { ioctl } for  pid=9790 comm="syz.3.1316" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0x5871 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   96.117515][ T9800] netlink: 'syz.3.1319': attribute type 4 has an invalid length.
[   96.120234][ T9800] netlink: 'syz.3.1319': attribute type 4 has an invalid length.
[   96.127552][ T9800] Cannot find del_set index 14804 as target
[   96.235688][ T9805] bridge0: port 4(vlan4) entered blocking state
[   96.237644][ T9805] bridge0: port 4(vlan4) entered disabled state
[   96.239631][ T9805] vlan4: entered allmulticast mode
[   96.241380][ T9805] geneve0: entered allmulticast mode
[   96.241437][ T9807] MTD: Attempt to mount non-MTD device "/dev/loop2"
[   96.244390][ T9805] vlan4: entered promiscuous mode
[   96.245354][ T9807] cramfs: wrong magic
[   96.246915][ T9805] geneve0: entered promiscuous mode
[   96.252802][   T42] audit: type=1400 audit(1782289178.538:324913): avc:  denied  { read } for  pid=9806 comm="syz.2.1322" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   96.253599][ T9661] usb 5-1: reset low-speed USB device number 3 using dummy_hcd
[   96.260484][   T42] audit: type=1400 audit(1782289178.538:324914): avc:  denied  { open } for  pid=9806 comm="syz.2.1322" path="/dev/sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   96.271190][ T9807] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9807 comm=syz.2.1322
[   96.272815][ T9809] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1323'.
[   96.282947][ T9809] bond6: entered promiscuous mode
[   96.284826][ T9809] 8021q: adding VLAN 0 to HW filter on device bond6
[   96.292442][ T9809] 8021q: adding VLAN 0 to HW filter on device bond6
[   96.295853][ T9809] bond6: (slave sit1): The slave device specified does not support setting the MAC address
[   96.300590][ T9809] bond6: (slave sit1): Error -95 calling set_mac_address
[   96.322309][ T9811] program syz.2.1322 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   96.325399][ T9811] ata1.00: invalid service action 3
[   96.403643][ T9817] ublk2: read batch cmd buffer failed
[   96.645691][ T9831] tmpfs: User quota block hardlimit too large.
[   96.646405][ T9832] tmpfs: User quota block hardlimit too large.
[   96.741684][ T9839] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1331'.
[   96.744878][ T9839] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1331'.
[   96.944234][ T9856] binder: 9855:9856 unknown command 0
[   96.946366][ T9856] binder: 9855:9856 ioctl c0306201 200000000080 returned -22
[   96.949218][ T9856] binder: 9855:9856 ioctl 4020ae46 200000000200 returned -22
[   97.101137][ T9863] SELinux: security_context_str_to_sid („) failed with errno=-22
[   97.106271][ T9863] xt_CHECKSUM: unsupported CHECKSUM operation 68
[   97.741401][ T9922] x_tables: arp_tables: NFQUEUE target: not valid for this family
[   97.842359][ T9937] tipc: Failed to obtain node identity
[   97.844614][ T9937] tipc: Enabling of bearer <ib:wg0> rejected, failed to enable media
[   97.869634][ T9931] syz.1.1358 (9931): drop_caches: 2
[   97.896983][ T9940] netlink: 'syz.1.1360': attribute type 1 has an invalid length.
[   97.905490][ T9940] bond7: entered promiscuous mode
[   97.907199][ T9940] 8021q: adding VLAN 0 to HW filter on device bond7
[   97.911663][ T9940] __nla_validate_parse: 2 callbacks suppressed
[   97.911676][ T9940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1360'.
[   97.916867][ T9940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1360'.
[   97.950415][ T9943] input: syz1 as /devices/virtual/input/input8
[   98.019589][ T9946] xt_ecn: cannot match TCP bits for non-tcp packets
[   98.044123][ T9948] macsec0: entered allmulticast mode
[   98.046780][ T9948] veth1_macvtap: entered allmulticast mode
[   98.049274][ T9948] macsec0: left allmulticast mode
[   98.051477][ T9948] veth1_macvtap: left allmulticast mode
[   98.172248][ T9959] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1366'.
[   98.183890][ T9959] bond7 (unregistering): Released all slaves
[   98.398347][ T9969] (syz.3.1369,9969,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[   98.401152][ T9969] (syz.3.1369,9969,0):ocfs2_fill_super:1177 ERROR: status = -22
[   98.868743][ T9992] pim6reg: entered allmulticast mode
[   98.972608][ T9999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1378'.
[   98.973351][ T5826] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[   99.051351][T10004] netlink: 'syz.1.1380': attribute type 1 has an invalid length.
[   99.060592][T10004] 8021q: adding VLAN 0 to HW filter on device bond8
[   99.066402][T10004] bond8: (slave syz_tun): Enslaving as a backup interface with an up link
[   99.144007][T10013] dlm: no locking on control device
[   99.147251][T10013] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1382'.
[   99.977743][T10064] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  100.015482][T10074] hpfs: hpfs_map_sector(): read error
[  100.117381][T10086] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1389'.
[  100.180430][T10097] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1394'.
[  100.183393][T10097] netlink: 'syz.1.1394': attribute type 11 has an invalid length.
[  100.186482][T10097] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1394'.
[  100.203514][T10104] virtio-fs: tag </dev/sg0> not found
[  100.234565][T10111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1397'.
[  100.264500][T10115] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1399'.
[  100.435539][T10151] No such timeout policy "syz1"
[  100.717163][   T42] kauditd_printk_skb: 45 callbacks suppressed
[  100.717174][   T42] audit: type=1400 audit(1782289183.008:324960): avc:  denied  { write } for  pid=10169 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  100.747716][   T42] audit: type=1400 audit(1782289183.038:324961): avc:  denied  { write } for  pid=10177 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  100.811783][   T42] audit: type=1400 audit(1782289183.098:324962): avc:  denied  { map } for  pid=10180 comm="syz.2.1412" path="/dev/hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  100.819059][   T42] audit: type=1400 audit(1782289183.108:324963): avc:  denied  { create } for  pid=10180 comm="syz.2.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  100.825565][   T42] audit: type=1400 audit(1782289183.108:324964): avc:  denied  { bind } for  pid=10180 comm="syz.2.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  100.965034][T10198] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.970279][   T42] audit: type=1400 audit(1782289183.258:324965): avc:  denied  { mount } for  pid=10197 comm="syz.2.1416" name="/" dev="autofs" ino=25519 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  100.978162][   T42] audit: type=1400 audit(1782289183.258:324966): avc:  denied  { mounton } for  pid=10197 comm="syz.2.1416" path="/319/file1" dev="autofs" ino=25519 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  100.985478][   T42] audit: type=1400 audit(1782289183.268:324967): avc:  denied  { unmount } for  pid=5733 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  101.010766][T10201] netlink: 'syz.2.1417': attribute type 1 has an invalid length.
[  101.013705][T10202] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1541 sclass=netlink_route_socket pid=10202 comm=syz.2.1417
[  101.018086][T10201] workqueue: Failed to create a rescuer kthread for wq "bond5": -EINTR
[  101.190277][   T42] audit: type=1400 audit(1782289183.478:324968): avc:  denied  { getopt } for  pid=10225 comm="syz.1.1425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  101.226476][   T42] audit: type=1400 audit(1782289183.518:324969): avc:  denied  { read } for  pid=10229 comm="syz.1.1427" path="socket:[27420]" dev="sockfs" ino=27420 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  101.291544][T10239] input: syz1 as /devices/virtual/input/input11
[  101.294479][ T5826] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  101.322543][ T9661] usb 5-1: device descriptor read/8, error -110
[  101.432737][ T9661] cdc_wdm 5-1:1.0: Error autopm - -16
[  101.432863][   T60] usb 5-1: USB disconnect, device number 3
[  101.445299][ T5826] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.449301][ T5826] usb 7-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  101.455813][ T5826] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  101.459248][ T5826] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.462460][ T5826] usb 7-1: Product: syz
[  101.464029][ T5826] usb 7-1: Manufacturer: syz
[  101.465741][ T5826] usb 7-1: SerialNumber: syz
[  101.470183][ T5826] cdc_mbim 7-1:1.0: skipping garbage
[  101.482654][    C2] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:1)
[  101.538603][T10245] fuse: Unknown parameter 'J'
[  101.552380][ T1486] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  101.671711][T10211] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  101.702373][ T1486] usb 6-1: Using ep0 maxpacket: 8
[  101.705499][ T1486] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  101.708336][ T1486] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  101.711731][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  101.715244][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  101.718874][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  101.722262][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  101.725798][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  101.729933][ T1486] usb 6-1: config 168 interface 0 has no altsetting 0
[  101.732822][ T1486] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  101.735115][ T1486] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  101.738462][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  101.741996][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  101.745684][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  101.749120][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  101.752846][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  101.756932][ T1486] usb 6-1: config 168 interface 0 has no altsetting 0
[  101.759790][ T1486] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  101.762090][ T1486] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  101.765549][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  101.768998][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  101.772625][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  101.776081][ T1486] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  101.779502][ T1486] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  101.783592][ T1486] usb 6-1: config 168 interface 0 has no altsetting 0
[  101.787695][ T1486] usb 6-1: string descriptor 0 read error: -22
[  101.789629][ T1486] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  101.792461][ T1486] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.799112][ T1486] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  101.981924][T10305] netlink: 'syz.0.1436': attribute type 2 has an invalid length.
[  101.989385][T10305] : entered promiscuous mode
[  101.999155][   T29] usb 6-1: USB disconnect, device number 2
[  102.016112][T10308] sch_tbf: burst 2 is lower than device syzkaller0 mtu (1500) !
[  102.023078][T10308] syzkaller0: entered promiscuous mode
[  102.024786][T10308] syzkaller0: entered allmulticast mode
[  102.083355][ T5826] cdc_mbim 7-1:1.0: failed GET_NTB_PARAMETERS
[  102.085597][ T5826] cdc_mbim 7-1:1.0: bind() failure
[  102.088155][ T5826] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found
[  102.090091][ T5826] cdc_ncm 7-1:1.1: bind() failure
[  102.093204][ T5826] usb 7-1: USB disconnect, device number 7
[  102.103686][T10307] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  102.304027][T10313] xt_l2tp: missing protocol rule (udp|l2tpip)
[  102.306671][T10313] SELinux:  truncated policydb string identifier
[  102.309146][T10313] SELinux: failed to load policy
[  102.336134][T10320] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  102.339343][T10320] UDF-fs: Scanning with blocksize 2048 failed
[  102.342445][T10320] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  102.345506][T10320] UDF-fs: Scanning with blocksize 4096 failed
[  102.872473][T10351] input: syz0 as /devices/virtual/input/input12
[  102.942533][T10360] __nla_validate_parse: 10 callbacks suppressed
[  102.942549][T10360] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1455'.
[  102.993500][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  102.996685][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  103.050794][T10376] syzkaller1: entered promiscuous mode
[  103.053370][T10376] syzkaller1: entered allmulticast mode
[  103.056511][T10376] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1459'.
[  103.103329][   T60] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  103.106353][   T60] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  103.109316][   T60] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  103.112577][   T60] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  103.114953][   T60] rtc rtc0: __rtc_set_alarm: err=-22
[  103.163496][T10379] random: crng reseeded on system resumption
[  103.196743][T10386] block nbd2: not configured, cannot reconfigure
[  103.229265][T10383] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  103.325702][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.329717][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.333911][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.338162][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.344907][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.351839][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.357401][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.363210][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.363829][T10399] overlayfs: failed lookup in lower (newroot/318, name='file0', err=-40): overlapping layers
[  103.368446][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.375731][T10392] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10392 comm=syz.3.1460
[  103.402472][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.053400][T10061] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.057518][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.060690][ T5841] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.132594][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.135225][   T13] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.339667][T10439] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  104.343949][T10439] iommufd_mock iommufd_mock1: Adding to iommu group 10
[  104.347895][T10439] iommufd_mock iommufd_mock2: Adding to iommu group 11
[  104.452203][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  104.468809][T10454] /dev/sg0: Can't lookup blockdev
[  104.517573][T10464] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  104.673937][T10481] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1493'.
[  104.745050][T10491] netlink: 'syz.3.1496': attribute type 12 has an invalid length.
[  105.330024][T10507] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1499'.
[  105.495164][T10519] comedi comedi3: comedi_config --init_data is deprecated
[  105.690833][T10528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1504'.
[  105.808776][   T42] kauditd_printk_skb: 56 callbacks suppressed
[  105.808789][   T42] audit: type=1400 audit(1782289188.099:325026): avc:  denied  { append } for  pid=10542 comm="syz.3.1509" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  105.819716][   T42] audit: type=1400 audit(1782289188.099:325027): avc:  denied  { ioctl } for  pid=10542 comm="syz.3.1509" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x6446 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  105.982624][   T60] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  106.016336][T10562] overlayfs: failed to resolve './bus': -2
[  106.046956][T10566] binder: 10565:10566 unknown command 0
[  106.049281][T10566] binder: 10565:10566 ioctl c0306201 200000000080 returned -22
[  106.081645][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.086555][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  106.095149][ T8335] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  106.096651][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.098808][ T8335] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  106.101906][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  106.108994][ T8335] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  106.112632][ T8335] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  106.116232][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.118642][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  106.121422][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.125396][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  106.128355][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.130804][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1519'.
[  106.133926][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.137202][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.139801][T10571] netlink: 'syz.3.1519': attribute type 20 has an invalid length.
[  106.522126][   T60] net_ratelimit: 8 callbacks suppressed
[  106.522143][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  106.988238][T10574] syzkaller1: entered promiscuous mode
[  106.990031][T10574] syzkaller1: entered allmulticast mode
[  107.003292][   T42] audit: type=1400 audit(1782813477.303:325028): avc:  denied  { read } for  pid=10576 comm="syz.0.1520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  107.028812][T10580] 9pnet_virtio: no channels available for device syz
[  107.033157][   T42] audit: type=1400 audit(1782813477.333:325029): avc:  denied  { listen } for  pid=10573 comm="syz.3.1522" lport=58319 faddr=::ffff:172.30.0.4 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  107.041522][   T42] audit: type=1400 audit(1782813477.333:325030): avc:  denied  { accept } for  pid=10573 comm="syz.3.1522" lport=58319 faddr=::ffff:172.30.0.4 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  107.051009][   T42] audit: type=1400 audit(1782813477.333:325031): avc:  denied  { write } for  pid=10579 comm="syz.0.1523" name="/" dev="9p" ino=79184863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  107.051355][T10581] 9pnet_virtio: no channels available for device syz
[  107.051357][T10580] 9pnet_virtio: no channels available for device syz
[  107.059067][   T42] audit: type=1400 audit(1782813477.333:325032): avc:  denied  { remove_name } for  pid=10579 comm="syz.0.1523" name="file0" dev="9p" ino=79184869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  107.059102][   T42] audit: type=1400 audit(1782813477.333:325033): avc:  denied  { unlink } for  pid=10579 comm="syz.0.1523" name="file0" dev="9p" ino=79184869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.059127][   T42] audit: type=1400 audit(1782813477.333:325034): avc:  denied  { write } for  pid=10579 comm="syz.0.1523" name="/" dev="9p" ino=79184863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  107.059154][   T42] audit: type=1400 audit(1782813477.333:325035): avc:  denied  { add_name } for  pid=10579 comm="syz.0.1523" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  107.242712][T10022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.245797][   T50] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.248760][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.252462][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.416668][T10602] random: crng reseeded on system resumption
[  107.455694][T10606] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  107.482215][ T8335] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.484914][ T8335] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.574040][   T60] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  107.613276][T10617] loop7: detected capacity change from 0 to 7
[  107.616824][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.620570][    C3] buffer_io_error: 13 callbacks suppressed
[  107.620582][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.626367][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.629984][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.633363][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.637112][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.640380][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.644078][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.647048][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.650915][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.654346][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.658074][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.661573][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.665333][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.668580][T10617] ldm_validate_partition_table(): Disk read failed.
[  107.671572][    C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.675454][    C3] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.678094][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.681994][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.685399][    C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  107.689118][    C2] Buffer I/O error on dev loop7, logical block 0, async page read
[  107.692591][T10617] Dev loop7: unable to read RDB block 0
[  107.695406][T10617]  loop7: unable to read partition table
[  107.697475][T10617] loop7: partition table beyond EOD, truncated
[  107.699749][T10617] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  107.728831][T10621] evm: overlay not supported
[  107.831697][T10614] dvmrp0: entered allmulticast mode
[  107.846685][T10630] syzkaller1: entered promiscuous mode
[  107.849093][T10630] syzkaller1: entered allmulticast mode
[  107.863661][T10634] tmpfs: Bad value for 'mpol'
[  107.892408][    C2] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:1)
[  107.998078][   T50] hid (null): global environment stack underflow
[  108.005548][   T50] hid-generic 616F:20C2607D:F72986D9.0002: global environment stack underflow
[  108.008343][   T50] hid-generic 616F:20C2607D:F72986D9.0002: item 0 1 1 11 parsing failed
[  108.011104][   T50] hid-generic 616F:20C2607D:F72986D9.0002: probe with driver hid-generic failed with error -22
[  108.072634][T10669] __nla_validate_parse: 130 callbacks suppressed
[  108.072658][T10669] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1550'.
[  108.078979][T10669] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1550'.
[  108.082253][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  108.086553][T10669] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1550'.
[  108.091542][T10669] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1550'.
[  108.100816][T10674] netlink: zone id is out of range
[  108.105286][T10674] validate_nla: 122 callbacks suppressed
[  108.105302][T10674] netlink: 'syz.3.1551': attribute type 1 has an invalid length.
[  108.118968][T10674] bond7: entered promiscuous mode
[  108.120715][T10674] bond7: entered allmulticast mode
[  108.124451][T10674] 8021q: adding VLAN 0 to HW filter on device bond7
[  108.135311][T10676] dvmrp0: entered allmulticast mode
[  108.139714][T10674] erspan1: entered allmulticast mode
[  108.147026][T10674] bond7: (slave erspan1): making interface the new active one
[  108.150088][T10674] erspan1: entered promiscuous mode
[  108.153669][T10674] bond7: (slave erspan1): Enslaving as an active interface with an up link
[  108.157925][T10676] netlink: 'syz.0.1552': attribute type 2 has an invalid length.
[  108.160457][T10676] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1552'.
[  108.160686][T10674] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1551'.
[  108.242223][    T9] usb 6-1: Using ep0 maxpacket: 32
[  108.246377][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  108.253545][    T9] usb 6-1: string descriptor 0 read error: -22
[  108.256293][    T9] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e
[  108.259902][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.269767][    T9] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  108.274093][    T9] dw2102: su3000_power_ctrl: 1, initialized 0
[  108.276402][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  108.280373][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  108.285712][    T9] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  108.289470][    T9] usb 6-1: media controller created
[  108.291401][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.293538][    T9] dw2102: i2c transfer failed.
[  108.295252][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.297269][    T9] dw2102: i2c transfer failed.
[  108.299073][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.301110][    T9] dw2102: i2c transfer failed.
[  108.302957][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.304935][    T9] dw2102: i2c transfer failed.
[  108.306656][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.308636][    T9] dw2102: i2c transfer failed.
[  108.310377][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  108.312493][    T9] dw2102: i2c transfer failed.
[  108.314511][    T9] dvb-usb: MAC address: 02:02:02:02:02:02
[  108.319436][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  108.326500][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  108.328391][    T9] dw2102: command 0x0e transfer failed.
[  108.330359][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  108.332624][    T9] dw2102: command 0x0e transfer failed.
[  108.467751][T10614] netlink: 'syz.1.1532': attribute type 61 has an invalid length.
[  108.499936][T10703] fuse: Invalid rootmode
[  108.522098][T10704] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1532'.
[  108.524964][T10704] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1532'.
[  108.593956][T10708] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=2060971424 (131902171136 ns) > initial count (66629916864 ns). Using initial count to start timer.
[  108.642196][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  108.644007][    T9] dw2102: command 0x0e transfer failed.
[  108.645759][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  108.647805][    T9] dw2102: command 0x0e transfer failed.
[  108.649560][    T9] dvb-usb: bulk message failed: -22 (1/0)
[  108.651329][    T9] dw2102: command 0x51 transfer failed.
[  108.653324][T10614] dvb-usb: bulk message failed: -22 (5/0)
[  108.655210][T10614] dw2102: i2c transfer failed.
[  108.665154][    T9] DVB: Unable to find symbol ds3000_attach()
[  108.667133][    T9] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  108.694675][T10714] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  108.695529][T10717] netlink: 'syz.2.1564': attribute type 9 has an invalid length.
[  108.700142][T10717] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  108.713344][    T9] rc_core: IR keymap rc-su3000 not found
[  108.715853][    T9] Registered IR keymap rc-empty
[  108.718591][    T9] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  108.727611][    T9] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input13
[  108.734246][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  108.737252][    T9] dw2102: su3000_power_ctrl: 0, initialized 1
[  108.739922][    T9] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  108.744928][T10723] xt_bpf: check failed: parse error
[  108.746971][    T9] usb 6-1: USB disconnect, device number 3
[  108.758909][T10725] binder: 10724:10725 ioctl 40305828 200000000040 returned -22
[  108.766671][    T9] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  108.781401][T10727] netlink: 'syz.2.1569': attribute type 3 has an invalid length.
[  108.785060][T10727] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1569'.
[  108.789205][T10727] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  108.791339][T10727] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  108.793918][T10727] vhci_hcd vhci_hcd.0: Device attached
[  108.847872][T10727] 9pnet: p9_errstr2errno: server reported unknown error 
[  108.851524][T10728] vhci_hcd: connection closed
[  108.851912][ T5828] vhci_hcd vhci_hcd.2: stop threads
[  108.855167][ T5828] vhci_hcd vhci_hcd.2: release socket
[  108.856824][ T5828] vhci_hcd vhci_hcd.2: disconnect device
[  108.962962][T10747] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  109.123035][T10755] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  109.204039][ T5600] dvmrp0: left allmulticast mode
[  109.251979][T10765] omfs: Invalid superblock (0)
[  109.450573][T10812] netlink: 'syz.1.1591': attribute type 5 has an invalid length.
[  109.472904][T10814] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  109.475651][T10814] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 1th superblock
[  109.478406][T10814] F2FS-fs (nbd1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  109.481326][T10814] F2FS-fs (nbd1): Can't find valid F2FS filesystem in 2th superblock
[  109.573806][T10826] netlink: 'syz.1.1597': attribute type 39 has an invalid length.
[  109.843220][T10826] netlink: 'syz.1.1597': attribute type 39 has an invalid length.
[  109.846354][T10826] netlink: 'syz.1.1597': attribute type 39 has an invalid length.
[  109.849588][T10826] netlink: 'syz.1.1597': attribute type 39 has an invalid length.
[  110.275977][   T34] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  110.279331][   T34] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  110.358646][T10864] tipc: Started in network mode
[  110.360309][T10864] tipc: Node identity 4, cluster identity 4711
[  110.362238][T10864] tipc: Node number set to 4
[  110.424712][T10867] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  110.889631][   T42] kauditd_printk_skb: 29 callbacks suppressed
[  110.889647][   T42] audit: type=1400 audit(1782813481.183:325065): avc:  denied  { bind } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.900473][   T42] audit: type=1400 audit(1782813481.183:325066): avc:  denied  { listen } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.908633][   T42] audit: type=1400 audit(1782813481.183:325067): avc:  denied  { accept } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.916605][   T42] audit: type=1400 audit(1782813481.183:325068): avc:  denied  { setopt } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.924395][   T42] audit: type=1400 audit(1782813481.183:325069): avc:  denied  { read } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.931899][   T42] audit: type=1400 audit(1782813481.183:325070): avc:  denied  { write } for  pid=10884 comm="syz.2.1612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  110.956606][T10895] netdevsim netdevsim1: Firmware load for './file0/../file0/file0' refused, path contains '..' component
[  110.959241][   T42] audit: type=1400 audit(1782813481.253:325071): avc:  denied  { map } for  pid=10887 comm="syz.2.1613" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  110.983790][   T42] audit: type=1400 audit(1782813481.283:325072): avc:  denied  { ioctl } for  pid=10887 comm="syz.2.1613" path="socket:[31799]" dev="sockfs" ino=31799 ioctlcmd=0x941b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  111.025286][   T50] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  111.028142][   T50] hid-generic 0000:0000:0000.0004: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  111.129940][   T42] audit: type=1400 audit(1782813481.423:325073): avc:  denied  { append } for  pid=10906 comm="syz.2.1620" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  111.149417][T10062] workqueue: work func io_tctx_fallback_work enqueued on deprecated workqueue. Use system_{percpu|dfl}_wq instead.
[  111.230834][T10918] input input16: cannot allocate more than FF_MAX_EFFECTS effects
[  111.290573][   T42] audit: type=1400 audit(1782813481.583:325074): avc:  denied  { mounton } for  pid=10928 comm="syz.3.1627" path="/proc/1275/task" dev="proc" ino=31610 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  111.324703][T10933] overlay: Unknown parameter ':'
[  111.621192][T10952] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  111.887921][T10969] CIFS: iocharset name too long
[  112.093640][T10976] overlayfs: failed lookup in lower (newroot/467, name='file1', err=-40): overlapping layers
[  112.098261][T10976] overlayfs: failed lookup in lower (newroot/467, name='file1', err=-40): overlapping layers
[  112.102912][T10976] overlayfs: failed lookup in lower (newroot/467, name='file1', err=-40): overlapping layers
[  112.443766][T11007] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32
[  112.480105][T11025] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  112.485195][T11025] qnx6: wrong signature (magic) in superblock #1.
[  112.487820][T11025] qnx6: unable to read the first superblock
[  112.495050][T11026] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  112.502956][T11026] qnx6: wrong signature (magic) in superblock #1.
[  112.506512][T11026] qnx6: unable to read the first superblock
[  112.790389][T11066] selinux_netlink_send: 1734 callbacks suppressed
[  112.790405][T11066] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11066 comm=syz.3.1666
[  112.843143][T11068] syzkaller0: entered promiscuous mode
[  112.845455][T11068] syzkaller0: entered allmulticast mode
[  112.851389][T11068] tipc: Started in network mode
[  112.853030][T11068] tipc: Node identity c622eb32628, cluster identity 4711
[  112.855359][T11068] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  112.858575][T11067] tipc: Resetting bearer <eth:syzkaller0>
[  112.863237][T11067] tipc: Disabling bearer <eth:syzkaller0>
[  113.043597][ T1135] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1
[  113.045655][ T1135] ata1: failed to read log page 10h (errno=-5)
[  113.047564][ T1135] ata1.00: exception Emask 0x1 SAct 0x800 SErr 0x0 action 0x0
[  113.049887][ T1135] ata1.00: irq_stat 0x40000000
[  113.051488][ T1135] ata1.00: failed command: WRITE FPDMA QUEUED
[  113.053398][ T1135] ata1.00: cmd 61/58:58:36:07:10/00:00:00:00:00/40 tag 11 ncq dma 45056 out
[  113.053398][ T1135]          res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error)
[  113.058595][ T1135] ata1.00: status: { DRDY }
[  113.060751][ T1135] ata1.00: configured for UDMA/100
[  113.062596][ T1135] ata1: EH complete
[  113.069880][T11088] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1ùà^!`lü1&›b¯Þ0xUÐÏ”ÎÜr$åG—•µ
[  113.121478][T11085] validate_nla: 66 callbacks suppressed
[  113.121490][T11085] netlink: 'syz.1.1674': attribute type 1 has an invalid length.
[  113.122278][   T60] IPVS: starting estimator thread 0...
[  113.149531][T11085] bond0: (slave geneve0): making interface the new active one
[  113.153449][T11085] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  113.181098][T11100] __nla_validate_parse: 11 callbacks suppressed
[  113.181110][T11100] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1679'.
[  113.193900][T11104] fuse: Unknown parameter 'guð_id'
[  113.212791][T11094] IPVS: using max 39 ests per chain, 93600 per kthread
[  113.231400][ T5600] bond0 (unregistering): (slave geneve0): Releasing active interface
[  113.236681][ T5600] bond0 (unregistering): Released all slaves
[  113.424858][ T1486] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  113.502950][T11136] 8021q: VLANs not supported on sit0
[  113.541651][T11138] netlink: 'syz.3.1688': attribute type 5 has an invalid length.
[  113.545058][T11139] netlink: 'syz.3.1688': attribute type 5 has an invalid length.
[  113.594035][ T1486] usb 5-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99
[  113.597213][ T1486] usb 5-1: config 0 interface 0 has no altsetting 0
[  113.600715][ T1486] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  113.603660][ T1486] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  113.606306][ T1486] usb 5-1: Product: syz
[  113.607684][ T1486] usb 5-1: Manufacturer: syz
[  113.609168][ T1486] usb 5-1: SerialNumber: syz
[  113.611513][ T1486] usb 5-1: config 0 descriptor??
[  113.614120][T11102] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  113.617970][ T1486] usb 5-1: selecting invalid altsetting 0
[  113.652202][T11147] fuse: fd is not a fuse device
[  113.819257][T11102] block nbd0: NBD_DISCONNECT
[  113.823974][ T1486] usb 5-1: USB disconnect, device number 5
[  114.007474][T11158] IPVS: set_ctl: invalid protocol: 98 224.0.0.1:20001
[  114.013493][T11158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1693'.
[  114.017785][T11158] syzkaller0: entered promiscuous mode
[  114.019975][T11158] syzkaller0: entered allmulticast mode
[  114.024103][T11158] net_ratelimit: 370 callbacks suppressed
[  114.024112][T11158] 0: reclassify loop, rule prio 0, protocol 800
[  114.224253][T11126] overlayfs: statfs failed on './file0'
[  114.341073][T11195] syzkaller1: entered promiscuous mode
[  114.342806][T11195] syzkaller1: entered allmulticast mode
[  114.346111][T11195] netlink: 'syz.3.1702': attribute type 39 has an invalid length.
[  114.491109][T11218] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1705'.
[  114.518511][T11221] ip6gre1: entered promiscuous mode
[  114.520392][T11221] ip6gre1: entered allmulticast mode
[  114.523289][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.524421][T11221] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.526298][   T13] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.553110][ T5841] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.717127][T11230] support for the xor transformation has been removed.
[  114.742193][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.745180][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.747996][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.750808][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.753607][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.756433][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.759054][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1711'.
[  114.803128][ T5841] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  114.809983][T11236] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11236 comm=syz.3.1712
[  115.089801][T11243] tmpfs: Unknown parameter 'grpqubmit'
[  115.503156][ T5841] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  115.523142][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  115.563586][ T5817] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  115.653653][ T5841] usb 6-1: Using ep0 maxpacket: 16
[  115.657338][ T5841] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  115.660961][ T5841] usb 6-1: config 0 has no interface number 0
[  115.665340][ T5841] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  115.674798][   T24] usb 7-1: Using ep0 maxpacket: 8
[  115.679358][ T5841] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  115.687304][   T24] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  115.688875][T11257] netlink: 'syz.0.1718': attribute type 1 has an invalid length.
[  115.692404][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.697791][ T5841] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  115.701580][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  115.705918][ T5841] usb 6-1: Product: syz
[  115.708598][ T5841] usb 6-1: SerialNumber: syz
[  115.709921][   T24] pvrusb2: Hardware description: Terratec Grabster AV400
[  115.714535][   T24] pvrusb2: **********
[  115.716068][ T5841] usb 6-1: config 0 descriptor??
[  115.717713][   T24] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  115.720940][   T24] pvrusb2: Important functionality might not be entirely working.
[  115.724156][ T5841] cm109 6-1:0.8: invalid payload size 0, expected 4
[  115.726315][T11257] bond0: (slave geneve0): making interface the new active one
[  115.726494][   T24] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  115.732207][T11257] bond0: (slave geneve0): Enslaving as an active interface with an up link
[  115.732606][ T5841] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input19
[  115.738877][   T24] pvrusb2: **********
[  115.817972][ T8335] bond0 (unregistering): (slave geneve0): Releasing active interface
[  115.822716][ T8335] bond0 (unregistering): Released all slaves
[  115.859937][T11281] tmpfs: Unknown parameter 'grpqubmit'
[  115.920101][ T2513] pvrusb2: Invalid write control endpoint
[  115.928327][T11254] pvrusb2: Invalid write control endpoint
[  115.942243][   T24] usb 7-1: USB disconnect, device number 8
[  115.947816][ T2513] pvrusb2: Invalid write control endpoint
[  115.947823][ T2513] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  115.947828][ T2513] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  115.947832][ T2513] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  115.947837][ T2513] pvrusb2: Device being rendered inoperable
[  115.947845][T11285] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  115.947861][ T2513] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  115.947877][ T2513] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  115.947892][T11285] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  115.947905][T11285] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  115.948143][ T2513] pvrusb2: Attached sub-driver cx25840
[  115.948150][ T2513] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  115.948155][ T2513] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  116.006094][   T42] kauditd_printk_skb: 33 callbacks suppressed
[  116.006110][   T42] audit: type=1400 audit(1782813486.302:325108): avc:  denied  { ioctl } for  pid=11291 comm="syz.3.1727" path="socket:[35401]" dev="sockfs" ino=35401 ioctlcmd=0x586a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  116.025771][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  116.025825][    T9] usb 6-1: USB disconnect, device number 4
[  116.027902][    C2] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  116.035280][    T9] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  116.044508][   T42] audit: type=1400 audit(1782813486.342:325109): avc:  denied  { setopt } for  pid=11293 comm="syz.0.1728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  116.065889][T11299] bridge_slave_0: left allmulticast mode
[  116.067693][T11299] bridge_slave_0: left promiscuous mode
[  116.069445][T11299] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.074264][T11299] bridge_slave_1: left allmulticast mode
[  116.076301][T11299] bridge_slave_1: left promiscuous mode
[  116.078528][T11299] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.082175][T11300] 9pnet_virtio: no channels available for device syz
[  116.084902][T11299] bond0: (slave bond_slave_0): Releasing backup interface
[  116.088173][T11299] bond0: (slave bond_slave_1): Releasing backup interface
[  116.091743][T11299] team0: Port device team_slave_0 removed
[  116.097142][T11299] team0: Port device team_slave_1 removed
[  116.099546][T11299] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  116.109875][T11299] team0: Port device xfrm0 added
[  116.323280][T11315] block nbd0: server does not support multiple connections per device.
[  116.326338][T11315] block nbd0: shutting down sockets
[  116.469107][T11323] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  116.476089][T11323] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=261 sclass=netlink_audit_socket pid=11323 comm=syz.0.1736
[  116.484128][T11323] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=21 sclass=netlink_audit_socket pid=11323 comm=syz.0.1736
[  116.503300][T11327] ufs: You didn't specify the type of your ufs filesystem
[  116.503300][T11327] 
[  116.503300][T11327] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  116.503300][T11327] 
[  116.503300][T11327] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  116.513395][T11327] ufs: failed to set blocksize
[  116.561122][   T42] audit: type=1400 audit(1782813486.852:325110): avc:  denied  { unmount } for  pid=5732 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  116.584977][   T42] audit: type=1400 audit(1782813486.882:325111): avc:  denied  { accept } for  pid=11331 comm="syz.0.1740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  116.632001][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.635736][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.639342][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.643627][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.647701][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.651817][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.655925][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.659022][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.662134][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.665194][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.669395][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.673995][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.677413][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.680666][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.684126][T11334] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  116.709186][   T42] audit: type=1804 audit(1782813487.002:325112): pid=11351 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1746" name="/newroot/385/file0" dev="tmpfs" ino=2058 res=1 errno=0
[  116.909363][   T42] audit: type=1400 audit(1782813487.202:325113): avc:  denied  { write } for  pid=11361 comm="syz.0.1750" name="/" dev="9p" ino=79184863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  116.916541][   T42] audit: type=1400 audit(1782813487.202:325114): avc:  denied  { unlink } for  pid=11361 comm="syz.0.1750" name="file0" dev="9p" ino=79184869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  116.924917][   T42] audit: type=1400 audit(1782813487.202:325115): avc:  denied  { write } for  pid=11361 comm="syz.0.1750" name="/" dev="9p" ino=79184863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  117.113461][T11364] Invalid ELF header type: 0 != 1
[  117.114380][   T42] audit: type=1400 audit(1782813487.412:325116): avc:  denied  { module_load } for  pid=11363 comm="syz.3.1749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  117.122844][   T42] audit: type=1400 audit(1782813487.412:325117): avc:  denied  { setopt } for  pid=11363 comm="syz.3.1749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  117.178878][T11373] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  117.208403][T11377] fuse: Unknown parameter '‚5?Má÷2™¼d'
[  117.281534][T11384] fuse-io-uring is disabled
[  117.315886][T11389] macsec1: entered promiscuous mode
[  117.318521][T11389] macsec1: entered allmulticast mode
[  117.320467][T11392] random: crng reseeded on system resumption
[  117.442798][T11396] macvlan0: entered promiscuous mode
[  117.558123][T11412] openvswitch: netlink: Actions may not be safe on all matching packets
[  117.646261][T11425] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3863414789 (494517092992 ns) > initial count (433537803264 ns). Using initial count to start timer.
[  117.767578][T11430] SET target dimension over the limit!
[  118.203526][    C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  118.302393][T11455] input: syz0 as /devices/virtual/input/input21
[  118.337804][T11457] 9p: Bad value for 'rfdno'
[  118.525112][T11462] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  118.549005][T11464] program syz.2.1784 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.555918][T11464] mac80211_hwsim hwsim7 syzkaller0: left promiscuous mode
[  118.558204][T11464] mac80211_hwsim hwsim7 syzkaller0: left allmulticast mode
[  119.219430][T11505] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  119.283796][ T8335] bond8: (slave syz_tun): link status definitely down, disabling slave
[  119.408949][T11465] [U] ^A
[  119.548872][T11514] netlink: 'syz.2.1797': attribute type 1 has an invalid length.
[  119.556522][T11514] bond8: entered promiscuous mode
[  119.558610][T11514] bond8: entered allmulticast mode
[  119.560413][T11514] 8021q: adding VLAN 0 to HW filter on device bond8
[  119.566828][T11514] erspan2: entered allmulticast mode
[  119.569827][T11514] bond8: (slave erspan2): making interface the new active one
[  119.572157][T11514] erspan2: entered promiscuous mode
[  119.574909][T11514] bond8: (slave erspan2): Enslaving as an active interface with an up link
[  119.578061][T11514] __nla_validate_parse: 32 callbacks suppressed
[  119.578070][T11514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1797'.
[  119.585032][T11514] bond8 (unregistering): (slave erspan2): Releasing active interface
[  119.587701][T11514] erspan2: left promiscuous mode
[  119.590259][T11514] bond8 (unregistering): Released all slaves
[  119.638183][T11516] syz.2.1797 (11516) used greatest stack depth: 18992 bytes left
[  119.899517][T11534] ipvlan2: entered allmulticast mode
[  119.901307][T11534] veth0_to_bridge: entered allmulticast mode
[  120.000304][T11542] binder: 11541:11542 ioctl c0306201 200000000080 returned -14
[  120.005019][T11542] binder: 11541:11542 ioctl c0306201 2000000003c0 returned -14
[  120.240889][T11567] netlink: 'syz.1.1812': attribute type 2 has an invalid length.
[  120.246458][T11567] : entered promiscuous mode
[  120.374106][T11591] syzkaller1: tun_chr_ioctl cmd 1074025676
[  120.375977][T11591] syzkaller1: owner set to 805
[  120.503324][T11603] tipc: MTU too low for tipc bearer
[  120.757714][T11619] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1829'.
[  120.911969][T11632] NILFS (nbd2): device size too small
[  120.931991][T11634] input: syz1 as /devices/virtual/input/input22
[  120.955342][T11636] overlay: ./file0 is not a directory
[  121.062284][T11636] binder: Bad value for 'max'
[  121.123462][T11646] random: crng reseeded on system resumption
[  121.199437][T11651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1839'.
[  121.312515][T11667] jfs: Unknown parameter 'usrquotaer'
[  121.357149][T11672] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  121.601606][T11679] netlink: 'syz.1.1845': attribute type 2 has an invalid length.
[  121.630859][   T42] kauditd_printk_skb: 13 callbacks suppressed
[  121.630870][   T42] audit: type=1804 audit(1782813491.921:325131): pid=11683 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1846" name="bus" dev="ramfs" ino=38176 res=1 errno=0
[  121.639475][   T42] audit: type=1804 audit(1782813491.921:325132): pid=11685 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.1846" name="bus" dev="ramfs" ino=38176 res=1 errno=0
[  121.687020][T11703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1850'.
[  121.709201][T11708] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  121.733308][   T42] audit: type=1400 audit(1782813492.021:325133): avc:  denied  { associate } for  pid=11713 comm="syz.2.1853" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  121.753479][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1854'.
[  121.756364][T11721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1854'.
[  121.838098][   T42] audit: type=1400 audit(1782813492.131:325134): avc:  denied  { mount } for  pid=11732 comm="syz.2.1859" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  121.846661][   T42] audit: type=1400 audit(1782813492.141:325135): avc:  denied  { unmount } for  pid=5733 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  122.021012][   T42] audit: type=1400 audit(1782813492.311:325136): avc:  denied  { bind } for  pid=11755 comm="syz.1.1867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.026997][   T42] audit: type=1400 audit(1782813492.321:325137): avc:  denied  { listen } for  pid=11755 comm="syz.1.1867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.032833][   T42] audit: type=1400 audit(1782813492.321:325138): avc:  denied  { read } for  pid=11755 comm="syz.1.1867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  122.076150][   T42] audit: type=1400 audit(1782813492.371:325139): avc:  denied  { append } for  pid=11758 comm="syz.2.1868" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  122.084232][T11760] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1867'.
[  122.087646][T11759] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  122.091938][T11760] hsr_slave_1 (unregistering): left promiscuous mode
[  122.129229][T11764] netlink: 'syz.2.1870': attribute type 4 has an invalid length.
[  122.172429][   T42] audit: type=1400 audit(1782813492.461:325140): avc:  denied  { setopt } for  pid=11775 comm="syz.1.1873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  122.830958][T11822] syzkaller0: entered promiscuous mode
[  123.013839][T11839] tipc: Started in network mode
[  123.015911][T11839] tipc: Node identity , cluster identity 4711
[  123.018324][T11839] tipc: Failed to obtain node identity
[  123.020245][T11839] tipc: Enabling of bearer <eth:vxcan1> rejected, failed to enable media
[  123.043698][T11845] syzkaller0: entered promiscuous mode
[  123.047465][T11845] syzkaller0: entered allmulticast mode
[  123.177715][T11853] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1892'.
[  123.180646][T11853] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1892'.
[  123.239640][T11856] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1894'.
[  123.315865][T11862] genirq: Flags mismatch irq 31. 00200000 (pcmmio) vs. 00200000 (virtio0-cursor)
[  123.382178][T11870] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  123.385940][T11870] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  123.389190][T11870] overlayfs: fs on '.' does not support file handles, falling back to xino=off.
[  123.405353][T11870] /dev/sr0: Can't open blockdev
[  123.481695][T11884] kvm_intel: kvm [11883]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0xd
[  123.553796][T11891] xt_socket: unknown flags 0x48
[  123.558664][T11895] netlink: 'syz.1.1907': attribute type 1 has an invalid length.
[  123.566622][T11895] 8021q: adding VLAN 0 to HW filter on device bond9
[  123.576625][T11894] veth5: entered promiscuous mode
[  123.694450][T11912] tmpfs: Bad value for 'huge'
[  123.700882][T11915] 9pnet_fd: p9_fd_create_unix (11915): problem connecting socket: ./file0: -111
[  123.752783][T11917] netlink: 'syz.3.1914': attribute type 12 has an invalid length.
[  123.760872][T11917] netlink: 'syz.3.1914': attribute type 19 has an invalid length.
[  123.764907][T11917] netlink: 'syz.3.1914': attribute type 19 has an invalid length.
[  123.862836][T11925] ------------[ cut here ]------------
[  123.864632][T11925] 1
[  123.864639][T11925] WARNING: mm/page_alloc.c:5280 at __alloc_frozen_pages_noprof+0x2427/0x2dc0, CPU#3: syz.0.1894/11925
[  123.868760][T11925] Modules linked in:
[  123.870238][T11925] CPU: 3 UID: 0 PID: 11925 Comm: syz.0.1894 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  123.873545][T11925] Tainted: [L]=SOFTLOCKUP
[  123.875133][T11925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  123.878306][T11925] RIP: 0010:__alloc_frozen_pages_noprof+0x2427/0x2dc0
[  123.880376][T11925] Code: e9 8d fb ff ff 31 d2 be 28 12 00 00 48 c7 c7 a0 54 c1 8b e8 5b ab 68 ff 2e 2e 2e 31 c0 e9 02 ed ff ff c6 05 f7 70 57 0e 01 90 <0f> 0b 90 e9 6f df ff ff 48 c7 c7 a0 97 93 8e 45 89 f7 44 8b 74 24
[  123.886560][T11925] RSP: 0018:ffffc90003f07728 EFLAGS: 00010246
[  123.888858][T11925] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  123.891540][T11925] RDX: 0000000000000000 RSI: 1ffff920007e0eff RDI: 0000000000040cc0
[  123.894047][T11925] RBP: 0000000000000015 R08: 0000000000000005 R09: 0000000000000009
[  123.896652][T11925] R10: 0000000000000015 R11: 0000000000000001 R12: 0000000000040cc0
[  123.899173][T11925] R13: 1ffff920007e0f3d R14: ffffffff9b24a404 R15: 0000000000000001
[  123.901805][T11925] FS:  00007f3e79dd56c0(0000) GS:ffff8880d65ef000(0000) knlGS:0000000000000000
[  123.904710][T11925] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.906919][T11925] CR2: 00007f3e7bb86480 CR3: 0000000020e12000 CR4: 0000000000352ef0
[  123.909341][T11925] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  123.911913][T11925] DR3: 0000000010000001 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  123.914505][T11925] Call Trace:
[  123.915554][T11925]  <TASK>
[  123.916474][T11925]  ? rcu_is_watching+0x12/0xc0
[  123.918083][T11925]  ? is_bpf_text_address+0x8a/0x1a0
[  123.919697][T11925]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  123.921650][T11925]  ? rcu_is_watching+0x12/0xc0
[  123.923167][T11925]  ? is_bpf_text_address+0x8a/0x1a0
[  123.924927][T11925]  ? lock_release+0x24d/0x310
[  123.926391][T11925]  ? bpf_ksym_find+0x128/0x1c0
[  123.927876][T11925]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  123.929815][T11925]  ? is_bpf_text_address+0x94/0x1a0
[  123.931631][T11925]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  123.933582][T11925]  ? __pfx_widen_string+0x10/0x10
[  123.935228][T11925]  ? __kernel_text_address+0xd/0x30
[  123.936832][T11925]  ? unwind_get_return_address+0x59/0xa0
[  123.938562][T11925]  ? arch_stack_walk+0xa6/0xf0
[  123.940045][T11925]  ? __pfx_stack_trace_save+0x10/0x10
[  123.941744][T11925]  ? stack_depot_save_flags+0x27/0x9d0
[  123.943451][T11925]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  123.945345][T11925]  ? policy_nodemask+0xed/0x4f0
[  123.946871][T11925]  alloc_pages_mpol+0x1fb/0x540
[  123.948382][T11925]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  123.950056][T11925]  ? rcu_is_watching+0x12/0xc0
[  123.951592][T11925]  ___kmalloc_large_node+0xe5/0x120
[  123.953227][T11925]  __kmalloc_large_node_noprof+0x1c/0x70
[  123.955037][T11925]  __kmalloc_noprof+0x5a1/0x820
[  123.956555][T11925]  ? drm_syncobj_array_find+0x34/0x3a0
[  123.958273][T11925]  drm_syncobj_array_find+0x34/0x3a0
[  123.959918][T11925]  ? trace_irq_enable.constprop.0+0x122/0x160
[  123.961830][T11925]  drm_syncobj_timeline_wait_ioctl+0x236/0x390
[  123.963735][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  123.965929][T11925]  ? lock_acquire+0x301/0x370
[  123.967383][T11925]  ? drm_dev_exit+0x41/0x60
[  123.968795][T11925]  ? drm_dev_exit+0x41/0x60
[  123.970269][T11925]  ? lock_release+0x24d/0x310
[  123.971760][T11925]  drm_ioctl_kernel+0x1f3/0x3e0
[  123.973262][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  123.975452][T11925]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  123.977109][T11925]  drm_ioctl+0x5e6/0xc60
[  123.978474][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  123.980611][T11925]  ? __pfx_drm_ioctl+0x10/0x10
[  123.982122][T11925]  ? rcu_is_watching+0x12/0xc0
[  123.983675][T11925]  ? selinux_file_ioctl+0x13b/0x290
[  123.985290][T11925]  ? selinux_file_ioctl+0xb6/0x290
[  123.986855][T11925]  ? __pfx_drm_ioctl+0x10/0x10
[  123.988310][T11925]  __x64_sys_ioctl+0x18e/0x210
[  123.989794][T11925]  do_syscall_64+0x115/0x870
[  123.991264][T11925]  ? clear_bhb_loop+0x40/0x90
[  123.992746][T11925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.994633][T11925] RIP: 0033:0x7f3e7bb9ce59
[  123.996025][T11925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  124.001934][T11925] RSP: 002b:00007f3e79dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.004582][T11925] RAX: ffffffffffffffda RBX: 00007f3e7be16090 RCX: 00007f3e7bb9ce59
[  124.007121][T11925] RDX: 0000200000000200 RSI: 00000000c03064ca RDI: 0000000000000001
[  124.009666][T11925] RBP: 00007f3e7bc32e6f R08: 0000000000000000 R09: 0000000000000000
[  124.012200][T11925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.014747][T11925] R13: 00007f3e7be16128 R14: 00007f3e7be16090 R15: 00007ffe7ed6c208
[  124.017165][T11925]  </TASK>
[  124.018151][T11925] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  124.020402][T11925] CPU: 3 UID: 0 PID: 11925 Comm: syz.0.1894 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  124.023730][T11925] Tainted: [L]=SOFTLOCKUP
[  124.025055][T11925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  124.028135][T11925] Call Trace:
[  124.029177][T11925]  <TASK>
[  124.030114][T11925]  dump_stack_lvl+0x100/0x190
[  124.031695][T11925]  vpanic+0x552/0x970
[  124.032939][T11925]  ? __pfx_vpanic+0x10/0x10
[  124.034351][T11925]  ? lock_release+0x24d/0x310
[  124.035824][T11925]  panic+0xd1/0xe0
[  124.037014][T11925]  ? __pfx_panic+0x10/0x10
[  124.038491][T11925]  check_panic_on_warn.cold+0x19/0x34
[  124.040213][T11925]  ? __alloc_frozen_pages_noprof+0x2427/0x2dc0
[  124.042198][T11925]  __warn.cold+0x191/0x318
[  124.043649][T11925]  __report_bug+0x30f/0x440
[  124.045215][T11925]  ? __alloc_frozen_pages_noprof+0x2427/0x2dc0
[  124.047157][T11925]  ? __pfx___report_bug+0x10/0x10
[  124.048711][T11925]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  124.050396][T11925]  ? stack_depot_save_flags+0x479/0x9d0
[  124.052135][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.053626][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.055192][T11925]  ? trace_irq_enable.constprop.0+0x122/0x160
[  124.057069][T11925]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  124.058892][T11925]  ? __alloc_frozen_pages_noprof+0x2427/0x2dc0
[  124.060832][T11925]  report_bug+0xb2/0x220
[  124.062224][T11925]  ? __alloc_frozen_pages_noprof+0x2427/0x2dc0
[  124.064108][T11925]  handle_bug+0x16a/0x2a0
[  124.065446][T11925]  exc_invalid_op+0x17/0x50
[  124.066855][T11925]  asm_exc_invalid_op+0x1a/0x20
[  124.068408][T11925] RIP: 0010:__alloc_frozen_pages_noprof+0x2427/0x2dc0
[  124.070498][T11925] Code: e9 8d fb ff ff 31 d2 be 28 12 00 00 48 c7 c7 a0 54 c1 8b e8 5b ab 68 ff 2e 2e 2e 31 c0 e9 02 ed ff ff c6 05 f7 70 57 0e 01 90 <0f> 0b 90 e9 6f df ff ff 48 c7 c7 a0 97 93 8e 45 89 f7 44 8b 74 24
[  124.076468][T11925] RSP: 0018:ffffc90003f07728 EFLAGS: 00010246
[  124.078342][T11925] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  124.080790][T11925] RDX: 0000000000000000 RSI: 1ffff920007e0eff RDI: 0000000000040cc0
[  124.083260][T11925] RBP: 0000000000000015 R08: 0000000000000005 R09: 0000000000000009
[  124.085660][T11925] R10: 0000000000000015 R11: 0000000000000001 R12: 0000000000040cc0
[  124.088053][T11925] R13: 1ffff920007e0f3d R14: ffffffff9b24a404 R15: 0000000000000001
[  124.090483][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.092001][T11925]  ? is_bpf_text_address+0x8a/0x1a0
[  124.093600][T11925]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  124.095541][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.097084][T11925]  ? is_bpf_text_address+0x8a/0x1a0
[  124.098691][T11925]  ? lock_release+0x24d/0x310
[  124.100158][T11925]  ? bpf_ksym_find+0x128/0x1c0
[  124.101651][T11925]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  124.103537][T11925]  ? is_bpf_text_address+0x94/0x1a0
[  124.105133][T11925]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  124.107063][T11925]  ? __pfx_widen_string+0x10/0x10
[  124.108605][T11925]  ? __kernel_text_address+0xd/0x30
[  124.110212][T11925]  ? unwind_get_return_address+0x59/0xa0
[  124.111931][T11925]  ? arch_stack_walk+0xa6/0xf0
[  124.113455][T11925]  ? __pfx_stack_trace_save+0x10/0x10
[  124.115145][T11925]  ? stack_depot_save_flags+0x27/0x9d0
[  124.116816][T11925]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  124.118643][T11925]  ? policy_nodemask+0xed/0x4f0
[  124.120161][T11925]  alloc_pages_mpol+0x1fb/0x540
[  124.121707][T11925]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  124.123353][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.124836][T11925]  ___kmalloc_large_node+0xe5/0x120
[  124.126434][T11925]  __kmalloc_large_node_noprof+0x1c/0x70
[  124.128142][T11925]  __kmalloc_noprof+0x5a1/0x820
[  124.129647][T11925]  ? drm_syncobj_array_find+0x34/0x3a0
[  124.131428][T11925]  drm_syncobj_array_find+0x34/0x3a0
[  124.133107][T11925]  ? trace_irq_enable.constprop.0+0x122/0x160
[  124.135083][T11925]  drm_syncobj_timeline_wait_ioctl+0x236/0x390
[  124.137061][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  124.139131][T11925]  ? lock_acquire+0x301/0x370
[  124.140648][T11925]  ? drm_dev_exit+0x41/0x60
[  124.142082][T11925]  ? drm_dev_exit+0x41/0x60
[  124.143494][T11925]  ? lock_release+0x24d/0x310
[  124.144951][T11925]  drm_ioctl_kernel+0x1f3/0x3e0
[  124.146474][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  124.148565][T11925]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  124.150276][T11925]  drm_ioctl+0x5e6/0xc60
[  124.151612][T11925]  ? __pfx_drm_syncobj_timeline_wait_ioctl+0x10/0x10
[  124.153655][T11925]  ? __pfx_drm_ioctl+0x10/0x10
[  124.155167][T11925]  ? rcu_is_watching+0x12/0xc0
[  124.156653][T11925]  ? selinux_file_ioctl+0x13b/0x290
[  124.158268][T11925]  ? selinux_file_ioctl+0xb6/0x290
[  124.159841][T11925]  ? __pfx_drm_ioctl+0x10/0x10
[  124.161349][T11925]  __x64_sys_ioctl+0x18e/0x210
[  124.162834][T11925]  do_syscall_64+0x115/0x870
[  124.164225][T11925]  ? clear_bhb_loop+0x40/0x90
[  124.165648][T11925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.167440][T11925] RIP: 0033:0x7f3e7bb9ce59
[  124.168759][T11925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  124.174540][T11925] RSP: 002b:00007f3e79dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.177072][T11925] RAX: ffffffffffffffda RBX: 00007f3e7be16090 RCX: 00007f3e7bb9ce59
[  124.179488][T11925] RDX: 0000200000000200 RSI: 00000000c03064ca RDI: 0000000000000001
[  124.181940][T11925] RBP: 00007f3e7bc32e6f R08: 0000000000000000 R09: 0000000000000000
[  124.184337][T11925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.186755][T11925] R13: 00007f3e7be16128 R14: 00007f3e7be16090 R15: 00007ffe7ed6c208
[  124.189188][T11925]  </TASK>
[  124.190851][T11925] Kernel Offset: disabled
[  124.192194][T11925] Rebooting in 86400 seconds..