last executing test programs:

7.370994225s ago: executing program 0 (id=230):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2b, 0x801, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x80)
r4 = epoll_create1(0x0)
r5 = fcntl$dupfd(r4, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r5, r3, 0x11, 0x0, r5}, 0x14)

6.45095083s ago: executing program 0 (id=242):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
setuid(0xee00)
r0 = syz_io_uring_setup(0x4b9, &(0x7f0000000100)={0x0, 0x0, 0x400, 0x0, 0x20d}, &(0x7f00000001c0), &(0x7f0000000000))
setrlimit(0x40000000000008, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

5.210663152s ago: executing program 0 (id=251):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x790, 0x80000000002, 0x180, 0x400000004, 0xffffffffffffffff, 0xf1, 0x3, 0xfffffffffffffd7e, 0x45, 0x0, 0x3b9, 0xfffffffffffffffe, 0x0, 0x0, 0x8], 0x8000000, 0x3c4210})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.062465259s ago: executing program 0 (id=253):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b00010102"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

3.831127s ago: executing program 1 (id=262):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
r2 = eventfd2(0x50, 0x80001)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000080)={0x1, r2})
close(0x3)

3.771067183s ago: executing program 1 (id=263):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)

3.770924192s ago: executing program 1 (id=264):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@jqfmt_vfsv1}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

3.657685608s ago: executing program 1 (id=266):
syz_usb_connect$cdc_ncm(0x4, 0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="1201500202000902710002010420040904000001020d0000052406000105240006000d240f0106000000020006000606241a05ed0d1524120004a317a88b045e4f01a607c0ffcb7e392a09058103000258057f0904010000020d00000904010102020d"], 0x0)
socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
pipe2$9p(&(0x7f0000000240), 0x800)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bind$can_raw(0xffffffffffffffff, &(0x7f00000001c0), 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, &(0x7f0000000080), 0x4)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x0, @loopback=0x7f000000}})

3.129122335s ago: executing program 0 (id=269):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x1, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000700), 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r2, 0x18000000000002a0, 0x18, 0x0, &(0x7f0000000000)="378303076844268cb89e14f008004ee0ffff00febabec411", 0x0, 0x7, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = accept4$unix(r4, &(0x7f00000000c0), &(0x7f0000000040)=0x6e, 0x80000)
accept$unix(r6, &(0x7f0000000780)=@abs, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003a40)={0x18, 0x10, &(0x7f00000037c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x400}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x4, 0x8, &(0x7f0000003900)=""/8, 0x41000, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7f}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x12, 0x60a, 0x138, 0x202, 0x220, 0x2e8, 0x2e8, 0x220, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00', {}, {}, 0x6, 0x0, 0x0, 0x4c}, 0x0, 0xf8, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@ecn={{0x28}, {0x10}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "0b0500dd2f808bcbf5a552fd64a72ee561b24c479377004898fbe1cefa63"}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
sendmsg$IPSET_CMD_ADD(r0, 0x0, 0x80)

2.487373776s ago: executing program 4 (id=282):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xe, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070001040000000000040002000600030000000903000038000104ce0000000e0000000b"], 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}}, 0x0)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@rand_addr, @initdev}, &(0x7f00000001c0)=0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo/3\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.455561108s ago: executing program 4 (id=283):
open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

2.42956617s ago: executing program 4 (id=284):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000340)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="000000000000000001"], 0x50)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)

2.429085969s ago: executing program 4 (id=285):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x5830000, 0xabc2)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x7, 0x0, 0x3, 0x18, "28f5c9ea1f0197000011ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba76634793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d54100", "07a9088b78042fbafe1406584ae7f342f14e1df800000000000000000200", [0x7d, 0xffffffffffffffff]})

2.342702544s ago: executing program 4 (id=286):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x3, 0x7ffcfffc}]})
pivot_root(0x0, 0x0)

2.342567744s ago: executing program 4 (id=287):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f00000000c0), 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)={0x0, 0x31}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000380)={0x2c, &(0x7f00000001c0)={0x60, 0x30}, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.232643189s ago: executing program 0 (id=288):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224"], 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000000)={0x80, 0x40000105, 0x0, 0x0})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x79374f5eb7667e9f)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f0000007b1d0ee5d88b4d"], 0x0}, 0x0)

1.942847944s ago: executing program 3 (id=291):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.942653664s ago: executing program 3 (id=292):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x53, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_clone(0xa1302400, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r3, 0x8933, &(0x7f0000000100)={'wg0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000800)={0x20, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0x20}}, 0x0)

1.80817181s ago: executing program 2 (id=293):
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x141a82, 0x0)
pwritev(r0, &(0x7f00000029c0)=[{&(0x7f0000001680)="58f14c", 0x3}], 0x1, 0x9, 0x5)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000000)=0x7, 0x2)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaa080045000014000000000006b5c58ec298992ea4d875c4f51131740c9078ac1414bbac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02000090780000"], 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

1.500041946s ago: executing program 2 (id=294):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
unshare(0x60040000)
open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x5c)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000008c0)={'nat\x00', 0x0, [0x81, 0x7, 0xffff, 0xb41, 0xfffffffd]}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), 0xffffffffffffffff)
timerfd_create(0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x1810882, &(0x7f0000000040)=ANY=[@ANYBLOB="756e695f786c6174653d312c726f6469722c757466383d302c73686f72746e616d653d77696e6e742c757466383d302c757466383d312c756e695f786c6174653d302c696f636861727365743d63703433372c756e695f786c6174653d302c6572726f72733d72656d6f756e742d726f2c757466383d312c757466383d312c73686f72746e616d653d77696e39352c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d312c73686f72746e616d653d77696e39352c646973636172642c004338cb8631b26441e86414f461975e105d02960776fcb7ddfd80b96c1b2ffd13d5cc37784797dbc9e26b7c39310b49940995ce6e6ce1c218890b59506de99e2dd234abcde0be50d3de656741fee78f74e94ee73bd6d7162f0d2a8275e0a6125615ce223c21fe303d561d81b2681dce1c0b7061c5a347b2040e7b6c9210507527467dad005f3e38c47d4daa9d76c69f51ffeb2f81123fe54df14c6c02413e51ba63c35f11"], 0x0, 0x2b9, &(0x7f0000000280)="$eJzs3T9rc1UYAPDnpmkSdUgGJxG8oIPTy9t3dUmVFqqZlAzqoMW2IE0QWij4B9NOri6OfgJBcHP1A7j4DQRXwc0OhSv35t4kbdPYaNP65/db+vTc85zznNPTlA45ef/54eFeGgdnn/0crVYStW504zyJTtSichqXdL8MAODf7DzL4rdsbJm8JCJaqysLAFihpf/+f7fykgCAFXvr7Xfe2Oz1tt5M01ZsD7846ef/2edfx883D+LDGMR+PI52XERkE+N4O8uyUT3NdeKl4eikn2cO3/uxHH/z14gifyPa0SmaLufv9LY20rGZ/FFex9Pl/N08/0m049k58+/0tp7MyY9+I15+cab+R9GOnz6Ij2IQe0UR0/zPN9L0teyr3z99Ny8vz09GJ/1m0W8qW7vnHw0AAAAAAAAAAAAAAAAAAAAAAP9hj8q7c5pR3N+TN5X376xd5N+sR1rpXL6fZ5yfVANduR9olMXX1f06j9M0zcqO0/x6PFeP+sOsGgAAAAAAAAAAAAAAAAAAAP5Zjj/+5HB3MNg/KoLXszKYtCwXVLcBVG/r/6vjdCct9aMXYnHn5nSuWhkuGDnWqj5JxMIy8kX8vd24dfDUTTV/8+2yA7b+vM/6dK7olJtxx+uqTtfhbjJ/D5tRtbSqQ/L9bJ9G3HKuxk2PsqWOX2Puo/bSa288UwSjBX0iWVTYK7+Md65sKX+hTid9GsWuzk1fL4OZ9CtnY6nzfP21Iknu/OUHAAAAAAAAAAAAAAAAAACYMX3T75yHZwtTa1lzZWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2afv7/JKhfa7kajMrkccsPry7o3Iij4wdeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8DfwQAAP//4wFdTQ==")
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x82)
fchdir(r3)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x2, 0x3, 0x290, 0xb, 0x0, 0xf0, 0xf8, 0xf0, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x1f8, 0x3, 0x0, {[{{@ip={@multicast1, @multicast1, 0x0, 0x0, 'ip6gretap0\x00', 'syzkaller1\x00', {}, {}, 0x11}, 0xb000000, 0xd8, 0xf8, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x8}}, @common=@unspec=@quota={{0x38}, {0x2000}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@common=@ttl={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r5, 0x0, 0xee01)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

1.066825557s ago: executing program 3 (id=295):
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x26)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc1}})
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)={0x4, 0x4, 0x800077, 0x8, 0x6, 0x8, 0x20000001000, 0xf64, 0xfffffffd})

451.714107ms ago: executing program 2 (id=296):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000340)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="000000000000000001"], 0x50)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)

410.64342ms ago: executing program 1 (id=297):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000021c0)=@delchain={0x170, 0x65, 0x300, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xffe0}, {0x0, 0x1}, {0xd}}, [@filter_kind_options=@f_route={{0xa}, {0x140, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x134, 0x6, [@m_skbmod={0x88, 0xc, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x1, 0x4, 0x1, 0xe6f8, 0x4}, 0xb}}]}, {0x35, 0x6, "9aaad3a34a1adaa126f245a873aacd356f5a6069d77d6f57a142e1f271a2a4c3b0266fa657758ff8baa6653f14335d5dc2"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_skbedit={0x58, 0xe, 0x0, 0x0, {{0xc}, {0x14, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x8}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x4, 0x4d8b101a64a2eb8e}}]}, {0x19, 0x6, "abe20e18a85ce02f8e51764e0dc9a1f6f25d8c6e48"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_skbedit={0x50, 0x6, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x5}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x2}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0x3}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff3, 0xffff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x40008c5}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000c80)={0x9c, 0x0, 0x100, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_HIDDEN_SSID={0x11, 0x7e, @random="69b0b221d6b64c2cb8e282b7fe"}, @NL80211_ATTR_HIDDEN_SSID={0xa, 0x7e, @default_ibss_ssid}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0xd7}, @NL80211_ATTR_IE={0xe, 0x2a, [@ibss={0x6, 0x2, 0x3}, @chsw_timing={0x68, 0x4, {0x7, 0x6}}]}, @NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x300, 0x1, 0x5, 0x0, {0x0, 0x5, 0x0, 0x10, 0x0, 0x1, 0x1, 0x1}, 0x1, 0x9, 0x9}}, @NL80211_ATTR_MESH_CONFIG={0x2c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8, 0x17, 0x400}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x3}, @NL80211_MESHCONF_PLINK_TIMEOUT={0x8, 0x1c, 0x3c31}, @NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xea}, @NL80211_MESHCONF_PATH_REFRESH_TIME={0x8, 0x9, 0x505}]}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x9c}, 0x1, 0x0, 0x0, 0x11}, 0x40080)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

270.974056ms ago: executing program 1 (id=298):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c399000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0)
socket$packet(0x11, 0x3, 0x300)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x50483}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_IGMP_VERSION={0x5, 0x2b, 0x3}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)

124.513594ms ago: executing program 2 (id=299):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0e000000040000000400000001"], 0x48)
r1 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
close_range(0xffffffffffffffff, r1, 0x2)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, 0x0, 0x0}, 0x20)

108.408135ms ago: executing program 3 (id=300):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0xc9)
chroot(&(0x7f0000000100)='./file0\x00')

54.984207ms ago: executing program 2 (id=301):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2, 0x0, 0x0, 0x3ff}}}}}}}, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000e40)=ANY=[], 0x20}}, 0x1)
write$binfmt_misc(r1, &(0x7f0000000040)="64b0eb20", 0x4)
sendmmsg$inet6(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="cd", 0x1}], 0x1}}], 0x4000000000000ec, 0x8001)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/152, 0x98, 0x1, 0x0}, &(0x7f0000000180)=0x40)

54.854187ms ago: executing program 3 (id=302):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80102, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0xe5c, 0x80000)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = eventfd2(0xe5c, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r4, 0x7, 0x2, r2})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xc0, 0x5, 0x7, 0x7f, 0x0, 0x1, 0x9, 0x1, 0x41, 0x3, 0x58, 0x7, 0x5, 0xb, 0x7f}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0xcb, 0xd, 0x2000000000002, 0x6d, 0x2, 0x4000000001002, 0x80000ef, 0x3, 0x7fffffffffffb, 0x8d, 0xfffffffffffffffe, 0x3, 0x1, 0x5, 0x3, 0xbdf], 0x2000, 0x67a64fa265da9e51})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

42.846178ms ago: executing program 2 (id=303):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f0000000540)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@noquota}, {@inode_readahead_blks}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1}}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xd}}, {@test_dummy_encryption}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x90031, 0x0, 0x10, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

0s ago: executing program 3 (id=304):
syz_io_uring_setup(0x5d99, 0x0, &(0x7f0000000140), &(0x7f00000003c0))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@broadcast, 0x0, 0x8001, 0x0, 0x0, 0xa, 0x0, 0x0, 0x4f}, {0x0, 0x0, 0x0, 0x800, 0x7}, {0x0, 0x0, 0xe6}, 0x0, 0x0, 0x0, 0x0, 0x2}, {{@in=@remote, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(r0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@multicast1, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0xfffffffffffffffe, 0x4}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfc, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8, 0x4}, {0x0, 0x8}}}, 0xb8}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.27' (ED25519) to the list of known hosts.
[   21.590929][   T30] audit: type=1400 audit(1774588033.641:64): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.594691][  T273] cgroup: Unknown subsys name 'net'
[   21.613767][   T30] audit: type=1400 audit(1774588033.641:65): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.641143][   T30] audit: type=1400 audit(1774588033.671:66): avc:  denied  { unmount } for  pid=273 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.641488][  T273] cgroup: Unknown subsys name 'devices'
[   21.812884][  T273] cgroup: Unknown subsys name 'hugetlb'
[   21.818520][  T273] cgroup: Unknown subsys name 'rlimit'
[   21.989045][   T30] audit: type=1400 audit(1774588034.031:67): avc:  denied  { setattr } for  pid=273 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   22.012386][   T30] audit: type=1400 audit(1774588034.031:68): avc:  denied  { mounton } for  pid=273 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   22.037170][   T30] audit: type=1400 audit(1774588034.031:69): avc:  denied  { mount } for  pid=273 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   22.065166][  T275] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   22.074143][   T30] audit: type=1400 audit(1774588034.121:70): avc:  denied  { relabelto } for  pid=275 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.099620][   T30] audit: type=1400 audit(1774588034.121:71): avc:  denied  { write } for  pid=275 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.145690][   T30] audit: type=1400 audit(1774588034.191:72): avc:  denied  { read } for  pid=273 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.146948][  T273] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   22.171234][   T30] audit: type=1400 audit(1774588034.191:73): avc:  denied  { open } for  pid=273 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   22.755215][  T283] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.762346][  T283] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.769897][  T283] device bridge_slave_0 entered promiscuous mode
[   22.778814][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.785927][  T283] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.793407][  T283] device bridge_slave_1 entered promiscuous mode
[   22.828848][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.836008][  T284] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.843969][  T284] device bridge_slave_0 entered promiscuous mode
[   22.851176][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.858236][  T284] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.865756][  T284] device bridge_slave_1 entered promiscuous mode
[   22.931955][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.939032][  T285] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.946516][  T285] device bridge_slave_0 entered promiscuous mode
[   22.961887][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.969089][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.976860][  T281] device bridge_slave_0 entered promiscuous mode
[   22.986504][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.993636][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.001162][  T281] device bridge_slave_1 entered promiscuous mode
[   23.007792][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.014926][  T285] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.022356][  T285] device bridge_slave_1 entered promiscuous mode
[   23.051436][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.058519][  T282] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.066027][  T282] device bridge_slave_0 entered promiscuous mode
[   23.075639][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.082942][  T282] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.090496][  T282] device bridge_slave_1 entered promiscuous mode
[   23.233915][  T283] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.241010][  T283] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.252195][  T284] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.259271][  T284] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.266600][  T284] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.273659][  T284] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.303077][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.310166][  T281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.317484][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.324544][  T281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.357043][  T282] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.364131][  T282] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.371588][  T282] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.378637][  T282] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.401261][  T285] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.408345][  T285] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.415699][  T285] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.422790][  T285] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.434658][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.441982][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.449624][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.457216][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.464772][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.472082][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.479322][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.486679][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.494017][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.501620][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.515193][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.544724][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.552935][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.559967][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.567586][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.576223][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.583304][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.590703][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.598841][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.605939][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.613349][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.621649][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.628679][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.654344][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.662374][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.670286][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.678574][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.686981][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.695242][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.703579][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.710633][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.740242][  T281] device veth0_vlan entered promiscuous mode
[   23.752305][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.760763][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.768858][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.776766][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.784709][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.793131][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.800166][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.807726][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   23.815421][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.823269][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   23.831662][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.839812][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.846891][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.854347][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.862569][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.869593][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.877095][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.885085][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.893112][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.901205][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.909184][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.918096][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.925193][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.948906][  T284] device veth0_vlan entered promiscuous mode
[   23.955231][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   23.963504][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.972015][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   23.980330][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.988923][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.996039][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[   24.003686][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.012119][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.020570][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.028888][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.037353][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.045282][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.053556][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   24.061665][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   24.069702][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.077388][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.088605][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.096998][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.106966][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   24.115253][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   24.128377][  T282] device veth0_vlan entered promiscuous mode
[   24.137654][  T281] device veth1_macvtap entered promiscuous mode
[   24.146335][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.154157][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.162282][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.170531][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.177956][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.189170][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.197644][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.211835][  T284] device veth1_macvtap entered promiscuous mode
[   24.222488][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.230833][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.239115][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.250644][  T282] device veth1_macvtap entered promiscuous mode
[   24.264820][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.273394][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.281892][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.289632][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.298196][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.306744][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.315219][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.326739][  T283] device veth0_vlan entered promiscuous mode
[   24.338671][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.347031][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.355361][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.363995][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.372512][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.380885][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.400059][  T285] device veth0_vlan entered promiscuous mode
[   24.408404][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.416243][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.423981][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.432590][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.441389][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   24.449775][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   24.458285][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   24.466427][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   24.474808][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   24.482407][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   24.498329][  T284] request_module fs-gadgetfs succeeded, but still no fs?
[   24.505971][  T283] device veth1_macvtap entered promiscuous mode
[   24.512769][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.521533][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.529999][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.538586][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.546911][   T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.561294][  T285] device veth1_macvtap entered promiscuous mode
[   24.578596][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   24.594992][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   24.606354][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   24.614410][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.623023][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.631659][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   24.639881][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   24.648499][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.656988][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.688767][  T309] loop3: detected capacity change from 0 to 1024
[   24.702238][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   24.713173][  T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   24.721072][  T305] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[   24.851229][  T322] loop3: detected capacity change from 0 to 256
[   26.163902][  T341] loop0: detected capacity change from 0 to 256
[   26.270680][  T345] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   26.315821][  T348] loop4: detected capacity change from 0 to 512
[   26.333608][  T349] loop1: detected capacity change from 0 to 512
[   26.367731][  T348] EXT4-fs (loop4): Ignoring removed nobh option
[   26.380779][  T348] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   26.413464][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #3: comm syz.4.13: corrupted inode contents
[   26.430555][  T349] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   26.450590][  T348] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #3: comm syz.4.13: mark_inode_dirty error
[   26.464671][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #3: comm syz.4.13: corrupted inode contents
[   26.477457][  T348] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.13: mark_inode_dirty error
[   26.491028][  T348] EXT4-fs error (device loop4): ext4_acquire_dquot:6225: comm syz.4.13: Failed to acquire dquot type 0
[   26.522167][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.13: corrupted inode contents
[   26.550548][  T348] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #16: comm syz.4.13: mark_inode_dirty error
[   26.562618][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.13: corrupted inode contents
[   26.576092][  T348] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.13: mark_inode_dirty error
[   26.587780][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.13: corrupted inode contents
[   26.599768][  T348] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   26.609710][  T348] EXT4-fs error (device loop4): ext4_do_update_inode:5253: inode #16: comm syz.4.13: corrupted inode contents
[   26.630427][  T306] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   26.636454][  T359] netlink: 148 bytes leftover after parsing attributes in process `syz.3.16'.
[   26.647285][  T348] EXT4-fs error (device loop4): ext4_truncate:4310: inode #16: comm syz.4.13: mark_inode_dirty error
[   26.663436][  T348] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[   26.673757][  T348] EXT4-fs (loop4): 1 truncate cleaned up
[   26.679540][  T348] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,nobh,,errors=continue. Quota mode: writeback.
[   26.679838][  T359] netlink: 160 bytes leftover after parsing attributes in process `syz.3.16'.
[   26.695290][  T348] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   26.703870][   T30] kauditd_printk_skb: 67 callbacks suppressed
[   26.703904][   T30] audit: type=1400 audit(1774588038.741:139): avc:  denied  { mount } for  pid=347 comm="syz.4.13" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   26.749263][  T362] netlink: 24 bytes leftover after parsing attributes in process `syz.1.15'.
[   26.777574][   T30] audit: type=1400 audit(1774588038.791:140): avc:  denied  { write } for  pid=360 comm="syz.1.15" name="dev_mcast" dev="proc" ino=4026532300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   26.819958][  T348] syz.4.13 (348) used greatest stack depth: 21952 bytes left
[   26.830751][   T30] audit: type=1400 audit(1774588038.821:141): avc:  denied  { prog_run } for  pid=347 comm="syz.4.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   26.880589][   T30] audit: type=1400 audit(1774588038.841:142): avc:  denied  { mounton } for  pid=360 comm="syz.1.15" path="/3/file0" dev="tmpfs" ino=34 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   26.902876][   T30] audit: type=1400 audit(1774588038.861:143): avc:  denied  { getopt } for  pid=347 comm="syz.4.13" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   26.930490][  T306] usb 3-1: Using ep0 maxpacket: 32
[   26.958623][   T30] audit: type=1400 audit(1774588039.001:144): avc:  denied  { create } for  pid=365 comm="syz.4.18" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   27.029336][   T30] audit: type=1400 audit(1774588039.021:145): avc:  denied  { name_bind } for  pid=365 comm="syz.4.18" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket permissive=1
[   27.086610][  T306] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[   27.194478][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.203934][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.213041][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.222181][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.231193][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.240325][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.249369][  T372] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18'.
[   27.297543][  T372] x_tables: duplicate underflow at hook 2
[   28.078148][  T376] Zero length message leads to an empty skb
[   29.057571][  T378] loop1: detected capacity change from 0 to 256
[   29.168078][  T381] loop4: detected capacity change from 0 to 16
[   29.207852][  T381] erofs: (device loop4): mounted with root inode @ nid 36.
[   29.227637][  T381] attempt to access beyond end of device
[   29.227637][  T381] loop4: rw=0, want=34359738368, limit=16
[   29.280530][  T306] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[   29.289633][  T306] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   29.303731][  T306] usb 3-1: Product: syz
[   29.308091][  T306] usb 3-1: Manufacturer: syz
[   29.312808][  T306] usb 3-1: SerialNumber: syz
[   29.318796][  T391] loop3: detected capacity change from 0 to 256
[   29.325650][  T306] usb 3-1: config 0 descriptor??
[   29.391798][  T306] input: KB Gear Tablet as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input4
[   29.473077][   T30] audit: type=1400 audit(1774588041.521:146): avc:  denied  { read } for  pid=86 comm="acpid" name="event3" dev="devtmpfs" ino=574 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   29.477609][  T306] usb 3-1: USB disconnect, device number 2
[   29.495449][    C1] kbtab 3-1:0.0: kbtab_irq - usb_submit_urb failed with result -19
[   30.099620][   T30] audit: type=1400 audit(1774588041.521:147): avc:  denied  { open } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=574 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   30.470368][    C0] sched: RT throttling activated
[   30.471887][   T30] audit: type=1400 audit(1774588041.521:148): avc:  denied  { ioctl } for  pid=86 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=574 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   30.744826][  T407] loop4: detected capacity change from 0 to 256
[   31.781093][   T30] kauditd_printk_skb: 3 callbacks suppressed
[   31.781109][   T30] audit: type=1400 audit(1774588043.831:152): avc:  denied  { read } for  pid=404 comm="syz.4.30" dev="nsfs" ino=4026532620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   31.852410][   T30] audit: type=1400 audit(1774588043.831:153): avc:  denied  { open } for  pid=404 comm="syz.4.30" path="net:[4026532620]" dev="nsfs" ino=4026532620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   31.875416][   T30] audit: type=1400 audit(1774588043.861:154): avc:  denied  { bind } for  pid=404 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   31.894417][   T30] audit: type=1400 audit(1774588043.861:155): avc:  denied  { listen } for  pid=404 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   31.914075][   T30] audit: type=1400 audit(1774588043.861:156): avc:  denied  { write } for  pid=404 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   31.940660][   T30] audit: type=1400 audit(1774588043.861:157): avc:  denied  { accept } for  pid=404 comm="syz.4.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   31.958759][  T419] netlink: 'syz.4.33': attribute type 9 has an invalid length.
[   31.970755][  T421] loop2: detected capacity change from 0 to 256
[   31.991846][   T30] audit: type=1400 audit(1774588044.041:158): avc:  denied  { sys_module } for  pid=418 comm="syz.4.33" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   32.025424][  T421] FAT-fs (loop2): Directory bread(block 64) failed
[   32.050439][  T421] FAT-fs (loop2): Directory bread(block 65) failed
[   32.057071][  T421] FAT-fs (loop2): Directory bread(block 66) failed
[   32.080446][  T421] FAT-fs (loop2): Directory bread(block 67) failed
[   32.089250][  T421] FAT-fs (loop2): Directory bread(block 68) failed
[   32.096106][  T421] FAT-fs (loop2): Directory bread(block 69) failed
[   32.102956][  T421] FAT-fs (loop2): Directory bread(block 70) failed
[   32.109641][  T421] FAT-fs (loop2): Directory bread(block 71) failed
[   32.116440][  T310] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   32.124291][  T421] FAT-fs (loop2): Directory bread(block 72) failed
[   32.131441][  T421] FAT-fs (loop2): Directory bread(block 73) failed
[   32.192448][   T30] audit: type=1400 audit(1774588044.241:159): avc:  denied  { write } for  pid=424 comm="syz.4.35" name="vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   32.216979][   T30] audit: type=1400 audit(1774588044.241:160): avc:  denied  { open } for  pid=424 comm="syz.4.35" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   32.221394][  T425] __nla_validate_parse: 14 callbacks suppressed
[   32.221454][  T425] netlink: 136 bytes leftover after parsing attributes in process `syz.4.35'.
[   32.269080][   T30] audit: type=1400 audit(1774588044.241:161): avc:  denied  { ioctl } for  pid=424 comm="syz.4.35" path="/dev/vga_arbiter" dev="devtmpfs" ino=2 ioctlcmd=0xf513 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   32.290778][  T425] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   32.324161][  T425] syz.4.35 (425) used greatest stack depth: 21920 bytes left
[   32.348830][  T427] loop2: detected capacity change from 0 to 256
[   32.362055][  T429] loop4: detected capacity change from 0 to 256
[   32.370513][  T310] usb 2-1: Using ep0 maxpacket: 8
[   32.413079][  T429] FAT-fs (loop4): Directory bread(block 64) failed
[   32.419687][  T429] FAT-fs (loop4): Directory bread(block 65) failed
[   32.441087][  T429] FAT-fs (loop4): Directory bread(block 66) failed
[   32.447764][  T429] FAT-fs (loop4): Directory bread(block 67) failed
[   32.454482][  T429] FAT-fs (loop4): Directory bread(block 68) failed
[   32.461726][  T429] FAT-fs (loop4): Directory bread(block 69) failed
[   32.468388][  T429] FAT-fs (loop4): Directory bread(block 70) failed
[   32.475295][  T429] FAT-fs (loop4): Directory bread(block 71) failed
[   32.482265][  T429] FAT-fs (loop4): Directory bread(block 72) failed
[   32.489091][  T429] FAT-fs (loop4): Directory bread(block 73) failed
[   32.490794][  T310] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[   32.507109][  T310] usb 2-1: config 0 has no interface number 0
[   32.577792][  T433] device bridge0 entered promiscuous mode
[   32.583903][  T433] device vlan2 entered promiscuous mode
[   32.639570][  T434] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   32.670531][  T310] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   32.692773][  T310] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   32.713891][  T310] usb 2-1: Product: syz
[   32.723310][  T310] usb 2-1: Manufacturer: syz
[   32.733167][  T310] usb 2-1: SerialNumber: syz
[   32.747137][  T310] usb 2-1: config 0 descriptor??
[   33.040492][  T310] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[   33.051188][  T310] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[   33.062761][  T310] usb 2-1: Failed to create links for entity 5
[   33.069736][  T310] usb 2-1: Failed to register entities (-22).
[   33.097304][  T310] usb 2-1: USB disconnect, device number 2
[   33.209833][  T445] loop4: detected capacity change from 0 to 128
[   33.407127][  T448] incfs: Options parsing error. -22
[   33.420469][  T448] incfs: mount failed -22
[   33.467812][  T436] loop0: detected capacity change from 0 to 131072
[   33.479395][  T448] netlink: 10 bytes leftover after parsing attributes in process `syz.2.43'.
[   33.498496][  T436] F2FS-fs (loop0): Test dummy encryption mode enabled
[   33.515861][  T436] F2FS-fs (loop0): invalid crc value
[   33.524262][  T452] loop4: detected capacity change from 0 to 256
[   33.535216][  T436] F2FS-fs (loop0): Found nat_bits in checkpoint
[   33.545701][  T457] netlink: 4 bytes leftover after parsing attributes in process `syz.2.45'.
[   33.568938][  T452] FAT-fs (loop4): Directory bread(block 64) failed
[   33.600429][  T452] FAT-fs (loop4): Directory bread(block 65) failed
[   33.607135][  T452] FAT-fs (loop4): Directory bread(block 66) failed
[   33.613753][  T452] FAT-fs (loop4): Directory bread(block 67) failed
[   33.620423][  T452] FAT-fs (loop4): Directory bread(block 68) failed
[   33.627458][  T452] FAT-fs (loop4): Directory bread(block 69) failed
[   33.634207][  T452] FAT-fs (loop4): Directory bread(block 70) failed
[   33.640846][  T452] FAT-fs (loop4): Directory bread(block 71) failed
[   33.647476][  T452] FAT-fs (loop4): Directory bread(block 72) failed
[   33.654580][  T452] FAT-fs (loop4): Directory bread(block 73) failed
[   33.701795][  T436] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   33.734820][  T410] syz.3.29 (410) used greatest stack depth: 21184 bytes left
[   33.749356][  T457] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.756771][  T457] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.996948][  T468] netlink: 556 bytes leftover after parsing attributes in process `syz.3.47'.
[   34.350233][  T436] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[   34.622470][  T310] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   34.870493][  T310] usb 5-1: Using ep0 maxpacket: 32
[   34.970408][   T20] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   34.990421][  T466] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   35.000595][  T310] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[   35.170534][  T310] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=33.f9
[   35.220510][   T20] usb 3-1: Using ep0 maxpacket: 8
[   35.235060][  T310] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   35.243521][  T310] usb 5-1: Product: syz
[   35.250632][  T310] usb 5-1: Manufacturer: syz
[   35.255271][  T310] usb 5-1: SerialNumber: syz
[   35.261117][  T310] usb 5-1: config 0 descriptor??
[   35.280505][  T466] usb 2-1: Using ep0 maxpacket: 32
[   35.301578][  T310] input: KB Gear Tablet as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input5
[   35.315243][  T484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.51'.
[   35.350689][   T20] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[   35.360166][   T20] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[   35.370761][   T20] usb 3-1: config 179 has no interface number 0
[   35.377188][   T20] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[   35.387421][   T20] usb 3-1: config 179 interface 65 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[   35.401126][   T20] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   35.410194][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   35.500494][  T466] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   35.511621][  T466] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[   35.525062][  T466] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 64
[   35.535367][  T466] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 23
[   35.620823][  T466] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   35.665266][  T466] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   35.782231][  T466] usb 2-1: SerialNumber: syz
[   35.848797][  T286] usb 3-1: USB disconnect, device number 3
[   35.920492][  T480] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   35.929232][  T480] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   35.940800][  T466] hub 2-1:1.0: bad descriptor, ignoring hub
[   35.947459][  T466] hub: probe of 2-1:1.0 failed with error -5
[   35.954031][  T466] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[   35.995456][  T493] netlink: 20 bytes leftover after parsing attributes in process `syz.0.52'.
[   36.026544][  T495] loop0: detected capacity change from 0 to 1024
[   36.150317][  T497] loop0: detected capacity change from 0 to 512
[   36.160981][  T466] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[   36.191020][  T497] =======================================================
[   36.191020][  T497] WARNING: The mand mount option has been deprecated and
[   36.191020][  T497]          and is ignored by this kernel. Remove the mand
[   36.191020][  T497]          option from the mount to silence this warning.
[   36.191020][  T497] =======================================================
[   36.233478][  T497] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   36.245003][  T497] EXT4-fs (loop0): failed to initialize system zone (-117)
[   36.252846][  T497] EXT4-fs (loop0): mount failed
[   36.281529][  T466] usb 2-1: USB disconnect, device number 3
[   36.303757][  T500] loop3: detected capacity change from 0 to 256
[   36.351201][  T500] exfat: Bad value for 'uid'
[   36.364428][  T500] netlink: 80 bytes leftover after parsing attributes in process `syz.3.56'.
[   36.379356][  T497] loop0: detected capacity change from 0 to 512
[   36.414112][  T497] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[   36.427533][  T497] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.461801][  T497] capability: warning: `syz.0.55' uses deprecated v2 capabilities in a way that may be insecure
[   36.508240][  T500] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=500 comm=syz.3.56
[   36.653155][  T514] device bridge0 entered promiscuous mode
[   36.990323][  T306] usb 5-1: USB disconnect, device number 2
[   37.022368][   T30] kauditd_printk_skb: 25 callbacks suppressed
[   37.022385][   T30] audit: type=1400 audit(2000000003.840:187): avc:  denied  { read write } for  pid=523 comm="syz.1.62" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   37.052219][   T30] audit: type=1400 audit(2000000003.840:188): avc:  denied  { open } for  pid=523 comm="syz.1.62" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   37.209708][  T530] netlink: 'syz.3.60': attribute type 4 has an invalid length.
[   37.486295][   T30] audit: type=1400 audit(2000000004.310:189): avc:  denied  { create } for  pid=534 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   37.503221][  T538] loop2: detected capacity change from 0 to 128
[   37.515039][   T30] audit: type=1400 audit(2000000004.340:190): avc:  denied  { bind } for  pid=534 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   37.535644][   T30] audit: type=1400 audit(2000000004.340:191): avc:  denied  { setopt } for  pid=534 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   37.603806][   T30] audit: type=1400 audit(2000000004.420:192): avc:  denied  { read } for  pid=539 comm="syz.0.67" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   37.627769][   T30] audit: type=1400 audit(2000000004.420:193): avc:  denied  { open } for  pid=539 comm="syz.0.67" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   37.677761][  T538] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[   37.680655][   T30] audit: type=1400 audit(2000000004.480:194): avc:  denied  { setopt } for  pid=539 comm="syz.0.67" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   37.706084][  T538] FAT-fs (loop2): Filesystem has been set read-only
[   37.712690][  T530] syz.3.60 (530) used greatest stack depth: 20736 bytes left
[   37.924663][   T30] audit: type=1400 audit(2000000004.750:195): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   38.231243][  T545] loop1: detected capacity change from 0 to 256
[   38.255893][  T545] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   38.292131][  T545] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   38.435768][   T30] audit: type=1400 audit(2000000005.260:196): avc:  denied  { listen } for  pid=546 comm="syz.4.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   38.592126][  T553] loop0: detected capacity change from 0 to 128
[   38.680530][  T567] loop1: detected capacity change from 0 to 16
[   38.699363][  T567] erofs: (device loop1): mounted with root inode @ nid 36.
[   38.868544][  T583] loop2: detected capacity change from 0 to 256
[   38.889509][  T580] pit: kvm: requested 136609 ns i8254 timer period limited to 200000 ns
[   38.904424][  T580] pit: kvm: requested 186057 ns i8254 timer period limited to 200000 ns
[   38.915053][  T583] FAT-fs (loop2): Directory bread(block 64) failed
[   38.921966][  T583] FAT-fs (loop2): Directory bread(block 65) failed
[   38.926346][  T580] pit: kvm: requested 19276 ns i8254 timer period limited to 200000 ns
[   38.928637][  T583] FAT-fs (loop2): Directory bread(block 66) failed
[   38.938710][  T580] pit: kvm: requested 75428 ns i8254 timer period limited to 200000 ns
[   38.943347][  T583] FAT-fs (loop2): Directory bread(block 67) failed
[   38.953354][  T580] pit: kvm: requested 66209 ns i8254 timer period limited to 200000 ns
[   38.958607][  T583] FAT-fs (loop2): Directory bread(block 68) failed
[   38.973096][  T583] FAT-fs (loop2): Directory bread(block 69) failed
[   38.979915][  T583] FAT-fs (loop2): Directory bread(block 70) failed
[   38.986614][  T583] FAT-fs (loop2): Directory bread(block 71) failed
[   38.993447][  T583] FAT-fs (loop2): Directory bread(block 72) failed
[   39.000126][  T583] FAT-fs (loop2): Directory bread(block 73) failed
[   39.048354][  T466] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   39.182392][  T580] pit: kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[   39.440995][  T580] pit: kvm: requested 166781 ns i8254 timer period limited to 200000 ns
[   39.449738][  T580] pit: kvm: requested 196114 ns i8254 timer period limited to 200000 ns
[   39.458487][  T580] pit: kvm: requested 119847 ns i8254 timer period limited to 200000 ns
[   39.460690][  T466] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   39.477433][  T580] pit: kvm: requested 176000 ns i8254 timer period limited to 200000 ns
[   39.536484][  T466] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   39.595187][  T592] loop1: detected capacity change from 0 to 1024
[   39.667563][  T466] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   39.676807][  T466] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   39.685232][  T466] usb 1-1: SerialNumber: syz
[   39.690321][  T592] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   39.712649][  T592] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,norecovery,min_batch_time=0x0000000000000001,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,acl,auto_da_alloc=0x0000000000000343,jqfmt=vfsold,barrier=0x00000000000000. Quota mode: none.
[   39.800283][  T592] EXT4-fs error (device loop1): ext4_xattr_inode_iget:401: inode #11: comm syz.1.86: missing EA_INODE flag
[   39.816833][  T592] EXT4-fs (loop1): Remounting filesystem read-only
[   39.824264][  T592] EXT4-fs error (device loop1): ext4_xattr_inode_iget:406: comm syz.1.86: error while reading EA inode 11 err=-117
[   39.839296][  T592] EXT4-fs (loop1): Remounting filesystem read-only
[   39.977462][  T592] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   40.002867][  T466] usb 1-1: USB disconnect, device number 2
[   40.619956][  T616] tipc: Started in network mode
[   40.625179][  T616] tipc: Node identity 8e1a60fd1d85, cluster identity 4711
[   40.633152][  T616] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   40.640232][  T619] netlink: 'syz.2.87': attribute type 4 has an invalid length.
[   40.658815][  T616] tipc: Resetting bearer <eth:syzkaller0>
[   40.671437][  T613] tipc: Resetting bearer <eth:syzkaller0>
[   40.708216][  T613] tipc: Disabling bearer <eth:syzkaller0>
[   43.654742][   T30] kauditd_printk_skb: 10 callbacks suppressed
[   43.654762][   T30] audit: type=1400 audit(2000000009.660:207): avc:  denied  { create } for  pid=658 comm="syz.1.105" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   43.683238][   T30] audit: type=1400 audit(2000000010.470:208): avc:  denied  { read write } for  pid=669 comm="syz.2.109" name="ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   43.728876][   T30] audit: type=1400 audit(2000000010.470:209): avc:  denied  { open } for  pid=669 comm="syz.2.109" path="/dev/ppp" dev="devtmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   43.784862][  T681] loop2: detected capacity change from 0 to 512
[   43.812755][  T681] EXT4-fs (loop2): dax option not supported
[   43.824878][   T30] audit: type=1400 audit(2000000010.470:210): avc:  denied  { ioctl } for  pid=669 comm="syz.2.109" path="/dev/ppp" dev="devtmpfs" ino=153 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   43.853248][   T30] audit: type=1400 audit(2000000010.490:211): avc:  denied  { unlink } for  pid=281 comm="syz-executor" name="file0" dev="tmpfs" ino=144 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   43.913979][   T30] audit: type=1400 audit(2000000010.540:212): avc:  denied  { read } for  pid=674 comm="syz.4.111" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   44.034001][   T30] audit: type=1400 audit(2000000010.540:213): avc:  denied  { open } for  pid=674 comm="syz.4.111" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   44.163732][  T700] fuse: Unknown parameter 'Name:	syz.0.119
[   44.163732][  T700] Umask:	0077
[   44.163732][  T700] State:	R (running)
[   44.163732][  T700] Tgid:	59
[   44.163732][  T700] Ngid:	0
[   44.163732][  T700] Pid:	60
[   44.163732][  T700] PPid:	1
[   44.163732][  T700] TracerPid:	0
[   44.163732][  T700] Uid:	0	0	0	0
[   44.163732][  T700] Gid:	0	0	0	0
[   44.163732][  T700] FDSize:	256
[   44.163732][  T700] Groups:	0 10 
[   44.163732][  T700] NStgid:	59
[   44.163732][  T700] NSpid:	60
[   44.163732][  T700] NSpgid:	59
[   44.163732][  T700] NSsid:	0
[   44.163732][  T700] VmPeak:	   94020 kB
[   44.163732][  T700] VmSize:	   94020 kB
[   44.163732][  T700] VmLck:	       0 kB
[   44.163732][  T700] VmPin:	       0 kB
[   44.163732][  T700] VmHWM:	   23092 kB
[   44.163732][  T700] VmRSS:	   23092 kB
[   44.163732][  T700] RssAnon:	    1388 kB
[   44.163732][  T700] RssFile:	   21704 kB
[   44.163732][  T700] RssShmem:	       0 kB
[   44.163732][  T700] VmData:	   28392 kB
[   44.333089][   T30] audit: type=1400 audit(2000000010.550:214): avc:  denied  { ioctl } for  pid=674 comm="syz.4.111" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   44.656844][  T698] loop3: detected capacity change from 0 to 131072
[   44.854484][  T698] F2FS-fs (loop3): Found nat_bits in checkpoint
[   44.928415][  T698] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   44.940730][   T30] audit: type=1400 audit(2000000010.550:215): avc:  denied  { set_context_mgr } for  pid=674 comm="syz.4.111" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   44.983100][   T30] audit: type=1400 audit(2000000010.580:216): avc:  denied  { create } for  pid=676 comm="syz.1.110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   45.043313][  T712] loop2: detected capacity change from 0 to 512
[   45.081347][  T706] loop0: detected capacity change from 0 to 8192
[   45.131688][  T712] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   45.179676][  T717] loop4: detected capacity change from 0 to 4096
[   45.204547][  T717] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodiscard,,errors=continue. Quota mode: writeback.
[   45.239044][  T712] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=84ec018, mo2=0002]
[   45.250655][  T712] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3885: comm syz.2.122: Allocating blocks 41-42 which overlap fs metadata
[   45.305144][  T712] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3885: comm syz.2.122: Allocating blocks 41-42 which overlap fs metadata
[   45.379628][  T712] EXT4-fs error (device loop2): ext4_acquire_dquot:6225: comm syz.2.122: Failed to acquire dquot type 1
[   45.441072][  T712] EXT4-fs error (device loop2): mb_free_blocks:1874: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   45.478193][  T712] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #12: comm syz.2.122: corrupted inode contents
[   45.508277][  T712] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #12: comm syz.2.122: mark_inode_dirty error
[   45.523364][  T712] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #12: comm syz.2.122: corrupted inode contents
[   45.535547][  T712] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #12: comm syz.2.122: mark_inode_dirty error
[   45.547283][  T712] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #12: comm syz.2.122: corrupted inode contents
[   45.559766][  T712] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[   45.568880][  T712] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #12: comm syz.2.122: corrupted inode contents
[   45.591418][  T712] EXT4-fs error (device loop2): ext4_truncate:4310: inode #12: comm syz.2.122: mark_inode_dirty error
[   45.603190][  T712] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[   45.613147][  T712] EXT4-fs (loop2): 1 truncate cleaned up
[   45.618859][  T712] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000800000,noblock_validity,inode_readahead_blks=0x0000000000200000,grpjquota=,noinit_itable,quota,debug,sysvgroups,resgid=0x00000000000000002,errors=continue. Quota mode: writeback.
[   45.655081][  T738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.123'.
[   45.930666][  T306] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   45.996514][  T740] EXT4-fs error (device loop2): ext4_acquire_dquot:6225: comm syz.2.122: Failed to acquire dquot type 1
[   46.317782][  T747] loop2: detected capacity change from 0 to 256
[   46.382627][  T747] FAT-fs (loop2): Directory bread(block 64) failed
[   46.389327][  T747] FAT-fs (loop2): Directory bread(block 65) failed
[   46.396145][  T747] FAT-fs (loop2): Directory bread(block 66) failed
[   46.402799][  T747] FAT-fs (loop2): Directory bread(block 67) failed
[   46.409602][  T747] FAT-fs (loop2): Directory bread(block 68) failed
[   46.416245][  T747] FAT-fs (loop2): Directory bread(block 69) failed
[   46.424354][  T747] FAT-fs (loop2): Directory bread(block 70) failed
[   46.431103][  T747] FAT-fs (loop2): Directory bread(block 71) failed
[   46.452484][  T747] FAT-fs (loop2): Directory bread(block 72) failed
[   46.459187][  T747] FAT-fs (loop2): Directory bread(block 73) failed
[   46.550653][  T286] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[   46.782881][  T754] FAT-fs (loop2): error, corrupted directory (invalid entries)
[   46.790914][  T754] FAT-fs (loop2): Filesystem has been set read-only
[   46.860501][  T306] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   46.871130][  T306] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   46.960437][  T306] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   46.969706][  T306] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   46.977933][  T306] usb 1-1: SerialNumber: syz
[   47.030489][  T286] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   47.191532][  T763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.137'.
[   47.240487][  T286] usb 2-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=3e.18
[   47.259783][  T286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   47.269873][  T286] usb 2-1: Product: syz
[   47.287511][  T286] usb 2-1: Manufacturer: syz
[   47.368589][  T286] usb 2-1: SerialNumber: syz
[   47.374180][  T286] usb 2-1: config 0 descriptor??
[   47.700621][  T286] usb 1-1: USB disconnect, device number 3
[   47.727986][   T39] usb 2-1: USB disconnect, device number 4
[   48.442681][  T792] loop2: detected capacity change from 0 to 131072
[   48.561933][  T792] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[   48.570094][  T792] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   48.584001][  T792] F2FS-fs (loop2): invalid crc value
[   48.777026][  T792] F2FS-fs (loop2): Found nat_bits in checkpoint
[   48.845620][  T802] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   48.929285][  T792] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   48.937217][  T792] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   48.974644][  T809] loop3: detected capacity change from 0 to 512
[   49.165064][   T30] kauditd_printk_skb: 20 callbacks suppressed
[   49.165118][   T30] audit: type=1400 audit(2000000015.820:231): avc:  denied  { map } for  pid=791 comm="syz.2.147" path="/23/bus/file1" dev="loop2" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   49.206632][  T809] EXT4-fs (loop3): Ignoring removed orlov option
[   49.214048][  T809] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   50.114454][  T811] fuse: Bad value for 'fd'
[   50.178741][  T809] EXT4-fs (loop3): 1 truncate cleaned up
[   50.184736][  T809] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,orlov,inode_readahead_blks=0x0000000000000100,data_err=ignore,errors=remount-ro,nodiscard,errors=continue,. Quota mode: none.
[   50.269273][   T30] audit: type=1400 audit(2000000017.090:232): avc:  denied  { create } for  pid=816 comm="syz.1.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   50.318999][   T30] audit: type=1400 audit(2000000017.090:233): avc:  denied  { ioctl } for  pid=816 comm="syz.1.154" path="socket:[17797]" dev="sockfs" ino=17797 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   50.358333][   T30] audit: type=1400 audit(2000000017.180:234): avc:  denied  { remove_name } for  pid=807 comm="syz.3.152" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   50.470441][  T829] loop0: detected capacity change from 0 to 512
[   50.490501][   T30] audit: type=1400 audit(2000000017.180:235): avc:  denied  { rename } for  pid=807 comm="syz.3.152" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   50.553632][  T829] EXT4-fs (loop0): mounted filesystem without journal. Opts: abort,,errors=continue. Quota mode: writeback.
[   50.649405][  T829] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.673515][   T30] audit: type=1400 audit(2000000017.500:236): avc:  denied  { setattr } for  pid=828 comm="syz.0.158" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   50.675761][  T829] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[   50.989622][   T30] audit: type=1400 audit(2000000017.810:237): avc:  denied  { create } for  pid=847 comm="syz.3.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   51.125044][   T30] audit: type=1400 audit(2000000017.950:238): avc:  denied  { write } for  pid=839 comm="syz.0.159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   51.264524][   T30] audit: type=1400 audit(2000000018.040:239): avc:  denied  { mounton } for  pid=847 comm="syz.3.162" path="/syzcgroup/unified/syz3" dev="cgroup2" ino=46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   52.177716][  T855] loop2: detected capacity change from 0 to 7
[   52.388736][  T873] loop0: detected capacity change from 0 to 256
[   52.432067][  T873] FAT-fs (loop0): Directory bread(block 64) failed
[   52.438831][  T873] FAT-fs (loop0): Directory bread(block 65) failed
[   52.440576][   T20] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   52.453322][  T873] FAT-fs (loop0): Directory bread(block 66) failed
[   52.460026][  T873] FAT-fs (loop0): Directory bread(block 67) failed
[   52.467174][  T873] FAT-fs (loop0): Directory bread(block 68) failed
[   52.474122][  T873] FAT-fs (loop0): Directory bread(block 69) failed
[   52.480882][  T873] FAT-fs (loop0): Directory bread(block 70) failed
[   52.487564][  T873] FAT-fs (loop0): Directory bread(block 71) failed
[   52.494394][  T873] FAT-fs (loop0): Directory bread(block 72) failed
[   52.501096][  T873] FAT-fs (loop0): Directory bread(block 73) failed
[   52.560486][  T306] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   52.654470][  T876] FAT-fs (loop0): error, corrupted directory (invalid entries)
[   52.662200][  T876] FAT-fs (loop0): Filesystem has been set read-only
[   52.672376][   T39] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   52.700469][   T20] usb 3-1: Using ep0 maxpacket: 8
[   52.820794][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[   52.832593][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   52.843564][   T20] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   52.853831][   T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[   52.865781][   T20] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[   52.876203][   T20] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   52.886052][   T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.901045][   T20] usb 3-1: config 0 descriptor??
[   52.920839][  T306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   52.921177][  T856] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   52.939486][  T306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   52.939576][   T39] usb 2-1: Using ep0 maxpacket: 8
[   52.955059][  T306] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   52.976723][  T306] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   52.991167][  T306] usb 4-1: config 0 descriptor??
[   53.350909][  T306] usbhid 4-1:0.0: can't add hid device: -71
[   53.356932][  T306] usbhid: probe of 4-1:0.0 failed with error -71
[   53.383714][  T306] usb 4-1: USB disconnect, device number 2
[   53.390637][   T39] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[   53.399986][   T20] usb 3-1: USB disconnect, device number 4
[   53.415021][   T39] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.436588][  T886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.176'.
[   53.440676][   T39] usb 2-1: Product: syz
[   53.452623][  T886] device ip6gre1 entered promiscuous mode
[   53.458633][   T39] usb 2-1: Manufacturer: syz
[   53.469444][  T875] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   53.472101][   T39] usb 2-1: SerialNumber: syz
[   53.477764][  T875] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   53.511515][  T875] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   53.522947][   T30] audit: type=1400 audit(2000000020.350:240): avc:  denied  { setopt } for  pid=887 comm="syz.0.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   53.549541][   T39] usb 2-1: config 0 descriptor??
[   53.605064][  T891] kvm: pic: non byte write
[   53.941967][  T908] loop2: detected capacity change from 0 to 512
[   53.950985][   T39] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   53.982748][  T908] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   53.994036][  T908] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.060632][   T20] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   54.090054][  T915] Illegal XDP return value 4294967294, expect packet loss!
[   54.190390][  T875] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   54.200422][   T39] usb 1-1: Using ep0 maxpacket: 16
[   54.230540][   T20] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   54.266938][  T921] loop3: detected capacity change from 0 to 256
[   54.320502][   T39] usb 1-1: config 0 has no interfaces?
[   54.326143][   T39] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   54.335443][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   54.344499][   T39] usb 1-1: config 0 descriptor??
[   54.450412][  T875] usb 5-1: Using ep0 maxpacket: 32
[   54.570498][  T875] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[   54.578904][  T875] usb 5-1: config 0 has no interface number 0
[   54.587592][  T875] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[   54.590755][  T895] kvm [894]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc2 data 0x9d00
[   54.606862][  T895] kvm [894]: vcpu0, guest rIP: 0x9114 disabled perfctr wrmsr: 0xc1 data 0x9d00
[   54.619685][  T895] APIC base relocation is unsupported by KVM
[   54.635652][   T39] usb 1-1: USB disconnect, device number 4
[   54.770568][  T875] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[   54.779967][  T875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.788038][  T875] usb 5-1: Product: syz
[   54.792282][  T875] usb 5-1: Manufacturer: syz
[   54.796902][  T875] usb 5-1: SerialNumber: syz
[   54.802478][  T875] usb 5-1: config 0 descriptor??
[   54.820530][  T906] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   54.859327][   T20] usb 2-1: USB disconnect, device number 5
[   54.997066][   T30] kauditd_printk_skb: 5 callbacks suppressed
[   54.997081][   T30] audit: type=1400 audit(2000000021.820:246): avc:  denied  { remount } for  pid=932 comm="syz.2.192" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   55.083019][  T935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.189'.
[   55.173490][  T906] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   55.864562][   T30] audit: type=1400 audit(2000000022.690:247): avc:  denied  { ioctl } for  pid=953 comm="syz.3.200" path="/dev/fuse" dev="devtmpfs" ino=91 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   56.084362][  T961] overlayfs: failed to clone upperpath
[   56.384233][  T969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.205'.
[   56.438722][  T966] loop0: detected capacity change from 0 to 256
[   56.498991][   T30] audit: type=1400 audit(2000000023.320:248): avc:  denied  { write } for  pid=970 comm="syz.2.206" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   56.522129][   T30] audit: type=1400 audit(2000000023.320:249): avc:  denied  { open } for  pid=970 comm="syz.2.206" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   56.567344][   T30] audit: type=1400 audit(2000000023.390:250): avc:  denied  { ioctl } for  pid=970 comm="syz.2.206" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x3313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   56.796887][  T975] fuse: Bad value for 'fd'
[   56.802281][  T975] overlayfs: failed to clone lowerpath
[   56.861117][  T981] kvm: pic: non byte write
[   57.000488][  T875] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   57.010905][  T875] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   57.021395][  T875] asix: probe of 5-1:0.188 failed with error -71
[   57.028960][  T875] usb 5-1: USB disconnect, device number 3
[   57.172774][ T1001] loop0: detected capacity change from 0 to 16
[   57.197213][ T1001] erofs: dax options not supported
[   57.218174][  T997] kvm [996]: vcpu0, guest rIP: 0x1b8 disabled perfctr wrmsr: 0xc1 data 0x0
[   57.226932][  T997] kvm [996]: vcpu0, guest rIP: 0x1b8 disabled perfctr wrmsr: 0xc2 data 0x0
[   57.238271][  T997] kvm [996]: vcpu0, guest rIP: 0x18e ignored wrmsr: 0x11e data 0xffb800000000
[   57.247435][  T997] kvm [996]: vcpu0, guest rIP: 0x1b8 ignored wrmsr: 0x11e data 0xbe702111
[   57.259662][  T997] kvm [996]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0xfff000000000
[   57.280470][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   59.187454][   T30] audit: type=1400 audit(2000000025.990:251): avc:  denied  { create } for  pid=1014 comm="syz.1.224" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   59.454927][   T30] audit: type=1400 audit(2000000026.000:252): avc:  denied  { mounton } for  pid=1014 comm="syz.1.224" path="/40/file0" dev="tmpfs" ino=237 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   59.788025][   T30] audit: type=1400 audit(2000000026.310:253): avc:  denied  { read append } for  pid=1024 comm="syz.1.228" name="rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   59.814081][   T30] audit: type=1400 audit(2000000026.310:254): avc:  denied  { open } for  pid=1024 comm="syz.1.228" path="/dev/rtc0" dev="devtmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   59.841157][   T30] audit: type=1400 audit(2000000026.310:255): avc:  denied  { ioctl } for  pid=1024 comm="syz.1.228" path="/dev/rtc0" dev="devtmpfs" ino=259 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   59.976581][ T1053] device syzkaller0 entered promiscuous mode
[   60.310444][  T875] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   60.659148][   T30] kauditd_printk_skb: 1 callbacks suppressed
[   60.659164][   T30] audit: type=1400 audit(2000000027.480:257): avc:  denied  { map } for  pid=1062 comm="syz.4.240" path="socket:[19457]" dev="sockfs" ino=19457 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   61.084338][   T30] audit: type=1400 audit(2000000027.480:258): avc:  denied  { read accept } for  pid=1062 comm="syz.4.240" path="socket:[19457]" dev="sockfs" ino=19457 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   61.120430][   T30] audit: type=1400 audit(2000000027.590:259): avc:  denied  { write } for  pid=1071 comm="syz.3.244" name="file0" dev="tmpfs" ino=369 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.146369][   T30] audit: type=1400 audit(2000000027.590:260): avc:  denied  { open } for  pid=1071 comm="syz.3.244" path="/64/file0" dev="tmpfs" ino=369 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.169894][   T30] audit: type=1400 audit(2000000027.590:261): avc:  denied  { ioctl } for  pid=1071 comm="syz.3.244" path="/64/file0" dev="tmpfs" ino=369 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.194156][  T875] usb 2-1: Using ep0 maxpacket: 16
[   61.258481][ T1090] loop2: detected capacity change from 0 to 128
[   61.382455][ T1090] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   61.396247][ T1090] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   61.640475][  T875] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.660378][  T875] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[   61.680324][  T875] usb 2-1: config 0 interface 0 has no altsetting 0
[   61.687369][  T875] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[   61.701338][ T1099] kvm: pic: non byte read
[   61.705880][ T1099] kvm: pic: non byte read
[   61.706935][  T875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.712703][ T1099] kvm: pic: non byte read
[   61.723418][ T1099] kvm: pic: non byte read
[   61.727950][ T1099] kvm: pic: non byte read
[   61.731216][  T875] usb 2-1: config 0 descriptor??
[   61.733768][ T1099] kvm: pic: non byte read
[   61.741764][ T1099] kvm: pic: non byte read
[   61.746301][ T1099] kvm: pic: non byte read
[   61.751091][ T1099] kvm: pic: non byte read
[   61.755579][ T1099] kvm: pic: non byte read
[   61.942079][   T10] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   62.069994][  T379] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   62.177219][ T1110] xt_ecn: cannot match TCP bits for non-tcp packets
[   62.188696][   T30] audit: type=1400 audit(2000000029.000:262): avc:  denied  { accept } for  pid=1103 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[   62.353578][  T875] hid-generic 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[   62.500444][  T306] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   62.510182][  T402] usb 2-1: USB disconnect, device number 6
[   62.784023][  T379] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   62.794640][  T379] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   62.890616][  T379] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   62.903490][  T379] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   62.911801][  T379] usb 1-1: SerialNumber: syz
[   63.050467][  T306] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   63.059949][  T306] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.072689][  T306] usb 3-1: config 0 descriptor??
[   63.088065][ T1131] loop1: detected capacity change from 0 to 1024
[   63.114206][ T1131] EXT4-fs (loop1): Ignoring removed bh option
[   63.133242][ T1131] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,dioread_lock,jqfmt=vfsv1,abort,debug_want_extra_isize=0x0000000000000008,lazytime,errors=remount-ro,stripe=0x0000000000000005,bh,init_itable,. Quota mode: none.
[   63.165657][ T1131] EXT4-fs error (device loop1): ext4_remount:6051: comm syz.1.264: Abort forced by user
[   63.175761][ T1131] EXT4-fs (loop1): Remounting filesystem read-only
[   63.182931][ T1131] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: none.
[   63.241315][  T379] usb 1-1: USB disconnect, device number 5
[   63.750439][   T30] audit: type=1400 audit(2000000030.560:263): avc:  denied  { remount } for  pid=1150 comm="syz.3.270" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   63.934835][ T1165] xt_ecn: cannot match TCP bits for non-tcp packets
[   64.228548][ T1172] binder: 1171:1172 ioctl c0306201 0 returned -14
[   64.477492][   T30] audit: type=1326 audit(2000000031.300:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1189 comm="syz.4.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0db68a2799 code=0x7ffc0000
[   64.506326][   T30] audit: type=1326 audit(2000000031.300:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1189 comm="syz.4.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f0db68a2799 code=0x7ffc0000
[   64.530147][   T30] audit: type=1326 audit(2000000031.310:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1189 comm="syz.4.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0db68a2799 code=0x7ffc0000
[   64.770401][   T39] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   64.890462][  T379] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   65.039039][   T60] usb 3-1: USB disconnect, device number 5
[   65.080578][   T39] usb 5-1: Using ep0 maxpacket: 8
[   65.320449][  T379] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.330888][  T379] usb 1-1: config 0 has no interfaces?
[   65.336550][  T379] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   65.345837][  T379] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.355769][  T379] usb 1-1: config 0 descriptor??
[   65.417129][   T39] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[   65.426512][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.434976][   T39] usb 5-1: Product: syz
[   65.439217][   T39] usb 5-1: Manufacturer: syz
[   65.440627][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   65.444389][   T39] usb 5-1: SerialNumber: syz
[   65.456931][   T39] usb 5-1: config 0 descriptor??
[   65.529379][ T1211] loop2: detected capacity change from 0 to 256
[   65.831009][ T1194] kvm [1193]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0xffffffbe000068d0
[   65.848243][ T1194] kvm [1193]: vcpu0, guest rIP: 0x18e vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0xffffff6b000030c1, nop
[   65.862539][ T1194] kvm [1193]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x187 data 0xffffff330000f1ba
[   65.875406][ T1194] kvm [1193]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0xffcd00002104
[   66.897688][ T1238] loop2: detected capacity change from 0 to 4096
[   66.926084][  T306] usb 5-1: USB disconnect, device number 4
[   66.947060][ T1242] ==================================================================
[   66.955272][ T1242] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   66.964523][ T1242] Read of size 1 at addr ffff88811decd3f8 by task syz.3.304/1242
[   66.972267][ T1242] 
[   66.974612][ T1242] CPU: 0 PID: 1242 Comm: syz.3.304 Not tainted syzkaller #0
[   66.981915][ T1242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   66.992024][ T1242] Call Trace:
[   66.995327][ T1242]  <TASK>
[   66.998294][ T1242]  __dump_stack+0x21/0x30
[   67.002662][ T1242]  dump_stack_lvl+0x110/0x170
[   67.007374][ T1242]  ? show_regs_print_info+0x20/0x20
[   67.012608][ T1242]  ? load_image+0x3e0/0x3e0
[   67.017140][ T1242]  ? unwind_get_return_address+0x4d/0x90
[   67.022811][ T1242]  print_address_description+0x7f/0x2c0
[   67.028395][ T1242]  ? xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   67.034933][ T1242]  kasan_report+0xf1/0x140
[   67.039382][ T1242]  ? xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   67.045921][ T1242]  __asan_report_load1_noabort+0x14/0x20
[   67.051587][ T1242]  xfrm_policy_inexact_list_reinsert+0x606/0x6c0
[   67.058040][ T1242]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   67.064223][ T1242]  ? xfrm_netlink_rcv+0x72/0x90
[   67.069106][ T1242]  ? netlink_unicast+0x876/0xa40
[   67.074072][ T1242]  ? ____sys_sendmsg+0x5b7/0x8f0
[   67.079037][ T1242]  ? x64_sys_call+0x4b/0x9a0
[   67.083654][ T1242]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.089755][ T1242]  xfrm_policy_inexact_alloc_chain+0x53d/0xb30
[   67.095943][ T1242]  xfrm_policy_inexact_insert+0x70/0x1130
[   67.101693][ T1242]  ? __kasan_check_write+0x14/0x20
[   67.106836][ T1242]  ? _raw_spin_lock_bh+0x94/0xf0
[   67.111800][ T1242]  ? policy_hash_bysel+0x13f/0x6f0
[   67.116943][ T1242]  xfrm_policy_insert+0x126/0x9a0
[   67.122111][ T1242]  ? xfrm_policy_construct+0x54f/0x1f00
[   67.127697][ T1242]  xfrm_add_policy+0x4ed/0x850
[   67.132517][ T1242]  ? xfrm_dump_sa_done+0xc0/0xc0
[   67.137496][ T1242]  xfrm_user_rcv_msg+0x4dc/0x7b0
[   67.142483][ T1242]  ? xfrm_netlink_rcv+0x90/0x90
[   67.147384][ T1242]  ? avc_has_perm_noaudit+0x490/0x490
[   67.152794][ T1242]  ? x64_sys_call+0x4b/0x9a0
[   67.157415][ T1242]  ? selinux_nlmsg_lookup+0x237/0x4c0
[   67.162851][ T1242]  netlink_rcv_skb+0x1f5/0x440
[   67.167646][ T1242]  ? xfrm_netlink_rcv+0x90/0x90
[   67.172529][ T1242]  ? netlink_ack+0xb50/0xb50
[   67.173456][   T30] audit: type=1400 audit(2000000033.770:267): avc:  denied  { setopt } for  pid=1240 comm="syz.3.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   67.177165][ T1242]  ? wait_for_completion_killable_timeout+0x10/0x10
[   67.177198][ T1242]  ? __netlink_lookup+0x387/0x3b0
[   67.208004][ T1242]  xfrm_netlink_rcv+0x72/0x90
[   67.212694][ T1242]  netlink_unicast+0x876/0xa40
[   67.217464][ T1242]  netlink_sendmsg+0x879/0xb80
[   67.222242][ T1242]  ? netlink_getsockopt+0x530/0x530
[   67.227448][ T1242]  ? do_futex+0xde8/0x2800
[   67.231890][ T1242]  ? security_socket_sendmsg+0x82/0xa0
[   67.237379][ T1242]  ? netlink_getsockopt+0x530/0x530
[   67.242585][ T1242]  ____sys_sendmsg+0x5b7/0x8f0
[   67.247358][ T1242]  ? __sys_sendmsg_sock+0x40/0x40
[   67.252414][ T1242]  ? import_iovec+0x7c/0xb0
[   67.256929][ T1242]  ___sys_sendmsg+0x236/0x2e0
[   67.261621][ T1242]  ? __sys_sendmsg+0x280/0x280
[   67.266401][ T1242]  ? __fdget+0x1a1/0x230
[   67.270684][ T1242]  __x64_sys_sendmsg+0x206/0x2f0
[   67.275633][ T1242]  ? ___sys_sendmsg+0x2e0/0x2e0
[   67.280498][ T1242]  ? __kasan_check_write+0x14/0x20
[   67.285651][ T1242]  ? switch_fpu_return+0x15d/0x2c0
[   67.290777][ T1242]  x64_sys_call+0x4b/0x9a0
[   67.295216][ T1242]  do_syscall_64+0x4c/0xa0
[   67.299643][ T1242]  ? clear_bhb_loop+0x50/0xa0
[   67.304323][ T1242]  ? clear_bhb_loop+0x50/0xa0
[   67.309124][ T1242]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.315054][ T1242] RIP: 0033:0x7f1fee469799
[   67.319495][ T1242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   67.339112][ T1242] RSP: 002b:00007f1fecec4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   67.347552][ T1242] RAX: ffffffffffffffda RBX: 00007f1fee6e2fa0 RCX: 00007f1fee469799
[   67.355534][ T1242] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006
[   67.363538][ T1242] RBP: 00007f1fee4ffc99 R08: 0000000000000000 R09: 0000000000000000
[   67.371522][ T1242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   67.379522][ T1242] R13: 00007f1fee6e3038 R14: 00007f1fee6e2fa0 R15: 00007ffe5ca74d78
[   67.387506][ T1242]  </TASK>
[   67.390538][ T1242] 
[   67.392860][ T1242] Allocated by task 1242:
[   67.397185][ T1242]  __kasan_kmalloc+0xda/0x110
[   67.401885][ T1242]  __kmalloc+0x13d/0x2c0
[   67.406137][ T1242]  sk_prot_alloc+0xed/0x320
[   67.410675][ T1242]  sk_alloc+0x38/0x430
[   67.414760][ T1242]  pfkey_create+0x12a/0x660
[   67.419282][ T1242]  __sock_create+0x38d/0x7a0
[   67.423882][ T1242]  __sys_socket+0xec/0x190
[   67.428326][ T1242]  __x64_sys_socket+0x7a/0x90
[   67.433017][ T1242]  x64_sys_call+0x8c5/0x9a0
[   67.437531][ T1242]  do_syscall_64+0x4c/0xa0
[   67.441966][ T1242]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.447877][ T1242] 
[   67.450217][ T1242] The buggy address belongs to the object at ffff88811decd000
[   67.450217][ T1242]  which belongs to the cache kmalloc-1k of size 1024
[   67.464307][ T1242] The buggy address is located 1016 bytes inside of
[   67.464307][ T1242]  1024-byte region [ffff88811decd000, ffff88811decd400)
[   67.477760][ T1242] The buggy address belongs to the page:
[   67.483396][ T1242] page:ffffea000477b200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11dec8
[   67.493640][ T1242] head:ffffea000477b200 order:3 compound_mapcount:0 compound_pincount:0
[   67.501987][ T1242] flags: 0x4000000000010200(slab|head|zone=1)
[   67.508079][ T1242] raw: 4000000000010200 ffffea000473dc00 0000000200000002 ffff888100043080
[   67.516664][ T1242] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   67.525250][ T1242] page dumped because: kasan: bad access detected
[   67.531657][ T1242] page_owner tracks the page as allocated
[   67.537388][ T1242] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 139, ts 17477034223, free_ts 17112723114
[   67.556433][ T1242]  post_alloc_hook+0x192/0x1b0
[   67.561229][ T1242]  prep_new_page+0x1c/0x110
[   67.565758][ T1242]  get_page_from_freelist+0x2d3a/0x2dc0
[   67.571315][ T1242]  __alloc_pages+0x1a2/0x460
[   67.575914][ T1242]  new_slab+0xa1/0x4d0
[   67.580022][ T1242]  ___slab_alloc+0x381/0x810
[   67.584649][ T1242]  __slab_alloc+0x49/0x90
[   67.589008][ T1242]  __kmalloc_track_caller+0x169/0x2c0
[   67.594405][ T1242]  __alloc_skb+0x21a/0x740
[   67.598832][ T1242]  alloc_skb_with_frags+0xa8/0x620
[   67.603962][ T1242]  sock_alloc_send_pskb+0x87f/0x9a0
[   67.609167][ T1242]  unix_dgram_sendmsg+0x5f7/0x1890
[   67.614289][ T1242]  unix_seqpacket_sendmsg+0x118/0x1e0
[   67.619662][ T1242]  sock_write_iter+0x2a6/0x3a0
[   67.624428][ T1242]  do_iter_readv_writev+0x478/0x5f0
[   67.629629][ T1242]  do_iter_write+0x1fa/0x7b0
[   67.634249][ T1242] page last free stack trace:
[   67.638916][ T1242]  free_unref_page_prepare+0x542/0x550
[   67.644380][ T1242]  free_unref_page+0xae/0x540
[   67.649064][ T1242]  __free_pages+0x6c/0x100
[   67.653481][ T1242]  free_nonslab_page+0x86/0xc0
[   67.658257][ T1242]  kfree+0x19a/0x270
[   67.662247][ T1242]  skb_release_data+0x814/0xa10
[   67.667116][ T1242]  consume_skb+0xab/0x1f0
[   67.671447][ T1242]  skb_free_datagram+0x28/0xe0
[   67.676240][ T1242]  netlink_recvmsg+0x5c6/0xe10
[   67.681036][ T1242]  ____sys_recvmsg+0x2cd/0x5e0
[   67.685801][ T1242]  ___sys_recvmsg+0x21a/0x5c0
[   67.690477][ T1242]  __x64_sys_recvmsg+0x203/0x2f0
[   67.695467][ T1242]  x64_sys_call+0x705/0x9a0
[   67.699988][ T1242]  do_syscall_64+0x4c/0xa0
[   67.704412][ T1242]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   67.710327][ T1242] 
[   67.712667][ T1242] Memory state around the buggy address:
[   67.718303][ T1242]  ffff88811decd280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   67.726367][ T1242]  ffff88811decd300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   67.734427][ T1242] >ffff88811decd380: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[   67.742487][ T1242]                                                                 ^
[   67.750468][ T1242]  ffff88811decd400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   67.758533][ T1242]  ffff88811decd480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   67.766590][ T1242] ==================================================================
[   67.774653][ T1242] Disabling lock debugging due to kernel taint
[   67.789866][ T1238] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[   67.806347][ T1238] EXT4-fs (loop2): Test dummy encryption mode enabled
[   67.813469][   T30] audit: type=1400 audit(2000000034.610:268): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   67.851975][ T1238] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,noquota,inode_readahead_blks=0x0000000000000000,auto_da_alloc=0x0000000000000001,minixdf,debug_want_extra_isize=0x0000000000000008,auto_da_alloc=0x000000000000000d,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[   67.872238][   T30] audit: type=1400 audit(2000000034.610:269): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.919274][ T1238] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   67.927774][   T30] audit: type=1400 audit(2000000034.610:270): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.949545][   T30] audit: type=1400 audit(2000000034.610:271): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.970137][   T30] audit: type=1400 audit(2000000034.610:272): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   67.991397][   T30] audit: type=1400 audit(2000000034.610:273): avc:  denied  { append open } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.014482][   T30] audit: type=1400 audit(2000000034.610:274): avc:  denied  { getattr } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.037260][   T30] audit: type=1400 audit(2000000034.740:275): avc:  denied  { create } for  pid=1237 comm="syz.2.303" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   68.057350][   T30] audit: type=1400 audit(2000000034.760:276): avc:  denied  { mounton } for  pid=1237 comm="syz.2.303" path="/52/bus/file0" dev="loop2" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   68.080685][  T306] usb 1-1: USB disconnect, device number 6