last executing test programs:

7.211800237s ago: executing program 2 (id=24):
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
listen(r0, 0x400000001ffffffd)
r1 = epoll_create1(0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000380)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0)
listen(r2, 0xfff)
accept(r2, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/kexec_crash_size', 0x2000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r6, &(0x7f0000000200)={0xa000000a})
finit_module(r6, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000080)={'wg0\x00'})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r7}, 0x10)
r8 = getpid()
socket$nl_route(0x10, 0x3, 0x0)
process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r9 = syz_io_uring_setup(0x182e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000080)=<r11=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r9, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f639"], 0x0}, 0x90)
r12 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
syz_io_uring_submit(r10, r11, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x0, r12, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}})
io_uring_enter(r9, 0x5b43, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x0)

6.935312211s ago: executing program 1 (id=25):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000010000dd0a00000000000063015a00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19}, 0x90)
bind$netlink(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r6 = timerfd_create(0x8, 0x0)
r7 = timerfd_create(0x8, 0x0)
clock_gettime(0x0, 0x0)
timerfd_settime(r6, 0x0, 0x0, 0x0)
close(r7)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

6.635219006s ago: executing program 1 (id=27):
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$CAPI_SET_FLAGS(r0, 0xc0044306, &(0x7f0000000340)=0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x956bb771065f6df0, 0x42)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, 0x0, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r2}, 0x10)
syz_open_dev$evdev(&(0x7f00000004c0), 0x4, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
prctl$PR_MCE_KILL(0x43, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="000386dd0a00100000004000000060ec97000fc82900fe8000000000000000000000000000aaff0200"/51], 0xffe)
add_key(0x0, &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_open_dev$usbfs(0x0, 0x1ff, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000000040)={0x2})

6.122664934s ago: executing program 2 (id=28):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
sendmsg$NL80211_CMD_GET_POWER_SAVE(r0, &(0x7f0000000440)={&(0x7f0000000180), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0xc114}, 0x20014000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x14)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x6, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bind$inet6(0xffffffffffffffff, &(0x7f000047b000)={0xa, 0x0, 0x0, @private1, 0x10000}, 0x1c)
mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
r3 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x800)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x30, &(0x7f0000000500)=ANY=[@ANYRES32, @ANYBLOB="0d0168363a849b6c01b8445edfdcfcff0156abd2454e20f90f916bde50530aeaec6b5332485da6d27da2acdbf5e66df411c9885dbd7314ae5db0a5639d6558db70ea057a8c6563f42c24aa1cc0e27e1bf890f0ec20dd59844fd8ced8ff99d97b5d269e3ff9557976e26bd93d32639d44", @ANYRESHEX=0x0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000b7080000000000007b8af8ff00000000b7080000e0ffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7", @ANYRESHEX=r0, @ANYRES8=0x0, @ANYRES8=r3], 0x0, 0x91bb, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000840)={0x0, 0x7, 0x8, 0xfffffffe}, 0x10}, 0x90)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000600)={0x7, 0x47, 0x1}, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000240)='GPL\x00'}, 0x90)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmmsg$inet(r4, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1}}], 0xfffffdef, 0x0)

5.48161548s ago: executing program 3 (id=30):
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48)
socket$inet6(0xa, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYRES16=0x0], 0xd)
syz_emit_vhci(&(0x7f0000000400)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x5e}, "8cf09997952b33b44d82050679f29370fe725a1cbdd5afa5da85ab1ae3dc08d083ab8b9e28607112ed43d4141c36898acf4ee05ba713c60a326fe35bbb3c34445fc7cd1b31790c679147dbe1583a41a56f1a0755910f8367934b759512f1"}, 0x62)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="e4afb66cfb4f2f09f75e0000"], 0xf)
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$inet(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="43707511a0ccac586e704a8f22a41d46f166", 0x12}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b0ab039d1f5583201f481b45ae7c431ed4c1f8d470bcdb272", 0x33}], 0x2}, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x40000)
close_range(r3, r3, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x20201)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)

4.643985813s ago: executing program 3 (id=32):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, 0x0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000280), &(0x7f0000000340)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000c0d000/0x1000)=nil, 0x1000, 0x3000007, 0x46832, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mremap(&(0x7f00000a7000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000469000/0x4000)=nil)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140))
r4 = syz_open_pts(r3, 0x0)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1ff, 0x0, "f937267f0f7ba57603a6a12e3f0a7f64c64c56"})
r5 = dup(r4)
read$FUSE(r5, &(0x7f0000000380)={0x2020}, 0x2020)
socket$inet6(0xa, 0x3, 0x7)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

4.397754857s ago: executing program 0 (id=33):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000100)={0x2, 0x4e23}, 0x10)
r1 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000040)={0x7c, 0x5, 0x6, 0xdd5, 0x1, 0x4})
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x1200008, &(0x7f0000000400)=ANY=[])
read$FUSE(r2, &(0x7f000000c3c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f00000002c0)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x102080}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000061c0)="c0f61a5fb77193bea0c6599de09cf570067192ff7d5bf191681878eb121895cd4c4052feb0a5196b61ab6e28d35aec54bb2aee6802a27f50c4e8f36a2b1bb12d93dbcd320ed338fd1a8ed43a2dcb2bf11c773ae982800321c7dcd67fa8930472eee2990090cc2a92f3373d898573a2cd1712c18ea624e82422c96f0d8895bfc4541911ff3662cd28fd55d795d1a5f31c92defbed88d48db688f899fe88997b057ce3e898eaf9eb2e76a59c1d2c10610768b3296595221c2b063ca2aa664fa0a5456c4e2bcddc7f856e2e29ce1b8852997a4d24f918408bfa9969074de495dd4cc9591e48287d78a2b3e0de09b48eb5b6bf78c6afd134b09770c164000d1f300c92877afe8be5d381c38da3b5fb9bd540c2f43c7dd2ec8dcff2af3517ba839c827866d10608964445bdead091df1264f5591e91d2f31b2015dff1b3b7ff0a5dc8b15748278849ddf4389ca7112ec1ca45957e2809b3d763e336f7051ac4e832ec61d1b95b9266565293806933dd8e3b65eaa1b4fe7946056703426674379ccec7abff1c459b91248f3a1d9e8103ae395aa86dd4235a5c16d9bd12dcb1ea9565a7c3d58d247a51db6d9077ecf47152d0733d79a5c449480c40b1cf8e115df4de3404b73ad06ac4c0d03f3b51d1b89b05ded082a5db1f5fbd8d351015b93862b2cc0995fb318609237e404e8d78d8982af761c27ad1fbc8f4693194c5e6b99edcb7a6e9dd261a386d8ed4420a7c12cbdcc86ab19f4e7a6c0c9b80fa3f0549ae57b38a93f669a87584b81e56211b34263db87c2d244e422878aa93e2c24260c71d06f75da33079b48b7072859669c128ba03d1487336a4a04167f2a3fa928d002c8b3cafdedf7a479604aa8f94e6b7ba58395df3d136b783f7be6b0b6b7b4b735c88a53da064a493b16713726b39ce23f08af19a671fe81be1e9772d87ca9cb5dccc35759fe3f7935a3167924d0a7d1586821ffebe0fa57e72a24967f7958875c4bf56d779369074db0077ee58138400c2f646c645e0f453e9e39aaf48da67775f59f8e282db3dec88bbe20ca6e65e2c7e44ab0583840513bfab76d94d1512549ea6db4a5a64cbe6f76b0ecdb2f1f71aa6446bcf4f7249366474cb77ed70ccb2702134b9dc6c2bfaf27ac9a9c85b8d9c48d100ae8c0eaa34701d2125a405b1117307119b754ccbbbcb2c8b71eb76d1157ddc7fbe0c75652a4cfc31d785a489f2344d8b4c47ff1b772104f49658f62d6241ef7f782db0cc071788b3dfa74e69533cd0a02ffadacdfbc8b5a83b9d4b8db068b5a7370f947fc4a99158c6296a442beba2e23ac1ef68c50f19851f3fb68b67fb714a5e7e53bb5a7690286cac12f2b002e854d8595075fbd00622b29bd423c3dbaf600ad6f37c96dcde43de6290b053c76df5620ce17118e2230039304c88a0d207c7cd05dd3854c545cdbebe907cc4d3411a382afed5e080502363cebe68e2c8dc1f800ea4add827a83a9cdf0fe6d54eabfca5a0ba370a06a4af1c49a60cd19141a4d994fbcce888278ade6300bd40685267fcdf1317cdb3b06cae9e7d9edb08d5c98b6d7115c025fcc05058a515adcc23c65ce526aed3b8203f3c54986f65ba9ffe2a9bc26b2813a1fe339ba2a58515cb8375e2d62550bf35dfd4fbdb75a70bb9fdc47d3d0346a65b986b7efd12aab760124b6888480b341b16ef2fea93fe2fbdeb55706690aa2c02bd80b1ccb7b8f23720283df89b515e2020bc5364cc4aea5fdc250f10d46db93c128e2de7477f4c80ec016f7a872efdef50ae1730b3a1deb8085d82f4fd53015a518803cd02646c087d67b0fd7092852dd81ac93ca60346f23fd847cf7c4883cab81af956342da21fb399b69e1988d89f9693b0630fa8cc95714285940d20eda153f8f7b01e6b2b892327b5d1e754a36a3430c5c22c3b841357eb80e526d7792a8ab9c4b1d23d82e31f23ef38580c2b33ca72424fbfbbf237f315cf2e5d134783982cad204be087ef58da96c6bc5da2dc4bc78f293eed56157a10848c0a956de15b83daacede9ae1c54731149f9ce7231cd84e14f128f87361e1fc0cdb2940766f39c93b9ddc74bba0a32548cddb1ae20981576de2ef8a772b04ed90900b2da11ffc70bbdb7091b8b8ed600dc0c9d236277afd9bb97b035f3b8fc95ef3f30c056b67a195c5c9f44c0f2ca4debba0d6d8779903e8e34fdd6b766fbba6b57e722ad9a852dbbeca8eb9acb9929bdcb4d4fa57d54ef1c1a0fdc032a898d3334f5671c7df82361b7d616c1f87e23f7adf043edda83458051f073f2562904ed25ad9a7129f3c14286007c9e4c81ea56c6a7289d8e58782d949a19a2642dc89d107fb465d0a98128250e66eedd93cf063963b7f7a0e1d3b9f1dd212cc9edd662af45852dbbaec84c69a640be115a239b5abd46d990fa007988f6be78a8c1e426091ecb33822529f7fddfb34d9304466ea06bb546a34735021e98674ae4a5f5c0b4f153ad5434b81c6343c42ae79224fe5abfe8b9e6fba38164c3c318500c130323b2f9bbcdf6aceb664e10483e2084defa744cd745e565ac5a8b5c30166330dd95e70f2a072a5cf5462635f7e0a4f455bcb607426aede9fa06d708c7c0daaafe2b84896134ab3b379c6690c9049903156232e5b7ca9529d602968f1e1f7a73214aaf4a9575dd5147e5bef8f05907267580abdb728cf32f6845cdf3bc779451669e4972e0b787afac5a36bacc3c1bcce125e91e4bf9810d91d1f1a3d8316328dd2626040af09892f1241c6645537ebfbeb752afba5e8171f487edba97aa92404973d4e8d09254abd2b70bdadd9b98fa3c33355295a5c474e9b2f017a6636233a382e8ef4e73506880e2a588bf257b6bb11e57cd9e75e45ef609ba583f3a6b1f2f94c7a0443dc0a8906a13e0188b61550cd296e4c63faf45bf7aed852f68ffed377302da3f73d89e4274a64667636bf00e8e4408a8407e098aeeed98e545b9aef40896c8070a76aaa0042162979ec0b7b69b4ee701100d66d3e7d25a48c59989424522889b32e4f18676475782e86d652d2eb836c326b46b8544bb755eeb14727e5ca25875f7b9ae1c113068be55a1521cb4edefef34a7a4cabc3639e456c94f01d78c059c441ce2c468e7b39b56555ad5cd6a14df8e3518e4e1970fbd6f586ce46c51c4d9ad20c3f7f5048c071994e807f19b7176290a82406dd0ad3f0b64350bbce79b223f27ed99f819def43a33696c0739e09030460a5a5d04d251adfbde1af7a485894d3d30c79d49796a9a5e077aeddba1303f3e3a3187298c88da70885e2a9dc966eb69a6439e2d3b1934ae6e8ea328497d87a9dbbddbdbf12b0c582ca4ffe1f25cdcf89a6ccdb31880776ab808b4f050ae02adf70f64c73ab2a3b1c4da69950ab4f7bcf9cc22f81b99694a7783b792facd8197904c12d3776de5184afa143ee23eee82aab2ac79b25503e0692f3463e5c363e0b4b5f31af82898009f7da13d4f249a70de40314c003e7e59dfb233bc44d0316df3e45af806d216ca76a58417ff8abcdf7cfea2da8868c496cdec8f47c451ccdc8908c5e8c1039b6bfa8751637c29fdd9b7dc76279dea5ad7455af4db3394a34cb9be8b9bf1105862108f920c44d029c3372e77c44a25d06cba956da65ee40abe32b8b557e123fddaa87b4ed5ab3485eb11f13c61072720d4adbb937c336f2b60525933b6d49e7c6751f0769377bdcef02abe63639b17a6780a4afccc8067403aeea42726f253ec97994dcf55358e6faa3e622344dfc613f8be96714d5c49633d7b74b9a72883985782ea8691d26da620d905f3583adbd9d527d93f1ce623bcf70d98a0455ff80fb1d472c6fc6bf0390e81b8d755b196e94fb73bcc883f5f310043c5138c95c5d7079c24d5bc5876b422f46a2bb17aee407bf7a55dbbdb253e2865c1b91839737c37142a8fe8bdbc0a7bf89a392da717a5ed87af754052b1d0a1a37313b00cf3b4aad91ce7fa7777b1851121a63e374865b238ddf9a7ebd20641a719c68682b97e3c5126e732800c04cdb627bd415efbb7e5e19917bf4bd53f072b7ec2eaa0128b56e069a32e9f729718fa4a7212ab0fd1e5d3582a5723a704d84a88c235b44812849301ee8155cea471028beea1918cb1f4118728718674cca9dcc58bafcdb9379c57e9333ab348b30a801aa2f5c05c3107e52613cf0f591781ddb5e1e4844633057a26bb3179c31b5664db4bb8c6d762c7b9886317ab6e9e301de67f12085547ad2a20d1d63d361c2bcd66be2e25fe104f8b53b7cf89d90d456f063da31f60078b760ce340f9c9a8e8da113b6c6e3c53e666488d75ab209dbe31ecb531553f17446a29edc465ed22aee2d4c013ee8a4d935c0cd92bcba9e5a56a6c19ac114d12db58bcf5f931a7b282404af34fee464f4c28e16dab834de98dd57b107e45fa66b26c32fd94e848aef6e4a2a65fd4fbead1b1d445d6c343bf50d785e664220371e27566646e284c6a3b07c14c0c5b84b5cd1a01a84d655f8dd72ab8e3d0c48e67596f605cd4a50b5fde9b182792d7ee8ee457eb6666aadea80563b4d176933cc482f75cb98a8dde4a414041187cfb2abe3e5077f23c98bafd0afb8b023e0cb26efc1488dd98a51a19dc93412b5fd91c4e06439b6d2d20a174989f860de6b1be55923a11e5893d30fae74a625f777ef9362e64b529c964b5c0b5817a579a647ded28582c45f965e52e1f76084267c73f8fce8037b22c2496ee6674f56056d9c691eab831c831a27fccd90f961e949a51c90a80b677d11e70d01744f9632cc26b7e6476b8c92a688ec8e1280ea8b795eae7ee61e2735045b9ea516af752b35388a6c3ed98cfbc4e74c8d0717dc31eac87b6a9c06f0d4f412e8e1155ce48cec6d9c106f3013329596a2d43ffe7f942cb7b7449f38620a8a9e5138b5d5d03c8a563446e4dfb1905d841f7a350d6c67d85652297db21b3dd3291b795c90276ccc50eaf513f3ff9480b3d2c0096e92c93cbbea680833cfa630d72c4f5a21ef0f81910b8a5ef77d62175d3abf5b3417cce43e3c53bb84ee1f5e354b2d79c2b46e3bdb2ffb15420e7a28c800c2591cd331d71c645a6b1bc43f06703164c05f61b4abc0fecbaee510def6340c2bbcc32248655e9161c3e6f01520bb0c53be04c3a3ef4a2dc401663f6719ac758aa297f65d1681652e4ad042d754b054df9cede3ffef7ad2f52184ea6d93d6867cc262b0a413da11c02d0c7c49a663319333d8b29d56cbf630e66b6683ff7f3b1ce5c481d37151626eae761adb77642f802bf0f663f3c322ee17cf01a09f058dbf82d04bdd7c48f34f54392d1dd489891ce28373ae980f74897fe3f90db2a9ccdbe56160fd2517adbc953e88c5fa8981456b87ab9f122321816e0df119f6f6c505f0dcab1c8e6a7f4109055dd80001dd90ea984b80f0b0766bd9772d96ed42d95f219b4a8420d7cf04f28475d7f5d8a8a07b0930c40d0dfc2592f8f54e90a80e0a98d3055f4660b1530565c7f2d91d7d96142da19d644aa7c512e24f83e8305970f9d3fc3b9382ad141f63f2d5b265b7cda258119ca4f553fab11f2fd925a7a24c4021045073d867bb089ca7bcb702bcedbc28781e408cf8bd43498f8661a320d28c95c1fc42635c9e4c4de8787afc70bf5c8bf75e0a2937a9ca2b08c15453f24211168c7fb2a24218fc3f04160c2daaa46ef7fb710606a53228e134f20511169034cec55e77037a108060b8fd10ab9ae228d9ee4d5ab1380cfcb8611e6c9d5dc143db2bc856d967b0b9d0187ba8483f7adbd1092562b2b16420baa5ab6c1f7c02ae56f013e752d9f41df4b4f0b008bc25ff58f816e50bdce308e219068bc898a21f1dd26d7fe7760459629f3615bcf7582c87d296f041fb005a72c7ef4013ccd8ca3bea85db90ae6349f101adb9235dd343be423816b37db2661dde2b9db33800da7599e8a9194fcf06755e2659670c62aba1d5a01172a416a0296bade0b32e69b0ee60dd6cd1eecca4335eb0416df6ded75049a14660276df47bb4f224e087235742e90ddf6f57827a0cf26d71b9338f2ff5166bea85a7639de6ac97ec829a7d071fac1f4b27c6c23e952adb5536b45a68e75c1c1a6d44508be6f4b87c5bb880a6baad5faecd1fd6730783d8729c2d89b23a3f2f9b79b78f7fcb70a7812607b25b17ae857e65f205ad5dd87a34e52c6e9611f588236bdc59d816f277aa8cd4a19750461d3e82c8621181b803900d1df439babcf4909168d4125a7c962ceac2f834d79460f17f92f415a85ad7e12da4b76105bceb4641fc87da7797fee092828f6e9e42631fd5c87046ebe5c4044663a31a1b39a6f6a53ee2b7fbc3eede57619535b1011c10d2d5a97c781c44bb6e493287528bc5281496f1aee3c746e09aeef0b2d38bdd33e37446c1f7516767ecbe298b78ef8e03336a08a1a9e62805140573b034459a445240aff04593539aa97056957f3dec9c43e50a1bce1b9c8e860940e03ae39e8f76fb80ae746f7fa4ed0b050c9e08a788e666e9f18bc8e83c64ee3ea04eb9f1c1dd92b3be73d18cc53bca76ba4688b48c13982ae6d25fdd9b5b85612d5b706c9b9d7c6cca91141313356f0d7b859da0de669fb52a829014a0fdde51df658303ce085222a42ad624ee6c659ec94e0d0713b2d3c3becb53c6f76d30530e6129943e20361a7c9f7847f79cb871d866b5277eecc8c1626fe2719c9cf872c0fc78a98e6ca998555721e9abd5bf9e2d1848016e0bd3202c44575c688837136e71e85765d677e0f2b081707a4e7e22bef50b9280a1a5ea549022ef2a9fed989f156198975302608dffd03f8f1186a12585d4670ce868f0c96be37416b9132144f65c9abe8b00894d7a7e6d0a8554e09139ec2a0eb6d4f00c637684602c106257f5abe816e068e0f6f3e94a916ff41e23b6baa4876931209a6b0bce1f6fa8d1965665d3dc42e5c6b011bdb5144fa5fe4879779ac9dffe0843cf49806ecbb615b818e54c6dfe4d12ccae5b12b0ce87909c1e852e8d7587d1ee24c2575af61eb0b667c37b6d15b88121974598ac23cbc66503f95cf01a7a1e217f0712c4cc4e5fc22e83e3aa375eda531a73828eba91223d7de1194af730bbf2c1ed5ec47ecdf465b1794971010ff8c8771c488a1d3f98292b5d2ea9625e52589aaf7212fcdddcc0f1681b785911fcc64a6427358e4307a3d8bc583dd635ba5c41eeae96e0b6bc5236a1f539d291e568d5a0aee25ffbaa73d0cb84bf558cbf6d04b16ef7e97617b42d07100d82fda6f75dcade611e459bdb4773bf2b70e90a8add2bfe6ea6d3a4427940fef6c81931762dbea6678fc63e50c4430227b15cf184dbae4c3b2d8096292c17f701c560ac7cb33efe7d79d0c2a3c0c06e22d4e84e9e959697879f0d27df460046fc20394655cfa19793256cd9074f1c5f8ef530af537164e0e43184f921d56094fa7c7744af35821a5833c9b9d56fcf525a39fc795cf33f14705d0c7087c081bf11ad29e4d6c8f6cbbb3a0d873262b89cfc54d4cec42c3e13a5ba604df942bf8b4eef7cdae1c0e2970edb7ea6437618e6f8312a745ca8bbf0c42df103f42c824ab4e77e8b118e2b9a84568ed3d4aa3800011d02be29c032192719635a1c6c28315b27368f6ffe852bbd661c351cbfbf97b1b36d52371a4ce57e5eb6e4b13cd01b022de1770a5b1cab0fe548092a16e04de76fb8d29d69a1c55f8aa11b34bd6f018d283a9a7c0338b8c1900e21c0054616ade6b56d0fe3379f1a8dec38b85fa8e74e9bb5df4287d037f77bad30de89ea87b03d40c3a1618db1073c07032f6d22f8a264cbf0c1113689308a2fcd7299603a64f884cb03f8c5f0e61e4981d2baac3d50975cb917b815efe2f7eda88f1cef1f34997f0819a92051c1d9eac3ef05de25a2b4d5f65619b4ea377180c541f2afbfa5c8fdae59f8e3a7635d2b30c4c759c32e570b8d9ec03b4aab65503e81e545dd41f593615cfedcf009424ae4854de3a9111115cb254608bc2666b18c85698ac193a9799f1a1f6098288b42dd2684db37e0d3b023ac9b417263b1566acd6d951df147e83db8e909b39bb6a1aa3fcc1c1a20795521b84e0884254b2524ebf0321e5709e7a79f2d62309247b7b24ec71553a9ab9daccacac1a8bd6019b7703c0ed468379640ac6e764ededb2fefaa2f88e15fc97ec6f16007f540cd7a57c7726f4aa9ff6640cc7f5d71a6c12048f98a9071ffd594f17e42e7336ab6d0fd429328df1238e5eb4ebe4f9d8ef01fbcfe8f53eb3f6defd4c7cb40b3772ea2f2130b655d2ad3643977cafa991bbc6aa2aaa2879a3c2d1dace3ec034beb3d06f0a09429b3fd1ac06870dde4ab97b7d5d7ff1394577a6bea7a3a53ca883a16c98d574ddad00de5dfe9f75369be7686a4badf44f4d9b110846b6ffca67f63973186433f6bc3691b580cdc689c159064c55a974fb849f56fd2f9cbe4738e0a1a8a764467dc1d3723278ee1ea573fad98a5318104218d359d89579614592fa6ae7cc4720e6ed71706fdc4c707b03ff77454daf4505700f249aea0abc909763416d44a069a6d605118ac0c20a325577fe1d8af053673fc72e489d24405281f01b4e2e05e4fa14e68a53294e4b5d201c146ff994cfb7a776ad80828732ee647092c20fe46d917142880318136557c47ff7e31d26f35f407c1e6d4254aae442b233b89dd4c0adcfc92b0f821a5a9dce95a24bed9bb5cd17a5b59d3e82086cdd7a3755064e4de22d8f0f973f4235aa58c6214dab89325638d94d3dc25f3ac4d912ff74be6ad8ef49aa2becede5453a409cc8ed8065dacf28a1a7498f6dd07a3478af093574fdd2d0a4f98d12fe898e47cd0550f1fc42810ed2e4cfe5cc4faa67d965f252aab1bd5c536bf2c936706bc71aae98b93494d364faac72a9a60188a23f15ddf1238896e4848da876789b57ca53cd5b1041612a49de9a64a545a39375aa2a516c4af4744daf65a9c28ffb635ba56b96731b763934afa0651fd6fb65e9f71eb0e6fd54bcfd2bf0118b486e97db512290bdb1dcfca76ed974722e13e5acd0569d5f944de70adf728379094981ffaec43848367ec8cdcc227b266649ced47a03b22016ce42be3a33135229670244cc7b3325ee448c95236d0de4bbf641e1cbb0516edb3f8829e60f91d43f0fe45595d8a99e699252930c7b05ba2ba679f8f46c38f789a7750ffa4eaed19c4c1a33aff60c8926ae42497662a130b83b3211e9399e2565d9f082ec30e26e5b02ea91cf43b0a046f9fe596e5bb2a9c800d761008dc7fced2a510af6b02d3f702fc3e1a98c6a87661f0d353b81bc4435c0d4376cfc74c057bf23febb101252c4eb168d4e347e697c8d0c48a687fb2224d58e5dc68c38de930164aba51e7cb19051fe64603c6b602c02c5cc22c6da1c47d906fa1cbf67312658b201b8f89a377d61695daaeee18eb2fb8caf38280fa8b95cca721afdf33d2c3092af57204bca72c46aeae9e9fc46f0ce76b96bbbb59a8517cb72d68f8b189280b6ce1e2686204913bac1d9aecd77623b7f05475352e57f245197894d767e5f17611bbf1bfe2015c9750e9b3f5ad4ad57be1ac4988c30d90829946b05fc5bd709dbd2590da2e3666294f83336e52758bc12c9d02af342a91fdcfc9144021a783643a9845a4898ee03417329ee0e2dd7bd53f3b23f3f9a10ea643b91b3c2df8438efb22fc894bbcdc408a13dbded7002d9cef6e38bf6dfa16f52f0f24087281a3ae95fb4995131938f9ca80c5f466c7367665e5717c823b318f43e7a3e2e8fe9c2e74959ca3d53b79fa45ac778d0a99351a1919b1c9ddfda10d61487fc5a2b8227493b14e2ea9fa41db870deb1700eb46665424fbc3f21c5d7ad61089ad0f99aadcca2a97d46fd091cf21d95674c3cf48f2724a89299b5342ebf8b18770e61c449455f77cacc5b2e0123005cc296acfc28e42e3d3b426469e39def114d6071a3f015f94dd8eab597dc4cf6109f2aeba0639ffe3f66f15ddaa74460a884a5c067e1e6f8d961ff32518e7571d53ae36badcaca50258a15743e67fb35e062e697d44ccd4e416010dbe62a1d13319d3ce88dc7826514d0f84cf7ffd5f1dbdbe3534af35bba26c5f951e18b012234a3e1cd22199358ba66421a326af09d36d45c3497c4725c0e8557395376fa9dcbe4c595aef7f822cb160e72138cd610563c382769b64f5da2ae6f62cbf09d24490565d7b88f6fefc30f050e74327b7efc168f040f18110a61cc6ecf73c43c0e9e73fafcfc6079ee68839a8ed710160fdcfd987394a790e01c42c916169e8c6a7af905c15d51f87e88877386b8f8743efe4fffc2dc8fd73b4e8905b428d4cd87d90e93513f19a981b5037370cd634f23859cb7bd6b5632bd25c6873b7195691e0f76fb07fce6e72d4b2b467e57a325febf4bb842820fe6896b23aa2a3eb37697753a3693ee936692e6cd91eae410bf89192df913f2689adc73b7b35eaf8bf80928c0023b105cbd2be51a08a371be88926636bd590466c218b203fe311d73dd1a8b440133f1ebb8249b4e1f6723b7b18b508dc34acd9da927ea60d2dc361c2d14cd43ad3b0137ac32e8988d11d11de19065d02e8012a2ee24891541989d11da87de4383036b757769222af022e86803b64ccd03e4bfe3a9d3b8a5d6522d7b6ade88aca72bc436382cfcba22a426ecb21366d42588e9a68c0d61722617a4706852ef6e5eb42842d127f88dabcb8cd635d621a9082efe0cbb52fffb017c8cbf80e48ad1d8ac4c927bda50be7bbb6a302081951dd7c05142465ef8188774807ba482c155f7b56b663d24c4ad88140ddba388e4d6abda83048db46ad18328c63006d02844189a769167d94265148e06f3eca08dcd81691df655968de44c5931e62f5dcc4aa16b24ceb6e7a2c8783d9918a9be7c72dcd57fbf39f985ac29069241cbe3298d7651124f03bef8e2adcadb0c0e08efb096f72e5df2d3f8e2ea6f9cd2401533469e5099a6faa98acc2f73028eae115b3a771bc7ddd186ee7a634398e206ce9b1262b1dbb80575eac718eade048bc01ac1d410e21393dada6c1ced94c411fc19ccacdd175996501d66819b491fef65697f736ecc3a4c32f3675d1f90c8e4d44a1ba6048e77fa24d6998ad88da3cf5de223446d53dd72981c19d5915af69b9a7b9bdf35114ac1cee66b9f3f6df4b9a2d2c017d44443a28badca61b1e8db627d967827ebf32c8642b7de41508c15538b6cdf0284f1a94e8d9fcaa086236f11fb1689d57d500423a0c1d362a4fd57e5efa8858c237a0b58210b4df2b6f10fb01ff8b305cb69e65120c716970e1752cae51022a068b9ac2b7775ac415c56d31536c9f1eca654ec89d7ed00855b2d2564a74bf1a0a3b75cbeadad89fd4ce7e0a83a565c6d69077f026dd40ee186fb496d575c5f5d2f4f84e0efd6bca34f070b185903c7fcd6478f467b73687dee0b765477cc474cbe7f067d1f655efe1fac24a6cda9ed82dee343a36f5ce3894587937f31a14dff66e8384bb3c9adebb753f782570a894e09a38c096f523fbdfb7e0c09026fa023c8dc9e5822410d8343afd647a91130744017166a9b195996ee871eb284279fa725f7af7f853eb85bce100cfade5d458c4e166c839e4c1a86", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
pivot_root(0x0, &(0x7f00000000c0)='./file0\x00')
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TCSETSF(r6, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r8, 0xc0045520, &(0x7f0000000040)=""/112)
fchdir(r1)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4)

4.277137836s ago: executing program 0 (id=34):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
syz_usbip_server_init(0x0)
ioperm(0x0, 0xb2, 0x0)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
write$nci(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="400202030121"], 0x6)
r4 = socket(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIN_LINKS={0x8}]}}}]}, 0x3c}}, 0x0)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$sock_int(r6, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r6, &(0x7f0000e15000)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000200)=[{0x6}]}, 0x10)
listen(r6, 0x0)
r7 = socket$kcm(0x2, 0xa, 0x2)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8042, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r9, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$P9_RSTATu(r8, &(0x7f0000000580)={0x239, 0x2, 0x0, {{0x500, 0xf8, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x1d, '\xd2\x99\x98\x80\x14\x98l\xe9\x82\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e\x97\xa5\x9ad', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\x00\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x239)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000140)={@val, @void, @eth={@broadcast, @local, @void, {@ipv4={0x86dd, @udp={{0x5, 0x4, 0x0, 0x0, 0x22, 0x0, 0x600, 0x0, 0x4, 0x0, @empty=0xd4b6, @multicast1}, {0x0, 0x0, 0xe, 0x0, @opaque="6f841fcaf955"}}}}}}, 0x34)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x24000000)

3.402244945s ago: executing program 3 (id=35):
socket$kcm(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x2c, r0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x14, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}]}, {0x4}]}, @ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x2c}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x5, 0x100004, 0x220104, 0xb, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000014006b030231a6080c000af32c00009d31fc0000f800250f02000f00e5aa000017d34460bc24eab556bd05251e6182949a2756f475ce36c2d13b48df000000000000ecb8f6ec63c9f4d4938037e786a6d1bdd700e6657594", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
r4 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$CDROM_SEND_PACKET(r7, 0x5304, &(0x7f0000000440)={"7b80aae6d5d0dc8f29cfcf08", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$CDROMEJECT(r7, 0x5309)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
r8 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(,:', 0x0)
recvmsg$kcm(r1, 0x0, 0x0)

3.260928709s ago: executing program 2 (id=36):
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c9300c0008"], 0x11)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='FROZEN\x00', 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040))
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, 0x0, 0x0)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)={0x18, 0x19, 0x1, 0x0, 0x0, {0x2, 0xd601, 0x9}, [@nested={0x4}]}, 0x18}}, 0x0)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_open_procfs(0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
open(&(0x7f0000000000)='./bus\x00', 0x143042, 0x0)

3.132142959s ago: executing program 1 (id=37):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r4, 0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e21, 0x9, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x8}}}, 0x90)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/36, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$NS_GET_OWNER_UID(r2, 0xb704, &(0x7f0000000200))
ioctl$KVM_SET_PIT(r1, 0x4048aec9, &(0x7f0000000180)={[{0x3, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58}], 0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140), 0xc, 0x0}, 0x0)
ioctl$KVM_SET_CPUID2(r5, 0x4008ae90, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000200000000"])
ioctl$KVM_RUN(r5, 0xae80, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x1ff)

2.803396426s ago: executing program 1 (id=38):
r0 = epoll_create1(0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
write$tun(r2, &(0x7f0000000640)={@val={0x0, 0x6007}, @void, @llc={@snap={0xab, 0x0, "ff", "099984", 0x88ca, "c870e074fea9ed569a64718eaa2dc9d48220a94469e85b5b437e4a5e027dfee6cacce1cdcba77d048b25beafc946703239127be4ed46ae7c6f47f22ab889027a203486949798398701cfaa62ca1c9306556af433cafb1ee1fc657412944d2076abcc40f486e12a23a11363b882cb17959080c41fedb6052e65a27a8d8404e227a8ba86aa00b1000d5db15c9e04dc33d40f2045d289492e470691eb97f68b9a52bf03b8d632bc197d54b3d8ba65e41c760424c1cc0b2e364460465f53426d30c5fe09dc25a153c5a542e5c37ea38d356569f0e24f6733a5cde407bf49bba089aaa8a32ca1f8148b02aa96fa49297f240c41bef05d815cee416d8fde8dbbefee1be1370f3e8925b127731be482429dd0b7770a96d36ed731da36b83a0000000000005511cfca20df0e45fe5a7af226ab7426fc87ab58878027e5890f5618f7007d9973039b195810afe0f5403479cf43ed000000"}}}, 0x15f)
socket(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000001880)='numa_maps\x00')
pread64(r4, &(0x7f0000000880)=""/4096, 0x1000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r5 = inotify_init1(0x0)
fcntl$setown(r5, 0x8, 0xffffffffffffffff)
fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, <r6=>0x0})
r7 = syz_open_procfs(r6, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000380)=0x85000)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, 0x0, 0x0)
r8 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getstat={0xe0, 0x15, 0x0, 0x0, 0x0, {{'digest_null-generic\x00'}}}, 0xe0}}, 0x0)
sendmsg$nl_crypto(r8, &(0x7f00000001c0)={0x0, 0x48, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0xfff)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0))
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000080)={{0x21008, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})

2.703365244s ago: executing program 0 (id=39):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_REFILL_DELAY={0x8}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x508e9ea8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000804}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0xe0, &(0x7f0000000680)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000a00)={r3}, 0x4)
syz_emit_ethernet(0x5e, &(0x7f0000000240)={@random="614b0100a01b", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x28, 0x3a, 0x0, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x2, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback}}}}}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x6, 0x10, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet(0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)={0x54, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @deauth={{{}, {}, @broadcast}, 0x0, @val={0x8c, 0x18, {0x0, "031686e62c78", @long="71af0ef2355a69d2dd510d0ca89bd043"}}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100)={'#! ', './file0', [], 0xa, "8c999473f455d77d3cb37251f6392504f56487d7382fddbfc73d79aa846121c13f2bbfff350505f40a8a8a236b3dcd867433c2d945f33ace32cab0c77695f24ea0eb0727d1e05edfd6e8a6125f61dde49ccd665ab3812275d5e46ec696af6bd94ea343546a898f730f3f7d"}, 0x76)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x13, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207baaf8ff00000000bda106000000000047010000f8ffffffb702000008000000b70300000000000085000000890000001801000020696c250000000000202020db1af8ff51000000bda10000000000000701006516ffffffb702000028000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2.538902576s ago: executing program 0 (id=40):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_CONTINUE(r0, 0x8010aa01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000200000d7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_int(r3, 0x107, 0x7, &(0x7f0000000180)=0x8, 0x4)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r4, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000001b80)=ANY=[], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000400)={@broadcast, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cca", 0x10, 0x3c, 0x0, @dev, @mcast2, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

2.361801449s ago: executing program 0 (id=41):
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x6, 0x0, 0x407}}}, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f00000002c0))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = getpid()
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='afs_flock_ev\x00', r2}, 0x10)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000340))
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000400)={0x0, 0x1})
r3 = syz_open_dev$dri(&(0x7f00000010c0), 0x20, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='t\a\x00\x00', @ANYRES16, @ANYBLOB="000825bd7000fedbdf251d00000008000100520000000c002380060003003b00000008000300", @ANYRES32, @ANYBLOB="0c009900ffffffff040000000c009900030000005e0000002c002380060012000d00000006000c0010a4000005001f000100000005001f0001000000"], 0x74}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="380000001800190e00000000000000000ab4"], 0x38}}, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r3, 0xc01864cb, &(0x7f0000000280)={&(0x7f0000000300)=[0x0], 0x0, 0x1, 0x1})
r5 = syz_open_dev$dri(&(0x7f0000000040), 0x200, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r5, 0xc00864bf, &(0x7f0000000200)={0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000480))
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100))
add_key$user(&(0x7f00000003c0), &(0x7f0000000440)={'syz', 0x1}, &(0x7f0000000580)="115c19d7f98f216195991c4d21158c8a235cbfe252edb27cb8904c899a215e6f2e37b80fb963a4fea53654", 0x2b, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000080)="ee", 0x1, 0xfffffffffffffffd)

2.261903812s ago: executing program 2 (id=42):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$qrtr(0x2a, 0x2, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioperm(0x0, 0x7, 0x4)
r3 = epoll_create1(0x0)
epoll_pwait(r3, &(0x7f0000000180)=[{}], 0x1, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000340)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6})
r7 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x10000, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r7, 0xc100565c, &(0x7f0000000200)={0x0, 0x20, 0x2, {0x1, @raw_data="4bbf622b20d2538e6e1f445b7795aa93c004bbb74ebdde873aa40cfdb8d06aefde8880cf4a22212c23b7c448cd514212f3419dcccde3ae9debb21b3ee10fdf63d3e7583e6702b0e9a49174a54c8fc2394f74d8c60dd96a7d41cebaaa10e0fe4fb36d1d8c9ff5984eea66eb54ff774e7af403c61eb7963e0bd5b1370d56b3a9efdaabcb8c2d20c39e64de366fce7e9c408b86db8a782f306a3e186d49e5f92e8a46d4ef2b353b7082844034eb36e4df5d2bf8b6635dd0f7a4d05bc0e9c33dffa2e74c75962dc70ea1"}})
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000300)={0x1, @sdr={0x4d6eeb9a}})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000440)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000080)={r8, 0x3, r5, 0x5})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
splice(r1, 0x0, r4, 0x0, 0x88000cc, 0x0)
fcntl$setpipe(r2, 0x407, 0x100004)
write$eventfd(r2, &(0x7f0000000240), 0xffffff14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=@newtfilter={0x24, 0x2e, 0x205, 0x0, 0x0, {0x0, 0x0, 0x0, r0}}, 0x24}}, 0x0)

2.214061517s ago: executing program 3 (id=43):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=@delchain={0x4c, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_TO={0x8}]}}]}, 0x4c}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x400448ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYRESOCT=r1, @ANYBLOB="0100000000000000b7080000000400007b8af8ff000000e21619352ab5275e4c4a8ace7d0000000007020000f8ffffffb703000008000000b704e0ffffff00008500000001000000957c9fac41082dce15ec49602d04693b97cfc557c2582c109d06000000992a7d259aed3c8670c7782221b0591b813a3ff66320d666af627f96c67b99701794ba360de515aaa8e6c5b7c6418a4dff8f17c227649b0120258c9f118e9b4362c814a776fbadff576af6ad29226151ed3c"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r6}, 0x10)
socket(0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
keyctl$setperm(0x5, 0x0, 0x0)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
syz_emit_vhci(0x0, 0x0)
write$binfmt_misc(r2, &(0x7f0000000d40)=ANY=[@ANYBLOB="03"], 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

1.905769906s ago: executing program 1 (id=44):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x28, 0xc, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x2680, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x45c)
ioctl$UI_SET_RELBIT(r3, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x8, 0x0, 0x0, 0x44}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
write(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x4e}, [@ldst]}, &(0x7f0000003ff6)='GPL\x00', 0x0, 0xb593, &(0x7f000000cf3d)=""/195}, 0x23)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)

1.815051333s ago: executing program 0 (id=45):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202075ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000009000000850000007200000095000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_PIE_ON(r4, 0x7005)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb)
ioctl$RTC_IRQP_SET(r4, 0x4008700c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
eventfd(0x0)
eventfd(0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
write$tun(r5, &(0x7f0000000040)=ANY=[@ANYRESDEC=r5], 0x15)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x78, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}}}}]}, @CTA_SYNPROXY={0x4}]}, 0x78}}, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)

1.366655626s ago: executing program 2 (id=46):
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000e00)={&(0x7f00000003c0), 0xc, &(0x7f0000000dc0)={&(0x7f0000001f80)=ANY=[@ANYBLOB="58030000", @ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="b800028038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="680102803c000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000b00040072616e646f6d000044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000014000400ff0106b30600000005000040ff7f000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400040000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0c01028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000900000008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000900000008000600", @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c00040008000004010000000a00", @ANYRES32=0x0], 0x358}}, 0x4000000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000002fc0)=ANY=[@ANYBLOB="180100000000004b64efeca2a626f0af0a6b760002006d0000006700", @ANYRES64, @ANYBLOB="cd5c62c710916604c3e06dd28938aaa9ce46bbbe5167c7d72fc4cdb26d9055f7d54e17b4f52d8328db1624f50af6e78aac41f75d1349cc863a6dbf494d32b39228a6e32af6873b79c9d71dac02f66327180d5e4ac3564b01cfe9895de913a5141df906bd4e736a67547d563e0f9cb2806f8be7ed2a2b143cd13b4276c32ee7a1870fd84663fc91377d5fd1bf774bfff25ada813cd03a4962e7e2e38d3e20873dd5eaa4b3b5a73f0ac813cfcd2225645e40b3b17a0bc3612390c4c612a6707d0c85ab271ad2411e6a79c912cbda6d177d20a8bd63de2c802fc34902e3f4719716c26ddfa66c6ab75cfad8df17248ef26430352fcf9bc01736ac98c3667c356d2ce1792ea1de758a1a5ecb6e00bea3bd5b9c38ab93dbf525daa2035261e282ed962b3b47de6c06349dbc33e843758e1c2e6c501ec5975a1e203afe48bd6bb2b331e0216161b411fa24dd79fd377b2a61817af6bf5bea82b2168dc17e954f69a803746b6cf0d27ecce27304e14329ed3d229357f51f881e65c3326a32fcaf2a48f6f394898eeb6acdb92104adc08048366717460f4d3b9c3641e45bfb102a971d9a6aff359e4a415ebde82f8f3e2b837f7716a1508f5c483be892259275be343c098ab685853a2babbcd34267c08b939d2da44ab346415081ed3c18b45812a783a919aeff9b075a12bf9dd7fc0fee808d6c4838c1a8f583bddae15bc0d11efc6a6a4be0e9c9587cccbed140f8a427dcfbc8c55ea3411cf17bdb744edc910fe43a5653c337e2a3c8da22bbe576456290d62663b249703d667ee782a1873ad55b855d03d870379d7a8d85f7a427245a7b23c8f25e07737287e46923c6beb1a855d62fddddbdd0ec518675f7fa9308cef913774a302abd589956fca740b74fd47fe41371ab0beb4c0c4641da57603cf397b4f538ebf29cd7b8f10726e14dfaf234da5e0efa7006d47716ff190108fe078ebf36a7c84af8f595422da6718c7951d1989c701d5e9e03c7b09065e963a21171b5ab9571a4afb04f677df715b82aef7235243d7c911642d388ff4c0dd82ba4129ade849beacfd550bdf9a180643a3076be6356edeb7650358e85eeb029e2f6835aaa1efc5af48cb9a05d8298539f15a5e88173ed7976823b5bf5a48719b6ff26615bff1126160e23f89d6cbec86ab6faa799934259b5dbf4c278c062b8acc8c8c0b59233a70bf7b4b1391dba0aa359c8a7054220ffe6e9fda2433491c67d5565b07268897099c6122b28794a5b768abb903eb2910e96c48d37122f8f832cddf0ad50638f70a2466b2c813f2315cbeea7c89416994ca7aed2dccf812419c92554b55555ce565b88868da3c198975767b09133a113b91c77c178b53288b5b6668ff32cf3663ce7bc698ae2fb97e613cc5967a8401e008f1a7e088982a4d6397325da4c6a4dc9cdb379146c5b471e03c3c2ac04ddb93a3511330da52830bf8fbeb0edd505a67c48bf8c1d21ab8025e717338ce461a482951f3876739fea58df33b2d38ccc2733bac60428980e59df2c5e82d07b09feac2d7021e2957468cdb7ea4466efd155eb4f3998cfa4d48033d7a832320b957bfc0088c372827a165e318055906d64e5621cd765d816921023d56190bc0336a06c1461a034e70def8fbd0761e2f3f1fb024cfc4274b9b3b7ca5888624db129d4c60d1dd3f02426664770461270baf31d0dbf2f933b009540d6c11efb839332139e42ad0efc859d55a065517b27dc64ccd112b6cdbe1ff6e9d789354aa264d7ff5189f303aa653a5bd3d9aa804e9f9433bbd8480c862e6bcf9fc96d4e83e947db539e44c9782e6e6346259183f854cd28b22fcb5461b417b5a91160574c5ef26444800f6f1c820a0e233759ccde2256055332e487b56e895815475168d710095d3e768d4e0474a5e685843ef8605517f4ce817e2e1a8416d8a2fe2da9a8bddcbdcc3b84c71dbd55fd632a5a03dd5108f07089ba2820f51acdb674d768d6045add5ce558335a7c9dacc722fcc2ebbc145cb67b375a3ea0a5d65a46b7aefa76364ab1dd41bfbb341c6c6493214818e0e4d1dfbdc2ce0c0ede300aa038ee17b2dbf303f7bcd1d770925cbd2b27cf6eec1da2ac6454d93775cff9cb2b21e2b9da6d7362959feddfeeaf7915b47ae39b06f348a297f52085e9884f26c28072156539e0da69ab24dc08538499c41e23a3d8b79d37dc24d26c39c706baaed523b79a67864429f1440a933ccc6b10a0548440c42e4b01e99a52171af021ef91c0751f4057956eb1ec1137126091886c2cb5425dd32af1efa2bb5fbcc4e94946ebfc3e0e512ae0b58cd343b4d56861ae1b7ead6459058bc7a2e8c83e7be57b5de7e83ef58a8690c1309cc0df73ade926aaf5a22b8e9722ea81cb68d67dd825a5cd3df5bbc18a279c1aefb308738e448a1e9ecccc2199ea7511638fb54f430dc65454ae5ce1d16881355187253d628af6c95c7b983e10db5c94e76981b5311fbbe4d3a48c8ab60e0589c045645eb6d28d04d6aad66fc05fd814a693a579d29d17c894c5dab955c06be644ab50cfbf6dd4f02d088347a00afde72572482946b7c0a1b6d5ec55e0e4eb2057098f676b0c29fdff1b673999faf6af63007d1456a15b43b85c4015b83f0493ff8d73eec9cc70e0600952fb30dd7b371b7c07b129fed6f015fc1db1716fba68d12ac202e97bcc3f3fc966c081f5341740eaf95ee6c9b9fb797011a8d915fbe424f3d762b23e473c093e4349bd6a17779e2618f5bafe52febafe0069042471eff5714f5b01171d062254ea89430955b79f058cab71bcee32db7a8a985d1eb293cfb88d197a9e10a3a55c", @ANYRESOCT, @ANYRES8=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {0x0}], 0x2, &(0x7f0000008640), 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000008c0)=ANY=[@ANYRESOCT, @ANYRESOCT=r0, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x54}}, 0xc0)
readv(r2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
geteuid()
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000300)=[0x0, <r5=>0x0], 0x0, 0x0, 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_GETENCODER(r4, 0xc01464a6, &(0x7f0000000380)={r5})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000000380)=[0x0]})
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)}, 0x40040)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)

1.236933481s ago: executing program 3 (id=47):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="b0"], 0xb0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r3, 0x4028700f, &(0x7f0000000400)={0x0, 0x0, {0x0, 0x0, 0x0, 0x816, 0x0, 0x100}})
sendmmsg$inet6(r2, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_int(r4, 0x29, 0x10, &(0x7f0000000000), 0x4)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e20, 0xfe000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x400}, 0x1c)
getsockopt$inet6_buf(r4, 0x29, 0x10, 0x0, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
unshare(0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f000062b000)=""/4096}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x10001, 0x7fff, 0x7f, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000001780), 0x8, r6}, 0x38)

937.88448ms ago: executing program 1 (id=48):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x90)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x2, 0x7d})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
r2 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x6})
unshare(0x20000400)
io_uring_enter(r2, 0x54, 0x4, 0x1, 0x0, 0x0)
open(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x85, 0xf1, 0xc, 0x8, 0x4e6, 0xb, 0x100, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0xaf}}]}}]}}, 0x0)
r5 = syz_io_uring_setup(0x24f5, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000000))
r6 = eventfd2(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r5, 0x4, &(0x7f0000000040)=r6, 0x1)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
r7 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r7, 0xc040565e, &(0x7f00000001c0)={0x9, 0x101})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000580)=""/74})
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x0)
pwritev2(r8, &(0x7f0000000080)=[{&(0x7f0000000040)='T', 0xfffffe12}], 0xf, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000001c0)=0x20000)

856.548081ms ago: executing program 3 (id=49):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000500)="eae9a1000037017aacf30fa6c0f30fc7720dc4e118541bd3a9f4a60000660f1c460d66f30f2b2b0f09660f01df", 0x2d}], 0x1, 0x0, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/85, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
pipe(0x0)
socket(0x21, 0x0, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_GET_REPORT_REPLY(r4, &(0x7f00000000c0), 0xa)

0s ago: executing program 2 (id=50):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1e, 0x6, 0x1000000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000580)=0x9)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x8)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0xdaa, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xffff}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0xfffffffa, 0xc, 0xf61, 0x2201, r3, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x0, 0x7}, 0x48)
bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000440)={0xffffffffffffffff, 0x0, &(0x7f0000000400)=@tcp6}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x10000006, 0xfffffffe, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x80004}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x0, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x46, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb7000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='jbd2_shrink_scan_exit\x00', r2}, 0x16)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend,access=any,cache=fscache,v'])
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040), 0x2000000, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r4 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000180)=""/98, 0x62)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0x6c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x9}, @multicast2, @broadcast}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})

kernel console output (not intermixed with test programs):

[   53.874566][   T39] audit: type=1400 audit(1724688005.153:83): avc:  denied  { read } for  pid=4811 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   53.928009][   T39] audit: type=1400 audit(1724688005.183:84): avc:  denied  { append } for  pid=4811 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   53.939090][   T39] audit: type=1400 audit(1724688005.183:85): avc:  denied  { open } for  pid=4811 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   53.950345][   T39] audit: type=1400 audit(1724688005.183:86): avc:  denied  { getattr } for  pid=4811 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '[localhost]:61821' (ED25519) to the list of known hosts.
[   55.794311][   T39] audit: type=1400 audit(1724688007.073:87): avc:  denied  { name_bind } for  pid=5278 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   58.899499][   T39] kauditd_printk_skb: 2 callbacks suppressed
[   58.899534][   T39] audit: type=1400 audit(1724688010.173:90): avc:  denied  { mounton } for  pid=5290 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   58.905655][ T5290] cgroup: Unknown subsys name 'net'
[   58.912459][   T39] audit: type=1400 audit(1724688010.183:91): avc:  denied  { mount } for  pid=5290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   58.921802][   T39] audit: type=1400 audit(1724688010.193:92): avc:  denied  { unmount } for  pid=5290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   59.150718][ T5290] cgroup: Unknown subsys name 'rlimit'
[   59.302004][   T39] audit: type=1400 audit(1724688010.583:93): avc:  denied  { setattr } for  pid=5290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   59.314001][   T39] audit: type=1400 audit(1724688010.583:94): avc:  denied  { create } for  pid=5290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   59.322421][   T39] audit: type=1400 audit(1724688010.583:95): avc:  denied  { write } for  pid=5290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   59.333250][   T39] audit: type=1400 audit(1724688010.583:96): avc:  denied  { read } for  pid=5290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   59.343474][   T39] audit: type=1400 audit(1724688010.593:97): avc:  denied  { mounton } for  pid=5290 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   59.354990][   T39] audit: type=1400 audit(1724688010.593:98): avc:  denied  { mount } for  pid=5290 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   59.365474][   T39] audit: type=1400 audit(1724688010.603:99): avc:  denied  { read } for  pid=5050 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[   59.379687][ T5334] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   60.567372][ T5290] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.094684][   T39] kauditd_printk_skb: 5 callbacks suppressed
[   66.094701][   T39] audit: type=1400 audit(1724688017.373:105): avc:  denied  { execmem } for  pid=5336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   66.686719][   T39] audit: type=1400 audit(1724688017.963:106): avc:  denied  { mounton } for  pid=5340 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   66.699840][   T39] audit: type=1400 audit(1724688017.963:107): avc:  denied  { mount } for  pid=5341 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   66.710875][   T39] audit: type=1400 audit(1724688017.963:108): avc:  denied  { create } for  pid=5340 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.720264][   T39] audit: type=1400 audit(1724688017.963:109): avc:  denied  { create } for  pid=5341 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.729561][   T39] audit: type=1400 audit(1724688017.963:110): avc:  denied  { read write } for  pid=5341 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   66.740114][   T39] audit: type=1400 audit(1724688017.963:111): avc:  denied  { read write } for  pid=5340 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   66.750408][   T39] audit: type=1400 audit(1724688017.963:112): avc:  denied  { open } for  pid=5341 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   66.757703][ T5348] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.758474][ T5353] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.760455][ T5353] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   66.761510][ T5353] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   66.762032][   T39] audit: type=1400 audit(1724688017.973:113): avc:  denied  { ioctl } for  pid=5341 comm="syz-executor" path="socket:[5346]" dev="sockfs" ino=5346 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   66.765576][ T5348] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.768386][ T5353] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   66.771610][ T5348] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.774202][ T5354] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.776133][ T5353] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   66.776830][ T5353] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   66.777168][ T5353] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   66.786084][ T5348] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.792222][   T39] audit: type=1400 audit(1724688018.073:114): avc:  denied  { read } for  pid=5351 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   66.795328][ T5348] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.798010][ T5354] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.798038][ T5356] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.798894][ T5356] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.800091][ T5356] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.801339][ T5348] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.801571][ T5356] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   66.801880][ T5356] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   66.804098][ T5354] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.807779][ T5348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.851603][ T5348] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   66.855372][ T5348] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.181210][ T5343] chnl_net:caif_netlink_parms(): no params data found
[   67.347161][ T5351] chnl_net:caif_netlink_parms(): no params data found
[   67.426543][ T5341] chnl_net:caif_netlink_parms(): no params data found
[   67.434378][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.437446][ T5343] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.441431][ T5343] bridge_slave_0: entered allmulticast mode
[   67.445312][ T5343] bridge_slave_0: entered promiscuous mode
[   67.457956][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.461105][ T5343] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.464242][ T5343] bridge_slave_1: entered allmulticast mode
[   67.467962][ T5343] bridge_slave_1: entered promiscuous mode
[   67.578186][ T5340] chnl_net:caif_netlink_parms(): no params data found
[   67.624842][ T5343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.649107][ T5343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.780534][ T5343] team0: Port device team_slave_0 added
[   67.805411][ T5351] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.808230][ T5351] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.811501][ T5351] bridge_slave_0: entered allmulticast mode
[   67.814750][ T5351] bridge_slave_0: entered promiscuous mode
[   67.827205][ T5343] team0: Port device team_slave_1 added
[   67.901316][ T5351] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.904586][ T5351] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.907664][ T5351] bridge_slave_1: entered allmulticast mode
[   67.911944][ T5351] bridge_slave_1: entered promiscuous mode
[   68.058418][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.064415][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.076260][ T5343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.082349][ T5340] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.085367][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.088229][ T5340] bridge_slave_0: entered allmulticast mode
[   68.093558][ T5340] bridge_slave_0: entered promiscuous mode
[   68.098308][ T5340] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.101981][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.105170][ T5340] bridge_slave_1: entered allmulticast mode
[   68.108874][ T5340] bridge_slave_1: entered promiscuous mode
[   68.115090][ T5351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.118940][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.122333][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.125389][ T5341] bridge_slave_0: entered allmulticast mode
[   68.129096][ T5341] bridge_slave_0: entered promiscuous mode
[   68.134196][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.137869][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.140992][ T5341] bridge_slave_1: entered allmulticast mode
[   68.145105][ T5341] bridge_slave_1: entered promiscuous mode
[   68.169188][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.172565][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.182497][ T5343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.212731][ T5351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.328430][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.335901][ T5340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.342768][ T5340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.376704][ T5351] team0: Port device team_slave_0 added
[   68.385979][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.447047][ T5351] team0: Port device team_slave_1 added
[   68.557915][ T5340] team0: Port device team_slave_0 added
[   68.589080][ T5343] hsr_slave_0: entered promiscuous mode
[   68.592934][ T5343] hsr_slave_1: entered promiscuous mode
[   68.601484][ T5341] team0: Port device team_slave_0 added
[   68.606134][ T5340] team0: Port device team_slave_1 added
[   68.609468][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.612681][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.624062][ T5351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.631265][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.635384][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.646727][ T5351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.653979][ T5341] team0: Port device team_slave_1 added
[   68.788694][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.790750][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.798526][ T5340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.803192][ T5348] Bluetooth: hci3: command tx timeout
[   68.807285][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.810714][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.819812][ T5340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.883807][ T5348] Bluetooth: hci1: command tx timeout
[   68.889789][ T5348] Bluetooth: hci0: command tx timeout
[   68.889826][   T66] Bluetooth: hci2: command tx timeout
[   68.921973][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.925186][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.936708][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.943603][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.946533][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.960802][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.080616][ T5340] hsr_slave_0: entered promiscuous mode
[   69.085142][ T5340] hsr_slave_1: entered promiscuous mode
[   69.088408][ T5340] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.092499][ T5340] Cannot create hsr debugfs directory
[   69.140868][ T5351] hsr_slave_0: entered promiscuous mode
[   69.146992][ T5351] hsr_slave_1: entered promiscuous mode
[   69.150329][ T5351] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.153705][ T5351] Cannot create hsr debugfs directory
[   69.273755][ T5341] hsr_slave_0: entered promiscuous mode
[   69.277672][ T5341] hsr_slave_1: entered promiscuous mode
[   69.280836][ T5341] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.284392][ T5341] Cannot create hsr debugfs directory
[   69.831382][ T5343] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   69.841466][ T5343] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   69.849501][ T5343] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   69.856845][ T5343] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   69.934410][ T5341] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   69.940807][ T5341] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   69.971627][ T5341] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   69.980814][ T5341] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   70.018593][ T5340] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.025094][ T5340] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.031757][ T5340] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.037024][ T5340] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.128045][ T5351] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   70.138599][ T5351] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   70.146108][ T5351] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   70.175693][ T5351] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   70.212139][ T5343] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.267888][ T5343] 8021q: adding VLAN 0 to HW filter on device team0
[   70.277776][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.293120][ T1243] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.296256][ T1243] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.303764][ T5340] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.342216][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.345765][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.356734][ T5340] 8021q: adding VLAN 0 to HW filter on device team0
[   70.405975][ T1243] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.409031][ T1243] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.413842][ T1243] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.417404][ T1243] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.441243][ T5341] 8021q: adding VLAN 0 to HW filter on device team0
[   70.478812][ T5351] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.487219][ T1243] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.491503][ T1243] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.521066][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.523879][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.557455][ T5351] 8021q: adding VLAN 0 to HW filter on device team0
[   70.591623][  T100] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.594516][  T100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.598847][  T100] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.601700][  T100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.623427][ T5341] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   70.628180][ T5341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   70.725744][ T5343] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.775518][ T5343] veth0_vlan: entered promiscuous mode
[   70.804350][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.812853][ T5343] veth1_vlan: entered promiscuous mode
[   70.822289][ T5340] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.880594][   T66] Bluetooth: hci3: command tx timeout
[   70.901498][ T5343] veth0_macvtap: entered promiscuous mode
[   70.911541][ T5340] veth0_vlan: entered promiscuous mode
[   70.918664][ T5343] veth1_macvtap: entered promiscuous mode
[   70.929324][ T5341] veth0_vlan: entered promiscuous mode
[   70.944993][ T5340] veth1_vlan: entered promiscuous mode
[   70.957404][ T5341] veth1_vlan: entered promiscuous mode
[   70.960035][   T66] Bluetooth: hci0: command tx timeout
[   70.960614][ T5348] Bluetooth: hci2: command tx timeout
[   70.962266][ T5342] Bluetooth: hci1: command tx timeout
[   70.968914][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.980850][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.987635][ T5343] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.991947][ T5343] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.996209][ T5343] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.999532][ T5343] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.034404][ T5351] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.120852][ T5341] veth0_macvtap: entered promiscuous mode
[   71.121684][ T1157] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.125419][ T5340] veth0_macvtap: entered promiscuous mode
[   71.126968][ T1157] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.138105][ T5340] veth1_macvtap: entered promiscuous mode
[   71.144356][ T5341] veth1_macvtap: entered promiscuous mode
[   71.182105][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.185919][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.198766][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.201552][   T39] kauditd_printk_skb: 4 callbacks suppressed
[   71.201567][   T39] audit: type=1400 audit(1724688022.483:119): avc:  denied  { mount } for  pid=5343 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   71.205535][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.208101][   T39] audit: type=1400 audit(1724688022.483:120): avc:  denied  { mounton } for  pid=5343 comm="syz-executor" path="/syzkaller.oD3kVm/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   71.220920][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.221615][   T39] audit: type=1400 audit(1724688022.483:121): avc:  denied  { mount } for  pid=5343 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   71.245126][   T39] audit: type=1400 audit(1724688022.483:122): avc:  denied  { unmount } for  pid=5343 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   71.245655][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.253602][   T39] audit: type=1400 audit(1724688022.503:123): avc:  denied  { mounton } for  pid=5343 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=2389 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   71.253649][   T39] audit: type=1400 audit(1724688022.503:124): avc:  denied  { mount } for  pid=5343 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   71.276801][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.283436][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.298599][ T5340] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.303410][ T5340] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.307253][ T5340] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.311164][ T5340] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.315947][   T39] audit: type=1400 audit(1724688022.583:125): avc:  denied  { read write } for  pid=5343 comm="syz-executor" name="loop3" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   71.324954][ T5351] veth0_vlan: entered promiscuous mode
[   71.328190][   T39] audit: type=1400 audit(1724688022.583:126): avc:  denied  { open } for  pid=5343 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   71.330595][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.339536][   T39] audit: type=1400 audit(1724688022.583:127): avc:  denied  { ioctl } for  pid=5343 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=663 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   71.343339][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.357538][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.361982][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.363501][   T39] audit: type=1400 audit(1724688022.643:128): avc:  denied  { prog_load } for  pid=5402 comm="syz.3.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   71.367197][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.388366][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.394407][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.398616][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.402958][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.408268][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.414490][ T5341] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.417860][ T5341] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.421708][ T5341] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.425324][ T5341] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.462115][ T5351] veth1_vlan: entered promiscuous mode
[   71.548729][ T5351] veth0_macvtap: entered promiscuous mode
[   71.556060][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.561210][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.577434][ T5351] veth1_macvtap: entered promiscuous mode
[   71.606716][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.615097][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.617373][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.623422][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.627846][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.633430][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.637806][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.644878][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.651914][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.679147][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.685229][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.689305][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.696884][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.709538][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.713949][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.720651][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.726947][ T5404] cdrom: dropping to single frame dma
[   71.735775][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.739123][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.771311][ T5351] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.775447][ T5351] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.778934][ T5351] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.784580][ T5351] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.792119][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.796216][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.847692][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.852086][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.909493][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.929918][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.038524][ T5408] veth0_vlan: left promiscuous mode
[   72.043980][ T5408] veth0_vlan: entered promiscuous mode
[   72.324604][ T5420] netlink: 'syz.0.6': attribute type 10 has an invalid length.
[   72.345604][ T5420] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6'.
[   72.938955][ T5424] batadv_slave_0: entered promiscuous mode
[   72.962185][ T5342] Bluetooth: hci3: command tx timeout
[   72.980255][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   73.023453][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   73.049199][ T5342] Bluetooth: hci1: command tx timeout
[   73.051996][ T5342] Bluetooth: hci2: command tx timeout
[   73.062333][ T5342] Bluetooth: hci0: command tx timeout
[   73.184175][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   73.607842][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   73.641496][ T5423] batadv_slave_0: left promiscuous mode
[   73.769061][ T5441] syz.1.11: attempt to access beyond end of device
[   73.769061][ T5441] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[   73.811639][ T5441] exFAT-fs (nbd1): unable to read boot sector
[   73.815002][ T5441] exFAT-fs (nbd1): failed to read boot sector
[   73.817700][ T5441] exFAT-fs (nbd1): failed to recognize exfat type
[   75.039910][ T5348] Bluetooth: hci3: command tx timeout
[   75.119510][ T5348] Bluetooth: hci0: command tx timeout
[   75.130786][ T5342] Bluetooth: hci1: command tx timeout
[   75.130848][ T5348] Bluetooth: hci2: command tx timeout
[   75.449042][ T5462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14'.
[   75.834030][ T5470] mmap: syz.1.17 (5470) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   76.228581][ T5473] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   76.255782][   T39] kauditd_printk_skb: 83 callbacks suppressed
[   76.255799][   T39] audit: type=1400 audit(1724688027.533:212): avc:  denied  { bind } for  pid=5472 comm="syz.1.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.258915][ T5473] Bluetooth: MGMT ver 1.23
[   76.260671][   T39] audit: type=1400 audit(1724688027.533:213): avc:  denied  { write } for  pid=5472 comm="syz.1.18" path="socket:[5977]" dev="sockfs" ino=5977 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   76.483578][   T39] audit: type=1400 audit(1724688027.763:214): avc:  denied  { bind } for  pid=5474 comm="syz.2.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   76.548726][   T39] audit: type=1400 audit(1724688027.823:215): avc:  denied  { setopt } for  pid=5474 comm="syz.2.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   76.550595][ T5482] syz.0.20 uses obsolete (PF_INET,SOCK_PACKET)
[   76.557478][   T39] audit: type=1400 audit(1724688027.823:216): avc:  denied  { accept } for  pid=5474 comm="syz.2.19" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[   76.579170][   T39] audit: type=1400 audit(1724688027.853:217): avc:  denied  { create } for  pid=5476 comm="syz.1.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   76.600921][   T39] audit: type=1400 audit(1724688027.873:218): avc:  denied  { setopt } for  pid=5476 comm="syz.1.21" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   76.619468][   T56] IPVS: starting estimator thread 0...
[   76.654567][   T39] audit: type=1400 audit(1724688027.933:219): avc:  denied  { create } for  pid=5480 comm="syz.0.20" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[   76.675306][   T39] audit: type=1400 audit(1724688027.953:220): avc:  denied  { ioctl } for  pid=5480 comm="syz.0.20" path="/dev/iommu" dev="devtmpfs" ino=634 ioctlcmd=0x3b81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   76.676863][ T5482] netlink: 'syz.0.20': attribute type 11 has an invalid length.
[   76.688431][ T5482] netlink: 20 bytes leftover after parsing attributes in process `syz.0.20'.
[   76.688623][   T39] audit: type=1400 audit(1724688027.953:221): avc:  denied  { mount } for  pid=5476 comm="syz.1.21" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   76.720629][ T5485] IPVS: using max 21 ests per chain, 50400 per kthread
[   76.957232][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   76.973490][    T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!!
[   77.050227][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.544517][ T1383] ieee802154 phy0 wpan0: encryption failed: -22
[   77.547591][ T1383] ieee802154 phy1 wpan1: encryption failed: -22
[   78.399644][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   78.457431][ T5516] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   78.499697][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.880878][ T5519] netlink: 20 bytes leftover after parsing attributes in process `syz.0.29'.
[   78.920063][ T5519] 9pnet_fd: Insufficient options for proto=fd
[   79.131644][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   79.213508][ T5517] ieee802154 phy0 wpan0: encryption failed: -22
[   79.578945][ T5527] Bluetooth: MGMT ver 1.23
[   80.290418][ T5535] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   81.561576][   T39] kauditd_printk_skb: 29 callbacks suppressed
[   81.561598][   T39] audit: type=1400 audit(1724688032.843:251): avc:  denied  { name_connect } for  pid=5550 comm="syz.1.37" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   81.609611][ T5348] Bluetooth: hci0: command tx timeout
[   81.922567][   T39] audit: type=1400 audit(1724688033.203:252): avc:  denied  { mounton } for  pid=5557 comm="syz.1.38" path="/proc/32/task" dev="proc" ino=9295 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   82.005631][   T39] audit: type=1400 audit(1724688033.283:253): avc:  denied  { create } for  pid=5557 comm="syz.1.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   82.007779][ T5563] netlink: 16 bytes leftover after parsing attributes in process `syz.1.38'.
[   82.024092][   T39] audit: type=1400 audit(1724688033.283:254): avc:  denied  { write } for  pid=5557 comm="syz.1.38" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[   82.077583][   T39] audit: type=1400 audit(1724688033.353:255): avc:  denied  { write } for  pid=5566 comm="syz.0.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   82.277533][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.0.41'.
[   82.319684][   T39] audit: type=1400 audit(1724688033.583:256): avc:  denied  { ioctl } for  pid=5568 comm="syz.0.41" path="/dev/dri/card2" dev="devtmpfs" ino=641 ioctlcmd=0x64cb scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[   82.363443][ T5574] Zero length message leads to an empty skb
[   82.634968][   T39] audit: type=1400 audit(1724688033.913:257): avc:  denied  { append } for  pid=5578 comm="syz.1.44" name="rtc0" dev="devtmpfs" ino=867 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   82.923806][ T5581] kernel profiling enabled (shift: 0)
[   83.023480][   T39] audit: type=1400 audit(1724688034.303:258): avc:  denied  { read write } for  pid=5578 comm="syz.1.44" name="uinput" dev="devtmpfs" ino=866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   83.036390][   T39] audit: type=1400 audit(1724688034.303:259): avc:  denied  { open } for  pid=5578 comm="syz.1.44" path="/dev/uinput" dev="devtmpfs" ino=866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   83.051217][   T39] audit: type=1400 audit(1724688034.333:260): avc:  denied  { ioctl } for  pid=5578 comm="syz.1.44" path="/dev/uinput" dev="devtmpfs" ino=866 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   83.073739][ T5586] input: syz1 as /devices/virtual/input/input6
[   83.924241][  T833] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   84.142863][  T833] usb 6-1: Using ep0 maxpacket: 8
[   84.154185][  T833] usb 6-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[   84.158333][  T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.206319][  T833] usb 6-1: config 0 descriptor??
[   84.223783][  T833] usb-storage 6-1:0.0: USB Mass Storage device detected
[   84.285515][  T833] usb-storage 6-1:0.0: Quirks match for vid 04e6 pid 000b: 4
[   84.809696][    C3] ==================================================================
[   84.813500][    C3] BUG: KASAN: slab-use-after-free in delete_node+0x7e0/0x8e0
[   84.816509][    C3] Read of size 4 at addr ffff8880257d4108 by task swapper/3/0
[   84.819372][    C3] 
[   84.820316][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0-rc5-syzkaller #0
[   84.823797][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   84.845451][    C3] Call Trace:
[   84.846897][    C3]  <IRQ>
[   84.848121][    C3]  dump_stack_lvl+0x116/0x1f0
[   84.850141][    C3]  print_report+0xc3/0x620
[   84.852288][    C3]  ? __virt_addr_valid+0x5e/0x590
[   84.854494][ T5605] overlayfs: overlapping lowerdir path
[   84.855281][    C3]  ? __phys_addr+0xc6/0x150
[   84.855306][    C3]  kasan_report+0xd9/0x110
[   84.855326][    C3]  ? delete_node+0x7e0/0x8e0
[   84.855346][    C3]  ? delete_node+0x7e0/0x8e0
[   84.874463][    C3]  delete_node+0x7e0/0x8e0
[   84.876459][    C3]  __radix_tree_delete+0x193/0x3d0
[   84.878714][    C3]  radix_tree_delete_item+0xeb/0x230
[   84.881181][    C3]  ? do_raw_spin_lock+0x12d/0x2c0
[   84.883551][    C3]  ? __pfx_radix_tree_delete_item+0x10/0x10
[   84.886150][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   84.888738][    C3]  p9_req_put+0xc2/0x250
[   84.890636][    C3]  req_done+0x1e7/0x2f0
[   84.892626][    C3]  ? __pfx_req_done+0x10/0x10
[   84.894391][    C3]  ? __pfx_req_done+0x10/0x10
[   84.896443][    C3]  vring_interrupt+0x31b/0x400
[   84.898413][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[   84.900671][    C3]  __handle_irq_event_percpu+0x229/0x7c0
[   84.903266][    C3]  handle_irq_event+0xab/0x1e0
[   84.905879][    C3]  handle_edge_irq+0x263/0xd10
[   84.908840][    C3]  __common_interrupt+0xdf/0x250
[   84.911874][    C3]  common_interrupt+0xab/0xd0
[   84.914422][    C3]  </IRQ>
[   84.915854][    C3]  <TASK>
[   84.917114][    C3]  asm_common_interrupt+0x26/0x40
[   84.918883][    C3] RIP: 0010:tick_nohz_idle_exit+0x1c3/0x2e0
[   84.921097][    C3] Code: 85 8e 00 00 00 e8 7d 9c 0e 00 e8 78 9c 0e 00 31 ff 4c 89 e6 e8 de 9e 0e 00 4d 85 e4 75 53 e8 64 9c 0e 00 e8 3f e8 15 00 fb 5b <5d> 41 5c 41 5d c3 cc cc cc cc e8 4e 9c 0e 00 65 44 8b 25 32 ab 86
[   84.929675][    C3] RSP: 0000:ffffc900001a7df8 EFLAGS: 00000202
[   84.932992][    C3] RAX: 0000000000053323 RBX: 0000000000000003 RCX: 1ffffffff2025699
[   84.936470][    C3] RDX: 0000000000000000 RSI: ffffffff8b4cc4a0 RDI: ffffffff8bb09ac0
[   84.940269][    C3] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000001
[   84.943516][    C3] R10: ffffffff9012f91f R11: 0000000000000000 R12: 0000000000000000
[   84.946661][    C3] R13: 00000013b455fd3c R14: ffffffff9012f918 R15: 0000000000000000
[   84.949946][    C3]  do_idle+0x270/0x3f0
[   84.951634][    C3]  ? __pfx_do_idle+0x10/0x10
[   84.953631][    C3]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   84.956195][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[   84.958451][    C3]  cpu_startup_entry+0x4f/0x60
[   84.960481][    C3]  start_secondary+0x220/0x2b0
[   84.962304][    C3]  ? __pfx_start_secondary+0x10/0x10
[   84.964299][    C3]  common_startup_64+0x13e/0x148
[   84.966184][    C3]  </TASK>
[   84.967483][    C3] 
[   84.968616][    C3] Allocated by task 5605:
[   84.970514][    C3]  kasan_save_stack+0x33/0x60
[   84.972546][    C3]  kasan_save_track+0x14/0x30
[   84.974637][    C3]  __kasan_kmalloc+0xaa/0xb0
[   84.976719][    C3]  p9_client_create+0xcf/0x1210
[   84.978876][    C3]  v9fs_session_init+0x1f8/0x1a80
[   84.981030][    C3]  v9fs_mount+0xc6/0xa50
[   84.983181][    C3]  legacy_get_tree+0x109/0x220
[   84.985470][    C3]  vfs_get_tree+0x8f/0x380
[   84.987315][    C3]  path_mount+0x14e6/0x1f20
[   84.988997][    C3]  __x64_sys_mount+0x294/0x320
[   84.991099][    C3]  do_syscall_64+0xcd/0x250
[   84.992978][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.995061][    C3] 
[   84.995990][    C3] Freed by task 5605:
[   84.997495][    C3]  kasan_save_stack+0x33/0x60
[   84.999291][    C3]  kasan_save_track+0x14/0x30
[   85.001071][    C3]  kasan_save_free_info+0x3b/0x60
[   85.003023][    C3]  poison_slab_object+0xf7/0x160
[   85.005306][    C3]  __kasan_slab_free+0x32/0x50
[   85.007523][    C3]  kfree+0x12a/0x3b0
[   85.009260][    C3]  p9_client_create+0xaaa/0x1210
[   85.011606][    C3]  v9fs_session_init+0x1f8/0x1a80
[   85.013771][    C3]  v9fs_mount+0xc6/0xa50
[   85.015642][    C3]  legacy_get_tree+0x109/0x220
[   85.017721][    C3]  vfs_get_tree+0x8f/0x380
[   85.019609][    C3]  path_mount+0x14e6/0x1f20
[   85.021131][    C3]  __x64_sys_mount+0x294/0x320
[   85.022781][    C3]  do_syscall_64+0xcd/0x250
[   85.024445][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.026468][    C3] 
[   85.027291][    C3] The buggy address belongs to the object at ffff8880257d4000
[   85.027291][    C3]  which belongs to the cache kmalloc-512 of size 512
[   85.032397][    C3] The buggy address is located 264 bytes inside of
[   85.032397][    C3]  freed 512-byte region [ffff8880257d4000, ffff8880257d4200)
[   85.037364][    C3] 
[   85.038334][    C3] The buggy address belongs to the physical page:
[   85.040773][    C3] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x257d4
[   85.044205][    C3] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   85.047704][    C3] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   85.050989][    C3] page_type: 0xfdffffff(slab)
[   85.052964][    C3] raw: 00fff00000000040 ffff888015842c80 0000000000000000 dead000000000001
[   85.056142][    C3] raw: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000
[   85.058818][    C3] head: 00fff00000000040 ffff888015842c80 0000000000000000 dead000000000001
[   85.062376][    C3] head: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000
[   85.066050][    C3] head: 00fff00000000002 ffffea000095f501 ffffffffffffffff 0000000000000000
[   85.069679][    C3] head: ffff888000000004 0000000000000000 00000000ffffffff 0000000000000000
[   85.074268][    C3] page dumped because: kasan: bad access detected
[   85.077672][    C3] page_owner tracks the page as allocated
[   85.080726][    C3] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5340, tgid 5340 (syz-executor), ts 70827219865, free_ts 70660929054
[   85.089457][    C3]  post_alloc_hook+0x2d1/0x350
[   85.091546][    C3]  get_page_from_freelist+0x1351/0x2e50
[   85.093957][    C3]  __alloc_pages_noprof+0x22b/0x2460
[   85.096257][    C3]  alloc_slab_page+0x4e/0xf0
[   85.098307][    C3]  new_slab+0x84/0x260
[   85.100099][    C3]  ___slab_alloc+0xdac/0x1870
[   85.102335][    C3]  __slab_alloc.constprop.0+0x56/0xb0
[   85.104434][    C3]  __kmalloc_noprof+0x367/0x400
[   85.106481][    C3]  fib6_info_alloc+0x40/0x160
[   85.108407][    C3]  ip6_route_info_create+0x337/0x1910
[   85.110287][    C3]  ip6_route_add+0x26/0x1c0
[   85.112205][    C3]  addrconf_add_mroute+0x1de/0x350
[   85.114258][    C3]  addrconf_add_dev+0x14e/0x1c0
[   85.116460][    C3]  inet6_addr_add+0x1a8/0xbc0
[   85.118431][    C3]  inet6_rtm_newaddr+0x11d1/0x1aa0
[   85.120405][    C3]  rtnetlink_rcv_msg+0x3c7/0xea0
[   85.122329][    C3] page last free pid 5351 tgid 5351 stack trace:
[   85.124762][    C3]  free_unref_page+0x64a/0xe40
[   85.126632][    C3]  qlist_free_all+0x4e/0x140
[   85.128451][    C3]  kasan_quarantine_reduce+0x192/0x1e0
[   85.130556][    C3]  __kasan_slab_alloc+0x69/0x90
[   85.132470][    C3]  kmem_cache_alloc_node_noprof+0x153/0x310
[   85.134770][    C3]  __alloc_skb+0x2b1/0x380
[   85.136541][    C3]  netlink_alloc_large_skb+0x69/0x130
[   85.138803][    C3]  netlink_sendmsg+0x689/0xd70
[   85.140725][    C3]  __sys_sendto+0x47f/0x4e0
[   85.142537][    C3]  __x64_sys_sendto+0xe0/0x1c0
[   85.144534][    C3]  do_syscall_64+0xcd/0x250
[   85.146503][    C3]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.149150][    C3] 
[   85.150305][    C3] Memory state around the buggy address:
[   85.152780][    C3]  ffff8880257d4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.156333][    C3]  ffff8880257d4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.159706][    C3] >ffff8880257d4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.162762][    C3]                       ^
[   85.164465][    C3]  ffff8880257d4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   85.167781][    C3]  ffff8880257d4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   85.171474][    C3] ==================================================================
[   85.175114][    C3] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   85.178716][    C3] CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.11.0-rc5-syzkaller #0
[   85.182656][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.188129][    C3] Call Trace:
[   85.189789][    C3]  <IRQ>
[   85.191091][    C3]  dump_stack_lvl+0x3d/0x1f0
[   85.193555][    C3]  panic+0x6dc/0x7c0
[   85.195655][    C3]  ? __pfx_panic+0x10/0x10
[   85.197918][    C3]  ? rcu_is_watching+0x12/0xc0
[   85.200054][    C3]  ? __pfx_lock_release+0x10/0x10
[   85.202331][    C3]  ? check_panic_on_warn+0x1f/0xb0
[   85.204418][    C3]  check_panic_on_warn+0xab/0xb0
[   85.206316][    C3]  end_report+0x117/0x180
[   85.208217][    C3]  kasan_report+0xe9/0x110
[   85.210099][    C3]  ? delete_node+0x7e0/0x8e0
[   85.212061][    C3]  ? delete_node+0x7e0/0x8e0
[   85.214018][    C3]  delete_node+0x7e0/0x8e0
[   85.215885][    C3]  __radix_tree_delete+0x193/0x3d0
[   85.218463][    C3]  radix_tree_delete_item+0xeb/0x230
[   85.220667][    C3]  ? do_raw_spin_lock+0x12d/0x2c0
[   85.222920][    C3]  ? __pfx_radix_tree_delete_item+0x10/0x10
[   85.225569][    C3]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   85.228052][    C3]  p9_req_put+0xc2/0x250
[   85.229968][    C3]  req_done+0x1e7/0x2f0
[   85.231950][    C3]  ? __pfx_req_done+0x10/0x10
[   85.234257][    C3]  ? __pfx_req_done+0x10/0x10
[   85.236320][    C3]  vring_interrupt+0x31b/0x400
[   85.238356][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[   85.240629][    C3]  __handle_irq_event_percpu+0x229/0x7c0
[   85.242972][    C3]  handle_irq_event+0xab/0x1e0
[   85.244911][    C3]  handle_edge_irq+0x263/0xd10
[   85.246729][    C3]  __common_interrupt+0xdf/0x250
[   85.248615][    C3]  common_interrupt+0xab/0xd0
[   85.250119][    C3]  </IRQ>
[   85.251161][    C3]  <TASK>
[   85.252305][    C3]  asm_common_interrupt+0x26/0x40
[   85.254486][    C3] RIP: 0010:tick_nohz_idle_exit+0x1c3/0x2e0
[   85.256976][    C3] Code: 85 8e 00 00 00 e8 7d 9c 0e 00 e8 78 9c 0e 00 31 ff 4c 89 e6 e8 de 9e 0e 00 4d 85 e4 75 53 e8 64 9c 0e 00 e8 3f e8 15 00 fb 5b <5d> 41 5c 41 5d c3 cc cc cc cc e8 4e 9c 0e 00 65 44 8b 25 32 ab 86
[   85.265461][    C3] RSP: 0000:ffffc900001a7df8 EFLAGS: 00000202
[   85.268053][    C3] RAX: 0000000000053323 RBX: 0000000000000003 RCX: 1ffffffff2025699
[   85.271567][    C3] RDX: 0000000000000000 RSI: ffffffff8b4cc4a0 RDI: ffffffff8bb09ac0
[   85.274986][    C3] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000001
[   85.278217][    C3] R10: ffffffff9012f91f R11: 0000000000000000 R12: 0000000000000000
[   85.281288][    C3] R13: 00000013b455fd3c R14: ffffffff9012f918 R15: 0000000000000000
[   85.284184][    C3]  do_idle+0x270/0x3f0
[   85.285720][    C3]  ? __pfx_do_idle+0x10/0x10
[   85.287447][    C3]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   85.289947][    C3]  ? lockdep_hardirqs_on+0x7c/0x110
[   85.292340][    C3]  cpu_startup_entry+0x4f/0x60
[   85.294525][    C3]  start_secondary+0x220/0x2b0
[   85.296720][    C3]  ? __pfx_start_secondary+0x10/0x10
[   85.299092][    C3]  common_startup_64+0x13e/0x148
[   85.301291][    C3]  </TASK>
[   85.303109][    C3] Kernel Offset: disabled
[   85.304823][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:00:36  Registers:
info registers vcpu 0

CPU#0
RAX=1ffffffff290547f RBX=ffffffff9482a3f8 RCX=1ffffffff279da95 RDX=00000000000003dd
RSI=1ffffffff279dabb RDI=ffffffff9482a428 RBP=ffffffff94804308 RSP=ffffc900034f7560
R8 =0000000000000000 R9 =ffffffff94633e88 R10=0000000000000002 R11=0000000000000027
R12=ffffffff81676f30 R13=ffffffff94804328 R14=dffffc0000000000 R15=ffffffff948042f8
RIP=ffffffff8167bdf7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0d5e91d6c0 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31c0aff8 CR3=0000000057d6a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb73326a0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8762
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe876f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8769
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe877d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8803
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe88e1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000040000 RBX=ffffc900032cf308 RCX=ffffc90003f64000 RDX=0000000000040000
RSI=ffffffff813cdca2 RDI=ffffc900032cf308 RBP=ffffc900032cfc38 RSP=ffffc900032cf238
R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000002 R11=dffffc0000000000
R12=ffffc900032cf310 R13=ffffc900032cfc40 R14=ffffffff90afb3c8 R15=0000000000000002
RIP=ffffffff818a79d6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f6e949ff6c0 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002001b000 CR3=00000000205e0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff819bbc68
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8762
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe876f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8769
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe877d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe8803
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0d5dbe88e1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000a2bf 00000000fff88a7b 00000000000008b7 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b700000008000003 b7fffffff8000002 07000000000000a2 bf00000000fff88a
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff88e08790 ffffffff82003a3c ffffffff00040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82003827 ffffffff82003631 ffffffff820035b1 ffffffff8200357e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffc900033ef7c0 RCX=0000000000000001 RDX=0000000000000008
RSI=ffffc900033eff00 RDI=ffffc900033ef7c0 RBP=ffffc900033eff00 RSP=ffffc900033ef6f8
R8 =0000000000000001 R9 =0000000000000004 R10=0000000000000001 R11=0000000000000000
R12=ffffc900033ef7c8 R13=ffffc900033eff30 R14=0000000000000001 R15=0000000000000001
RIP=ffffffff813cdc9d RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3895b936c0 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020032000 CR3=0000000053c6e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d8f ffffffff81307d8f
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d8f ffffffff81307d8f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff81307e22
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe8762
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe876f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe8769
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe877d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe8803
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f174bfe88e1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d8f ffffffff81307d8f ffffffff81307d8f ffffffff8100a0d8
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82003a3c ffffffff820039ab ffffffff00040008 000c00130014000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82003631 ffffffff820035b1 ffffffff8200357e ffffffff82003561
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000043 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fe6fe5 RDI=ffffffff9519f5a0 RBP=ffffffff9519f560 RSP=ffffc90000908688
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=5128204350206148
R12=0000000000000000 R13=0000000000000043 R14=ffffffff84fe6f80 R15=0000000000000000
RIP=ffffffff84fe700f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b31cfaff8 CR3=0000000053c6e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8875fd5e ffffffff8875fdcc
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8875fdcc ffffffff8875fd5e
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8875fd5e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de8762
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de876f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de8769
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de877d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de8803
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3894de88e1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff819c012f ffffffff819b4688 ffffffff819b4612 ffffffff819b45d7
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d8f ffffffff8100a0d8 ffffffff00040008 000c00000010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a0d8 ffffffff8100a0d8 ffffffff8100a0af ffffffff8100a0af
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000