last executing test programs:

6.601024484s ago: executing program 3 (id=20):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
r2 = dup3(r1, r0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000380)={0x41, 0x0, 0x2}, 0x10)

6.578153015s ago: executing program 3 (id=22):
socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

5.583752731s ago: executing program 3 (id=26):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
ioctl$USBDEVFS_CLAIM_PORT(r1, 0x80045518, 0x0)

5.434679883s ago: executing program 3 (id=27):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

5.03917578s ago: executing program 4 (id=33):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3}, 0x0, &(0x7f00000005c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
io_destroy(0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
close(0xffffffffffffffff)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x560e, &(0x7f0000000140))
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000000))

4.894450452s ago: executing program 3 (id=34):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

4.894112882s ago: executing program 3 (id=35):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(r0, 0x8, &(0x7f00000001c0)=0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x54}}, 0x24000000)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x34, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000180), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
bind$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, @none, 0xff}, 0xa)
connect$bt_rfcomm(r4, &(0x7f00000000c0)={0x1f, @none, 0x6}, 0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ptrace(0x10, 0x1)
syz_open_procfs(0xffffffffffffffff, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)

4.532914688s ago: executing program 1 (id=37):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12)
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mlock(&(0x7f0000002000/0x1000)=nil, 0x1000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0)

4.435939549s ago: executing program 1 (id=39):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00')

3.982330977s ago: executing program 4 (id=40):
ioperm(0x9, 0x5, 0xd72)
getgid()

3.981978927s ago: executing program 0 (id=41):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\x86\xa7\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000080)=""/38, 0x26)
getdents(r1, &(0x7f0000000180)=""/64, 0x40)

3.957029957s ago: executing program 4 (id=43):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$peeksig(0x4209, r3, &(0x7f0000000140)={0x0, 0x1}, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000001c0)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)

2.383948622s ago: executing program 1 (id=49):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001140), 0x8200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x38, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="0f0d51f40f01d10fc75800c7b3340010100f73e100b800008ec0640f017400aa26b9e408000066b81f6269e766ba000000000f30653e0f01c50c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x54}], 0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.250521984s ago: executing program 1 (id=51):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x48, r1, 0x5, 0x70bd2a, 0x2040000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x37}, @NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x474}, @NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL={0x6, 0x19, 0x6}, @NL80211_MESHCONF_HWMP_ROOTMODE={0x5}, @NL80211_MESHCONF_GATE_ANNOUNCEMENTS={0x5}]}]}, 0x48}}, 0x4000010)

2.250297824s ago: executing program 2 (id=52):
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='gfs2\x00', 0x10, 0x0)

2.250210684s ago: executing program 2 (id=53):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
unshare(0x22020600)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)

2.241750945s ago: executing program 1 (id=54):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x107042, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r5, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, 0x0)
read(r5, &(0x7f00000013c0)=""/4089, 0xff9)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2)
ioctl$sock_SIOCADDDLCI(r4, 0x8980, 0x0)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(0xffffffffffffffff)
mprotect(&(0x7f000032a000/0x2000)=nil, 0x2000, 0x8)

2.164437515s ago: executing program 2 (id=55):
io_setup(0x6, &(0x7f00000000c0)=<r0=>0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_async', 0x1a1081, 0x0)
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000001500)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000100)='9', 0x20000108}])

1.598486944s ago: executing program 2 (id=56):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000400)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50, 0xf8}, {0x6, 0x2}]}, 0x10)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0xffffffff, @dev, 0x9}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

1.598248755s ago: executing program 2 (id=57):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/81, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)

1.348080718s ago: executing program 1 (id=58):
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000052e8e510b1134200c4dc0102030109021b000100000000090444"], 0x0)

896.922336ms ago: executing program 4 (id=59):
ppoll(&(0x7f0000000180)=[{0xffffffffffffffff, 0x1}], 0xfdfe, 0x0, 0x0, 0x0)

834.435167ms ago: executing program 4 (id=60):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x3a)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r5 = fsmount(r0, 0x0, 0x0)
openat$cgroup_ro(r5, 0x0, 0x275a, 0x0)

394.517454ms ago: executing program 2 (id=61):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e29, 0xffffffff, @mcast2, 0xb}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

394.258854ms ago: executing program 0 (id=62):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x4000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
sendmmsg(r0, &(0x7f0000000180), 0x4000190, 0x0)

363.408294ms ago: executing program 0 (id=63):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008702"])

298.438755ms ago: executing program 0 (id=64):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x2000000000000019, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18)
execve(0x0, 0x0, 0x0)

298.203955ms ago: executing program 0 (id=65):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

250.647846ms ago: executing program 0 (id=66):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_emit_ethernet(0x8c, &(0x7f0000000280)=ANY=[@ANYBLOB="bbbbbbbbbb"], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000980)=[@text32={0x20, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xb, 0xf, 0x9, '\x00', 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 4 (id=67):
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x1, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
close(r0)

0s ago: executing program 4 (id=70):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7}, {}, 0x0, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac13000100000000000000000000000000000000000000000a0042"], 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.134' (ED25519) to the list of known hosts.
[   20.058798][   T23] audit: type=1400 audit(1745227848.690:66): avc:  denied  { mounton } for  pid=342 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   20.060125][  T342] cgroup1: Unknown subsys name 'net'
[   20.081277][   T23] audit: type=1400 audit(1745227848.690:67): avc:  denied  { mount } for  pid=342 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.086600][  T342] cgroup1: Unknown subsys name 'net_prio'
[   20.113929][  T342] cgroup1: Unknown subsys name 'devices'
[   20.120121][   T23] audit: type=1400 audit(1745227848.750:68): avc:  denied  { unmount } for  pid=342 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.288280][  T342] cgroup1: Unknown subsys name 'hugetlb'
[   20.294032][  T342] cgroup1: Unknown subsys name 'rlimit'
[   20.490579][   T23] audit: type=1400 audit(1745227849.120:69): avc:  denied  { setattr } for  pid=342 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=10767 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   20.513809][   T23] audit: type=1400 audit(1745227849.120:70): avc:  denied  { mounton } for  pid=342 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   20.519488][  T346] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   20.538853][   T23] audit: type=1400 audit(1745227849.120:71): avc:  denied  { mount } for  pid=342 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   20.570374][   T23] audit: type=1400 audit(1745227849.170:72): avc:  denied  { read } for  pid=146 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   20.592064][   T23] audit: type=1400 audit(1745227849.180:73): avc:  denied  { relabelto } for  pid=346 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
Setting up swapspace version 1, size = 127995904 bytes
[   20.617614][   T23] audit: type=1400 audit(1745227849.180:74): avc:  denied  { write } for  pid=346 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.644774][   T23] audit: type=1400 audit(1745227849.270:75): avc:  denied  { read } for  pid=342 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.675645][  T342] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.196703][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.203695][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.211245][  T354] device bridge_slave_0 entered promiscuous mode
[   21.219128][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.226110][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.233156][  T354] device bridge_slave_1 entered promiscuous mode
[   21.291295][  T356] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.298269][  T356] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.305368][  T356] device bridge_slave_0 entered promiscuous mode
[   21.312450][  T356] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.319325][  T356] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.326556][  T356] device bridge_slave_1 entered promiscuous mode
[   21.383053][  T358] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.390035][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.397395][  T358] device bridge_slave_0 entered promiscuous mode
[   21.405486][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.412377][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.419657][  T358] device bridge_slave_1 entered promiscuous mode
[   21.457763][  T355] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.464614][  T355] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.471981][  T355] device bridge_slave_0 entered promiscuous mode
[   21.493868][  T355] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.500752][  T355] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.508038][  T355] device bridge_slave_1 entered promiscuous mode
[   21.553469][  T357] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.561110][  T357] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.568390][  T357] device bridge_slave_0 entered promiscuous mode
[   21.575108][  T357] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.582012][  T357] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.589236][  T357] device bridge_slave_1 entered promiscuous mode
[   21.637073][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.644225][  T354] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.651532][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.658391][  T354] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.677242][  T356] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.684115][  T356] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.691253][  T356] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.698094][  T356] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.730578][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.737437][  T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.744531][  T358] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.751328][  T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.770488][  T355] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.777429][  T355] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.784519][  T355] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.791333][  T355] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.808989][  T103] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.816067][  T103] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.823069][  T103] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.830251][  T103] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.837442][  T103] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.844398][  T103] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.852021][  T103] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.858955][  T103] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.866513][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.873668][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.906950][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.915232][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.922092][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.929246][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.937645][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.944463][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.961787][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.981983][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.989746][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.998445][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.005260][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.012828][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.021019][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.027862][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.035004][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.043487][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.050802][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.059910][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.069829][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.102330][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.110455][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.118914][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.125736][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.134041][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.141815][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.149697][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.157492][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.165180][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.179271][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.207485][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.217391][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.225302][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.232067][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.240132][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.248373][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.256423][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.263235][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.270627][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.278823][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.286837][  T103] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.293653][  T103] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.300956][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.309168][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.317175][  T103] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.323990][  T103] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.331198][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.339265][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.347071][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.354833][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.362717][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   22.380059][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.388476][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.396850][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.404461][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.425371][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.433802][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.441852][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.450265][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.458061][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   22.466077][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.473778][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.481901][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.491766][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.500217][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.518434][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.526854][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.534886][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.542682][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.550527][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.558952][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.572615][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.580681][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.589070][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.597257][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.609633][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.617862][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.645896][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.654110][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.663174][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.663361][  T354] request_module fs-gadgetfs succeeded, but still no fs?
[   22.671269][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.686711][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.694462][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.702319][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.703780][  T378] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   22.710452][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.758345][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.767081][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.775301][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.784524][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.793739][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.802303][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.811707][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.820090][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.828642][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.837180][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.850597][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.859184][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.868172][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.876484][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.896210][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.908869][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.920140][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.928349][  T103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.946624][  T383] ======================================================
[   22.946624][  T383] WARNING: the mand mount option is being deprecated and
[   22.946624][  T383]          will be removed in v5.15!
[   22.946624][  T383] ======================================================
[   23.026182][  T386] EXT4-fs (loop0): Test dummy encryption mode enabled
[   23.035981][  T386] EXT4-fs: Warning: mounting with data=journal disables delayed allocation and O_DIRECT support!
[   23.049210][  T383] EXT4-fs (loop3): 1 orphan inode deleted
[   23.054879][  T383] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,
[   23.055088][  T383] ext4 filesystem being mounted at /1/file1 supports timestamps until (%ptR?) (0x7fffffff)
[   23.128467][  T386] EXT4-fs (loop0): 1 orphan inode deleted
[   23.275852][  T386] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,test_dummy_encryption=v1,noquota,errors=remount-ro,inlinecrypt,barrier,noquota,minixdf,
[   23.295574][  T386] ext4 filesystem being mounted at /0/file0 supports timestamps until (%ptR?) (0x7fffffff)
[   23.409548][  T403] bridge0: port 3(gretap0) entered blocking state
[   23.415866][  T403] bridge0: port 3(gretap0) entered disabled state
[   23.424733][  T403] device gretap0 entered promiscuous mode
[   23.430968][  T403] bridge0: port 3(gretap0) entered blocking state
[   23.437214][  T403] bridge0: port 3(gretap0) entered forwarding state
[   23.705935][    T5] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   23.950483][  T386] netlink: 'syz.0.1': attribute type 4 has an invalid length.
[   23.958008][  T386] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1'.
[   24.027453][  T386] syz.0.1 (386) used greatest stack depth: 21488 bytes left
[   24.140026][    T5] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   24.154631][    T5] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   24.168566][    T5] usb 2-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[   24.178916][    T5] usb 2-1: config 0 interface 0 has no altsetting 0
[   24.186122][    T5] usb 2-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[   24.195587][    T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   24.205066][    T5] usb 2-1: config 0 descriptor??
[   24.475914][  T345] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   24.687956][    T5] uclogic 0003:2179:0077.0001: No inputs registered, leaving
[   24.699981][    T5] uclogic 0003:2179:0077.0001: hidraw0: USB HID v0.0b Device [HID 2179:0077] on usb-dummy_hcd.1-1/input0
[   24.716570][  T345] usb 1-1: Using ep0 maxpacket: 16
[   25.013308][   T18] usb 2-1: USB disconnect, device number 2
[   25.395925][  T345] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[   25.404991][  T345] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   25.722006][  T345] usb 1-1: Product: syz
[   25.726062][  T345] usb 1-1: Manufacturer: syz
[   25.730609][  T345] usb 1-1: SerialNumber: syz
[   25.838833][  T345] usb 1-1: config 0 descriptor??
[   25.850471][   T23] kauditd_printk_skb: 58 callbacks suppressed
[   25.850491][   T23] audit: type=1400 audit(1745227854.470:134): avc:  denied  { write } for  pid=469 comm="syz.3.26" name="001" dev="devtmpfs" ino=10694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   25.897714][   T23] audit: type=1326 audit(1745227854.530:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c528b169 code=0x7ffc0000
[   25.921504][   T23] audit: type=1326 audit(1745227854.530:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c528b169 code=0x7ffc0000
[   25.945114][  T345] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[   25.952941][   T23] audit: type=1326 audit(1745227854.530:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   25.976264][   T23] audit: type=1326 audit(1745227854.530:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c528b169 code=0x7ffc0000
[   26.012491][   T23] audit: type=1326 audit(1745227854.530:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   26.037613][   T23] audit: type=1326 audit(1745227854.530:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   26.103351][  T465] syz.2.23 (465) used greatest stack depth: 21136 bytes left
[   26.121187][   T23] audit: type=1326 audit(1745227854.530:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   26.149738][  T382] usb 1-1: USB disconnect, device number 2
[   26.158411][   T23] audit: type=1326 audit(1745227854.530:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   26.186251][   T23] audit: type=1326 audit(1745227854.530:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=472 comm="syz.3.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f09c5227359 code=0x7ffc0000
[   26.907486][  T507] 
[   26.909741][  T507] **********************************************************
[   26.917205][  T507] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[   26.924483][  T507] **                                                      **
[   26.931909][  T507] ** trace_printk() being used. Allocating extra memory.  **
[   26.942790][  T507] **                                                      **
[   26.951334][  T507] ** This means that this is a DEBUG kernel and it is     **
[   26.961338][  T507] ** unsafe for production use.                           **
[   26.969841][  T507] **                                                      **
[   26.978964][  T507] ** If you see this message and you are not debugging    **
[   26.987359][  T507] ** the kernel, report this immediately to your vendor!  **
[   27.040041][  T507] **                                                      **
[   27.049383][  T507] **   NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE   **
[   27.058569][  T507] **********************************************************
[   27.865877][  T483] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   28.205841][  T483] usb 5-1: Using ep0 maxpacket: 16
[   28.327427][  T533] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[   28.416152][  T483] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   28.443112][  T483] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[   28.511092][  T483] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   28.554136][  T483] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   28.662568][  T483] usb 5-1: config 0 descriptor??
[   28.710468][  T483] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[   29.736093][  T555] syz.2.56 (555) used greatest stack depth: 20456 bytes left
[   30.245829][  T382] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   30.444192][  T483] usb 5-1: USB disconnect, device number 2
[   30.545837][  T382] usb 2-1: Using ep0 maxpacket: 16
[   30.686027][  T382] usb 2-1: config 0 has an invalid interface number: 68 but max is 0
[   30.712107][  T382] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   30.837618][  T382] usb 2-1: config 0 has no interface number 0
[   31.035928][  T382] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[   31.048722][  T382] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   31.060790][  T382] usb 2-1: Product: syz
[   31.066919][  T382] usb 2-1: Manufacturer: syz
[   31.074565][  T382] usb 2-1: SerialNumber: syz
[   31.083788][  T382] usb 2-1: config 0 descriptor??
[   31.315941][  T345] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   31.330310][  T382] usb 2-1: USB disconnect, device number 3
[   31.336000][   T23] kauditd_printk_skb: 880 callbacks suppressed
[   31.336011][   T23] audit: type=1400 audit(1745227859.960:1024): avc:  denied  { setopt } for  pid=587 comm="syz.4.67" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   31.373318][   T23] audit: type=1400 audit(1745227860.000:1025): avc:  denied  { create } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.377078][  T594] ==================================================================
[   31.393181][   T23] audit: type=1400 audit(1745227860.000:1026): avc:  denied  { setopt } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.400224][  T594] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[   31.400234][  T594] Read of size 1 at addr ffff8881e48333d8 by task syz.4.70/594
[   31.400236][  T594] 
[   31.400248][  T594] CPU: 0 PID: 594 Comm: syz.4.70 Not tainted 5.4.290-syzkaller #0
[   31.400253][  T594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   31.400257][  T594] Call Trace:
[   31.400271][  T594]  dump_stack+0x1d8/0x241
[   31.400284][  T594]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   31.400294][  T594]  ? vprintk_func+0x189/0x1d0
[   31.400310][  T594]  ? printk+0xd1/0x111
[   31.419879][   T23] audit: type=1400 audit(1745227860.000:1027): avc:  denied  { write } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   31.428172][  T594]  ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[   31.428184][  T594]  print_address_description+0x8c/0x600
[   31.428194][  T594]  ? panic+0x89d/0x89d
[   31.428212][  T594]  ? stack_trace_save+0x118/0x1c0
[   31.435889][   T23] audit: type=1400 audit(1745227860.010:1028): avc:  denied  { create } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.437719][  T594]  ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[   31.437734][  T594]  __kasan_report+0xf3/0x120
[   31.445372][   T23] audit: type=1400 audit(1745227860.010:1029): avc:  denied  { write } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.455250][  T594]  ? xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[   31.455262][  T594]  kasan_report+0x30/0x60
[   31.455273][  T594]  __asan_report_load1_noabort+0x14/0x20
[   31.455288][  T594]  xfrm_policy_inexact_list_reinsert+0x5b0/0x660
[   31.458856][   T23] audit: type=1400 audit(1745227860.010:1030): avc:  denied  { nlmsg_write } for  pid=593 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   31.462534][  T594]  ? __kasan_kmalloc+0x171/0x210
[   31.462543][  T594]  ? kasan_kmalloc+0x9/0x10
[   31.462558][  T594]  ? xfrm_policy_addr_delta+0x252/0x350
[   31.468553][   T23] audit: type=1400 audit(1745227860.010:1031): avc:  denied  { append } for  pid=146 comm="syslogd" name="messages" dev="tmpfs" ino=9611 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   31.472810][  T594]  xfrm_policy_inexact_insert_node+0x923/0xb10
[   31.472823][  T594]  ? xfrm_policy_inexact_alloc_bin+0x5b7/0x1410
[   31.472838][  T594]  xfrm_policy_inexact_alloc_chain+0x4ec/0xaf0
[   31.477208][   T23] audit: type=1400 audit(1745227860.010:1032): avc:  denied  { open } for  pid=146 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9611 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   31.495652][  T594]  xfrm_policy_inexact_insert+0x6a/0x1160
[   31.495666][  T594]  ? __kasan_check_write+0x14/0x20
[   31.495675][  T594]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   31.495685][  T594]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[   31.495694][  T594]  ? policy_hash_bysel+0x137/0x700
[   31.495714][  T594]  ? memcpy+0x49/0x60
[   31.502477][   T23] audit: type=1400 audit(1745227860.010:1033): avc:  denied  { getattr } for  pid=146 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9611 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   31.507361][  T594]  xfrm_policy_insert+0xe7/0x940
[   31.507373][  T594]  xfrm_add_policy+0x4f2/0x980
[   31.507388][  T594]  ? cap_capable+0x1ce/0x270
[   31.751722][  T594]  ? xfrm_dump_sa_done+0xc0/0xc0
[   31.756495][  T594]  ? __nla_parse+0x41/0x50
[   31.760740][  T594]  xfrm_user_rcv_msg+0x689/0x9b0
[   31.765521][  T594]  ? xfrm_netlink_rcv+0x90/0x90
[   31.770207][  T594]  ? avc_has_perm+0x16f/0x260
[   31.774729][  T594]  ? __kmalloc_track_caller+0x10d/0x2c0
[   31.780099][  T594]  ? __alloc_skb+0xbc/0x4f0
[   31.784527][  T594]  netlink_rcv_skb+0x1d5/0x420
[   31.789127][  T594]  ? xfrm_netlink_rcv+0x90/0x90
[   31.793814][  T594]  ? nla_put_string+0x40/0x40
[   31.798329][  T594]  ? mutex_trylock+0xa0/0xa0
[   31.802764][  T594]  ? __netlink_lookup+0x385/0x3b0
[   31.807615][  T594]  xfrm_netlink_rcv+0x72/0x90
[   31.812128][  T594]  netlink_unicast+0x936/0xb20
[   31.816733][  T594]  ? netlink_detachskb+0x90/0x90
[   31.821504][  T594]  ? security_netlink_send+0x7b/0xa0
[   31.826623][  T594]  netlink_sendmsg+0xa46/0xd00
[   31.831234][  T594]  ? netlink_getsockopt+0x550/0x550
[   31.836286][  T594]  ? import_iovec+0x1bb/0x380
[   31.840791][  T594]  ? security_socket_sendmsg+0x82/0xb0
[   31.846086][  T594]  ? netlink_getsockopt+0x550/0x550
[   31.851108][  T594]  ____sys_sendmsg+0x5ac/0x8f0
[   31.855712][  T594]  ? _copy_from_user+0xaa/0xe0
[   31.860580][  T594]  ? __sys_sendmsg_sock+0x2b0/0x2b0
[   31.865612][  T594]  ? kmem_cache_alloc+0xe0/0x260
[   31.870392][  T594]  __sys_sendmsg+0x28b/0x380
[   31.874814][  T594]  ? ____sys_sendmsg+0x8f0/0x8f0
[   31.879583][  T594]  ? check_preemption_disabled+0x153/0x320
[   31.885221][  T594]  ? __do_page_fault+0x736/0xb90
[   31.890001][  T594]  ? __kasan_check_read+0x11/0x20
[   31.894859][  T594]  __x64_sys_sendmsg+0x7f/0x90
[   31.899451][  T594]  do_syscall_64+0xd8/0x170
[   31.903789][  T594]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   31.909517][  T594] RIP: 0033:0x7f420fb42169
[   31.913770][  T594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.933214][  T594] RSP: 002b:00007f420e1ab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   31.941458][  T594] RAX: ffffffffffffffda RBX: 00007f420fd69fa0 RCX: 00007f420fb42169
[   31.949269][  T594] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[   31.957079][  T594] RBP: 00007f420fbc4a68 R08: 0000000000000000 R09: 0000000000000000
[   31.964890][  T594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   31.972704][  T594] R13: 0000000000000000 R14: 00007f420fd69fa0 R15: 00007ffd440e0978
[   31.980622][  T594] 
[   31.982791][  T594] Allocated by task 594:
[   31.986879][  T594]  __kasan_kmalloc+0x171/0x210
[   31.991499][  T594]  kasan_kmalloc+0x9/0x10
[   31.995640][  T594]  __kmalloc+0x129/0x2e0
[   31.999722][  T594]  sk_prot_alloc+0xc2/0x440
[   32.004061][  T594]  sk_alloc+0x39/0x310
[   32.007968][  T594]  pfkey_create+0x12c/0x650
[   32.012435][  T594]  __sock_create+0x3ce/0x790
[   32.016844][  T594]  __sys_socket+0x132/0x370
[   32.021195][  T594]  __x64_sys_socket+0x7a/0x90
[   32.025713][  T594]  do_syscall_64+0xd8/0x170
[   32.030051][  T594]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   32.035766][  T594] 
[   32.037938][  T594] Freed by task 168:
[   32.041676][  T594]  __kasan_slab_free+0x1b5/0x270
[   32.046624][  T594]  kasan_slab_free+0xe/0x10
[   32.050962][  T594]  kfree+0x123/0x360
[   32.054697][  T594]  skb_release_data+0x525/0x650
[   32.059395][  T594]  consume_skb+0xac/0x2a0
[   32.063551][  T594]  netlink_unicast+0x93e/0xb20
[   32.068149][  T594]  netlink_sendmsg+0xa46/0xd00
[   32.072751][  T594]  ____sys_sendmsg+0x5ac/0x8f0
[   32.077546][  T594]  __sys_sendmsg+0x28b/0x380
[   32.081972][  T594]  __x64_sys_sendmsg+0x7f/0x90
[   32.086603][  T594]  do_syscall_64+0xd8/0x170
[   32.090921][  T594]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   32.097068][  T594] 
[   32.099242][  T594] The buggy address belongs to the object at ffff8881e4833000
[   32.099242][  T594]  which belongs to the cache kmalloc-1k of size 1024
[   32.113132][  T594] The buggy address is located 984 bytes inside of
[   32.113132][  T594]  1024-byte region [ffff8881e4833000, ffff8881e4833400)
[   32.126320][  T594] The buggy address belongs to the page:
[   32.131803][  T594] page:ffffea0007920c00 refcount:1 mapcount:0 mapping:ffff8881f5c02280 index:0x0 compound_mapcount: 0
[   32.142564][  T594] flags: 0x8000000000010200(slab|head)
[   32.147869][  T594] raw: 8000000000010200 0000000000000000 0000000100000001 ffff8881f5c02280
[   32.156407][  T594] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   32.165079][  T594] page dumped because: kasan: bad access detected
[   32.171333][  T594] page_owner tracks the page as allocated
[   32.176888][  T594] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC)
[   32.191752][  T594]  prep_new_page+0x192/0x370
[   32.196162][  T594]  get_page_from_freelist+0x2d13/0x2d90
[   32.201547][  T594]  __alloc_pages_nodemask+0x393/0x840
[   32.206748][  T594]  alloc_slab_page+0x3b/0x400
[   32.211447][  T594]  new_slab+0x98/0x430
[   32.215350][  T594]  ___slab_alloc+0x2e0/0x460
[   32.219770][  T594]  __slab_alloc+0x63/0xa0
[   32.223941][  T594]  __kmalloc_track_caller+0x17f/0x2c0
[   32.229143][  T594]  __alloc_skb+0xbc/0x4f0
[   32.233309][  T594]  netlink_sendmsg+0x7a4/0xd00
[   32.237996][  T594]  ____sys_sendmsg+0x5ac/0x8f0
[   32.242518][  T594]  __sys_sendmsg+0x28b/0x380
[   32.246939][  T594]  __x64_sys_sendmsg+0x7f/0x90
[   32.251537][  T594]  do_syscall_64+0xd8/0x170
[   32.255878][  T594]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   32.261602][  T594] page_owner free stack trace missing
[   32.266813][  T594] 
[   32.268977][  T594] Memory state around the buggy address:
[   32.274461][  T594]  ffff8881e4833280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.282471][  T594]  ffff8881e4833300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.290375][  T594] >ffff8881e4833380: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
[   32.298391][  T594]                                                     ^
[   32.305150][  T594]  ffff8881e4833400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.313045][  T594]  ffff8881e4833480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.320936][  T594] ==================================================================
[   32.328837][  T594] Disabling lock debugging due to kernel taint
[   32.455838][  T345] usb 3-1: Using ep0 maxpacket: 8
[   32.575941][  T345] usb 3-1: config 0 has no interfaces?
[   32.581235][  T345] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   32.590264][  T345] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   32.598933][  T345] usb 3-1: config 0 descriptor??
[   33.951542][  T345] usb 3-1: USB disconnect, device number 2