last executing test programs:

19m10.200174667s ago: executing program 32 (id=3253):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0xe}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x7, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xac}}, 0x0)

18m40.964808021s ago: executing program 33 (id=3911):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00')

18m7.893711961s ago: executing program 34 (id=4248):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x0, 0x18}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0xe454, 0xffff, 0x10001, 0x8, 0x8, 0x3, 0xe, 0x8, 0x6, 0x6, 0x1ff, 0x6}}, 0x0, 0x0, 0x0, 0x0})

15m13.826484486s ago: executing program 35 (id=7534):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0xe0}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0xe0}}}}}, 0x0)

15m8.245354214s ago: executing program 36 (id=7815):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000180)={0x28, 0x2, r1, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000000})
ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000000)={0x28, 0x2, r2, r1, 0x0, 0x0, 0x0, 0x0, 0x0})

14m35.854594419s ago: executing program 37 (id=8126):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x10, 0x0}, 0x300060c1)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000300)=0xa, 0x4)
close(r0)

12m59.394149201s ago: executing program 9 (id=9958):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000000)={0x270003, 0x0, {[0xfffffffffffffffe, 0x1, 0x6, 0x8, 0x7, 0x3, 0x8000000000000000, 0x9]}})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f00000001c0)={[0x8080000, 0x80a0000, 0x1, 0x4], 0x4, 0xe, 0x1})

12m59.226576933s ago: executing program 9 (id=9963):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_uring_setup(0x2c4d, &(0x7f0000000200))
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x131, &(0x7f0000000340)={0x0, 0x3f3f, 0x2, 0x0, 0xffbfbffd}, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r1, 0x31d7, 0xf728, 0xd, 0x0, 0x0)

12m59.132374838s ago: executing program 9 (id=9964):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000700)="ed"})
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(r1, 0x851, 0x1)

12m58.29252109s ago: executing program 9 (id=9977):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0)

12m58.201303956s ago: executing program 9 (id=9980):
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, &(0x7f0000000280)={0x401, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[], 0x20}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6400000010000305160000000000000000008847", @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e6400000000340002800500010004000000050016000000000008001c000000000005000c00000000000a001a"], 0xc3}, 0x1, 0x100000000000000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

12m57.40425367s ago: executing program 9 (id=9994):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0x0, 0xfff, 0x4b, 0x8009}, 'syz0\x00', 0x11})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2)
r2 = dup3(r1, r0, 0x80000)
read$FUSE(r2, 0x0, 0x0)

12m57.144736998s ago: executing program 38 (id=9994):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0x0, 0xfff, 0x4b, 0x8009}, 'syz0\x00', 0x11})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2)
r2 = dup3(r1, r0, 0x80000)
read$FUSE(r2, 0x0, 0x0)

12m27.898191287s ago: executing program 5 (id=10469):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000400)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x200}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r1, 0x0, 0x0)

12m27.710973372s ago: executing program 5 (id=10475):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

12m27.55644902s ago: executing program 5 (id=10478):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r1}, 0x10)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

12m27.375452941s ago: executing program 5 (id=10481):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001300)='./file0/file0\x00', 0x1ea)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x12d7498, 0x0)
umount2(&(0x7f00000010c0)='./file0/file0\x00', 0x1)

12m27.225749863s ago: executing program 5 (id=10485):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0xfff, 0x801, 0x6c, 0x0, 0x402, 0x3})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

12m26.865784671s ago: executing program 5 (id=10490):
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000080))

12m26.604508813s ago: executing program 39 (id=10490):
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff002, 0x0, 0x2000000000032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, 0x0, &(0x7f0000000080))

11m53.696535666s ago: executing program 8 (id=10973):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000004000/0x4000)=nil)
sendmsg$can_bcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2, 0x0, 0x0, 0x8084}, 0x0)

11m53.505081576s ago: executing program 8 (id=10976):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2b}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

11m53.309821797s ago: executing program 8 (id=10979):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000280)={r2, 0x0, 0x0, 0x0, 0x0, [<r3=>0x0], [], [0x0, 0x0, 0x8, 0x8000], [0x0, 0x3, 0x400000006]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={r3})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0], [0xffffffff], [], [0xfffffffffffffffc]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={r4})

11m53.101487281s ago: executing program 8 (id=10983):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x20000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

11m52.902264441s ago: executing program 8 (id=10986):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000680)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000800000c0"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11m51.553465924s ago: executing program 8 (id=10998):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0xb0a0, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
listen(r0, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

11m51.142911662s ago: executing program 40 (id=10998):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000dc0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0xb0a0, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
listen(r0, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

8m14.146202797s ago: executing program 7 (id=13455):
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x3f0, &(0x7f00000003c0)={0x0, 0x794, 0x10100, 0x3, 0x1}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/120, 0x78}], 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='='], 0x38}}, 0x4000080)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x43b5fc1a6955b256, 0x0, @fd_index=0x208, 0xfff, 0x0, 0x4, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

8m13.944004496s ago: executing program 7 (id=13457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x80002, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

8m13.740592222s ago: executing program 7 (id=13459):
mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x800, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef10542a2201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42731b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c32768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e179100a0000000000000021e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90a14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9edb6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc83cccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x400000000000000, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x24c01, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r3=>0x0)
syz_fuse_handle_req(r0, &(0x7f0000002100)="6be00ff09321e32a7e0f1d45fb750f1ec1e15be572a7d646754b1e1cea02c1a06d0d9b86514e6d2afce29df5f1c8c9d7fe087f7116a341c9cbd7e536063d42367f79ccea05e0fcf72d19ca8c65612a23cc447ab5982f306298cdfc40a20a86edfb26c58e1491cae8751acfc1a22867f2c866f123215209101ec37c2734d97fb4612d3fcefd3a3c824ace75498471f1e35363631e29cc05b89e0f7c26948edbe418596cbc3c686d37d24c4e049f35e99d6b6de3470b342a4fd59bf1012aa8d0238f32d7f7702e0c293dcf71b3d4b2dc6c6527b070c12a5ae65027998d74526c4ad93283708c59afc157dd299b378f85e159970e6d3a248022714873dd40b54f4418012650d564b568730769a5f27fd458d5f535672fddbd105e2423a85bfdfda463d3cd154ea1185276b3c400ccc39953ef1af942faeff3095d9cdd9bc03374408464d4f85ab3c1fd2965b5e0fbd95a396baf089d5792b3ecc98c536c19b4d3cdf8cb499072f3491f0cf76b5f42ea959c5366ab26f2b7e2539e999d41d6bc583ba13a3f59fc4d3b37eb96374ffc22d53e79198778092656323188c7a052e0d9587a6b80cafa69a0ad770d514e5c9edc0b8556732c04549cc9f4d14299e75514d80b6e026a0f8daea3ff396aff507f89bf2ca4c48d0413f6a37c8ef193dbe07ab52e7487f4e115caa83153f729d4659f51e27939429c41a5e5152eb48e109e81baa49ebf076bb13ebdd031a0c077b18c0db18a085d5b3262cb50649b4e8fecf6b306a0430a8f89e2ff7fda3ca48fb8e2b1aad0999072f20c98466cc868970e53d6860b8fc76fa3b40eb40ab92863469346d5a6860c0297dfa94d908f1168ba2ac5197a9f9cbf3abc32fce7d14ee228d395ae53b1bc374939be6b2a135661048a02aaeeedfc755fe1df353b8e8e0aa093574321ab55fc3d16060ed0cd3e8c3f5954b745048d58061e834cfb142d027c03a69df52118f92acc387a734df458e28cd8324ae588bdcf3c12e4c492e4c14e47dc3efc9123bc189dcc677b619fd8cf34ebed6b73c2c740964072f1d87505ccc4ce189293b0c1e6cd68b8ad7a8cb8b049b8aa4f3675ab09787732643353c4f93cec2787e5ca3b96011459c133cb6947d51c408981798b675b9f9bc2186f016b585bdbb6100434e97033261967b1f6fc02bbe32e4125e922b364757008fff71df0ac6e9479caebefc5255727e8f9deb38bac48fcf65b70b7ff53b1b73682903d1300ba4fe2cf7a7c4b1a561f902d4bdfcc37697c68ff5e4f9bb0722f2be019fa57791da330e8ec69683e7b12d64ec27fe017bb18190609be3a406cc4b1c818e778c404c0e35b1f0cf2e8109f672ee2d649fb71e686930c434ad92fe5d290deed7fdf3fdd71d7409f23daab810569a01a8ae9167e558e71f84f88639ecb5ec1ae0eae0474e37ce81d73c7c93a912a56de243e39995c8d1a6194457509fbd62b94bcce0f1e7b3aca47d36c4874fd1aa8d8d1475a2af2f457ea39004dc3c1834bf20701c00416858c810bd72e8c55f4507c2187d062abf119fe91a1871e423c16964de5351c70dd668f08c99329fe189d78d7944a2e9ce47b2aad9657f8e860ab6bc03c365059528dd28350b84c06c56e87f019a0fe5a71595c7ccbf493c41fe52e907708020cdaf26be8e21d3a97c2ef6dd1de85ac6a9f8ba0771d48353b399555c5b6be41241c9de86888d0fcd5198343ad913fa35da296dc3eeecfe2ee4a56b56bf84e23a3bddc4601b504433b339468f029cd2dd9e637217e5816391010093471cd0ac2d352cb88ff5e5930dd589d1b03c5f408023c8207a1bfc2de6794a65985c1345ab256b8e7990fb8c3fe54b9b76dee19f4a7380a0659b730db58bf69efb51044eb4eaf0df5b7a07baf629a537fdef46c33c6dec622c27dc806025bc0144a3a1a64136cd8e7674a4e01aafaec604ef8356b921be7df063a2ec67dc312d964ff1c30f8d77b7c3e06588ac351a8818701c5b7c9e4b9e9721e12d0bc0731c7e2ccd0b1028e5ac990a3e45c44ba1ce8ea73a54927f6fda6cf5e52253a8ee0df194073fe76568f51c6cf45312f1aec20010db2b59d95d39c3b1a40067e6657964368e12173d71fe2f7950e5f0f3a2923ecd474b623010d77f674e52f23552eece20dccfe15c64fa05ffa6bec88d28fea4b2de624c8dd1106c86b220af9f53f15e00785d764224975efb15f290c4a6af055f7a8baeebe9903c0c9f48b53dc423997adcb8acbe7d82de105383644f9d9f3d8cc8f9a79bfa75c7e1a3f470d2448612ee26950b0affc39e98bb75a30583ae55383d376f22dce6c2cdc544ad8d68fa82e5d16b0a65c63ba4c4fae2ce1269ce321be2a0f2550c2b47c8cca190d0e44af824705dc3d5565c4c0a1ab68c50d83534fb32e7ba31c8dec6a17c127985a516ace1f9016278e85056f6288513ed706b873646e0fe3f1803ce71dc72d91da85ad5d385e0b072b6857ecf36746cceced48b0e4663b92cc349baeec28d27ff568ba9bf4d68191166cf65a13af7cf213c2ffca68b9379ea167c7bda82fa7261e2754a00a6f0b4065c57a8f9868f8247d39eca71faae27afbff8864bf934e746300d5e9a31a4b78ca059bb9c40d30bfe745336264daa57002085686f73f48474e2d4bc1e38e62ed4547a6bbd74b1d9fab3f4b2622eb6c8d32b79ef9ab691fefd7b1bfa787de85ccaa14687be5a0529f928dfd974752bde8b063bc717d2a07eb4a1651f465aa78be32457955f83b2cb4608e22a4ef7bccba0378274289a7adc38521cd8d691741e87b03f536b9196c2284baa062038a22320e6d8c3f9e29051450b16bb7909566e75e6ebe423fa88b7f395c0dae22f027efc014db76ffc4244dfeb4d014809569caed95c43f92486c8d9cde522d403efe788fbc3b54ac39e90bd2f2dc3f3d66308d2df22d9602da5ec2133f296252bf0da014020194cf9ee65e7b137c5488401eba99def61e721fa3889d86ecaa5d5a3e4c8642fc0f9ef43186edd427402f63f06bbfa26850f2e4c71bd6387978a8085740fe4b1012dde14413dfc12052acf9508fd6a8a64f59d5756a59c806b64f42cc4466aed5327071f32fe2cb24aa62d21da4c1de44c2aab46f01c53eef1d83002437668fc494953f4951fcc1bc050e402b7cb73d61b3fae4d806fe6b745160df0a6fb6e830d18b04f142b22de9fe78b4307f95c9badbeeca0a2cb134d229e19fbab6a913ea4a0c59b59ac4e9de55b4fe2d7d5585d57c21678931d151038442fc388557da00dc01bae0c7df06ac72be56668cfd942c9edcfe77c1128a6640ad4d4a210d69d94b5e306b3848c09c61c05ec638096ceff5fc156bd34cc3c461bbc4d3ea0eabeabf46459f98f15821e181dfec54b87c9c10bf1ae64449ed9e90fa660191d38760117f9a0ae6422ad983e8b348bc0579dba87ad505c24ccb683ffd8f734b8e5f0c65e3a749d86a2fb1aad19abb96490167993fa130db74152d8984084220ad17653c01f3fbbd2e1000d3ace6ed697f0d4a9bdfb2dff49148e8def07acd5e3355370d1c19d3afb7bd12fc30e6acb4841f641672dda483d0afc53150369ce1e2523b3706f5b65542032838d45a5dedfc2369e385390d1628e78dced081b931f67dc75e23cf2b0f529fde6c9c84e4b3894c11b9f56ddc65827f68b0fde08875fa8ad3cac7e212c7727d41f6d51434a890ccac19f3e9b0a594556fbf51e84e874de4e2eeba206369871dd844f6248ec180b3741f2ab3d23b76448562207f577b10f4d14949a926b837252cdcf62af32e83001d63ebde5c1d266c8d2b43f5545dbf070eaa47613481d6c920f1801b490d2a847d7e85872fe75f56d90f050fe741d94511058d71271daf9c565ced757402c315685820c80ed1f6a889a8db0326ecb58f1f287d24c5beb5b19b94d8400aa406daa591e292832c78be74613ffc2a12635951d487650c864ef55927036edb5ec02614e5eb75f67b933220ac39f891c37cc0b7fe23ce8b0ad8e5ec9c0efbfd706f5730c142fbd5297ac7f03f4ca6f49b9cba1e9cbee6b08e936c7ee1642e5f1e3eb566c294d10fc4fb45a7239590cbdebb7a16b972a983748e73aa23be7f66a30c22610456445234bb8ba11b412eaae69b808f76d90b7bb14223b644b8860c550f3c92ae47c06a38429d66da2a414c01985d4b7c935717a4dec2cd4e89092d5dc9aefd0ac0b23481459a2adcb654063743b667c3c3241f203f81385aeef164a0be7655d02074b6710b4e2c50c3ee0747892327e8f22aaf51fccf2b715b24c02c6690389afe83e6128a1ef199234c8c9803124089382c6bed5b296945fcfa937313caf39176b741809c7c7fde30468e8875266315d9e733258b9305cd92276211d0c75c97b103c31c52c0c4dd17dc5931c5a7644ddb15ab8de78cc32125f85b78ba00d09079626a813e589dce18010f427079ec6cb74a2752c7247e7b7df37dc701245e9cf37fbfac5b1c427ba477b15c21d48084d38253a4d49af73d9f25e23333ac3a84e4b671fd31abd4b32441fb07dfe30659915a88ddb684933bee5ee9dccd45763f6544fdacfa4d821f36d7907a42ab9db72b231cbc9e1ddf2000441586eab8d59277955f9665c5e358da456d759490bf9f79462ced96372b237ab61d8b48a78612c64f48d5bd89fb6e67b0818033743b7ffb3305bcdbab0f71b46d5ab61d8190c5106813ca4435386e55e43c6cb925cf81039ed5f11df2d96c53a448519ede7e83dee8b82acd143ce0d1b91318a0f0efdabb77c178cdee559c1d2181600b6b3847e05f41234c5bee021d4f0bbed10cd557f686e8b9769780a13df35fd069855fd8e2aec5bb84e8d0b7740fb7fa88b823826b7e8a979148b95177a2e720b45296c280a9abce6bc5d943e394c07eed5148f86a94450569af8c38e184603abc46a59b2ba01e84225da828ccb93ca557e4ffe9e8e8b98c1fa471409f9d7b9d9da4b0f4fb7d58d7474039204faa2ab1067a2eaf9df247a2ba1b099cdfe79a7db1273e0660e37f6e8afc125564c6b8b5e893231a6addf326988bd78578950e4b2f317ffb322fb44a570587c6c6baa59d6d844454e92f89534c7d902760b984fae30ff5eff5b90fe03f49429c5a5becd275c5c670ae8d39b5faf986970492e579a8d98aed5da2894c96bf8779e9aaba84724bf471734b4d9d4db6a0ebfcb1c31f88c59d4b0f38078435f575b0e7cc7cd5f6cc9a39bf16d3514e89b562ded72187c1e550d4852e9bdc585525d02ed1d3adc819a072d82c37935b2fe6ff3c3f0c7b7fbee2c25ad515835d067ea53af1c6d0b4a9b35de653f2e5a8a1d9261c49813ecab580f368a79515a8621f16b750fa9d711d2884764e222c723e7dd94532de5d5d40fe12660fef784d8ecf2ededbef7a61b881cf61e8c035f31d3801b34ea385fb5fd3895e6789ed741aab0e5d091050f7cde8aa1f4feb53683626870adc4190554316bcea49c6ee182fd66a6ccd2e198ba2ae6f3621a6a6186a6cbd5378e6347afbd88cbff663f73ff568ed47861219eee3598520625f64f7a6303be64361d705021104d9871592d28524f5cf391e7d445746a0e9e42924760e62c955301e1ab3744f79217841a1668a6a871bf2efc278b0bf0b4b46a769caadf243f1af31df19006080d11a4f84ee4932034f48fdde875415d949438e8c1bdea8bb9899c230561482960cac0e77ce78584e35d3430af7ed37ec71f33f265d62b397b99f71aeef08e0a92e221d8ef14c82616d06b1ccafa63969a7ab145928d9c7b1b23e16acc00754ac707f6ce3939b4604baf0f3fa69fa48bb7218f3a992e65a4aabd8a6adf4a7c1e32877273393a1567632348d480a84f3b4ae31eb810a22ccb652064be040c9a90e52b59031a22abfd1840b2ecec89d16426ab31dfb83177ae08255d1424a6ddf8bb5d5adb66a7e6cf7f68be0ce5b4a56fa3463da621062ac85af5334018c3a473c5af9c5686eb9abbd24420293df7ae5fd075b2d3b9aec226e1a016c989b029d1daed5933d285227dbedab33a32b0d71d4cb1fb79c3a8e342fb4126785a3259f241150c7c381918f8f88146fb8fcf14d42ace0fd5c0084db3726575b04ef47c2bd1a0ccf977c8232e1688d4d39c88f7ab8d565b578bed84bbfa17982308a9269933ebd2f7260a67e01a3790fca5673643aff626514846dc1634e3c2fbdb0eaedb163072d9c0bb2fc129aa57618ca1d2b37324aa49972117b9ca81092eb89089659c39eaa380fd950aa914181ac98c1990af713eb834fdb2b731f2791292e9b2774aaf3a091152e25d7ea92a6c80f3217fedba12816ec910677d3381b361272074143fb51f391e6cd1953dd6cbfa33ba97e5d019fddd3da76fe350b767c8eb706a5f46a536c3103da6af42c1a5a7cf488be7f0d3a8ae4598d0d1f4f8339a63c124a5ce1b18a225f840368d390acddeac589093a753ed2e45ae4bfa62f222d4c6a6fbaee8163e76a0bf6291619d3b4af530d03c1769a456ec52491996c6739290f4cd325e9a3c1f0db9b079e5809859f6bb2d6cc494a500862179b65aa65ded80971e60dd9338dddbbf736924626aae8d65fa4a32e8affbf49b5b20c546520aac759594fd996e5f573e8a359dc4192c2723e05d7f8d212d78a03e9a7ee41b3ed6d098964f77e1e96e0e6641222fa247757998d9e9d33787079d1b0913f9b6fd0163f7603d4bbb7430738ab618026ba0526b5722f7c5b155e9c20209ebdac884d4afc34ee32420892acfa0a63d93e1aa4fa71581166d783abe45cbfc66f65c75b803d932dc3a40851508499001dde84fd3646ae3743c1edcfe433579cd41ce625262082cea3e4f87ea17f26c2390e9c134972cbe8291c500ad925f896aeb4d652cc01e397ff9eec6c4ab32432f61f90ad6f24fc2f24c47d039e90cbdbdf97ea2c0b1ea6562c1ab651e46adab86814e14e9196366e6da5f16c743baa0d31a1b14200451df59b639dbf0ec8976e31b41462268a66d3fb55b0fb344a587890d92d7df87244b517276d6cef787cecdff92e2293d0d2e51228bba0ba3ba9e57483147727a90ab99b07498a1a9c46cd32e0af493e4c092e515ee9541c678c3566092e62a14a566e225741102071811d3306cb229b8c08da4119a565f9a37c06a983ceef668e7e97df595bdfbb43b0350fc823bcb53630508b3e7a42ff2ad5a8bbe83811c35b78578fa4842122ac76be6e7cd68a9d3ec8c6a3b83edc1f545a1f2a74ce5212f02ba85e104c0e1d21e4f77a7a6a0253fee2d486f65abc1d15e483b7fa87633e1c02e6f5aecdb779dd63af36c457905b2d4bf2c19cd4a4d2475245c45f3ef767654be5c17aa9b3e20f8019d356324baf677e4604e736c2a8b289874accbcb2ba300f063fae2c7d447f9a60daa87592275e501cbe880e7b46230659a7d62fc069ba7bbbbb71cd5ece453a692e2a3620cc8ccab581f4619963b1823c401b84092580dfcba08f63c14cef7963bf6af2d550e2fd43dc2ce1a5079e9018fe1a6ade4496b17f31dba644022c1bec7f7a345f2f02fe4eae1fcf5fb377fbf33c4774843cdbf1357741b0a9be5b403345db08d6ce70e4c5a18cd8725364b4096b69863964dc596cc115105043f6d80603873494c177b886299ca479d1c12a3547ff136a203282df0bcda49100de02b368ea5124385a03280d15319c5a5dd5e150b6eb19c969ca5f3c3368bdceef985c1ee957d5a61b3b9eb1c25e40b280fcec638726f78747dc2944e052c184cde480a6db7a2cd7b75f34cabcb2ca0e105b7af8c5d480b1cdb47d3675daf2e621db6e6e8924c157a028e860adde429979536c0ae06d3665e98166181eb47061fb20b4f0547daa938c54db21518a980ca5670a3dede7eb479497156b4998d11e838b6f112d3dfeae167bc3a8ed7c617fac11907094f25b0939bb9956f7aaeafbfa452ed4ec91b2d1450a43946096cd104a90a73d733da92125de061de39cf8e3d582e80f368b22c66cb69b86677a0af3bffc828ad1769a223f0f98e0857b60bc82f739fd6bbbc9a150830e1e850fa3bbd587bd9ca0fc157fb0b292cc91365348d01c435e2641885891306e177a108712290ec2d1ed3c6ac6d1c49aaffed07b6196787667cd8a7af66a1b631f9e9c6fd668509b7a2e3fb848d99e54e298742ca771bf913e50552faefdc0761a0b1aac3a38669fcead818c26a385ea630960c151199226c23d2b1c9ee42f864d4fe05d22eb826a80ad0738daa292938a4dcfcf18a60642b2b27f0e4998b0569e79c5dff424dd324641eea7b929d13735754b4ba6ba1540bba6b4bee8d3ee3c8eb8900e9c7e36854958f5b632b111abd2f722e2bc8aae4f112f488d8c1e68ba32fe88a39773ed81027a14cfb877ece8772dab7d360fab7cfdbe31a69d218ebdb7b0e42fd8b775348171f0f8a59386fa4fce2fcefefc09cc99a477cb856376541ea5048ab8fdda87ace560a565b2fef28327ca537eea30114a0581fee17e58ed375377a23d8ccbbf757a38aaac794a2630c42f9d4ed91cb886cb5277134b02ab691434ce897c5310472a691f99785cfda982c8e99bd2958589258228a7624137acc14a13414d06f6aee835b3637a0e7367a010652a076b2945fbdadeef39d65d503c18dddf7320fe07873331dcfd16e7cc786cac00d0934cbc6b024547e11132e413b7e5c4f926202128dd1aa76a39065a4228f109bc3327dac7028843868c32fc5d902e882494eb3cf81a90212434d404cbcfa72722e3ffae4079c2e6333a94d5f38e2a2948a01c10ef1a3adf58bae5b5629be02a1de64a201223c23eafd61a5be59c40188fa3463fd64e98f0646a9338bb9ee85f3ae5eabe370727121b4d8559fd32be127a6dbae3c1a0a43ef1173973b3b3332434c6c92b3144d9fb308768ac4067eb72d597b85882e0d228c6dece3da0677d9fa6c0b13788b3c2b0c9e67377ba0ada12aa956672c58f48fa6cfdf0357d3cacaabac46dc438632b1e7edd2e120310e7cd7aa2e55884b422b88e8eb9f5c468c04f9f045f4e5db6e12e9d7330f3e625a7e4676f61f93ef729e8cdcc743c44d409ff5720e85d4d447cfed7f187563ba04add8b27b4d5e1ffdd2bd61a167fcb2da8d58e67479ebc076329d27bd24ecaabc4cb05552a409ce732ecb86a6f0a213e35e53f895bc3c4ae020ece95499d4670375f61a32fa215c956734f5aa8127ec859cac7dfb5768864dbb7591f9d91c05e365c4dbbe864d207bf9eff04c4b3047b68cebef76a7915673dc5ccafceea57e38beb9a69473a1b2ae96c812ad737db0f66e87ca2305dcf4d66369e1afd74412a207a7a2d6d97982e1874afbb6a9b420d88c542bcdf6cf3c471c7535a3444ad20793876793ae8fce30fa468a50ef241a15ec0ea3229b1aafcc76eba39f8cd2a93f23ca2b04c8ab87c4f5a8a9a1db2bbcfc17a7aedf9877b669f8c2a05783586581656064dcfd19200a8f60c4a582766a0ca5148b56cafafc0ef1601336b5398a90d1bf68c6ecfd1ede4613fb9474bba76ac945f51129543e22f14fdea4e83c206032f0b5faa83a1de556d48d5f08bc53879f492897df7a59e0ddd00825706a2ac507e5fb31bad911885ffeb2d2368616786593f4c6a28de95edf2d993dab8412fa5b16eda075a934f46967fb1643085370da9d1e5895a5ddd6898429c85bdd41b28f58cc3e106ab683ecba03253b8122a8a5b6064eca49ebf4133c2351468cd01200332fca0a00c980262de8dcde7f7e145aefe3fa56b2dd6de3f2bd1514f5a2d143457a28bac927c248d4d89779835a83398fd54e7d53d7b2d1940fd12d7bc96e16b0fe15fbf16c3600b891b3bf6723303d01a73120734be1f27d43b5d5c374d6e44f42e0df163d2797da5bb292fbc58f8ac2056dbcb85b31c81d56fad2d70625b1304c04a508d6ccbfce072279358cb065a50f4bdf8c81ddd2d5ecf2b2c2b1015051b465e5ff682c9e3f8160123334b82dfe5a751d8b5f441587bbe7bed1325338cae6a8c06101081a55d499efbf77714e43ac99ecc08965e152bc84faba1bd966f4c01879f24b451b8f3ebae04852de5efd441396a6a871f97ea3dc413174886d71748c8beac5e5d403887e818e335cfdffa9d76b5074a5dcf12ad7725cb83cde0174679c0961643606a03082c5ec01590d687ff5bf9f8b2c3a84bfdb9c25622adc66aeb7f0355efddd4ab9954e5455c2428ee4e5383888ab466bd5fe817eb6b794a555c0eea446287cce32d9efd960e58771ddfb8ee2b4133b79d8953c2ae959a5d6ce09448d50da61bf22268fd32dcd501fd47c6b72cf8f50159a7aeec6e220ca81fc64ff97014ea77b6f791ccf6625eba88f60d1fe699cb16636a9acc4067786c537623c699568112c2093663bfba92ddc1ffcfe93f247f90accc6002faa61f43e54c3fab5e04a6ea1c5415e31ab129f8c9f82c3e3191513a4af151b1d6ab45a2f0eeca83f0870bc40da6257b9ea1c6238171a754995137d4123f2a4888e73db901f70a044ee0dd8176defd5dd82d9fc5a1a0d79effaf86fdf0b88eabc338c353f5fb040fe34db18211b20f8a3e4589b212e913665506488f21c88f5aec85eb694134a557c95d9a6ab9efc089e5c9848e591e3387cc11ca66fb03ca713513b98ebc2f35befcf64792ef44411e0f75ee4da42dcadfffdf9eecb761bd5e89183881103c5019e1ef3f3d80ba27fb0e1897e925d4122fdf3b3b568cc8795adf98643e86409226f2c5ed87cf481ffcd6e21a2bf0bff07a98bed3be5328118c3cb43c05f1b740242b0855f71400dd155c888b627615488025f81fcc6f5628efaf081489683c6d259c33b591edf4c9a4bfc54802c93ffbba4baf2a5030af8882b7d53eae80720e36a15c6c210658cdffa162630ba5d0217fbbf44879a04d41c58befb8a271abf4460a2d768be38d22f832e3cfad91b90f1b576924c8cbda71bbe89c85c239fa02f69c25e5422c977d97a54954fd16b85970db963db2b132b057a0282aef92614a9148e2a1a1edfa5ec46ae8d662dabae8f8141ea30dfddac44573ff52c3f93d82b0245b03c6db05b540e614cc9e3f702467054d688a92dcc9123f71a064cc52730fc5ee94b2746c80688521cc1cdb0f9455d4875f4af4afdc67d2e389361e1328edad7594d4bc9beec8b935aa3e5e98652c934d14fd16da50d685717303186da715778856da54666448d648d32becd2d63a6503ac21e56317903d15465ac4d3765f7a05420811307f71c1dc55ce5a4cd21130487cb0065397785da5094d27fae505996c1d404399797ff61d40f2ed63fca51db673197cd158a6e9b9ee93bb37df8bbaf92f47493c81c65439d359d578244a7f83629f4323a182e68526d674f4b6b64908350253520a4e564fae27df523e9218ff84f55a7ca622fc2e3bcc5edec9cc45c5a1b4c00c64038afdb165ad0ca3d8b66cea248e6a60a1c6d27e0dd2e5c7eec49fb8227a5266aedbc4fff982ffda402190548fb63fdeb67b3fb0894b11ce904b1c194f8f36cdecddc1312d64e9f227cc4b614b3679f978e0f1b6bb7aaeb2461cd28a94b73dd55eef1d5a98d72b9d8750b2dfe3a3cec044e13a8700", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x18, 0x0, 0x2, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_submit(r3, 0x1, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x4, r2, &(0x7f0000000540)="8bb3689fbf18c9", 0x7, 0x6}])

8m10.036403512s ago: executing program 7 (id=13481):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_setup(0x9, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f7})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x18, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x2d, 0x0, 0x1f, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

8m9.589636825s ago: executing program 7 (id=13486):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x243014, 0x0)
setpgid(0x0, r0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x4000, 0x0)

8m9.228849085s ago: executing program 7 (id=13488):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
capset(&(0x7f0000000500)={0x19980330}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x5, 0x7})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000f40)='./file1\x00')
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r0, &(0x7f0000001600)='./file0\x00', 0x200, 0x0)

7m52.948245285s ago: executing program 41 (id=13488):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
capset(&(0x7f0000000500)={0x19980330}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x5, 0x7})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rmdir(&(0x7f0000000f40)='./file1\x00')
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r0, &(0x7f0000001600)='./file0\x00', 0x200, 0x0)

5m55.706244659s ago: executing program 1 (id=14074):
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x2000)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
membarrier(0x40, 0x0)
membarrier(0x20, 0x0)

5m55.468461456s ago: executing program 1 (id=14076):
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0xfd}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000808000400", @ANYRES32=r3, @ANYBLOB="06001500070000000c00168008000100"], 0x38}}, 0x10)

5m53.661925318s ago: executing program 1 (id=14080):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
open(0x0, 0x1a1043, 0xc5)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
read(r0, &(0x7f0000000180)=""/65, 0x41)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
read(r0, &(0x7f00000002c0)=""/172, 0xac)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x4800)
dup(0xffffffffffffffff)

5m52.466252504s ago: executing program 1 (id=14089):
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3d, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

5m52.226159592s ago: executing program 1 (id=14092):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept(r0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x12, 0x14, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r3, &(0x7f0000000300), &(0x7f00000002c0)=@tcp6=r2}, 0x47)
ppoll(&(0x7f0000000180)=[{r2, 0x2040}], 0x1, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

5m48.802413871s ago: executing program 1 (id=14102):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$video4linux(0x0, 0x7, 0x0)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)

5m48.527322092s ago: executing program 42 (id=14102):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$video4linux(0x0, 0x7, 0x0)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)

18.62658104s ago: executing program 0 (id=15024):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
io_setup(0x8, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x6, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@remote, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xfffffffffffffffe}, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2}, {{@in6=@remote, 0x4d5, 0x32}, 0x0, @in6=@loopback, 0x1, 0x3, 0x0, 0xb7, 0x1fb, 0xffffffff, 0xfffffff9}}, 0xe8)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
sendmmsg(r2, &(0x7f0000000180), 0x400000000000077, 0x7600)

11.968947579s ago: executing program 0 (id=15034):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
symlink(0x0, &(0x7f0000000080)='./file0\x00')
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064d1, &(0x7f0000000040)={0x1, 0x0, &(0x7f0000000080)=[0x0]})
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x5000, 0x1, @remote, 0x5}, 0x1c)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = dup2(r3, r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f00000000c0)={@remote, @private0, @empty, 0x40003, 0x40, 0x5, 0x100, 0x0, 0x590043, r5})

11.849955275s ago: executing program 0 (id=15035):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000004c0)={'\x00', 0x4, 0x8, 0x1, 0xffff, 0x5, <r0=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x0, r0, 0x2, &(0x7f0000000540))
syz_usb_connect$cdc_ecm(0x2, 0x68, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x56, 0x1, 0x1, 0x6, 0x0, 0x1c, [{{0x9, 0x4, 0x0, 0x7e, 0x3, 0x2, 0x6, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x0, "81"}, {0x5, 0x24, 0x0, 0xf}, {0xd, 0x24, 0xf, 0x1, 0x9, 0x0, 0x5, 0x5}, [@acm={0x4, 0x24, 0x2, 0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0x9}, @mbim={0xc, 0x24, 0x1b, 0x7, 0x8, 0x2, 0x94, 0x100, 0x9}, @obex={0x5, 0x24, 0x15, 0x1ff}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x400, 0xc, 0x3, 0xa}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x6, 0x5, 0x10}}}}}]}}]}}, &(0x7f0000000440)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x200, 0xff, 0x80, 0x6, 0x10, 0x10}, 0x19, &(0x7f0000000140)={0x5, 0xf, 0x19, 0x1, [@ss_container_id={0x14, 0x10, 0x4, 0xa, "48b8f0dab389b9a2f6a1ce07a9b492cf"}]}, 0x6, [{0x58, &(0x7f0000000180)=@string={0x58, 0x3, "d7803cc50585daec03bd4dde834fae7ee21a04a2eafef17710403c4f5c7f01d0308f18f77b0d8e94b04e84d797cf7722d7ed756a95d64201cf702117fb2e331002663d0be2071af2b96de71f3dcd96cd271063ae4b35"}}, {0xa5, &(0x7f0000000200)=@string={0xa5, 0x3, "e82d67116e42e95bb0422a0585b4d59d504da8acb206ff23c6c603685295a8cddf9319da5b28a3e44f133e73722a692fcca313b9ef06e09781ffc0937270a02e69f52f9b4ebfab459bd819d55e14f734b3a1295bfcd778251e25316a9b36f227b746bbad99127651a72923ca32a0e99e69413b65ac02348247548a1fcede8d777103570f6356abeb69aa22701d0899230dd06ae95885e3675633fc6dbe1279bbb9f791"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x44d}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x4c0a}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x3c0a}}, {0x0, 0x0}]})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x7, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffb}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1200}, {0x3, 0x3, 0x3, 0xa, 0x2, 0xfff0}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x8, 0x8}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0x41}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r3}, {}, {0x15, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

10.430151792s ago: executing program 3 (id=15041):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r4 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000000600), 0xfec8)
syz_open_dev$MSR(0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}, 0x100}, {{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000009c0)=""/4096, 0x1000}], 0x1}, 0x1}], 0x2, 0x40, &(0x7f0000003600)={0x77359400})

9.458060844s ago: executing program 3 (id=15044):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000011c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x237, &(0x7f0000000280)={0x0, 0x275, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3, 0x8}, 0x9c)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x5a, 0x0, @fd_index=0x8, 0x3, {0x0, r5}, 0x2, 0x0, 0x1, {0x0, 0x0, r1}})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

8.355582184s ago: executing program 4 (id=15046):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r3, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e14", 0xe, 0x840, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
sendto$inet6(r3, &(0x7f0000003380)="4bc32a49c5fee590838631f81d2d501b780e3376f11cd3e5af0a450233e74156f6bbf53a14d2e74c8e46115c0a4d4a0375317c4d988a690e37262cb48b591bfdb4ff738f0be31f3f33d65ec0256e00d937043394bbc296a55f0ffd3f8ae817bd0629ddb50766c7e739e656e5e24b5a077cb64f8b1b75a3368c7908668352513b274701ff080031e7427c786ca327f124645e97e4b67c7eda72388d008dbecae8227565c52c02500c1953cff47c07baeaa70ccda20f6ad15db93d0225f72ac9f7c32387b0e50de6f698decf584671232331c524c1e775c4b13e0e379e8253b0ff8fc05238f9a7dada66771b3c485d00532858ad4e137742e6adf72eec34b0ba8821c67f9d2726e98a6074617100882dc2711fb2e477cc76a1ff9b47d93ca2fa42e52f483bd2aa530974ff3fd29a170adadb10241abb8ddff7fdbe53765ee6239d7896be7db752b5046cc5b4b36b2a9c0b3c154915d90ccbf46675a81826b348a5c986a4d1c4488f6e24545619c829e7f6c4ae68d1a86bb2e700728086f30659178c7ba222b71f5786d77f12f221cd20b9fbd24801abcd64eaa605ca9da167fb06b11b9e637f6e727253d7090699972818e0e69159e07393634fd13310a648768d17013063d34b2d68a20469891d0f24285a44ea4dc4aaadf3e326c7645fb569ee78dca1ec46d7942a42bd675ed1dbb3b537a24d57b76583df434bb57f38c0b4c2b6414f4511fb0126a3e17e06c65ec6023b8198ddc4b59707132affdb3123a930192d8a1a1d346501958faf24a8090b0454b7fd4fbe7f3afd8e70150edc2d3b6d799b45010dfd621c39d1e32e19f7c1554abf55e4cb0f450d129c4eaef1a1b7431ad30fc0d6ce6b973f2aa0f1dd2599d8284fb79deff298aae73388cd0ae4fccda5cff46b058fac08debb67bb9bc5eea5a6d28cff2d046a5afb09fb608bab362ef021fefc8d05e9619ea57959a884873b3a887a5e08123d564c5349c4c15c2ece77f0e4d0e4c88a516978afe85c014ff344668d4cd97681bae2ab6aecdc6f4a4c705c43d400f691ef6f5c926a8c51d9cd4d0fc15769c5b20662cfbef41d9cc3d62b9d68795907729d33133f3287f2ab5cce83e35fb0e358bb64a60675308f568a25c2327eebaaac30e6e282464d5547daf53eee7190e1e5a40f7d2e327858099bc5a7eff7f79859a074aaad5d6bdd8164c627ea59784fe40f1467bd17ded380e21bca5d7d0bb59aa681740d4e371e632862cdb8868c4d706a228704dd94d8687e07708b8a4742fb0caa260523e515bfd7ddcae9aff8e487aac73232c6a2bf63663c644f4451e209d720b0bd678b27b673443937d80958f94fd747be9f0df02950c2de593ea6978062aba26d12eda852f37cdfc18d3b96b08ac3eaffa2efb619db6ee789446b30fd5915480bc24990c536359d64f06e39f59e8cbafc28451fb95eefa265e038f43af933d288578be9ecf26495e6da011d91d5578c46b4a4bcbcf649eced6ac16f6623e67afd80c35dffe6b6aadd4bfbbfcd2f248455b8b1ce0f10f628999d8f56ae47e2fbb744bfb7962a3548240c286277db000d2b0e403d13fea75c7a789dec2a29e51e20a037a5156cfc547a7688f1926d8476a5d5bb64b4a82132a3bcadd080503f72e04e7d55ece7d5bbf24ee9fae2abace69fddbc3604c04a0a82408a7dc035e2512082397323cbf6ac5a01c07baa604bbd6315ad2592491a5397ef1c736f5fae08426ad14753fa0ea774f0397a77399bc5a7c9529f7a7b48313f426796346f77f7e975f8c2704bc61ce89f8f462ba69b68de5bbfaefae6b749d68af86334552a37f02b18671eb6ebf58cc77fde6d93a2b859c49113634afa77d33d2655675697b3ba142b94a18cda12773ed4391e4f80e7caf1c429eb4bbf2d2c982ea62aba0c94cfa2280d12e411edba880debe919d334d58492ce78ee93fafb0b6ef8202b5cb1d8ca7c6eba88751ddfad35db2ef8089e14cc30fa7e963394cbdfd4a39053c69e94b9bb44bb445d77b7a0965e3428142405ef3aa26426fcb8e26423b5342a1ea0bfd28448605e7c4346916a152839c23f1e3d463078830f55cfee3d719080be97cc6b6acd9effda875b18df23c07e55cd732d25d0c32b04c38b2c4cec8e9b57548cb7c153c2ac2043aaa49267c179f1485acb449823fd3f379953adaba9209ce052ee6470529ef6c044efdb9ec79c0da170e1a986706da2f191f735e8c9c27a433f06ad910b552ec871c20202bf39c13e3601a65facb32fb7ef2a85d12345b67409bd14c1e26c028676cef27d47e51deb5c8b616d7ec0dd837ad4fc4800ce78f83e5075bef6d3ef784519908712d411d6af598dda6ea13f20fb2ba8f4a85d1c8df3cc7dfe0a8e8d5b2d696e2b51d835c255d97873dae579a69cc3c9f8d50f282250142f78b562cd59325b010fdf5e103cc05f09295ecd5ad1bdbd195ba895bd38e5f3f8abe520a442f98c9b0df2e1bf30771be8c0ba86d59579a9ceda056c2b3b6d51ea5cd584750f45ccb7c9adc37ea8750ff035778da2cd9eac640e1121c4afac6f796a2a6d1892ce896f201a08cfa422bdbfabc34dad9e34352856160037d3485c344900ebb6d331d35fcb1c143d0f32e8393a712cb5fe7002561c4bb11051492e65d4291c92c0545a926a798d7a23e806796fed6534d67cdf9857f7123d4dd1ebdb88d545201d75d1c9ba5456b7fb52af56652cb2537c0a5f82ad02f084edcaa66254f9a0a01eb7c5b9606c4c93594f1e636ab15d96f58b11ee9f7a16b6765a146bac6a98da6b47ecc87974a1c732c1194008c5f3514d0c1f42ba7b284b07b23a3b0fe9073dcec4b2d4ea397ef3984753b134d60515ed774118b46f21cd2f2c60b87f54e9335fa30517fe8c360f0803031a91302ba8f44e82d13c58736881ecf4cb643e7bf9585193f4d1e95e08c18c47d460e2edf2a0f1ed39c2e7800cfbffa0d9a09b108d8a5eab9ed409b61458e9d46bceab006e2df77505af41ff7dc0ee67748ec729ee09c11c229ac7ef447712c220ae2ef5612ae45299ca04cc3a26cc09a259c1dbc9a4291bd6589ce6eedc156df97d1bb7eea68ee273bb4c4d8ca0c515299aa53260e58760864b1ec4f386ad0367a08bfa47ffca6af5705097d1657c94d5d7736e7157d8f7137416480933be3f325708f6f947ea08c94cf4489e0f5e40b5e03bebf427f08bf6bea963b6b1338f91384755681044e00fbbff94b8d21a874b12be4294173c65f2f4e56427e840a5703e289f8314f705cf74e1d98ff88105967bd42d62a63a897fbe9a50ff08dd122c3ce1445b21aab0502b6fb47577604a0508249d8422b71eedc58fa678646922050d46d5e69d8612ff7bbb741c19ede0600917b7f84e44e580334db385ef5e5600a73bfdebcb037cea14f50eb7466db1e51d03d61923804ebfef38735452893486cf5a9e6ecc54526a2c998e3b5b41d5d8477c7e9b756876c8748dd10f44f315a5ccc578ec38a6799846ec1fac57bdfe4f9bc65b31d1e7de7cd9fc2f163cb513d790bd1dbb9b5a5cd46efecbbaba6bf504c23ca744ee36704f0b873896da1f9ac7089c28136e19b3c31ea3ac44f0bf8af4bdeb9a917370c78d11ab838282787cdc45b35f604bddf6c65f4079bd7606a40f219bbe940e25e6a54a8b9850ea0decb10013ae99aa920303f35f6283c0211e1b0000008000000000cc53babc28b29c5aee0f626c48d58b092644823fc0b71a57d7125bc35ddf9ec7019d89a3497aa65fb4f34b169c535ce30d695dbb88f278e730d2e4f1394ed4b843885d8fa33b39152398fd2f6bb77520a84e4135e1995e9568bc4d3e60b98e1452ada5893bfc1a7574570a09fa21064ad12aa22af9195fe351cd34a5e3adac29da4669e09a00008d17c4b564f2ed0a7844c840a729fed5c106861f479fedf326d93b39f186c40e4fc59e064c6d090cc9ecf27630ab471817e3bf8acfa1518c6f0f6b2f4c0905e9249af04c8019d3fe12acd69e0a3085e01d673ffa5f2bb6d26717f6e8a4a110ac2b0f11de3a0bdb7b838f0d156c06395bbb9294cb0e293f43baf60df683b35c4ff83bfd71b74fb25762079843d6484fa76a610b8cd6affeaf1930a47aa9aec77fee8b6b6a806527597f769570bb62af13a9da2d81254e102134e256f15126d21a7e5e6865989b1eb5c9752d059bea9eff27f7fed5f0ed40413ac11c20e68aa43baf4fc6a59e049e6bdb3ea3ebc5734b0ad0c6c9be761c5c248d2b50584ddfa2399884b091894f19061f4eb9ffa86097c11ee9fdb04d4ca44f91edded8e541adfab1b71c93305e85a41ca5f4eb9cf15820bf677694325c9c55cb443a7cb5e3d18157bd01bb23c1ede5dd5babc2751bead25b2f18860a085584ebf5211d67f74fd70edbecdbbf435d71db84fa96b9878a4166e2b0cc492f0f9eb82ad4fb4cdd5644e20f296feaa8f147e0e20a7c0f37767bf2a47fee3141447043fd990bb39dd56153eee38d05538b43627891f057a07526bf6848e171247549f53e0ba495a108f99e412a178e12001135e27b0184542ac579e0e22987b6b60fe5fc07954587556a53e1b326888d482f519c2e65f57193cb7f328e865db95b757d370200cb643a4da7596a13391d7b1017d842ecacaac3b0a3f53f388301374ad9033ff34d7d18db497c78a1ec8661c8e78e1d498f5a615649f3ecfe2c8ef3ee616ae455a42a06aacd64f1b2904dd111acd54d349dbb2ea2acf9e8fad483a53eb211018f6f2245c519c50fb3453b956c49a05a140b7270939f4f8216da940564f7facc9a83adae647c9fd43790577ed43dbe77420459a74237593fd5b703c0d4076ab1accd9ba686e621f189071a66df608f7db2dfb1b08137f2f91413e670f3835dd7bca62a078c1cd14683ed4d9ff8d9025477aacffcc38c330c3940ce55ba0742d8ffb4e0a3220177529978390e19167e40dede952fc0cb5e6e8ad6863c6160f517d714bcf18256eb9d0eec8413dbec13a7bd637a77e328d4db8f61493eb0f26eca93137fc4420e0c5bd8d4a1b700bf0608daddec7d40d24751f88f2dc89b8a04ae03d3349511a50f989b02cbfacf2c0455a9c8f034d671972368ceed715f3dfc2e9a143ff5c6275c8b714aee89c48c6b10aaf007e363ae17765dffea8b265a27793f55b86c214bbce2b3745f392109ece5688bdccd6dccf33407932dac4a18783b2d26d6dafeff39146397a4e89d2fb32d27c8b86e02b6ffa8fb91499f51d481ade5aa2e89bf5d24cdb95771574c777df39144316c6d6fcd9d8fb2fcec5823adfea0550014dfd2b5a3f7e23116359d12bee8362b5b96c7816583dabda95117b089f37cb3f682aeafec74dd62ca9ed9f1e56f7789e3b1ea9fcd0e3362ce0819f7b73d5e6b73162452eb69a1625a74926e6f4ee83e443e22f035e28f8bb19cfdc79c4e623356d022866edaf6d75c1938b86aa475670015433496f6455e4178072f05210d023ddb30dbaa5c8549fe893880e9da44d7ef99bc67940e73823962c8cc5e5e2708e22ddf27b863e360b372b57771099ab70fb51538bb0f42684e9b8bee428a9292869ad2bda5c554653e592066acd8e8547987f8e734e9e63ce39aae30439d4a0d7d88c8c5b2ee3727b6e8f22e96b9571ac2290edf3aa74e5cd54f464417773ef295e90d43042ee731d129179bef03fafc424b38118b5bfaa2051da04fbe8c84ddb142b8b80a599e419c09e0946268a52c352e74a8c3ff5b4e554dfcb1ae8b9a7f16ff823022ba5cd25ba70b6d6f620c5b2eff4a318c2c14a8", 0xff2, 0x22000040, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)

7.968829148s ago: executing program 2 (id=15048):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pivot_root(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='./cgroup\x00')
r4 = syz_io_uring_setup(0x159b, &(0x7f0000000200)={0x0, 0x9e3e, 0x2, 0x80000, 0x19b}, &(0x7f0000000100), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000580)=[{&(0x7f0000000380)=""/113, 0x71}], 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

7.968328518s ago: executing program 6 (id=15049):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="00042cbd7000fedbdf2510000000080005000b0000003000038014000200697036677265746170"], 0x98}, 0x1, 0x0, 0x0, 0x8010}, 0x40400c0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000508000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0000001e0a05010000000000000000070000070900020073797a31000000000900010073797a3000000000100003800c00"], 0xc0}}, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000000a140)={0x44, 0xb, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP2={0x18, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x48}, 0x4800)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000400)={'erspan0\x00', <r3=>0x0, 0x20, 0x0, 0x350, 0x1, {{0x30, 0x4, 0x1, 0x4, 0xc0, 0x68, 0x0, 0x7, 0x4, 0x0, @private=0xa010101, @private=0xa010101, {[@timestamp_prespec={0x44, 0x2c, 0x91, 0x3, 0x8, [{@private=0xa010101}, {@remote, 0xfa6}, {@multicast2, 0x7fffffff}, {@private=0xa010100, 0x1}, {@broadcast, 0x80}]}, @noop, @lsrr={0x83, 0x1f, 0xd0, [@loopback, @loopback, @broadcast, @loopback, @local, @multicast2, @dev={0xac, 0x14, 0x14, 0x4}]}, @ssrr={0x89, 0x7, 0xc1, [@multicast1]}, @ssrr={0x89, 0x1f, 0x16, [@multicast2, @dev={0xac, 0x14, 0x14, 0x2a}, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote]}, @lsrr={0x83, 0x1b, 0xf6, [@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102, @multicast2]}, @rr={0x7, 0x17, 0x44, [@rand_addr=0x64010100, @remote, @multicast2, @empty, @broadcast]}, @generic={0x86, 0x5, "8c638b"}]}}}}})
ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000080)={@local, 0x1e, r3})
r4 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x1, {0x3, 0xffffffff, 0x403}})
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x42a00, 0x0)
r5 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000010d804dd000000000000010902240001000000e909040000010300000009210500000122050009058103"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
munlockall()
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

7.274161769s ago: executing program 0 (id=15050):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x4, 0x80, 0x2000000, 0x3a2}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x18}, 0x0, 0x40000, 0x1})
io_uring_enter(r4, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

6.645336006s ago: executing program 4 (id=15051):
syz_open_dev$loop(&(0x7f0000000140), 0x760, 0x200)
sysinfo(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fcntl$getown(r0, 0x9)
r1 = memfd_secret(0x80000)
syz_genetlink_get_family_id$devlink(0x0, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x11, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="40010000", @ANYRES16=r3, @ANYBLOB="01000000000004000000010000002400030000000000000000000000000000000000000000000000000000000000000000001400020077673100000000000000000000000000f4000880"], 0x140}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

6.599835048s ago: executing program 2 (id=15052):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)=ANY=[@ANYBLOB="1200000006000000080000000200000000000000"], 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

6.539049675s ago: executing program 4 (id=15053):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="041817aaaaaaaaaa107e507f"], 0x1a)
sched_getattr(0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
epoll_create1(0x0)
pselect6(0x40, &(0x7f0000000180)={0x1f, 0x0, 0x3ff, 0x0, 0x9}, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setuid(0xee00)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x101000, 0x800, 0x3, 0x1}, 0x20)
fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x40)

6.435151621s ago: executing program 4 (id=15054):
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000000ac0)=ANY=[@ANYRESHEX, @ANYBLOB=',rootm', @ANYRESDEC=0x0, @ANYBLOB=',group_id', @ANYBLOB=','])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
getpeername$qrtr(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000500)=0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

5.899795491s ago: executing program 0 (id=15055):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r3=>0x0})
syz_usb_connect(0x0, 0x2d2, &(0x7f0000000340)=ANY=[@ANYBLOB="120100008b216740420709204661010203010902c002010000000009047500efd08de70009050201"], 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000007000390230bd7000fbdbdf2507000000", @ANYRES32=r3, @ANYBLOB="0c0001"], 0x24}, 0x1, 0x0, 0x0, 0x4004840}, 0x0)
r4 = dup3(r1, r0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100b, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000240)="02"})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000004a40)={0x4c, 0x0, &(0x7f0000000940)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x1040}], 0x0, 0x0, 0x0})

5.790450234s ago: executing program 4 (id=15056):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='cubic', 0x9)
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r5, 0x5452, &(0x7f00000001c0)=0x1)
close_range(r5, 0xffffffffffffffff, 0x0)

5.773859631s ago: executing program 3 (id=15057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000040)={0x1, 0x2, 0x6, 0x2, r0})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000500)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000640)=ANY=[@ANYBLOB="30e01b3981ddca14"], 0x1000f)

5.079629486s ago: executing program 6 (id=15058):
socket(0x1e, 0x4, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0x111, 0x5, 0x800}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x200400)
openat$sequencer(0xffffff9c, 0x0, 0x88302, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r2 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x2200}], 0x0, 0xa}, 0x20)

5.040309387s ago: executing program 2 (id=15059):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x80000)
sendmsg$kcm(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000014c0)="c61f6b65c4e662a0a5c3fe7b614b98ed0825ea99c9156ccb4d0a1273144cba4fcd32b18eba1b1169c3104425d267253d9dde3a884292a6593cc151240885d2b02bd4d9f55671d28245417fbfcef33121972f43f96f5b55cafc9500e97ad170dc3605dae4c1085431f46655c964f28105dca1a82eb05565b34de6285e58c794b2f2d6ee4504bf1b18ba27dd8661c0c9841358ac22b222c8342b8502470925b9e5fc5b12003fe4f8cda1f659972be91ab4646737138d910c04a79d8fd5a0339898101c665d6eeba87d25", 0xc9}], 0x1}, 0x20000000)
recvmsg$can_j1939(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000340)=""/201, 0xc9}], 0x1}, 0x100)

4.764908729s ago: executing program 3 (id=15060):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)

4.146185673s ago: executing program 0 (id=15061):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000540)={'ip6tnl0\x00', {0x2, 0x0, @private=0xfffffffe}})
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x1, &(0x7f0000af7000/0x4000)=nil)
munlockall()
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)
writev(r3, &(0x7f00000028c0)=[{&(0x7f0000002600)='u', 0x4000}, {0x0, 0x2}], 0x2)
close_range(r3, 0xffffffffffffffff, 0x0)

4.143728515s ago: executing program 4 (id=15062):
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r2, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, 0x0, 0x0)
mlock2(&(0x7f000027f000/0x2000)=nil, 0x2000, 0x1)
pipe2$watch_queue(0x0, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0x0)

4.019886895s ago: executing program 2 (id=15063):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r4)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r2)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x3c, r5, 0x917, 0x0, 0xffffffe4, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4044011}, 0x4000)

2.736805889s ago: executing program 3 (id=15064):
socket$xdp(0x2c, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2000000000000009, 0x8, 0x0, 0x4}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32], 0x50}, 0x1, 0xba01}, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000140)='wg0\x00', 0x4)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x2, @remote}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x191c)

2.434911429s ago: executing program 2 (id=15065):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x800000000000001)

1.471838602s ago: executing program 6 (id=15066):
r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0xfd})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs={0x0, 0x0, 0x1002}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x10000000, 'dh\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)

1.360576293s ago: executing program 2 (id=15067):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x10, 0x1407, 0x1, 0x70bd27, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x40844)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x78, 0x802)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x3})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000000)
mremap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f00003eb000/0x1000)=nil)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3, 0x2}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x8, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x44}, 0x28)

362.203832ms ago: executing program 3 (id=15068):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0xe70265ef78de5a29)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = syz_open_dev$swradio(0x0, 0x0, 0x2)
read(r1, &(0x7f0000000280)=""/149, 0x95)
r2 = syz_open_dev$swradio(0x0, 0x0, 0x2)
dup(r2)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYRES8=<r4=>r2, @ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900734c010000", @ANYRES32, @ANYRESDEC=r4, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

194.492978ms ago: executing program 6 (id=15069):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x3)
ptrace$ARCH_GET_GS(0x1e, 0x0, 0x0, 0x1004)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffa)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, 0x0, &(0x7f0000000100), 0x4003)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc2a)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x555)
semtimedop(0x0, &(0x7f0000000040)=[{0x3, 0x8, 0x1800}], 0x1, 0x0)
unshare(0x2c040000)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1408009, 0x0)

163.572005ms ago: executing program 6 (id=15070):
syz_clone3(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "8fd9c8a10a72e630", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "c800afb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r1, 0x5421, &(0x7f0000000140)=0x1)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
close(r1)

0s ago: executing program 6 (id=15071):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000380)=ANY=[@ANYBLOB="020101090800000000170006ffffff00030006001000000002000000e0000009f9ff0f0005000000030005007217440502000000e0000001"], 0x40}}, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0xe, @in={0x2, 0x0, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x8, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x50}}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0x100f, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x2df3, 0x0, 0x5, 0x4, 0x0, 0x9, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0xb, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x7, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0x9, 0x10000, 0x6, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x9, 0x420, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0xba68, 0xd, 0x4e0, 0x2, 0x2, 0xb, 0x4, 0x9, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x103, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x1, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x2, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x5, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0xfffff800, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x0, 0x3, 0x7ff, 0x12b, 0x4, 0x8, 0x0, 0x0, 0x2, 0x1c, 0x120000, 0x3, 0x2006, 0x1, 0x7, 0x25], [0x800009, 0xbb33, 0x7, 0x80b, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0xf142, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff002, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x10000226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c17, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x1fd, 0xffff343e, 0xfff]}, 0x45c)

kernel console output (not intermixed with test programs):

4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.611112][   T30] audit: type=1326 audit(1399.870:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.638335][   T30] audit: type=1326 audit(1399.879:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.664111][   T30] audit: type=1326 audit(1399.879:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.694885][   T30] audit: type=1326 audit(1399.879:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.721732][   T30] audit: type=1326 audit(1399.879:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[  897.891004][   T30] audit: type=1326 audit(1399.879:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3903 comm="syz.4.13175" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0x200000000006 code=0x7ffc0000
[  898.203308][ T3932] netlink: 1276 bytes leftover after parsing attributes in process `syz.6.13185'.
[  898.262026][ T3933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13186'.
[  898.292648][ T3933] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13186'.
[  899.233820][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  899.353222][ T3951] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  900.199736][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  900.199750][   T30] audit: type=1400 audit(1402.321:3529): avc:  denied  { write accept } for  pid=3983 comm="syz.0.13209" path="socket:[161607]" dev="sockfs" ino=161607 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  900.441273][ T3990] netlink: 'syz.4.13212': attribute type 4 has an invalid length.
[  900.476027][ T3990] netlink: 'syz.4.13212': attribute type 4 has an invalid length.
[  900.661996][ T4001] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  900.669275][ T4001] IPv6: NLM_F_CREATE should be set when creating new route
[  900.829682][ T4005] netlink: 'syz.6.13218': attribute type 1 has an invalid length.
[  900.845364][ T4001] lo: entered allmulticast mode
[  900.855225][ T4001] tunl0: entered allmulticast mode
[  900.864695][ T4001] gre0: entered allmulticast mode
[  900.884673][ T4001] gretap0: entered allmulticast mode
[  900.899020][ T4001] erspan0: entered allmulticast mode
[  900.909186][ T4001] ip_vti0: entered allmulticast mode
[  900.919394][ T4001] ip6_vti0: entered allmulticast mode
[  900.928504][ T4001] sit0: entered allmulticast mode
[  900.939620][ T4001] ip6tnl0: entered allmulticast mode
[  900.948351][ T4001] ip6gre0: entered allmulticast mode
[  900.958171][ T4001] syz_tun: entered allmulticast mode
[  900.968874][ T4001] ip6gretap0: entered allmulticast mode
[  900.977043][ T4001] bridge0: port 2(bridge_slave_1) entered disabled state
[  900.984406][ T4001] bridge0: port 1(bridge_slave_0) entered disabled state
[  900.992686][ T4001] bridge0: entered allmulticast mode
[  901.001061][ T4001] vcan0: entered allmulticast mode
[  901.015265][ T4001] bond0: entered allmulticast mode
[  901.027456][ T4001] bond_slave_0: entered allmulticast mode
[  901.034159][ T4001] mac80211_hwsim hwsim35 wlan0: entered allmulticast mode
[  901.050471][ T4001] team0: entered allmulticast mode
[  901.056014][ T4001] team_slave_0: entered allmulticast mode
[  901.061989][ T4001] team_slave_1: entered allmulticast mode
[  901.071008][ T4001] dummy0: entered allmulticast mode
[  901.081364][ T4001] nlmon0: entered allmulticast mode
[  901.090195][ T4001] caif0: entered allmulticast mode
[  901.097776][ T4001] batadv0: entered allmulticast mode
[  901.106593][ T4001] vxcan0: entered allmulticast mode
[  901.112933][ T4001] vxcan1: entered allmulticast mode
[  901.121051][ T4001] veth0: entered allmulticast mode
[  901.129028][ T4001] veth1: entered allmulticast mode
[  901.136444][ T4001] wg0: entered allmulticast mode
[  901.143916][ T4001] wg1: entered allmulticast mode
[  901.152521][ T4001] wg2: entered allmulticast mode
[  901.160880][ T4001] veth0_to_bridge: entered allmulticast mode
[  901.172569][ T4001] veth1_to_bridge: entered allmulticast mode
[  901.183141][ T4001] veth0_to_bond: entered allmulticast mode
[  901.193403][ T4001] veth0_to_team: entered allmulticast mode
[  901.203485][ T4001] veth1_to_team: entered allmulticast mode
[  901.213907][ T4001] veth0_to_batadv: entered allmulticast mode
[  901.221432][ T4001] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  901.230762][ T4001] batadv_slave_0: entered allmulticast mode
[  901.239516][ T4001] veth1_to_batadv: entered allmulticast mode
[  901.247953][ T4001] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  901.256801][ T4001] batadv_slave_1: entered allmulticast mode
[  901.264776][ T4001] xfrm0: entered allmulticast mode
[  901.289675][ T4001] veth0_to_hsr: entered allmulticast mode
[  901.303835][ T4001] hsr_slave_0: entered allmulticast mode
[  901.323966][ T4001] veth1_to_hsr: entered allmulticast mode
[  901.342037][ T4001] hsr_slave_1: entered allmulticast mode
[  901.350286][ T4001] hsr0: entered allmulticast mode
[  901.362125][ T4001] veth1_virt_wifi: entered allmulticast mode
[  901.371215][ T4001] veth0_virt_wifi: entered allmulticast mode
[  901.380816][ T4001] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  901.390677][ T4001] veth1_macvtap: entered allmulticast mode
[  901.400890][ T4001] veth0_macvtap: entered allmulticast mode
[  901.411328][ T4001] macvtap0: entered allmulticast mode
[  901.420224][ T4001] macsec0: entered allmulticast mode
[  901.429639][ T4001] geneve0: entered allmulticast mode
[  901.439244][ T4001] geneve1: entered allmulticast mode
[  901.451947][ T4001] mac80211_hwsim hwsim36 wlan1: entered allmulticast mode
[  901.461224][ T4001] vxlan0: entered allmulticast mode
[  901.470386][ T4001] vxlan1: entered allmulticast mode
[  901.477170][ T4001] vlan2: entered allmulticast mode
[  901.484041][ T4001] ip6tnl1: entered allmulticast mode
[  901.490870][ T4001] veth2: entered allmulticast mode
[  901.496550][ T4001] veth3: left promiscuous mode
[  901.503978][ T4001] gre1: entered allmulticast mode
[  901.509662][ T4001] bond1: entered allmulticast mode
[  901.515494][ T4001] bridge1: entered allmulticast mode
[  901.526280][ T4001] ip6gre1: entered allmulticast mode
[  901.533787][ T4001] bond2: entered allmulticast mode
[  901.538935][ T4001] geneve2: entered allmulticast mode
[  901.548569][ T4001] bridge2: entered allmulticast mode
[  901.557579][ T4001] veth4: entered allmulticast mode
[  901.563181][ T4001] veth5: entered allmulticast mode
[  901.569973][ T4001] bridge3: entered allmulticast mode
[  901.577656][ T4001] veth6: entered allmulticast mode
[  901.582933][ T4001] veth7: entered allmulticast mode
[  901.589275][ T4001] veth8: entered allmulticast mode
[  901.594571][ T4001] veth9: entered allmulticast mode
[  901.601341][ T4001] bridge4: entered allmulticast mode
[  901.610189][ T4001] bond3: left promiscuous mode
[  901.614980][ T4001] geneve3: left promiscuous mode
[  901.620963][ T4001] bond3: entered allmulticast mode
[  901.626090][ T4001] geneve3: entered allmulticast mode
[  901.635662][ T4001] bridge5: entered allmulticast mode
[  901.643335][ T4001] @: entered allmulticast mode
[  901.649039][ T4001] bridge6: entered allmulticast mode
[  901.658392][ T4001] gtp0: left promiscuous mode
[  901.664638][ T4001] gtp0: entered allmulticast mode
[  901.671519][ T4001] veth10: entered allmulticast mode
[  901.676960][ T4001] veth11: entered allmulticast mode
[  901.759863][ T4005] bond5: entered promiscuous mode
[  901.776271][ T4005] 8021q: adding VLAN 0 to HW filter on device bond5
[  901.840791][ T4023] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  901.859144][ T4012] bond5: (slave bridge2): making interface the new active one
[  901.867010][ T4012] bridge2: entered promiscuous mode
[  901.867774][   T30] audit: type=1804 audit(1403.845:3530): pid=4023 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.13221" name="file0" dev="tmpfs" ino=3808 res=1 errno=0
[  901.873254][ T4012] bond5: (slave bridge2): Enslaving as an active interface with an up link
[  901.911320][ T4023] ref_ctr increment failed for inode: 0xee0 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff888082672040
[  902.558857][ T5960] usb 2-1: new full-speed USB device number 103 using dummy_hcd
[  902.780776][ T5960] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 65535, setting to 64
[  902.812041][ T5960] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  902.832276][ T5960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  902.856808][ T5960] usb 2-1: Product: syz
[  902.879092][ T5960] usb 2-1: Manufacturer: syz
[  902.893119][ T5960] usb 2-1: SerialNumber: syz
[  902.940681][ T5960] usb 2-1: config 0 descriptor??
[  902.963465][ T4049] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  902.973090][ T5960] hub 2-1:0.0: bad descriptor, ignoring hub
[  902.980147][ T5960] hub 2-1:0.0: probe with driver hub failed with error -5
[  903.094422][ T5960] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  903.213919][ T5829] usb 2-1: USB disconnect, device number 103
[  903.703188][ T4079] overlayfs: failed to clone lowerpath
[  903.861324][   T30] audit: type=1400 audit(1405.735:3531): avc:  denied  { watch } for  pid=4080 comm="syz.7.13242" path="/1596/file0" dev="tmpfs" ino=8323 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  903.960689][ T4085] md: md2 stopped.
[  904.394947][ T4104] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  904.580490][ T4115] netlink: 'syz.1.13251': attribute type 1 has an invalid length.
[  904.593076][ T4117] overlayfs: failed to clone upperpath
[  904.665269][ T4115] 8021q: adding VLAN 0 to HW filter on device bond3
[  904.681995][ T4123] erspan0: entered allmulticast mode
[  904.740649][ T4123] bond3: (slave erspan0): making interface the new active one
[  904.783941][ T4123] bond3: (slave erspan0): Enslaving as an active interface with an up link
[  905.481943][ T4169] overlayfs: failed to clone upperpath
[  905.532572][   T30] audit: type=1400 audit(1407.306:3532): avc:  denied  { bind } for  pid=4170 comm="syz.0.13276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  905.740639][   T30] audit: type=1326 audit(1407.493:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4174 comm="syz.4.13277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7fc00000
[  906.097602][ T4204] netlink: 76 bytes leftover after parsing attributes in process `syz.6.13285'.
[  906.239337][ T4202] kvm: pic: non byte write
[  906.257483][ T5950] usb 2-1: new full-speed USB device number 104 using dummy_hcd
[  906.429953][ T5950] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  906.450883][ T5950] usb 2-1: config 0 has no interface number 0
[  906.466619][ T5950] usb 2-1: config 0 interface 41 has no altsetting 0
[  906.476752][   T30] audit: type=1326 audit(1408.167:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4174 comm="syz.4.13277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcdf2b8eec9 code=0x7fc00000
[  906.484862][ T5950] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  906.553753][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.579533][ T4218] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13293'.
[  906.588760][ T5950] usb 2-1: Product: syz
[  906.593238][ T5950] usb 2-1: Manufacturer: syz
[  906.613530][ T5950] usb 2-1: SerialNumber: syz
[  906.625258][ T5950] usb 2-1: config 0 descriptor??
[  907.513772][ T5950] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  908.847907][ T5950] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  909.315392][ T5950] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71
[  909.325420][ T5950] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -71
[  909.352104][ T5950] usb 2-1: USB disconnect, device number 104
[  909.495318][ T4254] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13305'.
[  909.551460][   T30] audit: type=1400 audit(1411.057:3535): avc:  denied  { bind } for  pid=4248 comm="syz.7.13304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  909.699606][ T4263] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  909.715360][ T4263] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  909.726717][ T4263] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  909.866196][ T4263] overlayfs: d_ino too big (362, ino=9223372036854777760, xinobits=2)
[  909.905881][ T4263] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=2)
[  909.921889][ T4263] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=2)
[  909.930346][ T4269] overlayfs: failed to clone upperpath
[  909.931234][ T4263] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=2)
[  909.939519][T19470] usb 8-1: new high-speed USB device number 86 using dummy_hcd
[  909.960733][ T4263] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=2)
[  909.969846][ T4263] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=2)
[  909.978570][ T4263] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=2)
[  909.993852][ T4263] overlayfs: d_ino too big (syz8, ino=4611686018427388494, xinobits=2)
[  910.027360][ T4263] overlayfs: d_ino too big (io.pressure, ino=4611686018427387915, xinobits=2)
[  910.037416][ T4263] overlayfs: d_ino too big (cgroup.procs, ino=4611686018427387906, xinobits=2)
[  910.082775][ T4273] overlayfs: failed to clone upperpath
[  910.142207][T19470] usb 8-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=b7.de
[  910.169120][T19470] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  910.189527][T19470] usb 8-1: Product: syz
[  910.217600][T19470] usb 8-1: Manufacturer: syz
[  910.233095][T19470] usb 8-1: SerialNumber: syz
[  910.253094][ T4281] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13317'.
[  910.264016][T19470] usb 8-1: config 0 descriptor??
[  910.278344][ T4283] overlayfs: failed to clone upperpath
[  910.285006][T19470] ttusb_dec_send_command: command bulk message failed: error -22
[  910.308499][T19470] ttusb-dec 8-1:0.0: probe with driver ttusb-dec failed with error -22
[  910.311042][ T4285] overlayfs: failed to clone upperpath
[  910.519493][ T4260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  910.542777][ T4260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  910.559033][ T5950] usb 8-1: USB disconnect, device number 86
[  910.593121][   T30] audit: type=1800 audit(1412.039:3536): pid=4301 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.6.13327" name="bus" dev="tmpfs" ino=2741 res=0 errno=0
[  910.692860][ T4303] overlayfs: failed to clone upperpath
[  910.873549][ T4311] netlink: 'syz.6.13330': attribute type 4 has an invalid length.
[  910.913335][ T4311] netlink: 'syz.6.13330': attribute type 4 has an invalid length.
[  911.174035][   T30] audit: type=1400 audit(1412.573:3537): avc:  denied  { read } for  pid=4325 comm="syz.7.13338" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  912.567844][ T4352] svc: failed to register nfsdv3 RPC service (errno 111).
[  912.613360][ T4352] svc: failed to register nfsaclv3 RPC service (errno 111).
[  914.581232][ T4387] netlink: 16186 bytes leftover after parsing attributes in process `syz.6.13357'.
[  915.153981][ T4398] netlink: 'syz.7.13362': attribute type 1 has an invalid length.
[  915.282288][ T4398] 8021q: adding VLAN 0 to HW filter on device bond6
[  915.654597][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  915.744036][ T4403] 9pnet: p9_errstr2errno: server reported unknown error �00000000000000000000011
[  915.754557][ T4400] bond6: (slave veth9): Enslaving as an active interface with a down link
[  915.988919][ T4401] bond6: (slave dummy0): making interface the new active one
[  916.003444][ T4401] dummy0: entered promiscuous mode
[  916.068751][ T4401] bond6: (slave dummy0): Enslaving as an active interface with an up link
[  916.729100][ T4425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.13383'.
[  916.740866][   T30] audit: type=1400 audit(1417.773:3538): avc:  denied  { call } for  pid=4424 comm="syz.1.13372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  916.811069][   T30] audit: type=1400 audit(1417.773:3539): avc:  denied  { transfer } for  pid=4424 comm="syz.1.13372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  917.368246][ T4398] bond6 (unregistering): (slave veth9): Releasing active interface
[  917.400649][ T4398] bond6 (unregistering): (slave dummy0): Releasing active interface
[  917.421969][ T4398] bond6 (unregistering): Released all slaves
[  917.695493][ T4425] bridge_slave_1: left allmulticast mode
[  917.701364][ T4425] bridge_slave_1: left promiscuous mode
[  917.708364][ T4425] bridge0: port 2(bridge_slave_1) entered disabled state
[  918.392600][    C0] bridge0: port 3(syz_tun) entered learning state
[  918.834862][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  918.844388][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  918.855993][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  918.883383][ T4478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13391'.
[  919.167748][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  919.178737][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  919.189447][ T4478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13391'.
[  919.200806][ T4478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13391'.
[  924.825210][ T4591] netlink: 'syz.1.13429': attribute type 1 has an invalid length.
[  924.858634][ T4591] 8021q: adding VLAN 0 to HW filter on device bond4
[  925.193993][ T4591] bond4: (slave veth3): Enslaving as an active interface with a down link
[  925.220265][ T4593] bond4: (slave dummy0): making interface the new active one
[  925.264034][ T4593] dummy0: entered promiscuous mode
[  925.292460][ T4593] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  926.309905][ T4595] bond4 (unregistering): (slave veth3): Releasing active interface
[  926.334192][ T4595] bond4 (unregistering): (slave dummy0): Releasing active interface
[  926.345923][ T4595] bond4 (unregistering): Released all slaves
[  926.516077][ T4628] binder: 4626:4628 ioctl c0306201 200000000640 returned -22
[  926.580477][ T5950] usb 8-1: new high-speed USB device number 87 using dummy_hcd
[  926.684805][   T30] audit: type=1400 audit(1427.090:3540): avc:  denied  { read } for  pid=4630 comm="syz.1.13442" path="socket:[164214]" dev="sockfs" ino=164214 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  926.746679][ T5950] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  926.765111][ T5950] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  926.792185][ T5950] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.823128][ T5950] usb 8-1: config 0 descriptor??
[  926.860555][ T5950] pwc: Askey VC010 type 2 USB webcam detected.
[  927.280707][ T5950] pwc: recv_control_msg error -32 req 02 val 2b00
[  927.323200][ T5950] pwc: recv_control_msg error -32 req 02 val 2700
[  927.341557][ T5950] pwc: recv_control_msg error -32 req 02 val 2c00
[  927.364415][ T5950] pwc: recv_control_msg error -32 req 04 val 1000
[  927.386234][ T5950] pwc: recv_control_msg error -32 req 04 val 1300
[  927.398298][ T5950] pwc: recv_control_msg error -32 req 04 val 1400
[  927.417666][ T5950] pwc: recv_control_msg error -32 req 02 val 2000
[  927.648534][ T5950] pwc: recv_control_msg error -71 req 04 val 1500
[  927.655408][ T5950] pwc: recv_control_msg error -71 req 02 val 2500
[  927.668166][ T5950] pwc: recv_control_msg error -71 req 02 val 2400
[  927.692899][ T5950] pwc: recv_control_msg error -71 req 02 val 2600
[  927.713916][ T5950] pwc: recv_control_msg error -71 req 02 val 2900
[  927.720791][ T5950] pwc: recv_control_msg error -71 req 02 val 2800
[  927.767259][ T5960] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[  927.820481][ T5950] pwc: recv_control_msg error -71 req 04 val 1100
[  927.834417][ T5950] pwc: recv_control_msg error -71 req 04 val 1200
[  927.853895][ T5950] pwc: Registered as video103.
[  927.875327][ T5950] input: PWC snapshot button as /devices/platform/dummy_hcd.7/usb8/8-1/input/input170
[  927.958029][ T5950] usb 8-1: USB disconnect, device number 87
[  927.998543][ T5960] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  928.029271][ T5960] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  928.046947][ T5960] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  928.087712][ T5960] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.110518][ T4641] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  928.120792][ T5960] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  928.600656][T19470] usb 2-1: USB disconnect, device number 105
[  928.799942][ T4672] netlink: 'syz.6.13456': attribute type 1 has an invalid length.
[  928.914397][ T4674] bond6: (slave veth3): Enslaving as an active interface with a down link
[  928.973130][ T4672] bond6: entered promiscuous mode
[  928.984512][ T4676] ptrace attach of "./syz-executor exec"[4677] was attempted by "./syz-executor exec"[4676]
[  928.995144][ T4672] bond6: entered allmulticast mode
[  929.008083][ T4672] 8021q: adding VLAN 0 to HW filter on device bond6
[  932.668386][ T4741] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  932.690935][ T4743] netlink: 'syz.0.13482': attribute type 1 has an invalid length.
[  932.747340][ T4743] 8021q: adding VLAN 0 to HW filter on device bond4
[  932.903412][ T4754] virtio-fs: tag </dev/md0> not found
[  932.917406][ T4751] bond4: (slave veth13): Enslaving as an active interface with a down link
[  933.120610][ T4743] dummy0: left allmulticast mode
[  933.257291][ T4743] bond4: (slave dummy0): making interface the new active one
[  933.280056][   T30] audit: type=1400 audit(1433.254:3541): avc:  denied  { mounton } for  pid=4757 comm="syz.7.13486" path="/1626/file1/file0" dev="autofs" ino=164343 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  933.291925][ T4743] dummy0: entered promiscuous mode
[  933.361222][ T4743] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  933.976496][ T4768] overlayfs: failed to clone upperpath
[  933.997333][ T4768] overlayfs: failed to clone upperpath
[  934.122378][ T4755] bond4 (unregistering): (slave veth13): Releasing active interface
[  934.136540][ T4755] bond4 (unregistering): (slave dummy0): Releasing active interface
[  934.150479][ T4755] bond4 (unregistering): Released all slaves
[  935.291498][ T4780] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 80045700, magic 57 != 6b]
[  935.701389][   T30] audit: type=1400 audit(1435.527:3542): avc:  denied  { mounton } for  pid=4790 comm="syz.4.13498" path="/file0" dev="rootfs" ino=164935 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  936.595533][ T4814] overlayfs: failed to clone upperpath
[  936.770524][ T4809] bond4: up delay (1023) is not a multiple of miimon (100), value rounded to 1000 ms
[  936.843498][ T4809] 8021q: adding VLAN 0 to HW filter on device bond4
[  940.402220][ T4869] __nla_validate_parse: 4 callbacks suppressed
[  940.402243][ T4869] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13523'.
[  942.838894][   T30] audit: type=1326 audit(1442.197:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4907 comm="syz.0.13536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x0
[  943.071517][ T4912] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  943.878936][ T5829] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  943.915422][   T30] audit: type=1400 audit(1443.207:3544): avc:  denied  { lock } for  pid=4930 comm="syz.0.13546" path="socket:[164715]" dev="sockfs" ino=164715 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  944.049233][ T5829] usb 2-1: Using ep0 maxpacket: 16
[  944.055694][ T5829] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  944.123171][ T5829] usb 2-1: config 0 interface 0 has no altsetting 0
[  944.130487][ T5829] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  944.321580][ T5829] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  944.352038][ T5829] usb 2-1: config 0 descriptor??
[  944.812064][ T5829] nzxt-smart2 0003:1E71:2009.00C5: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  945.855725][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  946.134770][   T10] usb 2-1: USB disconnect, device number 106
[  948.833605][ T5018] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13576'.
[  949.180338][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  949.813845][ T5038] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13585'.
[  950.312555][ T5147] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  950.336731][ T5147] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  950.373576][ T5147] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  950.390361][ T5147] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  950.401606][ T5147] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  950.549669][    C0] bridge0: port 3(syz_tun) entered forwarding state
[  950.556302][    C0] bridge0: topology change detected, propagating
[  950.768239][ T5061] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13591'.
[  951.790557][ T5046] chnl_net:caif_netlink_parms(): no params data found
[  952.080533][ T5098] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  952.153833][ T5046] bridge0: port 1(bridge_slave_0) entered blocking state
[  952.161073][ T5046] bridge0: port 1(bridge_slave_0) entered disabled state
[  952.184137][ T5046] bridge_slave_0: entered allmulticast mode
[  952.217830][ T5046] bridge_slave_0: entered promiscuous mode
[  952.226590][ T5046] bridge0: port 2(bridge_slave_1) entered blocking state
[  952.245328][ T5046] bridge0: port 2(bridge_slave_1) entered disabled state
[  952.277508][ T5046] bridge_slave_1: entered allmulticast mode
[  952.297806][ T5046] bridge_slave_1: entered promiscuous mode
[  952.619770][   T53] Bluetooth: hci5: command tx timeout
[  952.918342][ T5046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  952.973496][ T5046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  953.016539][ T5046] team0: Port device team_slave_0 added
[  953.025777][ T5046] team0: Port device team_slave_1 added
[  953.066193][ T5046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  953.075678][ T5046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  953.109881][ T5046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  953.133235][ T5046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  953.144880][ T5046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  953.253556][ T5046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  954.005402][ T5046] hsr_slave_0: entered promiscuous mode
[  954.012025][ T5046] hsr_slave_1: entered promiscuous mode
[  954.018359][ T5046] debugfs: 'hsr0' already exists in 'hsr'
[  954.024138][ T5046] Cannot create hsr debugfs directory
[  954.627716][ T5046] 8021q: adding VLAN 0 to HW filter on device bond0
[  954.649042][ T5046] 8021q: adding VLAN 0 to HW filter on device team0
[  954.715743][ T3584] bridge0: port 1(bridge_slave_0) entered blocking state
[  954.723010][ T3584] bridge0: port 1(bridge_slave_0) entered forwarding state
[  954.795391][ T5128] bridge0: port 2(bridge_slave_1) entered blocking state
[  954.802498][ T5128] bridge0: port 2(bridge_slave_1) entered forwarding state
[  954.830689][   T53] Bluetooth: hci5: command tx timeout
[  954.956235][ T5164] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  955.112343][ T5046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  955.487424][ T5046] veth0_vlan: entered promiscuous mode
[  955.512794][ T5046] veth1_vlan: entered promiscuous mode
[  955.666856][ T5046] veth0_macvtap: entered promiscuous mode
[  955.699390][ T5046] veth1_macvtap: entered promiscuous mode
[  955.770332][ T5046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  955.813482][ T5046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  955.857723][ T5192] netlink: 'syz.0.13627': attribute type 10 has an invalid length.
[  955.867523][ T5190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13626'.
[  955.887699][ T5190] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13626'.
[  955.902256][ T5192] team0: left allmulticast mode
[  955.910589][ T5192] 8021q: adding VLAN 0 to HW filter on device team0
[  955.920343][ T5192] team0: entered allmulticast mode
[  955.927417][ T5192] bond0: (slave team0): Enslaving as an active interface with an up link
[  956.075794][ T3584] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  956.083673][ T3584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.187156][T20657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  956.202124][T20657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  956.499893][ T5211] netlink: 'syz.0.13634': attribute type 10 has an invalid length.
[  956.605095][ T5214] kvm: pic: non byte write
[  956.654482][ T5214] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3722248192 (7444496384 ns) > initial count (24 ns). Using initial count to start timer.
[  957.048971][   T53] Bluetooth: hci5: command tx timeout
[  958.676269][   T30] audit: type=1400 audit(1457.013:3545): avc:  denied  { watch watch_reads } for  pid=5236 comm="syz.6.13646" path="/" dev="ramfs" ino=166316 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  959.272826][   T53] Bluetooth: hci5: command tx timeout
[  959.881154][ T5269] netlink: 16 bytes leftover after parsing attributes in process `syz.1.13656'.
[  960.092060][ T5276] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13658'.
[  961.219990][   T30] audit: type=1804 audit(1459.389:3546): pid=5296 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.13664" name="file0" dev="tmpfs" ino=3137 res=1 errno=0
[  961.378432][   T30] audit: type=1800 audit(1459.389:3547): pid=5296 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.6.13664" name="file0" dev="tmpfs" ino=3137 res=0 errno=0
[  962.780890][ T5312] netlink: 'syz.6.13670': attribute type 1 has an invalid length.
[  962.827900][ T5316] binder: 5315:5316 ioctl c0306201 200000000080 returned -14
[  962.856173][ T5316] binder: BINDER_SET_CONTEXT_MGR already set
[  962.862184][ T5316] binder: 5315:5316 ioctl 4018620d 200000004a80 returned -16
[  962.998720][ T5312] bond7: entered promiscuous mode
[  963.060104][ T5312] 8021q: adding VLAN 0 to HW filter on device bond7
[  963.166796][ T5312] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  963.174102][ T5312] IPv6: NLM_F_CREATE should be set when creating new route
[  963.181428][ T5312] IPv6: NLM_F_CREATE should be set when creating new route
[  963.192308][ T5312] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  963.204902][ T5320] 8021q: adding VLAN 0 to HW filter on device bond7
[  963.213029][ T5329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.13675'.
[  963.244277][ T5320] bond7: (slave wireguard0): The slave device specified does not support setting the MAC address
[  963.294804][ T5320] bond7: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  963.334143][ T5320] bond7: (slave wireguard0): making interface the new active one
[  963.347361][ T5336] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5336 comm=syz.1.13675
[  963.399443][ T5320] wireguard0: entered promiscuous mode
[  963.440560][ T5320] bond7: (slave wireguard0): Enslaving as an active interface with an up link
[  963.675240][ T5312] bond7: (slave wireguard1): The slave device specified does not support setting the MAC address
[  963.720425][ T5312] bond7: (slave wireguard1): Enslaving as a backup interface with an up link
[  965.318638][ T5357] virtio-fs: tag </dev/md0> not found
[  965.401266][   T30] audit: type=1400 audit(1463.309:3548): avc:  denied  { setattr } for  pid=5355 comm="syz.1.13682" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  966.401624][ T5372] tipc: Started in network mode
[  966.429516][ T5372] tipc: Node identity ac14140f, cluster identity 4711
[  966.466466][ T5372] tipc: New replicast peer: 255.255.255.255
[  966.498642][ T5372] tipc: Enabled bearer <udp:syz2>, priority 10
[  967.740916][T19470] tipc: Node number set to 2886997007
[  971.068761][ T5454] tipc: Started in network mode
[  971.080416][ T5454] tipc: Node identity 8280f62f966b, cluster identity 4711
[  971.102594][ T5454] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  971.133539][ T5448] tipc: Resetting bearer <eth:syzkaller0>
[  971.499277][   T30] audit: type=1400 audit(1469.005:3549): avc:  denied  { create } for  pid=5465 comm="syz.0.13721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  972.214413][ T5960] tipc: Node number set to 351008303
[  976.472728][ T5448] tipc: Disabling bearer <eth:syzkaller0>
[  976.993789][ T5548] overlayfs: failed to clone lowerpath
[  977.243788][T19470] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[  977.414805][T19470] usb 2-1: Using ep0 maxpacket: 32
[  977.424555][T19470] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  977.460005][T19470] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  977.594828][T19470] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  977.604594][T19470] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.682703][T19470] usb 2-1: config 0 descriptor??
[  977.777414][T19470] hub 2-1:0.0: bad descriptor, ignoring hub
[  977.885106][T19470] hub 2-1:0.0: probe with driver hub failed with error -5
[  977.999069][T19470] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  978.477481][T19470] usb 2-1: reset high-speed USB device number 107 using dummy_hcd
[  978.642876][ T5581] overlayfs: failed to clone lowerpath
[  980.367182][   T30] audit: type=1800 audit(1477.293:3550): pid=5613 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.13766" name="bus" dev="ramfs" ino=168007 res=0 errno=0
[  980.515326][ T5950] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  980.536605][T19461] usb 2-1: USB disconnect, device number 107
[  980.803670][ T5950] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  980.834937][ T5950] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  980.984369][ T5950] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  981.006271][ T5950] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  981.016006][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  981.062727][ T5950] usb 4-1: config 0 descriptor??
[  981.122226][ T5636] overlayfs: failed to clone lowerpath
[  981.852101][ T5950] plantronics 0003:047F:FFFF.00C6: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  982.301288][   T30] audit: type=1400 audit(1479.108:3551): avc:  denied  { connect } for  pid=5604 comm="syz.3.13763" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  982.358489][   T30] audit: type=1326 audit(1479.164:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5652 comm="syz.1.13777" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f301ff8eec9 code=0x0
[  983.000142][ T5669] netlink: 'syz.0.13791': attribute type 1 has an invalid length.
[  983.016592][ T5669] netlink: 'syz.0.13791': attribute type 4 has an invalid length.
[  983.024753][ T5669] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.13791'.
[  983.317158][ T5604] delete_channel: no stack
[  983.813339][ T5677] netlink: 'syz.1.13783': attribute type 1 has an invalid length.
[  983.842748][ T5677] netlink: 236 bytes leftover after parsing attributes in process `syz.1.13783'.
[  983.863178][ T5677] netlink: 'syz.1.13783': attribute type 1 has an invalid length.
[  983.974401][ T5677] 8021q: adding VLAN 0 to HW filter on device bond4
[  984.102846][ T5690] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13785'.
[  984.131265][ T5950] usb 4-1: USB disconnect, device number 88
[  986.515598][ T5727] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  986.546393][ T5726] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  986.668954][ T5732] overlayfs: failed to clone upperpath
[  988.960959][   T30] audit: type=1400 audit(1485.347:3553): avc:  denied  { append } for  pid=5768 comm="syz.4.13816" name="file0" dev="tmpfs" ino=7671 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  989.111038][ T5775] net veth1_virt_wifi »»»»»»: renamed from virt_wifi0
[  990.036755][ T5797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  990.432033][ T5791] tipc: Resetting bearer <eth:syzkaller0>
[  995.548937][ T5848] overlayfs: failed to clone upperpath
[  995.643249][   T53] Bluetooth: hci1: unexpected cc 0x203c length: 9 > 1
[  995.650082][   T53] Bluetooth: hci1: unexpected event for opcode 0x203c
[  995.680062][ T5791] tipc: Disabling bearer <eth:syzkaller0>
[  995.688047][ T5799] netlink: 96 bytes leftover after parsing attributes in process `syz.4.13825'.
[  995.697810][ T5821] kthread_run failed with err -4
[  995.825328][ T5857] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  995.832361][ T5857] overlayfs: failed to set xattr on upper
[  995.840182][ T5857] overlayfs: ...falling back to redirect_dir=nofollow.
[  995.851218][ T5857] overlayfs: ...falling back to metacopy=off.
[  995.861133][ T5857] overlayfs: ...falling back to uuid=null.
[  995.897748][ T5862] netlink: 'syz.0.13845': attribute type 1 has an invalid length.
[  996.002116][ T5862] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  996.039064][ T5862] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  996.117283][ T5865] gretap2: entered promiscuous mode
[  996.127622][ T5865] bond4: (slave gretap2): making interface the new active one
[  996.136189][ T5865] bond4: (slave gretap2): Enslaving as an active interface with an up link
[  996.258458][ T5869] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  996.315736][ T5869] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  996.334232][ T5869] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  996.383512][ T5869] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  996.397380][ T5869] kvm: requested 170133 ns i8254 timer period limited to 200000 ns
[  996.406480][ T5869] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  996.414641][ T5869] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  996.422837][ T5869] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  996.431034][ T5869] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  996.439618][ T5869] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  996.586726][   T30] audit: type=1326 audit(1492.475:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5878 comm="syz.4.13849" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x0
[  997.760774][ T5900] block nbd1: Dead connection, failed to find a fallback
[  997.768666][ T5900] block nbd1: shutting down sockets
[  997.775418][ T5900] blk_print_req_error: 5 callbacks suppressed
[  997.775456][ T5900] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.793009][ T5900] buffer_io_error: 5 callbacks suppressed
[  997.793045][ T5900] Buffer I/O error on dev nbd1, logical block 0, async page read
[  997.813435][ T5900] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.823160][ T5900] Buffer I/O error on dev nbd1, logical block 1, async page read
[  997.831897][ T5900] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.841760][ T5900] Buffer I/O error on dev nbd1, logical block 2, async page read
[  997.853177][ T5900] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.863058][ T5900] Buffer I/O error on dev nbd1, logical block 3, async page read
[  997.872686][ T5900] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.882410][ T5900] Buffer I/O error on dev nbd1, logical block 0, async page read
[  997.891360][ T5900] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.900691][ T5900] Buffer I/O error on dev nbd1, logical block 1, async page read
[  997.910352][ T5900] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.920020][ T5900] Buffer I/O error on dev nbd1, logical block 2, async page read
[  997.930489][ T5900] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.939587][ T5900] Buffer I/O error on dev nbd1, logical block 3, async page read
[  997.948017][ T5900] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.957637][ T5900] Buffer I/O error on dev nbd1, logical block 0, async page read
[  997.966122][ T5900] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  997.975796][ T5900] Buffer I/O error on dev nbd1, logical block 1, async page read
[  997.986645][ T5900] ldm_validate_partition_table(): Disk read failed.
[  997.996996][ T5900] Dev nbd1: unable to read RDB block 0
[  998.006559][ T5900]  nbd1: unable to read partition table
[  999.131908][   T30] audit: type=1400 audit(1494.822:3555): avc:  denied  { watch } for  pid=5914 comm="syz.1.13859" path="/450/bus/file1" dev="overlay" ino=2429 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1000.274639][ T5928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13864'.
[ 1000.386332][ T5930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13864'.
[ 1005.114122][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13877'.
[ 1005.147921][ T5975] netlink: 44 bytes leftover after parsing attributes in process `syz.1.13877'.
[ 1005.223673][ T5975] netlink: 43 bytes leftover after parsing attributes in process `syz.1.13877'.
[ 1005.329540][ T5975] netlink: 'syz.1.13877': attribute type 6 has an invalid length.
[ 1005.370325][ T5975] netlink: 43 bytes leftover after parsing attributes in process `syz.1.13877'.
[ 1006.399551][ T5996] overlayfs: failed to clone upperpath
[ 1007.165368][ T6011] 9pnet_fd: p9_fd_create_unix (6011): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1008.088625][ T6023] fuse: Bad value for 'fd'
[ 1010.973136][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1013.748948][   T10] libceph: connect (1)[c::]:6789 error -101
[ 1013.758203][   T10] libceph: mon0 (1)[c::]:6789 connect error
[ 1013.945718][ T6068] ceph: No mds server is up or the cluster is laggy
[ 1014.189002][   T10] libceph: connect (1)[c::]:6789 error -101
[ 1014.215601][   T10] libceph: mon0 (1)[c::]:6789 connect error
[ 1014.783214][ T6087] netlink: 'syz.1.13908': attribute type 2 has an invalid length.
[ 1016.242592][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1019.601742][ T6127] bridge6: entered allmulticast mode
[ 1022.135870][ T6173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13936'.
[ 1023.126870][ T6184] dvmrp8: entered allmulticast mode
[ 1023.311914][ T6184] dvmrp8: left allmulticast mode
[ 1025.147635][   T30] audit: type=1400 audit(1519.190:3556): avc:  denied  { checkpoint_restore } for  pid=6221 comm="syz.6.13949" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1025.972343][ T6237] netlink: 'syz.0.13952': attribute type 3 has an invalid length.
[ 1025.998851][ T6237] netlink: 'syz.0.13952': attribute type 3 has an invalid length.
[ 1026.009378][ T6240] netlink: 68 bytes leftover after parsing attributes in process `syz.6.13950'.
[ 1035.665050][ T6325] bridge: RTM_NEWNEIGH with invalid ether address
[ 1036.007662][ T6338] overlayfs: failed to clone upperpath
[ 1036.335138][   T30] audit: type=1400 audit(1529.647:3557): avc:  denied  { write } for  pid=6335 comm="syz.3.13980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1037.157454][   T30] audit: type=1400 audit(1530.424:3558): avc:  denied  { create } for  pid=6354 comm="syz.4.13985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[ 1048.426765][ T6464] netlink: 'syz.0.14024': attribute type 1 has an invalid length.
[ 1048.475362][ T6464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14024'.
[ 1050.213151][T19461] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1050.242585][ T6491] team1: left promiscuous mode
[ 1050.252660][ T6491] gtp2: left promiscuous mode
[ 1050.263826][ T6491] bond3: left promiscuous mode
[ 1050.347976][ T6491] bridge5: left promiscuous mode
[ 1050.789365][T19470] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1051.112535][T19461] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1051.513907][   T10] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1051.521032][T19461] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1051.552282][T19461] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1051.656426][T19461] usb 4-1: config 0 descriptor??
[ 1051.675392][T19461] pwc: Askey VC010 type 2 USB webcam detected.
[ 1052.544376][T19461] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1052.552515][T19461] pwc: recv_control_msg error -32 req 02 val 2700
[ 1052.573260][T19461] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1052.588334][T19461] pwc: recv_control_msg error -32 req 04 val 1000
[ 1052.710750][T19461] pwc: recv_control_msg error -32 req 04 val 1300
[ 1052.723572][T19461] pwc: recv_control_msg error -32 req 04 val 1400
[ 1052.731914][T19461] pwc: recv_control_msg error -32 req 02 val 2000
[ 1052.739188][T19461] pwc: recv_control_msg error -32 req 02 val 2100
[ 1053.134642][T19461] pwc: recv_control_msg error -71 req 02 val 2500
[ 1053.147431][T19461] pwc: recv_control_msg error -71 req 02 val 2400
[ 1053.157575][T19461] pwc: recv_control_msg error -71 req 02 val 2600
[ 1053.169352][T19461] pwc: recv_control_msg error -71 req 02 val 2900
[ 1053.179600][T19461] pwc: recv_control_msg error -71 req 02 val 2800
[ 1053.187142][T19461] pwc: recv_control_msg error -71 req 04 val 1100
[ 1053.194075][T19461] pwc: recv_control_msg error -71 req 04 val 1200
[ 1053.201740][T19461] pwc: Registered as video103.
[ 1053.207772][T19461] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input171
[ 1053.223121][T19461] usb 4-1: USB disconnect, device number 89
[ 1056.001461][ T6548] netlink: 'syz.0.14038': attribute type 1 has an invalid length.
[ 1056.080665][ T6548] bond5: entered promiscuous mode
[ 1056.097701][ T6548] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1057.327453][ T6560] netlink: 60 bytes leftover after parsing attributes in process `syz.0.14042'.
[ 1060.982753][T19470] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[ 1061.212912][T19470] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1061.266199][T19470] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.388457][T19470] usb 4-1: Product: syz
[ 1061.394979][T19470] usb 4-1: Manufacturer: syz
[ 1061.440691][T19470] usb 4-1: SerialNumber: syz
[ 1061.450558][T19470] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1061.466600][   T10] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1062.928904][   T10] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1063.014283][   T10] ath9k_htc: Failed to initialize the device
[ 1063.087827][ T5829] usb 4-1: USB disconnect, device number 90
[ 1063.104238][ T5829] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1066.467711][ T6647] fuse: Bad value for 'fd'
[ 1066.485789][ T6650] netlink: 24 bytes leftover after parsing attributes in process `syz.3.14068'.
[ 1066.722629][ T6660] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14068'.
[ 1069.669439][ T6698] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14081'.
[ 1069.678596][ T6698] netlink: 28 bytes leftover after parsing attributes in process `syz.6.14081'.
[ 1069.861994][ T6702] syz_tun: entered allmulticast mode
[ 1069.882912][ T6702] netlink: 60 bytes leftover after parsing attributes in process `syz.3.14084'.
[ 1069.942486][ T6705] veth5: entered promiscuous mode
[ 1069.966204][ T6701] syz_tun: left allmulticast mode
[ 1070.057708][ T6712] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[ 1070.099607][ T6712] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1070.410185][ T6724] netlink: 96 bytes leftover after parsing attributes in process `syz.4.14091'.
[ 1074.274579][ T6760] binder: BINDER_SET_CONTEXT_MGR already set
[ 1074.280610][ T6760] binder: 6759:6760 ioctl 4018620d 200000000040 returned -16
[ 1074.552874][   T63] bond3 (unregistering): (slave erspan0): Releasing active interface
[ 1074.607256][ T5147] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1074.619069][ T5147] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1074.630580][ T5147] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1074.641501][ T5147] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1074.650134][ T5147] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1074.675179][   T63] bond2 (unregistering): (slave gretap1): Releasing active interface
[ 1074.680185][   T30] audit: type=1800 audit(1565.529:3559): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.14109" name="/" dev="9p" ino=2 res=0 errno=0
[ 1075.233252][ T5960] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[ 1075.419931][ T5960] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1075.489797][ T5960] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.530506][ T5960] usb 4-1: config 0 descriptor??
[ 1075.542374][ T5960] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1075.702708][   T63] bond0 (unregistering): Released all slaves
[ 1075.740052][   T63] bond1 (unregistering): Released all slaves
[ 1075.797861][   T63] bond2 (unregistering): Released all slaves
[ 1076.366211][   T63] bond3 (unregistering): Released all slaves
[ 1076.450660][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1076.581795][   T63] bond4 (unregistering): Released all slaves
[ 1076.685682][ T6798] netlink: 'syz.0.14118': attribute type 39 has an invalid length.
[ 1076.816695][   T63] tipc: Disabling bearer <udp:syz2>
[ 1076.835863][   T63] tipc: Left network mode
[ 1076.957134][ T5147] Bluetooth: hci2: command tx timeout
[ 1077.437118][ T6804] netlink: 'syz.4.14120': attribute type 1 has an invalid length.
[ 1077.718538][ T5960] usb 4-1: USB disconnect, device number 91
[ 1078.629945][   T63] hsr_slave_0: left promiscuous mode
[ 1078.640169][   T63] hsr_slave_1: left promiscuous mode
[ 1079.007840][ T5147] Bluetooth: hci1: command 0x0405 tx timeout
[ 1079.178151][   T53] Bluetooth: hci2: command tx timeout
[ 1081.401883][   T53] Bluetooth: hci2: command tx timeout
[ 1082.343553][ T6836] bridge0: port 3(gretap0) entered blocking state
[ 1082.362783][ T6836] bridge0: port 3(gretap0) entered disabled state
[ 1082.376288][ T6836] gretap0: entered allmulticast mode
[ 1082.411657][ T6836] gretap0: entered promiscuous mode
[ 1082.441724][ T6836] bridge0: port 3(gretap0) entered blocking state
[ 1082.449304][ T6836] bridge0: port 3(gretap0) entered forwarding state
[ 1082.472516][ T6858] netlink: 60 bytes leftover after parsing attributes in process `syz.0.14134'.
[ 1082.482315][ T6764] chnl_net:caif_netlink_parms(): no params data found
[ 1082.751166][ T6764] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1082.772474][ T6764] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1082.843215][ T6764] bridge_slave_0: entered allmulticast mode
[ 1082.884881][ T6764] bridge_slave_0: entered promiscuous mode
[ 1082.907375][ T6764] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1082.915309][ T6764] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1082.925235][ T6764] bridge_slave_1: entered allmulticast mode
[ 1082.933735][ T6764] bridge_slave_1: entered promiscuous mode
[ 1083.668157][   T53] Bluetooth: hci2: command tx timeout
[ 1083.850355][ T6764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1083.867691][ T6764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1083.918657][ T6764] team0: Port device team_slave_0 added
[ 1083.930611][ T6764] team0: Port device team_slave_1 added
[ 1084.043221][ T6764] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1084.065180][ T6764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1084.077234][ T5950] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1084.186580][   T53] Bluetooth: hci5: command 0x0406 tx timeout
[ 1084.203146][ T6764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1084.403039][ T6889] bond5: left promiscuous mode
[ 1084.408365][ T6889] bridge2: left promiscuous mode
[ 1084.418410][ T6889] bond6: left promiscuous mode
[ 1084.427744][ T6889] bond7: left promiscuous mode
[ 1084.432700][ T6889] wireguard0: left promiscuous mode
[ 1084.502037][ T5950] usb 4-1: Using ep0 maxpacket: 16
[ 1084.549723][ T6764] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1084.562930][ T5950] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 101, changing to 10
[ 1084.570427][ T6764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1084.599284][ T5950] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24697, setting to 1024
[ 1084.601211][ T6764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1084.649106][ T5950] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1084.687154][ T6895] netlink: 'syz.4.14146': attribute type 10 has an invalid length.
[ 1084.691760][ T6764] hsr_slave_0: entered promiscuous mode
[ 1084.695605][ T5950] usb 4-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[ 1084.707840][ T6764] hsr_slave_1: entered promiscuous mode
[ 1084.711633][ T5950] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1084.721055][ T6764] debugfs: 'hsr0' already exists in 'hsr'
[ 1084.727532][ T5950] usb 4-1: config 0 descriptor??
[ 1084.734705][ T6764] Cannot create hsr debugfs directory
[ 1084.779031][ T6895] netlink: 'syz.4.14146': attribute type 10 has an invalid length.
[ 1084.820163][ T6895] team0: Port device dummy0 removed
[ 1084.846948][ T6895] netlink: del zone limit has 4 unknown bytes
[ 1085.025913][ T6907] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1085.116871][ T6764] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1085.153594][ T6764] 8021q: adding VLAN 0 to HW filter on device team0
[ 1085.171949][   T63] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1085.179146][   T63] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1085.198851][ T5950] hid-multitouch 0003:0457:07DA.00C7: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.3-1/input0
[ 1085.215953][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1085.223169][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1085.511352][ T6764] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1085.522280][ T5950] usb 4-1: USB disconnect, device number 92
[ 1085.977000][ T6764] veth0_vlan: entered promiscuous mode
[ 1085.992951][ T6764] veth1_vlan: entered promiscuous mode
[ 1086.032685][ T6929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14152'.
[ 1086.089748][ T6764] veth0_macvtap: entered promiscuous mode
[ 1086.119298][ T6764] veth1_macvtap: entered promiscuous mode
[ 1086.165029][ T6764] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1086.177421][ T6764] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1086.202716][ T6935] netlink: 'syz.6.14155': attribute type 4 has an invalid length.
[ 1086.428806][ T6938] netlink: 'syz.6.14155': attribute type 4 has an invalid length.
[ 1086.602375][T20657] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1086.655522][T20657] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1086.698138][T20657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1086.708011][T20657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1088.426247][ T6957] bond0: (slave dummy0): Releasing backup interface
[ 1088.452770][ T6957] bridge_slave_0: left allmulticast mode
[ 1088.472070][ T6957] bridge_slave_0: left promiscuous mode
[ 1088.490211][ T6964] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14159'.
[ 1088.508160][ T6957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1088.716707][   T30] audit: type=1400 audit(1578.653:3560): avc:  denied  { audit_write } for  pid=6962 comm="syz.3.14161" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[ 1088.765521][ T6957] bridge_slave_1: left allmulticast mode
[ 1088.771571][ T6957] bridge_slave_1: left promiscuous mode
[ 1088.782992][ T6957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1088.794588][   T30] audit: type=1400 audit(1578.728:3561): avc:  denied  { watch watch_reads } for  pid=6962 comm="syz.3.14161" path="/proc/272/ns" dev="proc" ino=170988 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 1088.835838][ T6957] bond0: (slave bond_slave_0): Releasing backup interface
[ 1088.854231][ T6957] bond0: (slave bond_slave_1): Releasing backup interface
[ 1088.956416][ T6957] team0: Port device team_slave_0 removed
[ 1089.062985][ T6957] team0: Port device team_slave_1 removed
[ 1089.084126][ T6957] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1089.093900][ T6957] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1089.105673][ T6957] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1089.131120][ T6957] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1089.302083][ T6957] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1089.574107][ T6961] team0: Mode changed to "loadbalance"
[ 1089.589616][ T6965] gretap2: left promiscuous mode
[ 1089.595842][ T6965] bond5: left promiscuous mode
[ 1089.868446][   T30] audit: type=1804 audit(1579.710:3562): pid=6976 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.14163" name="bus" dev="ramfs" ino=171746 res=1 errno=0
[ 1089.933389][   T30] audit: type=1804 audit(1579.757:3563): pid=6975 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.14163" name="bus" dev="ramfs" ino=171746 res=1 errno=0
[ 1091.040197][ T6991] kvm: pic: level sensitive irq not supported
[ 1091.040736][ T6991] kvm: pic: level sensitive irq not supported
[ 1092.960888][ T7000] usb usb7: usbfs: process 7000 (syz.2.14172) did not claim interface 0 before use
[ 1098.017704][   T30] audit: type=1400 audit(1587.352:3564): avc:  denied  { getopt } for  pid=7066 comm="syz.0.14194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1100.454221][ T7087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1100.572986][ T7090] netlink: 'syz.3.14199': attribute type 1 has an invalid length.
[ 1101.028808][ T7090] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1101.099068][ T7094] veth3: entered promiscuous mode
[ 1101.127339][ T7094] bond1: (slave veth3): Enslaving as an active interface with a down link
[ 1101.236390][ T7096] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1111.348652][ T7198] netlink: 32 bytes leftover after parsing attributes in process `syz.6.14229'.
[ 1111.358963][ T7198] netlink: 32 bytes leftover after parsing attributes in process `syz.6.14229'.
[ 1111.898687][ T7216] netlink: 'syz.2.14233': attribute type 3 has an invalid length.
[ 1113.647414][ T7247] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1114.040766][ T7247] IPVS: set_ctl: invalid protocol: 50 172.20.20.170:20001
[ 1114.108633][ T7252] netlink: 'syz.3.14237': attribute type 1 has an invalid length.
[ 1115.177033][ T7279] wg1: entered promiscuous mode
[ 1115.181991][ T7279] wg1: entered allmulticast mode
[ 1117.198891][ T7298] geneve3: entered promiscuous mode
[ 1117.204143][ T7298] geneve3: entered allmulticast mode
[ 1117.502118][   T30] audit: type=1326 audit(1605.508:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1117.648768][   T30] audit: type=1326 audit(1605.508:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1117.827591][   T30] audit: type=1326 audit(1605.508:3567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1117.939470][   T30] audit: type=1326 audit(1605.508:3568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1118.204761][   T30] audit: type=1326 audit(1605.508:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1118.411982][   T30] audit: type=1326 audit(1605.508:3570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1118.606997][   T30] audit: type=1326 audit(1605.508:3571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1118.813655][   T30] audit: type=1326 audit(1605.508:3572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1118.969319][   T30] audit: type=1326 audit(1605.518:3573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1119.043869][   T30] audit: type=1326 audit(1605.518:3574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7300 comm="syz.3.14246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4218eec9 code=0x7ffc0000
[ 1124.272175][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1124.272207][   T30] audit: type=1400 audit(1611.878:3577): avc:  denied  { shutdown } for  pid=7368 comm="syz.6.14267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1124.706126][   T30] audit: type=1400 audit(1612.243:3578): avc:  denied  { ioctl } for  pid=7367 comm="syz.0.14266" path="socket:[172736]" dev="sockfs" ino=172736 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1127.106018][   T30] audit: type=1326 audit(1614.554:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1127.324621][   T30] audit: type=1326 audit(1614.554:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1127.454719][   T30] audit: type=1326 audit(1614.554:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1127.520415][   T30] audit: type=1326 audit(1614.554:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1127.764176][ T7407] Bluetooth: MGMT ver 1.23
[ 1127.938551][   T30] audit: type=1326 audit(1614.554:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1127.962845][   T30] audit: type=1326 audit(1614.554:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1128.057208][   T30] audit: type=1326 audit(1614.554:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1128.250458][   T30] audit: type=1326 audit(1614.554:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7396 comm="syz.0.14274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9ab8eec9 code=0x7ffc0000
[ 1130.520834][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1130.520868][   T30] audit: type=1400 audit(1617.753:3590): avc:  denied  { read } for  pid=7443 comm="syz.3.14286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1133.117421][ T7476] Bluetooth: hci0: Opcode 0x0c1a failed: -22
[ 1135.721421][ T5147] Bluetooth: hci0: command tx timeout
[ 1136.076817][   T30] audit: type=1400 audit(1622.953:3591): avc:  denied  { read } for  pid=7491 comm="syz.3.14299" lport=49552 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1139.723103][ T7534] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1142.130432][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1142.134564][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1147.097110][ T7622] 0ªî{X¹¦: left allmulticast mode
[ 1147.971411][ T5829] libceph: connect (1)[c::]:6789 error -101
[ 1147.983203][ T5829] libceph: mon0 (1)[c::]:6789 connect error
[ 1147.989569][ T7633] ceph: No mds server is up or the cluster is laggy
[ 1148.697575][ T7653] 9pnet_fd: Insufficient options for proto=fd
[ 1153.245568][ T7622] bond6: left allmulticast mode
[ 1154.007765][ T7713] netlink: 'syz.0.14355': attribute type 1 has an invalid length.
[ 1154.289860][ T7713] bond6: (slave ip6gretap0): Enslaving as a backup interface with an up link
[ 1154.506369][ T7713] bond6 (unregistering): (slave ip6gretap0): Releasing backup interface
[ 1154.517682][ T7713] bond6 (unregistering): Released all slaves
[ 1157.851710][ T7764] CIFS mount error: No usable UNC path provided in device string!
[ 1157.851710][ T7764] 
[ 1157.863059][ T7764] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1163.328502][ T7811] netlink: 10 bytes leftover after parsing attributes in process `syz.2.14376'.
[ 1166.448516][T19470] IPVS: starting estimator thread 0...
[ 1166.787642][ T7850] IPVS: using max 40 ests per chain, 96000 per kthread
[ 1169.085464][ T7887] wg1: entered promiscuous mode
[ 1169.090481][ T7887] wg1: entered allmulticast mode
[ 1178.403623][ T7996] overlayfs: failed to clone upperpath
[ 1182.168214][ T8032] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14436'.
[ 1186.580734][ T5829] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1186.864186][ T5829] usb 3-1: config index 0 descriptor too short (expected 65307, got 27)
[ 1186.897047][ T5829] usb 3-1: config 49 has too many interfaces: 255, using maximum allowed: 32
[ 1186.906267][ T5829] usb 3-1: config 49 has an invalid descriptor of length 54, skipping remainder of the config
[ 1186.927906][ T5829] usb 3-1: config 49 has 0 interfaces, different from the descriptor's value: 255
[ 1186.951662][ T5829] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1187.000602][ T5829] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1187.447787][   T30] audit: type=1400 audit(1927.008:3592): avc:  denied  { append } for  pid=8060 comm="syz.2.14446" name="mice" dev="devtmpfs" ino=915 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1187.507147][ T8077] netlink: 84 bytes leftover after parsing attributes in process `syz.2.14446'.
[ 1187.702465][ T8077] hsr_slave_1 (unregistering): left promiscuous mode
[ 1187.854103][ T5829] usb 3-1: string descriptor 0 read error: -71
[ 1187.862161][ T5829] usb 3-1: USB disconnect, device number 110
[ 1187.869544][ T5950] usb 4-1: new full-speed USB device number 93 using dummy_hcd
[ 1187.883618][ T8081] netlink: 'syz.6.14450': attribute type 10 has an invalid length.
[ 1188.142162][ T8084] vlan0: entered promiscuous mode
[ 1188.148021][ T8084] vlan0: entered allmulticast mode
[ 1188.157135][ T5950] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1188.166653][ T5950] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1188.168742][ T8084] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14451'.
[ 1188.174910][ T5950] usb 4-1: Product: syz
[ 1188.174936][ T5950] usb 4-1: Manufacturer: syz
[ 1188.174951][ T5950] usb 4-1: SerialNumber: syz
[ 1188.176884][ T5950] usb 4-1: config 0 descriptor??
[ 1188.428053][ T5950] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1189.031358][ T8095] syzkaller0: entered promiscuous mode
[ 1189.037320][ T8095] syzkaller0: entered allmulticast mode
[ 1190.208824][ T5950] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1190.237909][ T5950] usb 4-1: USB disconnect, device number 93
[ 1192.726939][ T8124] Invalid source name
[ 1192.733790][ T8124] UBIFS error (pid: 8124): cannot open "./file0", error -22
[ 1197.021458][ T8169] netlink: 'syz.3.14475': attribute type 10 has an invalid length.
[ 1197.086661][ T8169] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1197.166949][ T8175] Invalid ELF header magic: != ELF
[ 1197.950109][ T8190] netlink: 'syz.3.14480': attribute type 21 has an invalid length.
[ 1197.982892][ T8190] netlink: 128 bytes leftover after parsing attributes in process `syz.3.14480'.
[ 1198.327673][ T8190] netlink: 'syz.3.14480': attribute type 5 has an invalid length.
[ 1198.336247][ T8190] netlink: 'syz.3.14480': attribute type 6 has an invalid length.
[ 1198.344538][ T8190] netlink: 3 bytes leftover after parsing attributes in process `syz.3.14480'.
[ 1199.184705][   T30] audit: type=1804 audit(1937.989:3593): pid=8199 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.14482" name="/newroot/69/file1" dev="fuse" ino=1 res=1 errno=0
[ 1199.234219][   T30] audit: type=1800 audit(1937.989:3594): pid=8199 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.14482" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1199.310188][   T30] audit: type=1800 audit(1937.989:3595): pid=8197 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.14482" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1205.080090][ T8251] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[ 1207.873673][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1208.131498][ T8280] vxcan1: tx drop: invalid da for name 0x0000000000000004
[ 1210.248159][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[ 1212.986257][ T8329] ptrace attach of "./syz-executor exec"[24359] was attempted by "./syz-executor exec"[8329]
[ 1214.165771][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14519'.
[ 1214.534436][ T8340] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14520'.
[ 1214.736809][ T8340] team0: entered promiscuous mode
[ 1214.757084][ T8340] team_slave_0: entered promiscuous mode
[ 1214.764376][ T8340] team_slave_1: entered promiscuous mode
[ 1214.855779][ T8340] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1214.883148][ T8340] bridge0: port 4(macvlan2) entered blocking state
[ 1215.440032][ T8340] bridge0: port 4(macvlan2) entered disabled state
[ 1215.466274][ T8340] macvlan2: entered allmulticast mode
[ 1215.485452][ T8340] team0: entered allmulticast mode
[ 1215.494930][ T8355] ptrace attach of ""[8360] was attempted by "./syz-executor exec"[8355]
[ 1215.538563][ T8340] team_slave_0: entered allmulticast mode
[ 1215.544341][ T8340] team_slave_1: entered allmulticast mode
[ 1215.616794][ T8340] macvlan2: entered promiscuous mode
[ 1217.193941][ T5950] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 1217.611840][ T5950] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1217.620583][ T5950] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1217.637366][ T5950] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1217.664306][ T5950] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1218.103024][ T5950] usb 3-1: Manufacturer: syz
[ 1218.109712][ T5950] usb 3-1: config 0 descriptor??
[ 1218.276506][ T5950] rc_core: IR keymap rc-hauppauge not found
[ 1218.323138][ T5950] Registered IR keymap rc-empty
[ 1218.338735][ T5950] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1218.354011][ T5950] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input173
[ 1218.525403][ T5950] usb 3-1: USB disconnect, device number 111
[ 1222.280229][ T8422] Set syz1 is full, maxelem 65536 reached
[ 1234.625134][   T30] audit: type=1800 audit(1970.513:3596): pid=8541 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.14572" name="bus" dev="overlay" ino=848 res=0 errno=0
[ 1236.455499][   T30] audit: type=1400 audit(1972.842:3597): avc:  denied  { create } for  pid=8566 comm="syz.4.14581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 1236.479342][ T8569] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1236.560220][ T8570] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1236.603496][ T8569] overlayfs: failed to set xattr on upper
[ 1236.651506][ T8569] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1236.653710][   T30] audit: type=1400 audit(1972.870:3598): avc:  denied  { accept } for  pid=8566 comm="syz.4.14581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 1236.659559][ T8569] overlayfs: ...falling back to index=off.
[ 1236.687075][ T8569] overlayfs: ...falling back to uuid=null.
[ 1239.384495][   T30] audit: type=1804 audit(1975.583:3599): pid=8595 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.14588" name="file0" dev="tmpfs" ino=8497 res=1 errno=0
[ 1239.435627][   T30] audit: type=1800 audit(1975.583:3600): pid=8595 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.14588" name="file0" dev="tmpfs" ino=8497 res=0 errno=0
[ 1239.999439][ T5829] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 1241.095577][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1241.113392][ T5829] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1241.125576][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1241.136234][ T5829] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1241.191709][ T5829] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1241.202482][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1241.213313][ T5829] usb 4-1: config 0 descriptor??
[ 1241.751114][ T5829] hdpvr 4-1:0.0: firmware version 0x51 dated 
[ 1241.757680][ T5829] hdpvr 4-1:0.0: untested firmware, the driver might not work.
[ 1242.255050][ T5829] hdpvr 4-1:0.0: Could not setup controls
[ 1242.281486][ T5829] hdpvr 4-1:0.0: registering videodev failed
[ 1242.825357][ T5829] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71
[ 1242.846677][ T5829] usb 4-1: USB disconnect, device number 94
[ 1243.606987][T19461] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=19461 comm=kworker/1:1
[ 1243.721519][ T8647] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370955
[ 1252.848319][ T8749] netlink: 'syz.4.14629': attribute type 11 has an invalid length.
[ 1255.233903][ T8784] netlink: 'syz.2.14639': attribute type 2 has an invalid length.
[ 1255.243105][ T8784] netlink: 'syz.2.14639': attribute type 1 has an invalid length.
[ 1255.251784][ T8784] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14639'.
[ 1255.618408][   T30] audit: type=1804 audit(1990.736:3601): pid=8789 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.14642" name="file0" dev="ramfs" ino=178542 res=1 errno=0
[ 1262.377294][ T8850] comedi comedi0: comedi_bond: 3:3  attached, 24 channels from 1 devices
[ 1262.704751][ T5829] usb 3-1: new full-speed USB device number 112 using dummy_hcd
[ 1263.225381][ T5829] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1263.241484][ T5829] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1263.379194][ T5829] usb 3-1: can't read configurations, error -71
[ 1271.658991][ T8914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14675'.
[ 1271.668016][ T8914] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14675'.
[ 1273.917184][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1274.841724][ T8988] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14695'.
[ 1278.309650][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14710'.
[ 1278.319113][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14710'.
[ 1278.328322][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14710'.
[ 1281.959366][ T9059] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14712'.
[ 1284.600687][ T9081] trusted_key: encrypted_key: insufficient parameters specified
[ 1284.622184][ T9081] tmpfs: Bad value for 'mpol'
[ 1286.690571][   T30] audit: type=1400 audit(2019.837:3602): avc:  denied  { read } for  pid=9083 comm="syz.2.14719" name="loop-control" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1286.853940][   T30] audit: type=1400 audit(2019.837:3603): avc:  denied  { open } for  pid=9083 comm="syz.2.14719" path="/dev/loop-control" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1286.909598][   T30] audit: type=1400 audit(2019.837:3604): avc:  denied  { ioctl } for  pid=9083 comm="syz.2.14719" path="/dev/loop-control" dev="devtmpfs" ino=645 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1288.536254][   T30] audit: type=1326 audit(2021.567:3605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9116 comm="syz.4.14738" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x0
[ 1289.430765][ T9121] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14738'.
[ 1290.953592][   T30] audit: type=1400 audit(2023.831:3606): avc:  denied  { mounton } for  pid=9144 comm="syz.3.14731" path="/181/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[ 1293.370653][ T9171] netlink: 'syz.3.14748': attribute type 2 has an invalid length.
[ 1293.378932][ T9171] netlink: 'syz.3.14748': attribute type 1 has an invalid length.
[ 1293.387162][ T9171] netlink: 'syz.3.14748': attribute type 1 has an invalid length.
[ 1293.411501][ T9173] netlink: 'syz.0.14737': attribute type 21 has an invalid length.
[ 1293.526418][ T9173] netlink: 128 bytes leftover after parsing attributes in process `syz.0.14737'.
[ 1293.648887][ T9173] netlink: 'syz.0.14737': attribute type 5 has an invalid length.
[ 1293.688253][ T9173] netlink: 'syz.0.14737': attribute type 6 has an invalid length.
[ 1293.803144][ T9173] netlink: 3 bytes leftover after parsing attributes in process `syz.0.14737'.
[ 1294.833645][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1294.844821][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1294.861311][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1294.942922][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1294.968310][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1295.014732][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1295.189076][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1295.374403][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1295.387619][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1295.823358][ T9185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14741'.
[ 1296.723350][ T9197] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1296.770741][ T9197] batadv_slave_0: entered promiscuous mode
[ 1297.243734][ T9203] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1301.771016][ T9256] __nla_validate_parse: 42 callbacks suppressed
[ 1301.771040][ T9256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14759'.
[ 1302.366775][ T9259] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14759'.
[ 1302.816752][ T9275] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1303.810914][ T9288] netlink: 'syz.4.14765': attribute type 21 has an invalid length.
[ 1303.829792][ T9288] netlink: 128 bytes leftover after parsing attributes in process `syz.4.14765'.
[ 1303.912782][ T9288] netlink: 'syz.4.14765': attribute type 5 has an invalid length.
[ 1303.963116][ T7661] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1304.013048][ T9288] netlink: 'syz.4.14765': attribute type 6 has an invalid length.
[ 1304.065024][ T9288] netlink: 3 bytes leftover after parsing attributes in process `syz.4.14765'.
[ 1304.216091][ T7661] usb 4-1: Using ep0 maxpacket: 8
[ 1304.247231][ T7661] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1304.481400][ T7661] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1304.507160][ T7661] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1304.523117][ T7661] pvrusb2: **********
[ 1304.538280][ T7661] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1304.597512][ T7661] pvrusb2: Important functionality might not be entirely working.
[ 1304.691639][ T7661] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1304.750534][ T7661] pvrusb2: **********
[ 1306.808318][ T9284] syz_tun: entered allmulticast mode
[ 1306.900823][ T9284] dvmrp1: entered allmulticast mode
[ 1306.959726][ T9283] syz_tun: left allmulticast mode
[ 1306.972128][ T7661] usb 4-1: USB disconnect, device number 95
[ 1306.978795][ T2336] pvrusb2: Invalid write control endpoint
[ 1307.128874][ T2336] pvrusb2: Invalid write control endpoint
[ 1307.135383][ T2336] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1307.652540][ T2336] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1307.660796][ T2336] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1307.671485][ T2336] pvrusb2: Device being rendered inoperable
[ 1307.677465][ T2336] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[ 1307.685185][ T2336] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_c)
[ 1307.694011][ T2336] pvrusb2: Attached sub-driver cx25840
[ 1307.700072][ T2336] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1307.711075][ T2336] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1308.447722][ T9336] xt_time: unknown flags 0xf4
[ 1310.691355][   T30] audit: type=1400 audit(2042.286:3607): avc:  denied  { ioctl } for  pid=9354 comm="syz.6.14787" path="socket:[181495]" dev="sockfs" ino=181495 ioctlcmd=0x4942 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1310.792254][ T9354] delete_channel: no stack
[ 1310.905128][ T9358] netlink: 165 bytes leftover after parsing attributes in process `syz.0.14785'.
[ 1311.497208][ T9364] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1311.967712][ T9368] netlink: 2 bytes leftover after parsing attributes in process `syz.4.14789'.
[ 1313.923988][ T9392] netlink: 36 bytes leftover after parsing attributes in process `syz.6.14796'.
[ 1317.989328][ T9432] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1318.093561][ T9432] syzkaller0: entered promiscuous mode
[ 1318.099167][ T9432] syzkaller0: entered allmulticast mode
[ 1318.253575][ T9438] tipc: Resetting bearer <eth:syzkaller0>
[ 1318.320144][ T9431] tipc: Resetting bearer <eth:syzkaller0>
[ 1318.435161][ T9431] tipc: Disabling bearer <eth:syzkaller0>
[ 1318.848100][ T9444] netlink: 56 bytes leftover after parsing attributes in process `syz.4.14808'.
[ 1321.672051][ T9473] tipc: Started in network mode
[ 1321.679106][ T9473] tipc: Node identity 4, cluster identity 4711
[ 1321.695288][ T9473] tipc: Node number set to 4
[ 1323.134348][ T9492] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.149169][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.158325][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.167754][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.180250][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.194218][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.203561][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.212864][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1323.225207][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14821'.
[ 1324.156429][ T9512] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (das16m1)
[ 1326.560684][   T30] audit: type=1400 audit(2056.776:3608): avc:  denied  { accept } for  pid=9534 comm="syz.2.14830" path="socket:[180758]" dev="sockfs" ino=180758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1327.000550][ T9527] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1329.159242][   T30] audit: type=1326 audit(2059.563:3609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1329.246308][   T30] audit: type=1326 audit(2059.591:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1329.408891][   T30] audit: type=1326 audit(2059.591:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1329.819570][   T30] audit: type=1326 audit(2059.591:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1329.851679][   T30] audit: type=1326 audit(2059.591:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1329.896225][   T30] audit: type=1326 audit(2059.601:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1330.430353][   T30] audit: type=1326 audit(2059.601:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1330.471424][   T30] audit: type=1326 audit(2059.601:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1330.495811][   T30] audit: type=1326 audit(2059.601:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9553 comm="syz.4.14837" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdf2b8eec9 code=0x7ffc0000
[ 1331.354185][ T9588] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1333.557644][ T9614] __nla_validate_parse: 38 callbacks suppressed
[ 1333.557681][ T9614] netlink: 165 bytes leftover after parsing attributes in process `syz.4.14848'.
[ 1334.727248][ T9623] lo speed is unknown, defaulting to 1000
[ 1335.458518][ T9623] lo speed is unknown, defaulting to 1000
[ 1335.469663][ T9628] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1335.515939][ T6619] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1335.637454][ T9623] lo speed is unknown, defaulting to 1000
[ 1335.763880][ T6619] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1337.348865][ T9623] infiniband syz0: set active
[ 1337.375892][ T5950] lo speed is unknown, defaulting to 1000
[ 1337.384213][ T9623] infiniband syz0: added lo
[ 1337.391239][ T9623] syz0: rxe_create_cq: returned err = -12
[ 1337.397720][ T9623] infiniband syz0: Couldn't create ib_mad CQ
[ 1337.404597][ T9623] infiniband syz0: Couldn't open port 1
[ 1337.432553][ T9623] RDS/IB: syz0: added
[ 1337.448176][ T9623] lo speed is unknown, defaulting to 1000
[ 1337.503747][ T9654] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14859'.
[ 1338.538927][ T9665] netlink: 28 bytes leftover after parsing attributes in process `syz.2.14862'.
[ 1339.196018][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1339.229350][ T9623] lo speed is unknown, defaulting to 1000
[ 1339.780286][ T7661] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1339.943896][ T7661] usb 3-1: Using ep0 maxpacket: 8
[ 1340.006822][ T7661] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1340.180700][ T9623] lo speed is unknown, defaulting to 1000
[ 1340.239107][ T7661] usb 3-1: config 179 has no interface number 0
[ 1340.246507][ T7661] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1340.348856][ T7661] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1340.371610][ T7661] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1340.403824][ T7661] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1340.436064][ T7661] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1340.455996][ T7661] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1340.491170][ T9670] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1340.840688][ T9623] lo speed is unknown, defaulting to 1000
[ 1340.914822][ T7661] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input174
[ 1341.666780][ T5829] usb 3-1: USB disconnect, device number 114
[ 1341.672870][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1341.672915][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1341.692928][ T9623] lo speed is unknown, defaulting to 1000
[ 1342.144020][ T9623] lo speed is unknown, defaulting to 1000
[ 1342.858017][ T9623] lo speed is unknown, defaulting to 1000
[ 1344.378477][ T9623] lo speed is unknown, defaulting to 1000
[ 1352.267515][ T9785] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14891'.
[ 1353.318014][ T9785] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14891'.
[ 1353.327902][ T9785] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14891'.
[ 1353.338930][ T9785] netlink: 36 bytes leftover after parsing attributes in process `syz.4.14891'.
[ 1354.691960][ T9790] team0: Port device team_slave_0 removed
[ 1354.731724][ T9801] Device name cannot be null; rc = [-22]
[ 1354.794349][ T7644] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1354.921667][ T9801] syz.2.14893 (9801): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1355.105058][ T7644] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[ 1355.114641][ T7644] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1355.147009][ T7644] usb 4-1: config 0 descriptor??
[ 1355.248177][ T9810] block nbd2: Dead connection, failed to find a fallback
[ 1355.263624][ T9810] block nbd2: shutting down sockets
[ 1355.272384][ T9810] blk_print_req_error: 54 callbacks suppressed
[ 1355.272408][ T9810] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1355.292110][ T9810] buffer_io_error: 54 callbacks suppressed
[ 1355.292134][ T9810] Buffer I/O error on dev nbd2, logical block 0, async page read
[ 1355.307684][ T9810] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1355.317080][ T9810] Buffer I/O error on dev nbd2, logical block 1, async page read
[ 1355.329401][ T9810] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1355.339298][ T9810] Buffer I/O error on dev nbd2, logical block 2, async page read
[ 1355.478367][ T9810] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1355.493915][ T9810] Buffer I/O error on dev nbd2, logical block 3, async page read
[ 1355.940771][ T9810] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1355.970353][ T9794] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=9794 comm=syz.3.14894
[ 1356.039486][ T9810] Buffer I/O error on dev nbd2, logical block 0, async page read
[ 1356.103854][ T9810] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1356.113116][ T7644] ath6kl: Failed to read usb control message: -71
[ 1356.113186][ T7644] ath6kl: Unable to read the bmi data from the device: -71
[ 1356.113202][ T7644] ath6kl: Unable to recv target info: -71
[ 1356.157775][ T9810] Buffer I/O error on dev nbd2, logical block 1, async page read
[ 1356.493077][ T9810] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1356.503732][ T9810] Buffer I/O error on dev nbd2, logical block 2, async page read
[ 1356.695799][ T9810] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1356.706311][ T7644] ath6kl: Failed to init ath6kl core: -71
[ 1356.716671][ T7644] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1357.130512][ T9810] Buffer I/O error on dev nbd2, logical block 3, async page read
[ 1357.226141][ T9810] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1357.248912][ T9810] Buffer I/O error on dev nbd2, logical block 0, async page read
[ 1357.258282][ T9810] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1357.269658][ T9810] Buffer I/O error on dev nbd2, logical block 1, async page read
[ 1357.288637][ T7644] usb 4-1: USB disconnect, device number 96
[ 1357.400828][ T9810] ldm_validate_partition_table(): Disk read failed.
[ 1357.526471][ T9810] Dev nbd2: unable to read RDB block 0
[ 1358.241375][ T9810]  nbd2: unable to read partition table
[ 1360.689434][ T9858] overlayfs: failed to clone upperpath
[ 1360.848772][ T9851] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1361.362281][ T9856] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1361.422160][ T5128] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1361.562012][ T9865] SELinux:  Context system_u:object_r:syslogd_var_lib_t:s0 is not valid (left unmapped).
[ 1361.583958][ T9859] bond_slave_0: entered promiscuous mode
[ 1361.589664][ T9859] bond_slave_1: entered promiscuous mode
[ 1361.596416][ T5128] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1361.606804][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1361.606815][   T30] audit: type=1400 audit(2090.864:3627): avc:  denied  { relabelfrom } for  pid=9862 comm="syz.0.14912" name="NETLINK" dev="sockfs" ino=181166 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1361.656688][ T9859] 8021q: adding VLAN 0 to HW filter on device macvlan3
[ 1361.762989][   T30] audit: type=1400 audit(2090.939:3628): avc:  denied  { relabelto } for  pid=9862 comm="syz.0.14912" name="NETLINK" dev="sockfs" ino=181166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_generic_socket permissive=1 trawcon="system_u:object_r:syslogd_var_lib_t:s0"
[ 1361.868523][ T9859] bond2: (slave macvlan3): Enslaving as a backup interface with an up link
[ 1362.188053][ T9879] binder: 9878:9879 unknown command 0
[ 1362.194809][ T9879] binder: 9878:9879 ioctl c0306201 200000000080 returned -22
[ 1362.268764][ T9881] xt_time: unknown flags 0xf4
[ 1363.120218][ T9879] binder: 9878:9879 ioctl c0306201 2000000003c0 returned -14
[ 1363.134444][   T30] audit: type=1400 audit(2092.342:3629): avc:  denied  { relabelfrom } for  pid=9886 comm="syz.2.14918" name="NETLINK" dev="sockfs" ino=181194 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 1363.229695][ T9879] binder_alloc: 9878: binder_alloc_buf, no vma
[ 1363.296026][   T30] audit: type=1400 audit(2092.342:3630): avc:  denied  { relabelto } for  pid=9886 comm="syz.2.14918" name="NETLINK" dev="sockfs" ino=181194 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=netlink_route_socket permissive=1
[ 1363.693685][ T9897] block nbd3: NBD_DISCONNECT
[ 1365.156157][   T30] audit: type=1800 audit(2094.241:3631): pid=9913 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.14926" name="nullb0" dev="tmpfs" ino=111 res=0 errno=0
[ 1367.259999][ T9929] bridge0: entered promiscuous mode
[ 1367.268183][ T9929] macsec2: entered promiscuous mode
[ 1367.276741][ T9929] bridge0: port 5(macsec2) entered blocking state
[ 1367.283665][ T9929] bridge0: port 5(macsec2) entered disabled state
[ 1367.291101][ T9929] macsec2: entered allmulticast mode
[ 1367.296444][ T9929] bridge0: entered allmulticast mode
[ 1368.082511][ T9929] macsec2: left allmulticast mode
[ 1368.087556][ T9929] bridge0: left allmulticast mode
[ 1368.114845][ T9929] bridge0: left promiscuous mode
[ 1371.119550][   T30] audit: type=1400 audit(2099.143:3632): avc:  denied  { accept } for  pid=9952 comm="syz.3.14937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1374.296129][ T9989] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1375.803414][T10005] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1375.855493][T10007] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1375.868061][T10007] syzkaller0: entered promiscuous mode
[ 1375.884266][T10007] syzkaller0: entered allmulticast mode
[ 1376.087035][T10008] tipc: Resetting bearer <eth:syzkaller0>
[ 1376.113340][T10003] tipc: Resetting bearer <eth:syzkaller0>
[ 1376.339239][T10003] tipc: Disabling bearer <eth:syzkaller0>
[ 1377.834991][T10025] lo speed is unknown, defaulting to 1000
[ 1379.362046][T10050] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (das16m1)
[ 1380.657207][T10060] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1380.669015][T10060] syzkaller0: entered promiscuous mode
[ 1380.687173][T10060] syzkaller0: entered allmulticast mode
[ 1380.790008][T10060] tipc: Resetting bearer <eth:syzkaller0>
[ 1380.853577][T10059] tipc: Resetting bearer <eth:syzkaller0>
[ 1380.901002][T10059] tipc: Disabling bearer <eth:syzkaller0>
[ 1381.583358][T10075] overlayfs: failed to clone upperpath
[ 1386.234990][T10115] comedi: valid board names for 8255 driver are:
[ 1386.246645][T10115]  8255
[ 1386.249443][T10115] comedi: valid board names for vmk80xx driver are:
[ 1386.301182][T10115]  vmk80xx
[ 1386.304396][T10115] comedi: valid board names for usbduxsigma driver are:
[ 1386.312333][T10115]  usbduxsigma
[ 1386.316513][T10115] comedi: valid board names for usbduxfast driver are:
[ 1386.333343][T10115]  usbduxfast
[ 1386.337760][T10115] comedi: valid board names for usbdux driver are:
[ 1386.346958][T10115]  usbdux
[ 1386.353816][T10115] comedi: valid board names for ni6501 driver are:
[ 1386.489101][T10115]  ni6501
[ 1386.522849][ T7661] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1386.749118][ T7661] usb 3-1: Using ep0 maxpacket: 16
[ 1386.971034][T10115] comedi: valid board names for dt9812 driver are:
[ 1386.985045][T10115]  dt9812
[ 1386.989296][ T7661] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b
[ 1386.999796][T10115] comedi: valid board names for ni_labpc_cs driver are:
[ 1387.007440][ T7661] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1387.014302][T10115]  ni_labpc_cs
[ 1387.016258][ T7661] usb 3-1: Product: syz
[ 1387.023107][ T7661] usb 3-1: SerialNumber: syz
[ 1387.031798][T10115] comedi: valid board names for ni_daq_700 driver are:
[ 1387.043058][ T7661] usb 3-1: config 0 descriptor??
[ 1387.056519][ T7661] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1387.063875][T10115]  ni_daq_700
[ 1387.069199][T10115] comedi: valid board names for labpc_pci driver are:
[ 1387.073016][ T7661] dvb_usb_af9015 3-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1387.095539][T10115]  labpc_pci
[ 1387.110834][T10115] comedi: valid board names for adl_pci9118 driver are:
[ 1387.113239][ T7661] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1387.136512][T10115]  pci9118dg
[ 1387.156298][ T7661] dvb_usb_af9035 3-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[ 1387.167184][T10115]  pci9118hg
[ 1387.172633][T10115]  pci9118hr
[ 1387.177018][T10115] comedi: valid board names for 8255_pci driver are:
[ 1387.183733][T10115]  8255_pci
[ 1387.188594][T10115] comedi: valid board names for s526 driver are:
[ 1387.364188][T10115]  s526
[ 1387.942841][T10115] comedi: valid board names for multiq3 driver are:
[ 1387.972589][T10115]  multiq3
[ 1387.980185][T10115] comedi: valid board names for pcmuio driver are:
[ 1387.986929][T10115]  pcmuio48
[ 1387.994433][T10115]  pcmuio96
[ 1388.027917][T10115] comedi: valid board names for pcmmio driver are:
[ 1388.047945][T10115]  pcmmio
[ 1388.053360][T10115] comedi: valid board names for pcmda12 driver are:
[ 1388.209389][ T7644] usb 3-1: USB disconnect, device number 115
[ 1388.263495][T10115]  pcmda12
[ 1388.308696][T10115] comedi: valid board names for pcmad driver are:
[ 1388.809416][T10115]  pcmad12
[ 1388.832253][T10115]  pcmad16
[ 1388.838759][T10115] comedi: valid board names for ni_labpc driver are:
[ 1388.851082][T10115]  lab-pc-1200
[ 1388.854558][T10115]  lab-pc-1200ai
[ 1388.858216][T10115]  lab-pc+
[ 1388.862424][T10115] comedi: valid board names for atmio16 driver are:
[ 1388.927470][T10115]  atmio16
[ 1388.999076][T10115]  atmio16d
[ 1389.002207][T10115] comedi: valid board names for ni_at_ao driver are:
[ 1389.016004][T10115]  at-ao-6
[ 1389.168893][T10115]  at-ao-10
[ 1389.179823][T10115] comedi: valid board names for ni_at_a2150 driver are:
[ 1389.646281][T10115]  ni_at_a2150
[ 1389.683723][T10115] comedi: valid board names for adq12b driver are:
[ 1389.708392][T10115]  adq12b
[ 1389.722526][T10115] comedi: valid board names for mpc624 driver are:
[ 1389.733601][T10115]  mpc624
[ 1389.740314][T10115] comedi: valid board names for c6xdigio driver are:
[ 1389.751363][T10115]  c6xdigio
[ 1389.754634][T10115] comedi: valid board names for aio_iiro_16 driver are:
[ 1389.761726][T10115]  aio_iiro_16
[ 1389.765224][T10115] comedi: valid board names for aio_aio12_8 driver are:
[ 1389.772213][T10115]  aio_aio12_8
[ 1389.777892][T10115]  aio_ai12_8
[ 1389.782326][T10115]  aio_ao12_4
[ 1389.786176][T10115] comedi: valid board names for fl512 driver are:
[ 1390.438059][T10115]  fl512
[ 1390.443634][T10115] comedi: valid board names for dmm32at driver are:
[ 1390.452525][T10115]  dmm32at
[ 1390.460993][T10115] comedi: valid board names for dt282x driver are:
[ 1390.467653][T10115]  dt2821
[ 1390.470792][T10115]  dt2821-f
[ 1390.478752][T10115]  dt2821-g
[ 1390.486994][T10115]  dt2823
[ 1390.496007][T10115]  dt2824-pgh
[ 1390.503339][T10115]  dt2824-pgl
[ 1390.509078][T10115]  dt2825
[ 1390.513595][T10115]  dt2827
[ 1390.516586][T10115]  dt2828
[ 1390.521324][T10115]  dt2829
[ 1390.608107][T10115]  dt21-ez
[ 1390.613127][T10115]  dt23-ez
[ 1390.619539][T10115]  dt24-ez
[ 1390.625933][T10115]  dt24-ez-pgl
[ 1390.637793][T10115] comedi: valid board names for dt2817 driver are:
[ 1390.657285][T10115]  dt2817
[ 1390.665260][T10115] comedi: valid board names for dt2815 driver are:
[ 1390.748291][T10115]  dt2815
[ 1390.755355][T10115] comedi: valid board names for dt2814 driver are:
[ 1390.773861][T10115]  dt2814
[ 1390.782881][T10115] comedi: valid board names for dt2811 driver are:
[ 1390.807105][T10115]  dt2811-pgh
[ 1390.941580][T10156] sit1: entered allmulticast mode
[ 1391.032355][T10115]  dt2811-pgl
[ 1391.229487][T10115] comedi: valid board names for dt2801 driver are:
[ 1391.322518][T10115]  dt2801
[ 1391.328898][T10115] comedi: valid board names for das6402 driver are:
[ 1391.361186][T10115]  das6402-12
[ 1391.368015][T10115]  das6402-16
[ 1391.376449][T10115] comedi: valid board names for das1800 driver are:
[ 1391.394192][T10115]  das-1701st
[ 1391.408829][T10115]  das-1701st-da
[ 1391.415608][T10115]  das-1702st
[ 1391.426114][T10115]  das-1702st-da
[ 1391.593351][T10115]  das-1702hr
[ 1391.596818][T10115]  das-1702hr-da
[ 1391.601598][T10115]  das-1701ao
[ 1391.605202][T10115]  das-1702ao
[ 1391.609975][T10115]  das-1801st
[ 1392.145407][T10115]  das-1801st-da
[ 1392.155464][T10115]  das-1802st
[ 1392.166485][T10115]  das-1802st-da
[ 1392.187454][T10115]  das-1802hr
[ 1392.194955][T10115]  das-1802hr-da
[ 1392.205156][T10115]  das-1801hc
[ 1392.214291][T10115]  das-1802hc
[ 1392.227762][T10115]  das-1801ao
[ 1392.237765][T10115]  das-1802ao
[ 1392.248827][T10115] comedi: valid board names for das800 driver are:
[ 1392.296106][T10115]  das-800
[ 1392.299213][T10115]  cio-das800
[ 1392.302624][T10115]  das-801
[ 1392.305734][T10115]  cio-das801
[ 1392.309689][T10115]  das-802
[ 1392.315076][T10115]  cio-das802
[ 1392.429965][T10115]  cio-das802/16
[ 1392.441473][T10115] comedi: valid board names for isa-das08 driver are:
[ 1392.459090][T10115]  isa-das08
[ 1392.469291][T10115]  das08-pgm
[ 1392.589753][T10115]  das08-pgh
[ 1392.592973][T10115]  das08-pgl
[ 1392.605605][T10115]  das08-aoh
[ 1392.616238][T10115]  das08-aol
[ 1392.619505][T10115]  das08-aom
[ 1393.245882][T10115]  das08/jr-ao
[ 1393.257151][T10115]  das08jr-16-ao
[ 1393.272052][T10115]  pc104-das08
[ 1393.284336][T10115]  das08jr/16
[ 1393.293291][T10115] comedi: valid board names for das16m1 driver are:
[ 1393.310832][T10115]  das16m1
[ 1393.328716][T10115] comedi: valid board names for dac02 driver are:
[ 1393.338349][T10115]  dac02
[ 1393.341349][T10115] comedi: valid board names for rti802 driver are:
[ 1393.348256][T10115]  rti802
[ 1393.351344][T10115] comedi: valid board names for rti800 driver are:
[ 1393.434891][T10115]  rti800
[ 1393.447502][T10115]  rti815
[ 1393.453657][T10115] comedi: valid board names for pcm3724 driver are:
[ 1393.638663][T10115]  pcm3724
[ 1393.641696][T10115] comedi: valid board names for pcl818 driver are:
[ 1394.128503][T10115]  pcl818l
[ 1394.131554][T10115]  pcl818h
[ 1394.135049][T10115]  pcl818hd
[ 1394.142659][T10115]  pcl818hg
[ 1394.152876][T10115]  pcl818
[ 1394.265167][T10115]  pcl718
[ 1394.411850][T10115]  pcm3718
[ 1394.415271][T10115] comedi: valid board names for pcl816 driver are:
[ 1394.440864][T10115]  pcl816
[ 1394.443819][T10115]  pcl814b
[ 1394.518032][T10115] comedi: valid board names for pcl812 driver are:
[ 1394.540374][T10115]  pcl812
[ 1394.548198][T10115]  pcl812pg
[ 1395.148839][T10115]  acl8112pg
[ 1395.161005][T10115]  acl8112dg
[ 1395.172371][T10115]  acl8112hg
[ 1395.180101][T10115]  a821pgl
[ 1395.187797][T10115]  a821pglnda
[ 1395.195595][T10115]  a821pgh
[ 1395.202067][T10115]  a822pgl
[ 1395.205262][T10115]  a822pgh
[ 1395.210563][T10115]  a823pgl
[ 1395.213693][T10115]  a823pgh
[ 1395.216865][T10115]  pcl813
[ 1395.219857][T10115]  pcl813b
[ 1395.224050][T10115]  acl8113
[ 1395.227313][T10115]  iso813
[ 1395.232193][T10115]  acl8216
[ 1395.236763][T10115]  a826pg
[ 1395.239829][T10115] comedi: valid board names for pcl730 driver are:
[ 1395.248814][T10115]  pcl730
[ 1395.251884][T10115]  iso730
[ 1395.255976][T10115]  acl7130
[ 1395.259996][T10115]  pcm3730
[ 1395.264221][T10115]  pcl725
[ 1395.267229][T10115]  p8r8dio
[ 1395.270451][T10115]  acl7225b
[ 1395.280275][T10115]  p16r16dio
[ 1395.283698][T10115]  pcl733
[ 1395.422264][T10115]  pcl734
[ 1395.426090][T10115]  opmm-1616-xt
[ 1396.286093][T10115]  pearl-mm-p
[ 1396.289444][T10115]  ir104-pbf
[ 1396.292650][T10115] comedi: valid board names for pcl726 driver are:
[ 1396.352780][T10115]  pcl726
[ 1396.355731][T10115]  pcl727
[ 1396.375477][   T30] audit: type=1400 audit(2123.435:3633): avc:  denied  { setattr } for  pid=10200 comm="syz.6.15000" name="" dev="pipefs" ino=182676 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1396.398118][T10115]  pcl728
[ 1396.409682][T10115]  acl6126
[ 1396.537368][T10115]  acl6128
[ 1396.543266][T10115] comedi: valid board names for pcl724 driver are:
[ 1396.549769][T10115]  pcl724
[ 1396.686979][T10115]  pcl722
[ 1396.694932][T10115]  pcl731
[ 1396.699095][T10115]  acl7122
[ 1396.705690][T10115]  acl7124
[ 1396.711301][T10115]  pet48dio
[ 1396.726472][T10115]  pcmio48
[ 1397.231908][T10115]  onyx-mm-dio
[ 1397.243837][T10115] comedi: valid board names for pcl711 driver are:
[ 1397.250968][T10115]  pcl711
[ 1397.254079][T10115]  pcl711b
[ 1397.258332][T10115]  acl8112hg
[ 1397.261587][T10115]  acl8112dg
[ 1397.265999][T10115] comedi: valid board names for amplc_pc263 driver are:
[ 1397.274304][T10115]  pc263
[ 1397.279684][T10115] comedi: valid board names for amplc_pc236 driver are:
[ 1397.286681][T10115]  pc36at
[ 1397.290871][T10115] comedi: valid board names for amplc_dio200 driver are:
[ 1397.298613][T10115]  pc212e
[ 1397.373844][T10115]  pc214e
[ 1397.393250][T10115]  pc215e
[ 1397.527248][T10115]  pc218e
[ 1397.530202][T10115]  pc272e
[ 1397.552955][T10115] comedi: valid board names for comedi_parport driver are:
[ 1397.578554][T10115]  comedi_parport
[ 1398.047605][T10115] comedi: valid board names for comedi_test driver are:
[ 1398.167616][T10219] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1398.253607][T10115]  comedi_test
[ 1398.271250][T10115] comedi: valid board names for comedi_bond driver are:
[ 1398.279439][T10115]  comedi_bond
[ 1398.488000][T10225] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1402.257359][T10265] kvm: kvm [10264]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xcc00008694
[ 1404.795403][   T30] audit: type=1400 audit(2131.320:3634): avc:  denied  { create } for  pid=10289 comm="syz.0.15024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1404.862798][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1404.867670][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1404.931726][   T30] audit: type=1400 audit(2131.339:3635): avc:  denied  { bind } for  pid=10289 comm="syz.0.15024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1405.017774][T10296] hfs: unable to load iocharset "io#harset€"
[ 1405.040970][   T30] audit: type=1400 audit(2131.358:3636): avc:  denied  { module_request } for  pid=10295 comm="syz.6.15025" kmod=6E6C735F696F2368617273657480 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 1405.249389][   T30] audit: type=1400 audit(2131.507:3637): avc:  denied  { read write } for  pid=5046 comm="syz-executor" name="loop3" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1405.276193][   T30] audit: type=1400 audit(2131.507:3638): avc:  denied  { open } for  pid=5046 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1405.301162][   T30] audit: type=1400 audit(2131.507:3639): avc:  denied  { ioctl } for  pid=5046 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=649 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1405.680661][   T30] audit: type=1400 audit(2131.573:3640): avc:  denied  { prog_load } for  pid=10301 comm="syz.3.15026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1405.700100][   T30] audit: type=1400 audit(2131.573:3641): avc:  denied  { bpf } for  pid=10301 comm="syz.3.15026" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1405.739949][   T30] audit: type=1400 audit(2131.573:3642): avc:  denied  { perfmon } for  pid=10301 comm="syz.3.15026" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1405.915947][   T30] audit: type=1400 audit(2131.573:3643): avc:  denied  { prog_run } for  pid=10301 comm="syz.3.15026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1410.822496][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1410.822512][   T30] audit: type=1400 audit(2136.942:3662): avc:  denied  { map_create } for  pid=10334 comm="syz.0.15035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1411.286988][   T30] audit: type=1400 audit(2137.344:3663): avc:  denied  { map_read map_write } for  pid=10334 comm="syz.0.15035" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1411.702353][T10342] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15037'.
[ 1411.726455][T10342] netlink: 16 bytes leftover after parsing attributes in process `syz.3.15037'.
[ 1411.760603][T10342] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15037'.
[ 1411.772646][   T30] audit: type=1400 audit(2137.372:3664): avc:  denied  { name_bind } for  pid=10339 comm="syz.3.15037" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[ 1411.795057][   T30] audit: type=1400 audit(2137.372:3665): avc:  denied  { node_bind } for  pid=10339 comm="syz.3.15037" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 1411.816464][T10342] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15037'.
[ 1411.825833][   T30] audit: type=1400 audit(2137.709:3666): avc:  denied  { read write } for  pid=10336 comm="syz.2.15036" name="loop-control" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1411.945126][   T30] audit: type=1400 audit(2137.709:3667): avc:  denied  { open } for  pid=10336 comm="syz.2.15036" path="/dev/loop-control" dev="devtmpfs" ino=645 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1412.129182][   T30] audit: type=1400 audit(2137.709:3668): avc:  denied  { ioctl } for  pid=10336 comm="syz.2.15036" path="/dev/loop-control" dev="devtmpfs" ino=645 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[ 1412.181123][   T30] audit: type=1400 audit(2138.158:3669): avc:  denied  { create } for  pid=10351 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1412.367444][   T30] audit: type=1400 audit(2138.167:3670): avc:  denied  { create } for  pid=10351 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1412.387819][   T30] audit: type=1400 audit(2138.167:3671): avc:  denied  { setopt } for  pid=10351 comm="syz.3.15040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1414.775186][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15049'.
[ 1415.257475][T10387] netlink: 8 bytes leftover after parsing attributes in process `syz.6.15049'.
[ 1416.057408][T10387] RDS: rds_bind could not find a transport for ::ffff:100.1.1.2, load rds_tcp or rds_rdma?
[ 1416.189629][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1416.189650][   T30] audit: type=1400 audit(2141.937:3688): avc:  denied  { write } for  pid=10401 comm="syz.4.15053" path="/dev/vhci" dev="devtmpfs" ino=1267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[ 1416.384648][   T30] audit: type=1400 audit(2141.937:3689): avc:  denied  { create } for  pid=10401 comm="syz.4.15053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1416.726786][   T30] audit: type=1400 audit(2141.937:3690): avc:  denied  { setopt } for  pid=10401 comm="syz.4.15053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1416.803595][   T30] audit: type=1400 audit(2141.937:3691): avc:  denied  { ioctl } for  pid=10401 comm="syz.4.15053" path="socket:[183238]" dev="sockfs" ino=183238 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1417.546479][   T30] audit: type=1400 audit(2142.844:3692): avc:  denied  { lock } for  pid=10411 comm="syz.3.15057" path="socket:[183257]" dev="sockfs" ino=183257 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1417.571998][   T30] audit: type=1400 audit(2142.910:3693): avc:  denied  { create } for  pid=10411 comm="syz.3.15057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1417.592117][   T30] audit: type=1400 audit(2142.919:3694): avc:  denied  { setopt } for  pid=10411 comm="syz.3.15057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1417.623026][   T30] audit: type=1400 audit(2142.919:3695): avc:  denied  { bind } for  pid=10411 comm="syz.3.15057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1417.649815][   T30] audit: type=1400 audit(2142.919:3696): avc:  denied  { name_bind } for  pid=10411 comm="syz.3.15057" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[ 1417.671812][   T30] audit: type=1400 audit(2142.919:3697): avc:  denied  { node_bind } for  pid=10411 comm="syz.3.15057" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[ 1422.348302][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1422.348318][   T30] audit: type=1400 audit(2147.718:3709): avc:  denied  { create } for  pid=10458 comm="syz.2.15067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1422.455900][   T30] audit: type=1400 audit(2147.718:3710): avc:  denied  { write } for  pid=10458 comm="syz.2.15067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1422.566887][   T30] audit: type=1400 audit(2147.821:3711): avc:  denied  { read write } for  pid=10458 comm="syz.2.15067" name="card0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1422.759835][   T30] audit: type=1400 audit(2147.821:3712): avc:  denied  { open } for  pid=10458 comm="syz.2.15067" path="/dev/dri/card0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1422.784227][   T30] audit: type=1400 audit(2147.821:3713): avc:  denied  { ioctl } for  pid=10458 comm="syz.2.15067" path="/dev/dri/card0" dev="devtmpfs" ino=626 ioctlcmd=0x64b2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1422.818668][   T30] audit: type=1400 audit(2147.821:3714): avc:  denied  { map } for  pid=10458 comm="syz.2.15067" path="/dev/dri/card0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1422.853629][T10462] ==================================================================
[ 1422.861732][T10462] BUG: KASAN: slab-out-of-bounds in __cpa_addr+0x1d3/0x220
[ 1422.868922][T10462] Read of size 8 at addr ffff888034126a88 by task syz.2.15067/10462
[ 1422.876882][T10462] 
[ 1422.879203][T10462] CPU: 0 UID: 0 PID: 10462 Comm: syz.2.15067 Not tainted syzkaller #0 PREEMPT(full) 
[ 1422.879220][T10462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1422.879229][T10462] Call Trace:
[ 1422.879234][T10462]  <TASK>
[ 1422.879241][T10462]  dump_stack_lvl+0x116/0x1f0
[ 1422.879257][T10462]  print_report+0xcd/0x630
[ 1422.879273][T10462]  ? __virt_addr_valid+0x81/0x610
[ 1422.879292][T10462]  ? __phys_addr+0xe8/0x180
[ 1422.879311][T10462]  ? __cpa_addr+0x1d3/0x220
[ 1422.879324][T10462]  kasan_report+0xe0/0x110
[ 1422.879339][T10462]  ? __cpa_addr+0x1d3/0x220
[ 1422.879355][T10462]  __cpa_addr+0x1d3/0x220
[ 1422.879368][T10462]  cpa_flush+0x28b/0x8a0
[ 1422.879383][T10462]  ? __pfx_cpa_flush+0x10/0x10
[ 1422.879399][T10462]  ? pgprot2cachemode+0x9a/0x130
[ 1422.879416][T10462]  ? __pfx_pgprot2cachemode+0x10/0x10
[ 1422.879438][T10462]  ? drm_gem_get_pages+0x6a0/0xa10
[ 1422.879453][T10462]  change_page_attr_set_clr+0x34e/0x4a0
[ 1422.879469][T10462]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[ 1422.879489][T10462]  _set_pages_array+0x1ab/0x2c0
[ 1422.879504][T10462]  drm_gem_shmem_get_pages_locked+0x384/0x490
[ 1422.879527][T10462]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[ 1422.879544][T10462]  ? __pfx___might_resched+0x10/0x10
[ 1422.879565][T10462]  drm_gem_shmem_mmap+0xc9/0x550
[ 1422.879575][T10462]  ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10
[ 1422.879586][T10462]  drm_gem_mmap_obj+0x1b2/0x560
[ 1422.879599][T10462]  drm_gem_mmap+0x40b/0x620
[ 1422.879611][T10462]  ? __pfx_drm_gem_mmap+0x10/0x10
[ 1422.879623][T10462]  ? vm_area_alloc+0x1f/0x160
[ 1422.879640][T10462]  ? lockdep_init_map_type+0x5c/0x280
[ 1422.879654][T10462]  __mmap_region+0x1306/0x27a0
[ 1422.879673][T10462]  ? __pfx___mmap_region+0x10/0x10
[ 1422.879690][T10462]  ? lock_acquire+0x179/0x350
[ 1422.879702][T10462]  ? find_held_lock+0x2b/0x80
[ 1422.879720][T10462]  ? rcu_is_watching+0x12/0xc0
[ 1422.879753][T10462]  mmap_region+0x32b/0x3f0
[ 1422.879764][T10462]  do_mmap+0xa3e/0x1210
[ 1422.879779][T10462]  ? __pfx_do_mmap+0x10/0x10
[ 1422.879792][T10462]  ? __pfx_down_write_killable+0x10/0x10
[ 1422.879806][T10462]  vm_mmap_pgoff+0x29e/0x470
[ 1422.879820][T10462]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1422.879834][T10462]  ? __fget_files+0x20e/0x3c0
[ 1422.879848][T10462]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1422.879862][T10462]  __x64_sys_mmap+0x125/0x190
[ 1422.879875][T10462]  do_syscall_64+0xcd/0x4e0
[ 1422.879887][T10462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.879899][T10462] RIP: 0033:0x7f1eff98eec9
[ 1422.879909][T10462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1422.879920][T10462] RSP: 002b:00007f1efdbd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1422.879933][T10462] RAX: ffffffffffffffda RBX: 00007f1effbe6090 RCX: 00007f1eff98eec9
[ 1422.879942][T10462] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[ 1422.879949][T10462] RBP: 00007f1effa11f91 R08: 0000000000000007 R09: 0000000100000000
[ 1422.879955][T10462] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[ 1422.879962][T10462] R13: 00007f1effbe6128 R14: 00007f1effbe6090 R15: 00007ffc57a27248
[ 1422.879973][T10462]  </TASK>
[ 1422.879977][T10462] 
[ 1423.189204][T10462] Allocated by task 10462:
[ 1423.193598][T10462]  kasan_save_stack+0x33/0x60
[ 1423.198261][T10462]  kasan_save_track+0x14/0x30
[ 1423.202921][T10462]  __kasan_kmalloc+0xaa/0xb0
[ 1423.207493][T10462]  __kvmalloc_node_noprof+0x3a3/0x9c0
[ 1423.212847][T10462]  drm_gem_get_pages+0x144/0xa10
[ 1423.217770][T10462]  drm_gem_shmem_get_pages_locked+0x1e6/0x490
[ 1423.223828][T10462]  drm_gem_shmem_mmap+0xc9/0x550
[ 1423.228745][T10462]  drm_gem_mmap_obj+0x1b2/0x560
[ 1423.233598][T10462]  drm_gem_mmap+0x40b/0x620
[ 1423.238081][T10462]  __mmap_region+0x1306/0x27a0
[ 1423.242851][T10462]  mmap_region+0x32b/0x3f0
[ 1423.247262][T10462]  do_mmap+0xa3e/0x1210
[ 1423.251405][T10462]  vm_mmap_pgoff+0x29e/0x470
[ 1423.256005][T10462]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1423.260752][T10462]  __x64_sys_mmap+0x125/0x190
[ 1423.265416][T10462]  do_syscall_64+0xcd/0x4e0
[ 1423.269905][T10462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.275775][T10462] 
[ 1423.278078][T10462] The buggy address belongs to the object at ffff888034126a00
[ 1423.278078][T10462]  which belongs to the cache kmalloc-192 of size 192
[ 1423.292129][T10462] The buggy address is located 0 bytes to the right of
[ 1423.292129][T10462]  allocated 136-byte region [ffff888034126a00, ffff888034126a88)
[ 1423.306622][T10462] 
[ 1423.308926][T10462] The buggy address belongs to the physical page:
[ 1423.315313][T10462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34126
[ 1423.324049][T10462] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1423.331153][T10462] page_type: f5(slab)
[ 1423.335117][T10462] raw: 00fff00000000000 ffff88801b0263c0 dead000000000100 dead000000000122
[ 1423.343684][T10462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[ 1423.352251][T10462] page dumped because: kasan: bad access detected
[ 1423.358652][T10462] page_owner tracks the page as allocated
[ 1423.364351][T10462] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 24096, tgid 24095 (syz.5.8169), ts 535852334383, free_ts 532947073043
[ 1423.385173][T10462]  post_alloc_hook+0x1c0/0x230
[ 1423.389937][T10462]  get_page_from_freelist+0x10a3/0x3a30
[ 1423.395468][T10462]  __alloc_frozen_pages_noprof+0x25f/0x2470
[ 1423.401346][T10462]  alloc_pages_mpol+0x1fb/0x550
[ 1423.406176][T10462]  new_slab+0x24a/0x360
[ 1423.410343][T10462]  ___slab_alloc+0xdc4/0x1ae0
[ 1423.415026][T10462]  __slab_alloc.constprop.0+0x63/0x110
[ 1423.420496][T10462]  __kmalloc_noprof+0x501/0x880
[ 1423.425342][T10462]  hash_ipport6_add+0x203e/0x2a50
[ 1423.430359][T10462]  hash_ipport6_uadt+0x8db/0xbe0
[ 1423.435280][T10462]  call_ad.constprop.0+0x16e/0x940
[ 1423.440389][T10462]  ip_set_ad.constprop.0.isra.0+0x3ce/0x870
[ 1423.446301][T10462]  nfnetlink_rcv_msg+0x9f9/0x1200
[ 1423.451486][T10462]  netlink_rcv_skb+0x155/0x420
[ 1423.456251][T10462]  nfnetlink_rcv+0x1b3/0x430
[ 1423.460831][T10462]  netlink_unicast+0x5aa/0x870
[ 1423.465584][T10462] page last free pid 5819 tgid 5819 stack trace:
[ 1423.471897][T10462]  __free_frozen_pages+0x7df/0x1160
[ 1423.477080][T10462]  __put_partials+0x130/0x170
[ 1423.481764][T10462]  qlist_free_all+0x4d/0x120
[ 1423.486332][T10462]  kasan_quarantine_reduce+0x195/0x1e0
[ 1423.491787][T10462]  __kasan_slab_alloc+0x69/0x90
[ 1423.496621][T10462]  kmem_cache_alloc_noprof+0x250/0x6e0
[ 1423.502066][T10462]  getname_flags.part.0+0x4c/0x550
[ 1423.507163][T10462]  getname_flags+0x93/0xf0
[ 1423.511558][T10462]  do_sys_openat2+0xb8/0x1d0
[ 1423.516135][T10462]  __x64_sys_openat+0x174/0x210
[ 1423.520969][T10462]  do_syscall_64+0xcd/0x4e0
[ 1423.525452][T10462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.531327][T10462] 
[ 1423.533626][T10462] Memory state around the buggy address:
[ 1423.539234][T10462]  ffff888034126980: 00 00 00 00 00 00 00 07 fc fc fc fc fc fc fc fc
[ 1423.547624][T10462]  ffff888034126a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1423.555751][T10462] >ffff888034126a80: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1423.563789][T10462]                       ^
[ 1423.568100][T10462]  ffff888034126b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1423.576143][T10462]  ffff888034126b80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1423.584196][T10462] ==================================================================
[ 1423.595372][   T30] audit: type=1400 audit(2147.821:3715): avc:  denied  { execute } for  pid=10458 comm="syz.2.15067" path="/dev/dri/card0" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1423.619837][   T30] audit: type=1400 audit(2147.868:3716): avc:  denied  { read } for  pid=10463 comm="syz.3.15068" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1423.639192][T10462] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1423.639213][T10462] CPU: 1 UID: 0 PID: 10462 Comm: syz.2.15067 Not tainted syzkaller #0 PREEMPT(full) 
[ 1423.639234][T10462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1423.639245][T10462] Call Trace:
[ 1423.639251][T10462]  <TASK>
[ 1423.639259][T10462]  dump_stack_lvl+0x3d/0x1f0
[ 1423.639280][T10462]  vpanic+0x640/0x6f0
[ 1423.639299][T10462]  panic+0xca/0xd0
[ 1423.639314][T10462]  ? __pfx_panic+0x10/0x10
[ 1423.639331][T10462]  ? __cpa_addr+0x1d3/0x220
[ 1423.639349][T10462]  ? preempt_schedule_common+0x44/0xc0
[ 1423.639374][T10462]  ? preempt_schedule_thunk+0x16/0x30
[ 1423.639402][T10462]  check_panic_on_warn+0xab/0xb0
[ 1423.639420][T10462]  end_report+0x107/0x170
[ 1423.639440][T10462]  kasan_report+0xee/0x110
[ 1423.639460][T10462]  ? __cpa_addr+0x1d3/0x220
[ 1423.639480][T10462]  __cpa_addr+0x1d3/0x220
[ 1423.639498][T10462]  cpa_flush+0x28b/0x8a0
[ 1423.639525][T10462]  ? __pfx_cpa_flush+0x10/0x10
[ 1423.639544][T10462]  ? pgprot2cachemode+0x9a/0x130
[ 1423.639568][T10462]  ? __pfx_pgprot2cachemode+0x10/0x10
[ 1423.639591][T10462]  ? drm_gem_get_pages+0x6a0/0xa10
[ 1423.639613][T10462]  change_page_attr_set_clr+0x34e/0x4a0
[ 1423.639635][T10462]  ? __pfx_change_page_attr_set_clr+0x10/0x10
[ 1423.639665][T10462]  _set_pages_array+0x1ab/0x2c0
[ 1423.639687][T10462]  drm_gem_shmem_get_pages_locked+0x384/0x490
[ 1423.639715][T10462]  ? __pfx_drm_gem_shmem_get_pages_locked+0x10/0x10
[ 1423.639741][T10462]  ? __pfx___might_resched+0x10/0x10
[ 1423.639768][T10462]  drm_gem_shmem_mmap+0xc9/0x550
[ 1423.639783][T10462]  ? __pfx_drm_gem_shmem_object_mmap+0x10/0x10
[ 1423.639799][T10462]  drm_gem_mmap_obj+0x1b2/0x560
[ 1423.639817][T10462]  drm_gem_mmap+0x40b/0x620
[ 1423.639835][T10462]  ? __pfx_drm_gem_mmap+0x10/0x10
[ 1423.639852][T10462]  ? vm_area_alloc+0x1f/0x160
[ 1423.639878][T10462]  ? lockdep_init_map_type+0x5c/0x280
[ 1423.639899][T10462]  __mmap_region+0x1306/0x27a0
[ 1423.639927][T10462]  ? __pfx___mmap_region+0x10/0x10
[ 1423.639953][T10462]  ? lock_acquire+0x179/0x350
[ 1423.639970][T10462]  ? find_held_lock+0x2b/0x80
[ 1423.639998][T10462]  ? rcu_is_watching+0x12/0xc0
[ 1423.640047][T10462]  mmap_region+0x32b/0x3f0
[ 1423.640063][T10462]  do_mmap+0xa3e/0x1210
[ 1423.640091][T10462]  ? __pfx_do_mmap+0x10/0x10
[ 1423.640110][T10462]  ? __pfx_down_write_killable+0x10/0x10
[ 1423.640130][T10462]  vm_mmap_pgoff+0x29e/0x470
[ 1423.640152][T10462]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1423.640172][T10462]  ? __fget_files+0x20e/0x3c0
[ 1423.640192][T10462]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1423.640213][T10462]  __x64_sys_mmap+0x125/0x190
[ 1423.640231][T10462]  do_syscall_64+0xcd/0x4e0
[ 1423.640248][T10462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.640266][T10462] RIP: 0033:0x7f1eff98eec9
[ 1423.640280][T10462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1423.640296][T10462] RSP: 002b:00007f1efdbd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1423.640314][T10462] RAX: ffffffffffffffda RBX: 00007f1effbe6090 RCX: 00007f1eff98eec9
[ 1423.640325][T10462] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000001000
[ 1423.640335][T10462] RBP: 00007f1effa11f91 R08: 0000000000000007 R09: 0000000100000000
[ 1423.640346][T10462] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[ 1423.640356][T10462] R13: 00007f1effbe6128 R14: 00007f1effbe6090 R15: 00007ffc57a27248
[ 1423.640373][T10462]  </TASK>
[ 1423.642350][T10462] Kernel Offset: disabled