last executing test programs:

46.797435598s ago: executing program 3 (id=1095):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@ipv4_deladdr={0x28, 0x15, 0x100, 0x70bd27, 0x25dfdbfe, {0x2, 0x8, 0x21, 0xff, r1}, [@IFA_BROADCAST={0x8, 0x4, @remote}, @IFA_BROADCAST={0x8, 0x4, @private=0xa010101}]}, 0x28}, 0x1, 0x600, 0x0, 0x8014}, 0x40041)

46.796649413s ago: executing program 3 (id=1097):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000080)={0x28, 0x0, 0x2710, @local}, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$SIOCX25SSUBSCRIP(0xffffffffffffffff, 0x89e1, &(0x7f0000000280)={'\x00', 0x0, 0x2})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000456000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

45.836460785s ago: executing program 3 (id=1119):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2080, 0x0)
close(r0)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000001, 0x5d031, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYRES16=r1, @ANYRESHEX=r0, @ANYRES8=r3, @ANYRESHEX=r0], 0x70}, 0x1, 0x0, 0x0, 0x40010}, 0x20008000)
r4 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000340)={<r5=>r4})
r6 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r6, 0x1, 0x25, &(0x7f00000002c0), 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r5, 0x89f8, &(0x7f0000000300)={'ip_vti0\x00', &(0x7f00000008c0)={'ip_vti0\x00', <r7=>0x0, 0x20, 0x7, 0x40, 0xfc, {{0x5, 0x4, 0x2, 0x9, 0x14, 0x68, 0x0, 0x0, 0x2f, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})
connect$can_j1939(r5, &(0x7f0000000a80)={0x1d, r7, 0x0, {0x0, 0xf0}, 0xfe}, 0x18)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000600), 0x8000, 0x0)
ioctl$XFS_IOC_SWAPEXT(r4, 0xc0c0586d, &(0x7f0000000980)={0x0, r9, r3, 0x5, 0x1, '\x00', {0x80000001, 0xddc, 0xad, 0x7, 0x21c9, 0xff, 0xfffffffa, 0x3ff, {0x5, 0x6}, {0xc, 0x7}, {0x361a1908, 0xe302}, 0x0, 0xffffffe1, 0x3, 0x4912, 0x8, 0x2, 0x3, 0x2, 0x800, 0x4, '\x00', 0x3, 0x6, 0x0, 0x1}})
getsockopt$SO_TIMESTAMP(r2, 0x1, 0x1d, &(0x7f0000000280), &(0x7f0000000740)=0x4)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYRES16=r8, @ANYRES32=r8, @ANYBLOB="0000000000000000b705000000000000850000006d00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x9d8fdb1940e452f4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r11, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r12 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r12, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
r13 = syz_clone(0x20000000, &(0x7f00000003c0)="48595400120b63534f0336c38f498c84c97199bd24f23c9c3c903d0f6c61e778604cf24ba283a5ffefd9935729fd1027304269a624086a19d5be3c0788cccd4b267c796400210b0462c896de5d68cb3f64ef60ba2d01b3916af595383a713f990e4d84069151ae7663923c6645be603726d4f526fccdfff182f4d642abd7d481d7fd8e190f6f7b13b0af7d59d297e29d18fdfe7086d191734143cc27db030446e365b3cd359a8e550d679a11970bffa323696d", 0xb3, &(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)="fc449293ed3bc9e5ea07b7dbf8cb4c0c129d6213fb3e5009cb2b6669e679c3fc7c1015745a89a58808e986e49569a994de007794f8856b5b87095cb7e5a7f0a1cc7e636e344a15fab844f340c4b58f7afcb4583c0cf3a55ab36291caf84e3dd76774866df9b74de13bfa2eb17a9d0a1d1687306a")
syz_open_procfs(r13, &(0x7f00000005c0)='gid_map\x00')
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8001c00180081064e810cf782db44fd5617ec403ce69b0d", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e3, &(0x7f0000000180)={r4, r14})
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)

45.757092403s ago: executing program 3 (id=1121):
syz_emit_ethernet(0x46, &(0x7f0000000400)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0xc, 0x38, 0x80, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x6, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x67, 0x0, 0x0, 0x89, 0x0, @loopback, @multicast2}, "00186371ae9b1c03"}}}}}, 0x0)
setsockopt$MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f00000000c0)={{0xa, 0x4e20, 0x8, @private1, 0x73ee}, {0xa, 0x4e21, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8}, 0x1, {[0x8, 0x1, 0xffa, 0x4, 0x4, 0x0, 0xc, 0x3]}}, 0x5c)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x208004, 0x21fffc, 0xc, 0x0, 0x2, 0xfffffffe})
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
r2 = open(&(0x7f0000000200)='.\x00', 0x301f00, 0x393)
renameat2(r2, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', r2, &(0x7f00000002c0)='./file0\x00', 0x2)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r3)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000280)={0x0, 0x0, @pic={0x3, 0x7, 0xe1, 0x81, 0x9, 0xd9, 0x40, 0x0, 0xfb, 0x1e, 0xc, 0x0, 0x1, 0x40, 0x1, 0x5}})
mount(0x0, &(0x7f00000010c0)='.\x00', &(0x7f0000000140)='ext4\x00', 0x10010c2, 0x0)
r6 = syz_clone(0x400011, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_open_procfs(r6, &(0x7f0000000300)='personality\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180), 0x13f, 0x2}}, 0x20)
pread64(r7, &(0x7f0000000500)=""/19, 0x13, 0x6677)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x48}, [@ldst={0x6, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

45.606322511s ago: executing program 3 (id=1124):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000004c0), 0x80200, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r1, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x0, 0x0, r2, 0x1})
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), r0) (async)
unshare(0x8000000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x1801)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0xa0000001}) (async)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x2004})
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000100)=0x200000) (async)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', r4, 0x0, 0x41) (async)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) (async, rerun: 64)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x4e23, 0x4, @loopback}, 0x1c) (async, rerun: 64)
sendto$inet6(r7, &(0x7f00000003c0)='\x00', 0x1, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x20, @loopback, 0x1}, 0x1c) (async, rerun: 64)
sendmmsg$sock(r7, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000640)="89", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000000)="c9", 0x1}], 0x1}}], 0x2, 0x0) (async, rerun: 64)
shutdown(r7, 0x1) (async)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil) (async)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xc801) (async)
r9 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r10 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x1ff, 0x101940)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r10, 0xc1105511, &(0x7f0000000280)={{0x16, 0x0, 0x3, 0x8, 'syz0\x00', 0x4002}, 0x0, 0x4, 0xffffffb8, 0x0, 0x0, 0x3, 'syz1\x00', 0x0}) (async)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r9) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000880)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) (async, rerun: 32)
setsockopt$WPAN_SECURITY_LEVEL(r8, 0x0, 0x2, &(0x7f0000000040)=0x6, 0x4) (async, rerun: 32)
getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000040)=0x1c)
rt_sigqueueinfo(0x0, 0x3c, &(0x7f0000000000)={0x30, 0x6, 0xfb2})
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010328bd700000000000340000000800030001000000cc50b3abec1a7a2ac4d739f8ff71b1cb2a278d282e11705300f5a35c8f1ca0d93dea714213c0256e52bf6b1080eab6adddfd5e661c1219b6b6a1b195422688a1dc11597a6a3154f1ab3d117a141177912a59ca5a238fc3178383b316a0bbb6faefa0c88e29c3539574b7ec257c75895d019eea5195b0f879367213f7a7a15e513d4dc1d64727dae9a359ccecdb71e905a16dc0d20fa52837d5c4a184c386ce022dca0d005a85e5aa2f389d245c5e298149f87360d725c0"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

45.36600113s ago: executing program 3 (id=1131):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)=@ax25={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x80, 0x0}, 0x3404bf60)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b32, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x100, 0x0, 0x25dfdbfb, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x2000000000000, 0x9, 0xfffffffffffffffd, 0x50}, {0x5, 0x0, 0x9}, 0x6, 0x40000000, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x48805)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e00"], 0xb8}}, 0x20004000)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="b80000001300e9990500000000000000fc000000000000000000000000000000fc00000000000000000000000000000000000000000000000a0030"], 0xb8}, 0x1, 0x3000000}, 0x4000)

45.225113453s ago: executing program 32 (id=1131):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)=@ax25={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}, 0x80, 0x0}, 0x3404bf60)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b32, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060", @ANYRESOCT], 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x100, 0x0, 0x25dfdbfb, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x80, 0x3b, 0x0, 0xee01}, {0x0, 0x4, 0x0, 0x2000000000000, 0x9, 0xfffffffffffffffd, 0x50}, {0x5, 0x0, 0x9}, 0x6, 0x40000000, 0x0, 0x1, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x48805)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e00"], 0xb8}}, 0x20004000)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="b80000001300e9990500000000000000fc000000000000000000000000000000fc00000000000000000000000000000000000000000000000a0030"], 0xb8}, 0x1, 0x3000000}, 0x4000)

20.486581683s ago: executing program 4 (id=1596):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x13a0, 0x1170, 0xc8, 0x8, 0x0, 0x5803, 0x12d0, 0x2e8, 0x2e8, 0x12d0, 0x2e8, 0x3, 0x0, {[{{@ipv6={@private0, @loopback, [0xffffff00, 0xffffffff, 0x80, 0xffffff00], [0xffffffff, 0x0, 0xffffff00, 0xff0000ff], 'lo\x00', 'vlan0\x00', {}, {0xff}, 0x3a, 0x7, 0x0, 0x20}, 0x0, 0x1108, 0x1170, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x1, './cgroup/syz0\x00', 0x4f6, {0xd}}}, @common=@frag={{0x30}, {[0x6, 0x3], 0x3, 0x2, 0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x17, 0x3, 0x10, 0xc0000000, 'pptp\x00', 'syz0\x00', {0xe6}}}}, {{@ipv6={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00', [0xff, 0xffffff00, 0xff000000, 0xff], [0xff, 0x0, 0xffffff00], 'wg0\x00', 'nicvf0\x00', {0xff}, {}, 0x0, 0xc0, 0x0, 0x14}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x4, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00', {0x4}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1400)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000300)={0x90, r3, 0x405, 0x70fd27, 0x25dfdbff, {}, [{{0x8, 0x1, r4}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x4000401}, 0x880) (async)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00'}) (async)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='source', &(0x7f0000000180)='b:::\x00\xef\xdfB\xfa=\xe3\xd1\x9d\xe1\xbfUlJ4]y-,\x8a\x03\x91xu\x9cP\xdc\xe5\x95\xa2@\x9c\x98\xa4\xd2\xd4}\xc8]7N\xf3\x0e\'\xa0x\xfbdt\xb4\x1fW\xe7\xbe\xaf\x01.zT\xab\x92I\x104\x8c\x18\x16\x1c\x8a\x8e\xfd\x8b{ZVHZ2\xd3\xd6-~\x96\x80#\xee)+L\xf1\x00\xd5p\xe7 \x8c\xd2\a\x1e\xae\xb4\xe8\xd1\xe1\xed\xb8\x94\xb2*\x1c\xaeG\x1e\xdb\xc0Q\xb9`K\xffG\xc0\xa2\xb41\xac\x98\x01\xde}:\b\xa0Oq\xec\xa8\xf0\x8f\xe3\xa17\xe3\xd7\x9c^\x90\xfal\xbe\x81\x9a\xa4\x00K', 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f000000b1c0)={0x2020, 0x0, 0x0, <r9=>0x0, <r10=>0x0, <r11=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x3, {0x6, 0x0, 0xd04, 0xfffffffffffffffc, 0x0, 0x100000, {0x0, 0x8, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x4, 0x4, 0x4, 0x2000, 0x101, r9, r10, 0xf0ee, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
sched_setscheduler(r11, 0x1, &(0x7f0000000000)=0x1) (async)
quotactl_fd$Q_QUOTAON(r7, 0xffffffff80000202, 0xee00, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[], 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

20.387087373s ago: executing program 4 (id=1597):
close(0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

20.368217063s ago: executing program 4 (id=1598):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x0, 0x0)
ioctl$COMEDI_INSNLIST(r1, 0x8010640b, &(0x7f0000000000)={0x1, &(0x7f00001c67c0)=[{0xa000005, 0x0, 0xfffffffffffffffe, 0xfffffffb, 0x23}]})
r2 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
ioctl$DRM_IOCTL_AGP_UNBIND(r3, 0x40106437, &(0x7f0000000140)={0x0, 0x7})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x1, 0x3, 0x80000000}, {0x60, 0x8}, {0x0, 0x0, 0xd}, {0x2}, {0x6, 0x0, 0x0, 0x10000000}]})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @remote}}}], 0x20}}], 0x1, 0x40000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x10a)
write$P9_RVERSION(r5, &(0x7f0000000c40)=ANY=[], 0x13)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x8, 0x6, 0x1, 0x0, 0x7, 0x10, 0xffff}, 0x1c)

20.215559083s ago: executing program 4 (id=1601):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0c00098008000140000000020800084000000001140000001100010000"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a400000000c0a01010000000000f9ff000a0000090900020073797a31000000200900010073797a310000000014000380100000800c0001800600010058"], 0x68}, 0x1, 0x0, 0x0, 0x4004850}, 0x40)
close(0x3)

20.080369893s ago: executing program 4 (id=1603):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x43, 0x43}, 0x28)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0x6}, {0xfff1, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x0, 0x8, 0x4, 0x0, 0x3, 0x2, 0x1}}, {0x6, 0x2, [0x8]}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

20.07921774s ago: executing program 4 (id=1605):
r0 = userfaultfd(0x801) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000040)='FROZEN\x00', 0x7) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b0000000f000000cc0002000e00000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000002000000000000"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)='T', &(0x7f0000000240), 0x4af, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f00000000c0), &(0x7f0000000680), 0x2, r3}, 0x38) (async, rerun: 32)
r4 = openat$cgroup_procs(r1, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0) (rerun: 32)
write$cgroup_pid(r4, &(0x7f0000000300), 0x12) (async)
write$cgroup_freezer_state(r2, &(0x7f0000000080)='THAWED\x00', 0x7) (async)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000aab000/0x4000)=nil, 0x4000, 0x3000005, 0x13, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x524}) (async)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) (async)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000) (async)
statx(r6, &(0x7f0000000740)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5100, 0x10, &(0x7f0000000980)) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0) (async, rerun: 64)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0) (rerun: 64)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000240)={0x0, 0x1000000}) (async)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000d77000/0x12000)=nil, 0x12000}}) (async)
move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) (async)
r8 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x98)
fcntl$setlease(r8, 0x400, 0x0) (async)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r9, &(0x7f00000024c0)=""/209, 0xd1, 0x8) (async)
open(&(0x7f0000000000)='./file0\x00', 0x9ac240, 0x59)

4.375532774s ago: executing program 33 (id=1605):
r0 = userfaultfd(0x801) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f0000000040)='FROZEN\x00', 0x7) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b0000000f000000cc0002000e00000005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000002000000000000"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)='T', &(0x7f0000000240), 0x4af, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, &(0x7f0000000540)=""/245, &(0x7f00000000c0), &(0x7f0000000680), 0x2, r3}, 0x38) (async, rerun: 32)
r4 = openat$cgroup_procs(r1, &(0x7f00000002c0)='tasks\x00', 0x2, 0x0) (rerun: 32)
write$cgroup_pid(r4, &(0x7f0000000300), 0x12) (async)
write$cgroup_freezer_state(r2, &(0x7f0000000080)='THAWED\x00', 0x7) (async)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000aab000/0x4000)=nil, 0x4000, 0x3000005, 0x13, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x524}) (async)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) (async)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) (async)
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000) (async)
statx(r6, &(0x7f0000000740)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x5100, 0x10, &(0x7f0000000980)) (async)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0) (async, rerun: 64)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0) (rerun: 64)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000240)={0x0, 0x1000000}) (async)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000d77000/0x12000)=nil, 0x12000}}) (async)
move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) (async)
r8 = open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x98)
fcntl$setlease(r8, 0x400, 0x0) (async)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r9, &(0x7f00000024c0)=""/209, 0xd1, 0x8) (async)
open(&(0x7f0000000000)='./file0\x00', 0x9ac240, 0x59)

1.526556883s ago: executing program 1 (id=1684):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x6, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x28, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x200408c1}, 0x4840)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0xffffffff9046dce8, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x3002a8d, 0x1)

965.750922ms ago: executing program 5 (id=1698):
r0 = syz_open_dev$media(&(0x7f0000000040), 0x2, 0x102)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000000)=[{}, {}], 0x0, 0x0, 0x0})
close(0xffffffffffffffff)

961.010792ms ago: executing program 5 (id=1700):
timer_create(0x0, &(0x7f00000004c0)={0x0, 0x5, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000500)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000540)={{0x77359400}}, &(0x7f0000000580)) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="2ec1bb80890566b9800000c00f326635008000000f30260fc7580c66b8009000000f23c80f21f86635040050000f23f866b8010000000f01d90fc76d00dcf20f20d86635200000000f22d8b80d008ec80f011f", 0x53}], 0x1, 0x4e, 0x0, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

896.785537ms ago: executing program 0 (id=1701):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x43, 0x43}, 0x28)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x58, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0x6}, {0xfff1, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x0, 0x8, 0x4, 0x0, 0x3, 0x2, 0x1}}, {0x6, 0x2, [0x8]}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

894.804208ms ago: executing program 0 (id=1702):
timer_create(0x3, 0x0, &(0x7f0000bbdffc))
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
write(r0, &(0x7f00000000c0)="9b63", 0x2)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000ffffffe8000000000003000000000000000000000000b15d415f4be8acb292adfa7716bf82ad9bb875adfd2718bf80ae8cdf84"], 0x48)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp1\x00'})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev, 0x0, 0x2, 'sed\x00'}, 0x2c)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000))
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000200), 0x20a00, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000480)=0x1)
ioctl$TCSETSF2(r1, 0x89f1, &(0x7f0000000000)={0x0, 0x4, 0x10008, 0x0, 0xf, "a533b6aaf9f659ff35036bf79d8b4c2a246305", 0xe7, 0x4b})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
preadv(r2, &(0x7f0000000580)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x45, 0x0)

765.650211ms ago: executing program 5 (id=1703):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

763.477531ms ago: executing program 5 (id=1704):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mount$afs(&(0x7f0000000000), &(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000600), 0x2048808, &(0x7f0000000900)={[{@flock_write}, {@flock_openafs}], [{@fowner_lt}, {@fowner_gt}, {@fowner_eq}, {@uid_lt}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@obj_role={'obj_role', 0x3d, 'flower\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x2}}, {@smackfstransmute}, {@context={'context', 0x3d, 'user_u'}}, {@appraise_type}]})

685.517893ms ago: executing program 5 (id=1705):
mount$fuse(0x0, 0x0, 0x0, 0x80, &(0x7f00000002c0)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1000000)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000080)="0f01390ff2f63e0fa10f01c966b80a00000066ba000000000f300f79d80f232d0f01c966b9024d564b0f32350280660f38dfec", 0xfffffe3d}], 0x1, 0x4, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$key(0xf, 0x3, 0x2)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$sock_int(r6, 0x1, 0x5, &(0x7f0000000040), &(0x7f00000000c0)=0x4)

685.162183ms ago: executing program 1 (id=1706):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000040)={0x48, 0x2, r1, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x14, r2, 0x0, r1})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000200), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, &(0x7f00000000c0)={0xc, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x6, r5, 0x0, &(0x7f00009ab000/0x2000)=nil, 0x2000, 0x80000000000002})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r6 = memfd_create(&(0x7f0000000500)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x1c\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\x83\x11\v}k+\xeb\xc3\xc0O\xae\xd2\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb901nEy\x82\x83\x80\xd3O\x00|hP\x00\x00\x00\x00\x00\x00\x00\x05\x86\xfe\xd9\xa5\xc6\nSy\xa3N\xba-]\'q\xc6\xfb\x02\x9a\xa9Z\xa8\x80Bx\xbd74\xcf\"\xa5\xea$\x95\xfd\x06T\xef\x89\xe4j\x06\xdc\x15\xe7\xc3\xb5H\xf7\xdc\xee\x182\xab\xe2?\"\xbewm\x9d\xd8x\xd92\xeeS/\xd2\xcd[\x9dcO1\xcb\x12lZ$\xa7\x9d\xf8b\xf6}\xc5``\xfe0\x8a\'v-\x99`?\x97\x8c\xdd\xd6\xfa\xa2\x06>\xf3\xe2uI\xe65C\xdb\x84\xe6eU\xe8RK\xd6=s\xcd\x9d\x1f#3\xc5\x16\xd0\xbbD\xc5\xde\xc8/\v\xa5W\xbep\x87\x15\x10\xcdm\xa7\x93\x01\x1c,9V8\xdc\xfd\xb7\xc0\xfc\x04\x00p\xad\x12\xb2\xbf\xfbFZ\x1a\f\x99\x05\xe4\x1eP\xed\x87\x89\xbeo\xfbv\xb6\x8a\xee\xf6Oc8\xaf\x11[\xc3\x98w-\xf0\xb2z\xc7\xaf;\x92\xad4\x1b\x92L\x97<\xbdh\x80\xf2\xc0\xd0n)K\xf2#Ncp\xe4\xb4\xfb\x94\x18\xc2-TWA\x13\xfe\xea\xad\v\xc4\xa5\x02\xf9\xed]\xf4\\\x01\xab\xdc\xb6\xcdP\x93\xf2\xc3\x96\xf2\xc0\xd6-x\xd5\xd6\xc7\x9d\xa5\x1f\xd2t\xd7\x8f}b\x9749\xd4a7\x18\xe0\x91KV7[\xb8\x8dL\xc8\xc8\x8f>sbE\xf5\xa7\xdb|\xb0m\x16c\x84\r\"\xf2\x92s\xeb\xaf\x1c\x00\xf4\x8dL\xa5\x10\x89FB\xfb8\xf9\x9d\xcbm\x1c\x91\xe9fd$5\xdc\xad\xec\xef\x90\xd9\xefX\xd2m\x9e\xec\x94w\xb3\xf9\xd9\x0eu-z\x81\xbb\xa6\xc0\x00\xa1\xd9\xcbI\xda\xa3\b\x9e@\xb8\xc8k\xdeQ/\xb8X\x9c\xff4Np~\xc4\xc1_\x1c#zX\a\xd41\x1c\x7fH\x91\xd9k\x05\x1f\n\b\b\x88\xd6\xcf4i\xa0B\xe7\x9c\x9c\xe6\xcax\xca\xa1E#6\xe9\xf31W\xd0\x1bY3/\x00I#\xfa\xb0\f\xd5!\x9fR[\x0e\xdb`\xdb\x82M\'k\x16(\xfa\xc2\xec\x96e\\Q\xe9\x19\xe1u\x86\xcb\xc3\xb0\xb8\x19\xb9l\x1fk!R\xb1P\x8b\xda\xffE\x89\x97\n\x17m\xd10\x1a\xe7Qz\xd8\bi\x8dRw+\xa1^N\xaf\x1b\x1dg\x8f$\xbe\x93\x8d\x8b\xfd\r\xee<\x84\x95\x82)TH\xcac9\x98\x13WW@;\xb4\xd5\x0f\xa1\xb3xX(\x80\xe8\x89\xed e.\xe04\xba\x9c=\xc6\x04\f\xbf\x06\xce5\xf99GD8@\xd2\r\xd0\xdf@\xe3\xbe\"qq#]\x86W\tA\xa7\x91\x85\xae\x9c\x8dO\xa6\xa3\xf9i\x83\xc5\xa8C\x164\xef\xa4\\\a\xaa%\x94!3k]\xd5\xbe\'U\xf17', 0x1)
r7 = dup(r6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x28}, 0x1, 0x0, 0x0, 0x2004c881}, 0x0)
write$binfmt_elf64(r7, &(0x7f0000000040)=ANY=[], 0x1de)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r4, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r8, 0x0, 0x1, 0x0, 0x200000, 0x0, 0x10857f})

684.529711ms ago: executing program 0 (id=1707):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x34, r1, 0x1, 0x70bd2d, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x926}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x34}, 0x1, 0x0, 0x0, 0x4000019}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xffb0}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff13}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x9}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

616.631348ms ago: executing program 1 (id=1708):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
process_mrelease(0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x5, &(0x7f0000000680)=0x522, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0x3, 0x9, 0x4a, 0x1000000000005, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a8, 0x23, 0xc39, 0x8, 0x8, 0xffff, 0x2, 0xa51, 0x8, 0x401, 0x800000000000003, 0x7, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffff7, 0x4, 0x0, 0x4, 0x5, 0x8, 0x80008000, 0x8000000000000000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x8, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x5, 0x4, 0x7, 0x406, 0x3, 0x6, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x8, 0x3, 0x4]}) (async)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0x3, 0x9, 0x4a, 0x1000000000005, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a8, 0x23, 0xc39, 0x8, 0x8, 0xffff, 0x2, 0xa51, 0x8, 0x401, 0x800000000000003, 0x7, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffff7, 0x4, 0x0, 0x4, 0x5, 0x8, 0x80008000, 0x8000000000000000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0x8000000000000000, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x8, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x5, 0x4, 0x7, 0x406, 0x3, 0x6, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x8, 0x3, 0x4]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00000071"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x93}, @exit], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0) (async)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000400)={0x1, 0x10000000}, 0x8)
r5 = dup3(r3, r2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) (async)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000) (async)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x10000000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x0, 0x13, r7, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) (async)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0xf}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x9, 0x1}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0xff3f, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x30, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x10000}]}}}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xd0}, 0x1, 0x0, 0x0, 0x4000850}, 0x4040)
close(0x3)
openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)

614.903561ms ago: executing program 0 (id=1709):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/stat\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x2301, 0x400000000000001})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death={0x400c6313}], 0x0, 0x1000000, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000140)="d2ffb49ede31518d65a476b76e4a4e0b75db47c327ab5b7233ac3507e16db41df04709094056af33a6db1e301a74db81f27f6aa6a8ca9d22a565ff96d46e88fa99b284c26c46494072fc2e47da240c71"})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r5, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4603240095028000000000000003003e"], 0x78)
close(r5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x40086315}], 0x0, 0x0, 0x0})
preadv(r0, &(0x7f0000001480)=[{&(0x7f0000000180)=""/72, 0x48}], 0x1, 0xd651, 0x72b)

525.862075ms ago: executing program 1 (id=1711):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
shutdown(r0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x20008000) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x20008000)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000041c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x0, 0x0, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x20, 0x0, 0x0, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xc0102, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb) (async)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
read$FUSE(r3, &(0x7f0000006200)={0x2020}, 0x2020)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @random="97c4864ef7a3", @void, {@ipv4={0x800, @generic={{0x9, 0x4, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x29, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0xc}, {[@ssrr={0x89, 0x7, 0xef, [@multicast1=0xe000006a]}, @cipso={0x86, 0x6}]}}}}}}, 0x0) (async)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @random="97c4864ef7a3", @void, {@ipv4={0x800, @generic={{0x9, 0x4, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x29, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0xc}, {[@ssrr={0x89, 0x7, 0xef, [@multicast1=0xe000006a]}, @cipso={0x86, 0x6}]}}}}}}, 0x0)

463.984812ms ago: executing program 0 (id=1713):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mount$afs(&(0x7f0000000000), &(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000600), 0x2048808, &(0x7f0000000900)={[{@flock_write}, {@flock_openafs}], [{@fowner_lt}, {@fowner_gt}, {@fowner_eq}, {@uid_lt}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@obj_role={'obj_role', 0x3d, 'flower\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x2}}, {@smackfstransmute}, {@context={'context', 0x3d, 'user_u'}}, {@appraise_type}]})

316.303215ms ago: executing program 0 (id=1715):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x6, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x28, 0x0, 0x1, 0x70bd25, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x200408c1}, 0x4840)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0xffffffff9046dce8, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x3002a8d, 0x1)

315.042671ms ago: executing program 1 (id=1716):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000006640)={&(0x7f00000065c0)=ANY=[@ANYBLOB="580000000102010100000000000000000a00000006000740000400003c0001802c00018014000300ff0100000000000000000000000000010d0004"], 0x58}}, 0x0)
r1 = syz_open_dev$I2C(&(0x7f00000002c0), 0x1, 0x0)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000001100)={&(0x7f0000001200)=[{0x0, 0x0, 0x0, 0x0}, {0x0, 0xf5ff, 0x1, &(0x7f0000004100)="b5"}], 0x2})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r2, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000088000000240000007f00000001"], 0x50)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r5, &(0x7f00000002c0)={0x0, 0xf0b, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000090000003c000380140002007663616e30000000000000000000000014000600ff0500000000000000000000000000010800010001000000080003"], 0x50}}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xca, r3, 0x18}, 0x38)
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xffff, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_MASK={0x8, 0x6, 0xa}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1d6c8}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/uevent_helper', 0x129a82, 0x0)
sendfile(r8, r8, 0x0, 0x8)
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004300)={&(0x7f0000004340)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000030000000e0000000000000b01000000006100673e40671dd76f834ec411ce7c10db024ab8daf8a3096b0d63ba0f5380e3676f0d8720484978be92ca55c7aa276472936e668eafe2778177726b6bcd64f01db38b16eb3477831b595f95b5aee363b365427c2d6fa9dd41a007c7731609c0bd7ed7b47f444f6cd2d05c07d30000000000000000"], &(0x7f0000004200)=""/248, 0x27, 0xf8, 0x1, 0xb, 0x10000}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000004140)=@bloom_filter={0x1e, 0x800, 0x8, 0x8, 0x8000, r3, 0x600, '\x00', r7, r8, 0x0, 0x2, 0x4, 0xd, @value=r9}, 0x50)
r10 = syz_open_procfs(0x0, &(0x7f0000002040)='net/tcp\x00')
read$FUSE(r10, &(0x7f0000000000)={0x2020}, 0x96)
close(r2)
socket$netlink(0x10, 0x3, 0x13)
read$FUSE(r10, &(0x7f0000002080)={0x2020}, 0x2020)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES8=r0, @ANYBLOB="92fe40df2a7d1e5f87140dc76b243b64d945139bb8686ae736c8487779698aae9802984c0103ced46aaaf8307409b9a26f8197bc8d66277ce07a2d30a3e92cba41f564aa4f", @ANYBLOB="2da004008d8b00002c0012800e000100c33e227a0a0000006e0000001800028505001600170000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)

314.602829ms ago: executing program 2 (id=1717):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="54010000100033060000000000000000ffffffff000000000000000000000000e000000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="040000000000000000000000000000000000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a002300000000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040007"], 0x154}}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001003, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r2, &(0x7f0000001700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000016c0)={&(0x7f0000000400)={0x12b4, 0x1, 0x5, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}, [{{0x254, 0x1, {{0x1, 0x6}, 0x8, 0x80, 0x7, 0xfffd, 0x10, 'syz1\x00', "4bcffa73024fb3a8e6d6195081f2b69c7a1b911f3dd5c829ab0d3dde99e6fbab", "ceabcbff6976651c2cd0f8a9b7dff14331dc1204908be5129534f7996b7fa2db", [{0x9, 0xabfd, {0x2, 0x8}}, {0x0, 0x6, {0x0, 0x429}}, {0x3, 0x47ed, {0x2, 0x75f29540}}, {0x101, 0x5, {0x1, 0xffffffff}}, {0x0, 0x2, {0x0, 0xa78}}, {0xeff8, 0x7, {0x3, 0x7ff}}, {0x1, 0x2, {0x2, 0xa}}, {0xbe3, 0xa, {0x2, 0x9ca}}, {0x3ff, 0x401, {0x3, 0x1}}, {0x3, 0x5, {0x0, 0x295}}, {0xb, 0x9, {0x3, 0x8}}, {0x344e, 0x8001, {0x0, 0x4}}, {0x9, 0x6, {0x1, 0x1}}, {0x3, 0x2, {0x1}}, {0x9, 0x2, {0x0, 0x5}}, {0x1, 0xe9, {0x2, 0x4}}, {0x4, 0xc, {0x0, 0x1}}, {0x0, 0xc, {0x2, 0x10000}}, {0xb, 0x4, {0x1, 0x1}}, {0x3f88, 0x6, {0x2, 0x3}}, {0x385, 0xf, {0x0, 0x7}}, {0x2, 0x9, {0x3, 0x2}}, {0x40, 0xeb, {0x3, 0x2}}, {0x2, 0x7, {0x3, 0x4}}, {0x401, 0xfffa, {0x2, 0x21b3}}, {0x9, 0x9, {0x0, 0x9}}, {0x3, 0x80, {0x2, 0xffffffff}}, {0x8dee, 0x400, {0x1, 0x3}}, {0xfb12, 0xf302, {0x3}}, {0x5, 0x1, {0x2, 0x2}}, {0x5f7, 0x627, {0x2, 0x8}}, {0x2, 0x9, {0x1, 0x4fe}}, {0x5, 0x4, {0x2, 0x8}}, {0xa, 0xb, {0x3, 0x9}}, {0x2, 0x9, {0x1, 0x80}}, {0x9, 0x3, {0x0, 0xf}}, {0xbeff, 0xe, {0x2, 0x4}}, {0x0, 0x2, {0x1, 0x9}}, {0x7, 0xf, {0x1, 0x9}}, {0xf, 0x2, {0x3, 0xbf4c}}]}}}, {{0x254, 0x1, {{0x1, 0xffff0000}, 0x6c, 0x6, 0x5, 0x0, 0x27, 'syz1\x00', "10fb076c743391312fa9619f4260504837c0897bda19dec218ea6e2421e02855", "a6c310fbe9a9900f217e4b37a7e26f074a236b4ff122e7e5a2178afe85fa83ea", [{0x8000, 0xb50, {0x0, 0xaf}}, {0x8, 0x10, {0x3, 0x1}}, {0x5, 0x1, {0x0, 0x8dbe}}, {0x0, 0x3, {0x2, 0x5}}, {0x0, 0xffff, {0x3, 0x2}}, {0x1000, 0x6, {0x0, 0x5}}, {0x40, 0xdbc, {0x1, 0x1}}, {0x4, 0x204, {0x1, 0xd}}, {0x5, 0xffff, {0x3, 0xa587136}}, {0x6, 0x3, {0x1}}, {0x2, 0x10, {0x0, 0x6}}, {0xeb1c, 0x9, {0x2, 0x6e8b}}, {0x1000, 0x7, {0x2, 0x400}}, {0x24, 0x5, {0x1, 0x7fffffff}}, {0x1ff, 0x6, {0x1, 0xfffffffd}}, {0x386e, 0x5, {0x3, 0x4}}, {0x1, 0x4, {0x1, 0x101}}, {0x4f, 0x1000, {0x3, 0xf}}, {0x8001, 0xfffd, {0x3, 0xff}}, {0xd, 0x100, {0x1, 0xfffffff7}}, {0x8, 0x8, {0x2, 0x6f}}, {0x80, 0x0, {0x2, 0x2}}, {0x1, 0x2, {0x0, 0x200}}, {0x45, 0x3, {0x0, 0x7f}}, {0x100, 0x8, {0x1, 0x91}}, {0x5, 0x5, {0x1, 0xf}}, {0x40, 0x10, {0x2, 0xffffffff}}, {0x4, 0x0, {0x2, 0x1a11}}, {0xe9f, 0x4455, {0x0, 0xbef0}}, {0x4, 0x9, {0x3, 0x7f}}, {0x9, 0x2, {0x1, 0x1}}, {0xe7, 0xa14, {0x1, 0x6e}}, {0x7, 0x3, {0x2, 0x2}}, {0x3, 0x2, {0x0, 0x8}}, {0x6, 0x0, {0x2, 0xe}}, {0x4, 0x5, {0x0, 0xfffffffc}}, {0x7fff, 0x2, {0x0, 0xfa62}}, {0x7f, 0x101, {0x2, 0x6}}, {0x5, 0x8001, {0x0, 0x9}}, {0x3, 0x1, {0x0, 0x2}}]}}}, {{0x254, 0x1, {{0x2, 0x4}, 0x0, 0xf, 0x9000, 0x81, 0x20, 'syz0\x00', "9857fcaea0a445e44d0f56c3b74489ac4fe7e6f7442fc95c78802ae481911308", "020034e61604eda6c210f66235692cd9f459bb9d86a480dfc88b20beabdb5a9c", [{0x8, 0x3, {0x1, 0x52c0}}, {0x4, 0x800, {0x3, 0x2}}, {0x2, 0x7ff, {0x3}}, {0xfff, 0x6, {0x1, 0xc5}}, {0x1, 0xb3e, {0x0, 0x3c09}}, {0x6, 0xe, {0x1, 0x1}}, {0xd6a0, 0x5, {0x3, 0x548b}}, {0x4, 0xf, {0x3, 0x5}}, {0x5, 0x4, {0x3, 0x800}}, {0x80, 0xb, {0x0, 0x7ff}}, {0x1, 0x2956, {0x3, 0x8001}}, {0x6, 0x9, {0x0, 0x3c}}, {0x3, 0x4, {0x0, 0x4}}, {0x9, 0x3, {0x2, 0x5}}, {0xab, 0x0, {0x3}}, {0x5, 0xfffe, {0x0, 0x7e}}, {0x5, 0xfffb, {0x1, 0x7}}, {0x1, 0x400, {0x0, 0x6}}, {0x3, 0x1a, {0x1, 0x5}}, {0x8, 0x400, {0x0, 0x6}}, {0x9, 0x8, {0x0, 0x9}}, {0x2, 0x3, {0x0, 0x2300}}, {0x7, 0x0, {0x1, 0x4}}, {0x1, 0x101, {0x1, 0x1}}, {0x3, 0x8, {0x0, 0x1}}, {0x5, 0x9, {0x3, 0x4}}, {0x4, 0x40, {0x3, 0x3}}, {0xd, 0x8, {0x2, 0x848f}}, {0x0, 0x40, {0x3, 0x2}}, {0x10, 0x6, {0x2, 0x6}}, {0x5, 0x3, {0x3, 0xff}}, {0xa0, 0x4, {0x1, 0x5}}, {0x3, 0x9, {0x0, 0x1000000}}, {0x9, 0x3, {0x0, 0x9e}}, {0x4, 0x4, {0x0, 0xfffffff8}}, {0x6, 0x8, {0x1, 0x1}}, {0x6f1b, 0x0, {0x2, 0x7}}, {0x10, 0x0, {0x0, 0x4a}}, {0x7399, 0x8, {0x1, 0x7}}, {0xd6, 0xfeed, {0x0, 0x2}}]}}}, {{0x254, 0x1, {{0x2, 0x7}, 0x3, 0x1, 0x0, 0xfff8, 0x1, 'syz1\x00', "cd3a088e847c060832e1b2d25caa7020a71045457941ebbbfac1a9b8d4640a5c", "9bba016da8e59b7f835b5100b5e24c9da31473f4b2be6fb4dc24f970abafd084", [{0x7, 0x9, {0x0, 0x401}}, {0x63a, 0xffa, {0x3, 0x9}}, {0x3, 0x10, {0x2, 0x4}}, {0x3, 0xacdd, {0x2, 0xe9e}}, {0x0, 0xfffc, {0x0, 0x80000000}}, {0x7ff, 0x7fff, {0x3, 0x120}}, {0xf, 0x3de, {0x3, 0x4}}, {0x200, 0xf060, {0x1, 0xea39}}, {0x3ff, 0x4, {0x3, 0x1ff}}, {0xfff0, 0x8, {0x2, 0x5}}, {0x6, 0x3, {0x2, 0x5}}, {0x1, 0x4, {0x3, 0x8b}}, {0x2, 0x7f, {0x3, 0xed15}}, {0x1ce, 0x0, {0x0, 0x7fffffff}}, {0x9, 0x7, {0x3, 0xab2}}, {0x2, 0xfff, {0x1, 0x8}}, {0x6, 0x3, {0x0, 0x28}}, {0x2, 0xfe00, {0x3, 0x80000001}}, {0x5, 0xa3, {0x2, 0x1ff}}, {0xfff7, 0x7bb, {0x3, 0x3}}, {0x4, 0x8, {0x3, 0x1}}, {0x5, 0x7f, {0x2, 0x1}}, {0xfff, 0x9, {0x3, 0x7}}, {0xa0f0, 0x8fe, {0x0, 0x9}}, {0x0, 0x14e, {0x2, 0xff}}, {0x100, 0x936, {0x3, 0x5}}, {0xf77, 0x200, {0x1, 0xfffffff2}}, {0xbe87, 0x7ff, {0x0, 0xe3}}, {0x7f, 0xb2fc, {0x1, 0x47}}, {0x7ff, 0x8, {0x0, 0x9}}, {0x5, 0x66, {0x2, 0x3}}, {0x1, 0x0, {0x1, 0x9}}, {0x8, 0x0, {0xd8aed156caf9d4c6, 0x6}}, {0x2, 0x30, {0x1, 0xb6}}, {0x4, 0x8, {0x2, 0x7}}, {0x3, 0x4, {0x3, 0x7ff}}, {0xa78e, 0x7f, {0x0, 0x7}}, {0x1, 0x1, {0x2, 0x4}}, {0x3, 0x3, {0x2, 0x3}}, {0x0, 0x9, {0x3, 0x1ff}}]}}}, {{0x254, 0x1, {{0x0, 0x2}, 0x1, 0x10, 0x5, 0x91c, 0x13, 'syz1\x00', "ecd9b3b9e05a29c3a2a54d9d61752aa729fe9b6181354b023c3a176035d9aa2b", "7e90596b7b73206199acc9c052e57d08cbf1c0195a7b8edae9b57efd4b42d4b7", [{0x4, 0x6, {0x3, 0x4}}, {0x0, 0x5, {0x2, 0x8}}, {0x800, 0xfff7, {0x1, 0x8}}, {0x3, 0x4, {0x3, 0x6}}, {0x8, 0x2ede, {0x3, 0xe}}, {0x5, 0x3, {0x0, 0x20004000}}, {0x7, 0x6, {0x0, 0x3}}, {0x800, 0xfab3, {0x0, 0x2}}, {0xac42, 0x40, {0x1, 0x4}}, {0x0, 0x2, {0x0, 0x180000}}, {0xfffa, 0x401, {0x1, 0x42}}, {0x3, 0xfb, {0x3, 0x8}}, {0x1, 0x240b, {0x0, 0x400}}, {0x4, 0xa85, {0x2, 0x4}}, {0x4, 0xfd, {0x0, 0xfffffeab}}, {0x1, 0x8, {0x0, 0x7ff}}, {0x2, 0xd, {0x0, 0x2}}, {0x6, 0xfffb, {0x1, 0xb}}, {0x6, 0xe, {0x2, 0x80000000}}, {0xa96b, 0x1000, {0x0, 0xc000000}}, {0x81, 0x8, {0x1, 0x9}}, {0x4, 0x8, {0x0, 0xd4e}}, {0x7fff, 0x90, {0x3}}, {0x0, 0x5, {0x3}}, {0x4, 0x4, {0x2, 0x7}}, {0x1, 0x2, {0x3, 0x9}}, {0x1, 0xfff, {0x1, 0xc976}}, {0x740, 0x1, {0x3, 0xc7e}}, {0x6, 0x1, {0x2, 0x8}}, {0xc, 0x4d3, {0x3, 0xfffffc01}}, {0x4, 0x97d, {0x0, 0x92d}}, {0x5, 0xfc, {0x0, 0x4}}, {0x4, 0x36, {0x3, 0x7}}, {0xa, 0x200, {0x3, 0x4}}, {0x0, 0x5, {0x3, 0x7669}}, {0xfff, 0x0, {0x1}}, {0x9, 0x3ff, {0x2, 0x8}}, {0x81, 0xa0, {0x0, 0x2}}, {0x7a, 0x4, {0x1, 0x3}}, {0x3, 0x5, {0x3}}]}}}, {{0x254, 0x1, {{0x0, 0x53}, 0x7, 0x8, 0x5, 0xa, 0x1e, 'syz1\x00', "67b42eb15e19a36212778ac2ca9353a5593c3e2cb42acd43689a19ac48aed3f0", "3d02e87f21fd129e8816817fd5e3d3aa74a635572d93890f1bf2d81fe540915c", [{0x6, 0x3, {0x1, 0x5}}, {0x8001, 0x2, {0x3, 0x80000000}}, {0x588, 0x7, {0x3, 0x8}}, {0x5, 0x6, {0x0, 0x5}}, {0x0, 0x3, {0x0, 0x1}}, {0x5, 0x26f9, {0x0, 0x4}}, {0xb, 0x7, {0x2, 0x4c17}}, {0xc, 0x81, {0x3, 0x3}}, {0x6, 0x0, {0x3, 0x7}}, {0x3, 0x7fff, {0x1, 0x7}}, {0x1, 0x2ee6, {0x3, 0x6cb0d740}}, {0x200, 0xfff9, {0x1, 0x6af}}, {0x6, 0x9, {0x2, 0x8}}, {0x418, 0x3, {0x3, 0x7ba}}, {0x10ff, 0x100, {0x2, 0x80}}, {0x1, 0xfff8, {0x3, 0x5}}, {0x9, 0x1, {0x3, 0x7}}, {0x8, 0xdc, {0x2, 0xf}}, {0x1, 0x6, {0x3, 0x3000}}, {0x7e, 0x6, {0x0, 0x8}}, {0x7f, 0x1, {0x2, 0x2}}, {0x7f, 0x8, {0x1, 0x6}}, {0xfa0, 0x5, {0x3, 0xffffffff}}, {0xd, 0x81, {0x1, 0x21e4}}, {0x889, 0xea9, {0x0, 0x1}}, {0x5, 0x86b, {0x2, 0x6}}, {0x6db, 0x5, {0x2, 0xb0e}}, {0x7ff, 0x9, {0x3}}, {0xe, 0xd, {0x1, 0x80}}, {0x0, 0xe, {0x0, 0xb2}}, {0x3, 0x6, {0x1, 0x4}}, {0x400, 0x7, {0x2, 0xfffff26a}}, {0x73e, 0x4d, {0x1, 0xece4}}, {0x0, 0xf, {0x0, 0x6}}, {0x2, 0xb, {0x3, 0x400}}, {0x8, 0x8000, {0x1, 0x6}}, {0x3, 0xfffb, {0x0, 0x296f}}, {0x200, 0x1, {0x0, 0x400}}, {0xe, 0x0, {0x2, 0x3b91}}, {0x2, 0x7, {0x2}}]}}}, {{0x254, 0x1, {{0x2, 0x3}, 0xe, 0x1, 0x7, 0xfff, 0xc, 'syz0\x00', "6b8debfb32992f54c55ae3bf7a6b20c86ec150b59e05604fdfda4564b1b053df", "bfe2803ee44424b26d138635c2275eafca2678ff60eab3b4ac97659ef37c2712", [{0xe, 0x8, {0x3, 0x80000001}}, {0x9, 0xff, {0x1}}, {0x1, 0xfc8, {0x0, 0x1}}, {0x4, 0x9, {0x2, 0x9}}, {0x8, 0x7, {0x2, 0x81}}, {0x80, 0x2, {0x0, 0x95}}, {0x12, 0x1, {0x0, 0x2997}}, {0x6, 0x61d0, {0x0, 0x1}}, {0x401, 0xd0e, {0x0, 0x8}}, {0x8, 0x80, {0x1, 0x400}}, {0xfff, 0x5, {0x2, 0x5}}, {0x4, 0x6, {0x3, 0x8}}, {0x2, 0x0, {0x2, 0x8}}, {0x1, 0x300, {0x1, 0xe87}}, {0xffff, 0x4, {0x0, 0x4}}, {0x5, 0x8, {0x0, 0x6}}, {0x9, 0x0, {0x3, 0xfffffff9}}, {0x8, 0x3, {0x0, 0xc}}, {0x2, 0x4, {0x1, 0x9}}, {0x1, 0x1, {0x0, 0x7}}, {0x0, 0x2, {0x2, 0xffff}}, {0x8, 0x1, {0x1, 0x6}}, {0x10, 0x3, {0x3, 0x5}}, {0x4, 0x8e98, {0x0, 0xfff}}, {0x7021, 0x401, {0x2, 0xffff}}, {0x6, 0x44b, {0x1, 0x6}}, {0x1, 0x2, {0x0, 0x7}}, {0x3, 0xfffa, {0x3, 0x3}}, {0x2a4, 0x7f, {0x2, 0x7f}}, {0x0, 0x81, {0x1, 0x492}}, {0x7f3, 0x6, {0x3, 0xa8}}, {0x1d, 0xf, {0x1, 0x6}}, {0x9, 0x7, {0x2, 0x40}}, {0x8000, 0x95f1, {0x3, 0x2}}, {0x3, 0x3, {0x1, 0x6583}}, {0x4, 0x100, {0x2, 0x6}}, {0x2, 0x0, {0x2, 0x6}}, {0x1d5, 0xc14, {0x0, 0xfffffffe}}, {0xffff, 0x6, {0x0, 0x27a}}, {0x2, 0x5, {0x1, 0xffffff01}}]}}}, {{0x254, 0x1, {{0x3, 0x4}, 0x2, 0x6, 0x4d, 0x3, 0x23, 'syz0\x00', "b88cabe089f2fa40b5733719b480f3c199371b627c07b60b0e53cbe20457f237", "ffcc095f1c065e232b052f58d123b9f139757af98fb9dc4e442c1060aa0bccca", [{0x4, 0xfffb, {0x1, 0x1ff}}, {0x3, 0x0, {0x1, 0xfff}}, {0x6, 0x40, {0x3, 0x101}}, {0x2, 0x1, {0x0, 0x5}}, {0x5, 0x6b, {0x3, 0x1}}, {0xf567, 0xff, {0x0, 0xf}}, {0x0, 0x7, {0x1, 0xfff}}, {0x9, 0x3, {0x3, 0x10001}}, {0x8, 0x5548, {0x2, 0x2}}, {0x7fff, 0x6, {0x1}}, {0x850, 0x7fff, {0x3, 0xea}}, {0x9, 0x3ff, {0x3, 0x400}}, {0x7fff, 0xe, {0x2, 0x7}}, {0x2, 0x9, {0x1, 0x5}}, {0x10, 0x7, {0x3, 0x6866}}, {0x9, 0x5, {0x0, 0x6}}, {0xffff, 0x3, {0x2, 0xbbc}}, {0x2, 0x995, {0x1, 0xe1bb}}, {0x7, 0x6, {0x1, 0x8}}, {0x4, 0x3, {0x2, 0x3f9}}, {0x9, 0x8, {0x2, 0xff}}, {0x7, 0x2, {0x0, 0x5}}, {0x5, 0x1, {0x2, 0xe}}, {0x10d, 0x5d, {0x3}}, {0x9, 0x6, {0x2, 0x9}}, {0x1, 0x8001, {0x2, 0x1}}, {0x4, 0xea, {0x3, 0x6}}, {0x3, 0x5, {0x1, 0x100}}, {0xe4e, 0x800, {0x1, 0x101}}, {0x9, 0x3ff, {0x3, 0xd2}}, {0x0, 0x8, {0x3, 0x5}}, {0x5, 0x6, {0x3, 0xe229}}, {0x7, 0xe4, {0x0, 0x79f}}, {0xf, 0xac, {0x1}}, {0x2, 0xa62, {0x3, 0x8}}, {0xff, 0xb, {0x1, 0x58b}}, {0x5d8, 0x64f3, {0x2, 0x1}}, {0x1d31, 0x3ff, {0x2, 0x810e}}, {0x1000, 0xba4, {0x0, 0xf}}, {0x26cf, 0x9, {0x3, 0xfffffffd}}]}}}]}, 0x12b4}}, 0x200480d0)
ioctl$VIDIOC_DECODER_CMD(r1, 0xc0485660, &(0x7f0000000380)={0x1, 0x1, @start={0x775b4acb, 0x1}})

221.910554ms ago: executing program 1 (id=1718):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_int(r1, &(0x7f0000000040)='blkio.reset_stats\x00', 0x2, 0x0)
write$cgroup_int(r2, &(0x7f00000001c0)=0x1, 0x12)
syz_emit_ethernet(0x2a, &(0x7f00000003c0)=ANY=[@ANYBLOB="0180157fc2000000aaaaaaaaaa0008000200001c000000000002907800000000fffff7ff110090780000ee96558ad0523c990f7e8d0374cbf39d0d99e43b62f66bea23f8919eacfb4eb532ce815dfff446ccada155e879c11668b08d94e4133987e50a5466daa409a3cc7920c1b87ca3bad95e48411908df535578b69c6c3b590fd0cbb5fa7d8e63cfb516784e02ccb0b08aecbf1ca7911ff25ed34ea5f12f29503c515822d37834673eadfbdd9e04075a9d6c4ed8f4139ee7d1515376e0094a9c4fdb77b67f8084fe599953e5c47f8b39f6f4331b04807fe201b0083838730901cf8820b91797c91a1223f82b9794039d8b7ef137dc5f2b5eed32a364cf25e9bd2e2e4dffeb3ddfc622"], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a0b2353f09e66c66e25484b774fb904000000000000000002000000300004802c0001800c000101636f756e746572001c0002800c00014000000000000000050c000240000000000000c49c0900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x84}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe40400000056bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a05cbee30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3157f00000000000000a06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630000000002232017810e743bdaf879946547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e6dafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e097585ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb50409fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4d8521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060fd2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3bca426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db00000000000001f915268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde000006c06d4d551e81ee73459cf1c00000000000000000000628a663ed417be6ff5b172cba4a1ec629a39ec253c087b1e9ce84e25b8717ae8581bf28c16a8bbda8d69358e885ddf5387e419c64847b8953070cdefe7d6a35197638e929f8f3c005f9de3fe351def9ed5"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x0, 0x62, 0x113, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000500)=""/275, 0xcb95, 0x0, 0x103, 0x194, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971f00fea85da062cdc", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7a7eef8d9be4e715aec8fd6cadc41c8da5ce9da2b9e1559d92a1936fc2b3a00000000000000000072200e10ba6269b634f10f7098c65ba67ba65c0e2687637e131fb8d5ba6c12c09c8356853c434a44ff0878e496dcf9a4f5ca02c293279948f37ebb28843f92c87c057a3b410e04418557d5deda7ddd3bd1d384d64ec980187e8b64a0696571a49e847db79349c9b3c3fab5f1f977bde4d802d9026ae0c11744eb1525c5195fd215d7a432497f35c2f2cfcd2b6336b26dfef0cb968c910ea2af5cdd4d58cc08535d5514", 0x2, 0x0, 0x3ff}, 0x50)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000bff000/0x400000)=nil)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r7 = syz_kvm_add_vcpu$x86(r6, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000200)={{0x50000, 0x1, 0x9, 0x1, 0xcd, 0x9, 0x6, 0x1, 0x0, 0x3, 0x5, 0xeb}, {0x3000, 0x80a0000, 0xd, 0xe, 0x5, 0x7, 0x4, 0x14, 0x4, 0x5, 0x0, 0x1}, {0x8000000, 0x102f8000, 0xf, 0x5, 0x6, 0x7, 0x81, 0x3, 0x80, 0x1, 0xe, 0x78}, {0xeeef0000, 0x6000, 0x3, 0x3, 0x6, 0x9, 0xc3, 0x0, 0x0, 0x0, 0x80, 0x2e}, {0x58000, 0x58000, 0xa, 0xff, 0x8, 0xc, 0x6, 0x7, 0x8, 0x6, 0x4, 0xfc}, {0x10d000, 0x0, 0x9, 0xb9, 0x6, 0x5, 0x42, 0x6, 0x5, 0x1, 0xd, 0x9}, {0xdddd1000, 0x0, 0x0, 0x1, 0xa, 0x8, 0x4, 0x63, 0x1c, 0x5, 0x1, 0xd}, {0xdddd1000, 0x4000, 0xa, 0x23, 0xc, 0x3, 0x9, 0x4a, 0x7, 0x8, 0x43, 0x3}, {0xeeee0000, 0x5}, {0xffff1000}, 0x0, 0x0, 0xdddd0000, 0x150690, 0x3, 0x8200, 0xeeee0c00, [0x1, 0x1004, 0x4, 0x1000]})
ioctl$KVM_SET_LAPIC(r7, 0x4400ae8f, &(0x7f0000000740)={"d28cbffc70113aa16b365924c3128c89fe8764c41caa3ec7a095ce3692ae1fe3160c3dd483cc71d285c48c8fa445272281beb44357aa96da39f0ef45a90bfac537ba4c98038e0b871c2ba811d3d568ccdddd1e0e7edef9061d12bdd0fc1c83093613293d1779955c62df6a03c3a539051393b577bb6645c4ed2ddfd06df82c7359de2082e16a4c302d18db9ce698f22b519d55adbbe4881dda46ddbbab0a1ca428e404f0640e62eb7d76c8ca94cff34f26de20c2f44c22228eee44edcbec829ed8b5f24a8259fcc97d67b96441486cf9832274eff5271d3843178cd90827052ef8e6dee13ef4f8e23b8396f5bc4b03b8ee875350ac778233a13551f55cac915ce11f145063ef5b5111272d0859d6cdb62ab72a92f24d83ef5ff87aa8f6eae3986c403add562c0a17839921dea6186d3b71b3d466070a005541677a477392f9a499322ed2f09c6e1b401ad81bb6673274e7c344152c2617edc2f667329b51bcc9d235de56d8642823643e0107339044417e2708d10e7dafefb5b2e72f696e1dc37c48f3c9266c9c8d2e771aabd4b7e4e7c2bccde0345d5d43ad7a4d98e9e1e3e152784ca29d286fe783f3579055a428ab231b9e81d77bd8ca4007607cd2ff60953a2d68353c4cc677124b7431edca5f604841f3baa90d46235ddaa03f158dd78c219be7f0c53dddd4cea58ecac6cef53e7a5b347b0842bb163bd35e19d2ed1b67e63a7e82ac470619ae164c3949884286c101417e6deeff735b8b3b9109e47725bbd5c400b24489fec1afe6771d5c8871f7cd31e7390cef6dce398b8a1dd7213229d282cb581a71c04ca04e9eb516a197583ba8470b0df0b2158a076bf257520500a7bfb42766c883231c1a2a4527dabb5037f9fa00172bc8b9327494b553735a4ebbfb8c9e7f5034b442418c7490919f81308b4a73bd46d57e1ebcc3b6cf7d1ba20e55d06e40e5796e568c206d51adc1be7186cb80962e8dfa41c354acd9ad5fbf4c59b6fa6dd83aa9aa0a23210b057328efa4239b8211b3a5f21ce22a193eb93f69c4d525f53e733b397786d808b928297748a3d54e5bb71bab6139d5e2721d237f4c99896a2e398d049df2e9c63c424606fc73cece699407f3041826cc271a3cb44cc4d76ab77ddb15ef7dda76ddfa4830c5ba28cf7dcc154e88ef9f228a8158d6ae6fdc32ef2af1642e48d5218f10ba7c222e43da4e13f59e96ab4b467283b76d8b0c36665f02d943936041c00d7dbd2a3ab101aa56277b9ec5111428c047fb8b144f260b2fae62db101aad238ee50d222202969ed5929c2f8ab41e6e342ad1b0037be7e2d887f0563a722be94364dfe62482f7862da76fd58827712a1a80f69cc85f2fa9ba92cbfc48f7e4f11b2b87c71e6733a95d8ded91da74913fcf81bb1bb9cb8f380f402abf9df0990e0100750c49f9328238eced88d16068bce90b"})
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000340)={0x2, 0x0, @ioapic={0x0, 0xfffffffe, 0x7ffffffd, 0xfffffff5, 0x0, [{0x86, 0x40, 0x3, '\x00', 0x2}, {0x2a, 0xff, 0xad, '\x00', 0x10}, {0x35, 0x23, 0xb, '\x00', 0xfe}, {0x0, 0x1, 0x82, '\x00', 0x72}, {0x6, 0x1, 0x27, '\x00', 0x9}, {0x0, 0x8, 0xfd, '\x00', 0x7}, {0xcf, 0x20, 0xc5, '\x00', 0xe6}, {0x6, 0xce, 0x5, '\x00', 0xe}, {0x5, 0x7f, 0x7, '\x00', 0x4d}, {0xc, 0xd, 0x8, '\x00', 0x3b}, {0x0, 0x8, 0x0, '\x00', 0x8}, {0x7, 0x6, 0x0, '\x00', 0x3}, {0x2, 0xc0, 0xa, '\x00', 0x2}, {0x6, 0x7, 0x7, '\x00', 0xfe}, {0x8, 0x5, 0x9, '\x00', 0xa9}, {0x6, 0x6, 0x8, '\x00', 0x5}, {0xff, 0x5, 0x6, '\x00', 0xda}, {0x5, 0xfd, 0x6, '\x00', 0x8}, {0x45, 0x4, 0xff, '\x00', 0x6}, {0x9, 0x9, 0x7a, '\x00', 0x36}, {0x2, 0xa, 0x4, '\x00', 0x5}, {0x2, 0x9, 0x8, '\x00', 0xc4}, {0x3, 0xff, 0x12, '\x00', 0x6}, {0x7, 0xa9, 0x1c, '\x00', 0xa}]}})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mremap(&(0x7f0000507000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000fd6000/0x4000)=nil)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x67)

221.441ms ago: executing program 2 (id=1719):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@newqdisc={0x2c, 0x24, 0xd0f, 0xfffffffd, 0xffffffff, {0x60, 0x0, 0x0, 0x0, {0xffff, 0x2}, {0xfff2, 0xe}, {0xfff3, 0xfff2}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x1}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000050}, 0x2000c8d1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x10, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000ff070000000000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000500))
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000"], 0x48)
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})

146.725553ms ago: executing program 2 (id=1720):
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r0, &(0x7f00000000c0), 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2309fefffffffcffffff0100000005000700000000000800090000000000060002000100000008000a000400010008001700", @ANYRES32], 0x3c}}, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x4, 0x380, 0xffffffff, 0x370, 0x370, 0x0, 0xffffffff, 0xffffffff, 0x510, 0x510, 0x510, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x3, 0x0, 0x2}, {0xffffffffffffffff, 0x3, 0x6}, 0xffff, 0x9}}}, {{@ipv6={@remote, @private0, [0xff000000, 0xffffff00, 0xffffffff, 0xff000000], [0xffffffff, 0xff000000, 0xff000000, 0xff], 'pim6reg1\x00', 'xfrm0\x00', {}, {0xff}, 0x62, 0x4, 0x0, 0xc}, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz1\x00', {0x101}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@ERROR={0x22, 'ERROR\x00', 0x0, "70470659c58246b8c1d7f86ef2536ac9903efeabf87a7013bf23035e14f3"}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

76.414534ms ago: executing program 2 (id=1721):
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="6c0100001000130705000000fcdbdf25fe8000000000000000000000000000bb200100000000080000000000000000014e2000034e006c000000000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fe8000000000000000000000000000bb000000fc32000000fe800000000000000000000000000033000000000000000000000000000000000c00000000000000080000000000000000000000000000000000000000000000000000000000000043070000000000000400000000000000ffffffffffffff7f0000000000000000000000000000000000000000000000000000000028bd7000043500000a000400000000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000217d66d38547aa140db8a200000000c538c7cb7a1c00040002"], 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
getsockopt$inet_mreqn(r0, 0x6a, 0x4, 0x0, &(0x7f00000000c0)=0x5c)

70.332761ms ago: executing program 2 (id=1722):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a00000709000100"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

1.446743ms ago: executing program 5 (id=1723):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000000c0)={0xfe, 0x7d, 0x20f})
r1 = userfaultfd(0x801)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000080)={r3, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @random="2716157f3354"}, 0x10)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00002f2000/0x3000)=nil, 0x3000}, 0x2})
syz_emit_vhci(&(0x7f0000000780)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@any, "18b42e", 0x1}}}, 0xd)
socket$unix(0x1, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket(0x2b, 0x1, 0x1)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x5)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

0s ago: executing program 2 (id=1724):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@mpls_getroute={0x1c, 0x1e, 0xffffff1f, 0x0, 0x0, {0x1e, 0x0, 0x2}}, 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipoib={{0xa}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

kernel console output (not intermixed with test programs):

0 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  131.887917][ T7437] RSP: 002b:00007f07bd9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  131.887957][ T7437] RAX: ffffffffffffffda RBX: 00007f07bfa15fa0 RCX: 00007f07bf79ce59
[  131.887967][ T7437] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004
[  131.887993][ T7437] RBP: 00007f07bd9f6090 R08: 0000000000000000 R09: 0000000000000000
[  131.888007][ T7437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.888016][ T7437] R13: 00007f07bfa16038 R14: 00007f07bfa15fa0 R15: 00007ffd3d596a38
[  131.888038][ T7437]  </TASK>
[  131.888047][ T7437] syz.3.449: vmalloc error: size 2496, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  132.020509][ T7437] CPU: 2 UID: 0 PID: 7437 Comm: syz.3.449 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  132.020542][ T7437] Tainted: [L]=SOFTLOCKUP
[  132.020549][ T7437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  132.020559][ T7437] Call Trace:
[  132.020565][ T7437]  <TASK>
[  132.020572][ T7437]  dump_stack_lvl+0x100/0x190
[  132.020602][ T7437]  warn_alloc.cold+0x95/0x1c1
[  132.020622][ T7437]  ? __pfx_warn_alloc+0x10/0x10
[  132.020648][ T7437]  ? trace_kmalloc+0xe3/0x110
[  132.020669][ T7437]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[  132.020690][ T7437]  ? __kasan_kmalloc+0x8a/0xb0
[  132.020719][ T7437]  ? __get_vm_area_node+0x208/0x330
[  132.020743][ T7437]  __vmalloc_node_range_noprof+0xccd/0x1630
[  132.020769][ T7437]  ? rcu_is_watching+0x12/0xc0
[  132.020800][ T7437]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  132.020875][ T7437]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  132.020898][ T7437]  ? __memcg_slab_post_alloc_hook+0x734/0xff0
[  132.020927][ T7437]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  132.020951][ T7437]  __vmalloc_node_noprof+0xad/0xf0
[  132.020971][ T7437]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  132.020998][ T7437]  fpu_alloc_guest_fpstate+0x20/0x4a0
[  132.021025][ T7437]  kvm_arch_vcpu_create+0x53c/0xac0
[  132.021054][ T7437]  kvm_vm_ioctl+0x756/0x4050
[  132.021087][ T7437]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  132.021127][ T7437]  ? kasan_quarantine_put+0x104/0x240
[  132.021152][ T7437]  ? lockdep_hardirqs_on+0x78/0x100
[  132.021177][ T7437]  ? find_held_lock+0x2b/0x80
[  132.021193][ T7437]  ? tomoyo_path_number_perm+0x28f/0x580
[  132.021213][ T7437]  ? tomoyo_path_number_perm+0x28f/0x580
[  132.021238][ T7437]  ? tomoyo_path_number_perm+0x188/0x580
[  132.021259][ T7437]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  132.021287][ T7437]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  132.021310][ T7437]  ? do_vfs_ioctl+0x226/0x13e0
[  132.021335][ T7437]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  132.021353][ T7437]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  132.021383][ T7437]  ? __fget_files+0x215/0x3d0
[  132.021403][ T7437]  ? hook_file_ioctl_common+0x149/0x410
[  132.021426][ T7437]  ? selinux_file_ioctl+0x13b/0x290
[  132.021448][ T7437]  ? selinux_file_ioctl+0xb6/0x290
[  132.021472][ T7437]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  132.021498][ T7437]  __x64_sys_ioctl+0x18e/0x210
[  132.021518][ T7437]  do_syscall_64+0x10b/0xf80
[  132.021541][ T7437]  ? clear_bhb_loop+0x40/0x90
[  132.021562][ T7437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.021580][ T7437] RIP: 0033:0x7f07bf79ce59
[  132.021595][ T7437] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.021611][ T7437] RSP: 002b:00007f07bd9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  132.021629][ T7437] RAX: ffffffffffffffda RBX: 00007f07bfa15fa0 RCX: 00007f07bf79ce59
[  132.021638][ T7437] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004
[  132.021647][ T7437] RBP: 00007f07bd9f6090 R08: 0000000000000000 R09: 0000000000000000
[  132.021657][ T7437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.021666][ T7437] R13: 00007f07bfa16038 R14: 00007f07bfa15fa0 R15: 00007ffd3d596a38
[  132.021687][ T7437]  </TASK>
[  132.021693][ T7437] Mem-Info:
[  132.151071][ T7437] active_anon:30178 inactive_anon:0 isolated_anon:3
[  132.151071][ T7437]  active_file:24594 inactive_file:40710 isolated_file:18
[  132.151071][ T7437]  unevictable:1770 dirty:66 writeback:0
[  132.151071][ T7437]  slab_reclaimable:12143 slab_unreclaimable:72566
[  132.151071][ T7437]  mapped:25317 shmem:22801 pagetables:3506
[  132.151071][ T7437]  sec_pagetables:299 bounce:0
[  132.151071][ T7437]  kernel_misc_reclaimable:0
[  132.151071][ T7437]  free:420692 free_pcp:11402 free_cma:0
[  132.167786][ T7437] Node 0 active_anon:118496kB inactive_anon:0kB active_file:98400kB inactive_file:162668kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:101244kB dirty:244kB writeback:0kB shmem:87176kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13536kB pagetables:4700kB sec_pagetables:1184kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  132.181235][ T7437] Node 1 active_anon:2556kB inactive_anon:0kB active_file:0kB inactive_file:216kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:24kB writeback:0kB shmem:4104kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:256kB pagetables:9276kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  132.192001][ T7437] Node 0 DMA free:10416kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:296kB local_pcp:96kB free_cma:0kB
[  132.204582][ T7437] lowmem_reserve[]: 0 1231 1231 1231 1231
[  132.207041][ T7437] Node 0 DMA32 free:67364kB boost:0kB min:27480kB low:34348kB high:41216kB reserved_highatomic:0KB free_highatomic:0KB active_anon:118496kB inactive_anon:0kB active_file:98400kB inactive_file:162668kB unevictable:3536kB writepending:244kB zspages:0kB present:2080628kB managed:1260804kB mlocked:0kB bounce:0kB free_pcp:16852kB local_pcp:6056kB free_cma:0kB
[  132.219450][ T7437] lowmem_reserve[]: 0 0 0 0 0
[  132.221197][ T7437] Node 1 Normal free:1604684kB boost:0kB min:39756kB low:49692kB high:59628kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2556kB inactive_anon:0kB active_file:0kB inactive_file:216kB unevictable:3536kB writepending:24kB zspages:0kB present:2097152kB managed:1781884kB mlocked:0kB bounce:0kB free_pcp:28872kB local_pcp:26756kB free_cma:0kB
[  132.232083][ T7437] lowmem_reserve[]: 0 0 0 0 0
[  132.233693][ T7437] Node 0 DMA: 16*4kB (UM) 14*8kB (UM) 12*16kB (UM) 8*32kB (M) 7*64kB (UM) 11*128kB (UM) 9*256kB (UM) 7*512kB (UM) 2*1024kB (U) 0*2048kB 0*4096kB = 10416kB
[  132.238956][ T7437] Node 0 DMA32: 1531*4kB (UME) 909*8kB (UME) 465*16kB (UM) 500*32kB (UME) 201*64kB (UM) 50*128kB (UM) 12*256kB (UM) 6*512kB (M) 5*1024kB (M) 0*2048kB 0*4096kB = 67364kB
[  132.244936][ T7437] Node 1 Normal: 41*4kB (UM) 45*8kB (UM) 270*16kB (UME) 207*32kB (UME) 308*64kB (UME) 281*128kB (UME) 268*256kB (UME) 243*512kB (UME) 207*1024kB (UM) 11*2048kB (UME) 271*4096kB (UM) = 1604684kB
[  132.254063][ T7437] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  132.258272][ T7437] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  132.260810][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  132.260857][   T40] audit: type=1400 audit(1779144713.742:1056): avc:  denied  { mount } for  pid=7444 comm="syz.1.451" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  132.262146][ T7437] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  132.269749][ T7445] No such timeout policy "syz1"
[  132.274509][ T7437] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  132.284903][ T7437] 88137 total pagecache pages
[  132.287036][ T7437] 0 pages in swap cache
[  132.288707][ T7437] Free swap  = 124996kB
[  132.290357][ T7437] Total swap = 124996kB
[  132.292042][ T7437] 1048443 pages RAM
[  132.293907][ T7437] 0 pages HighMem/MovableOnly
[  132.295783][   T40] audit: type=1400 audit(1779144713.782:1057): avc:  denied  { unmount } for  pid=5741 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  132.296312][ T7437] 283931 pages reserved
[  132.305150][ T7437] 0 pages cma reserved
[  132.306886][ T7437] kvm: failed to allocate vcpu's fpu
[  132.431034][ T7454] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  132.695500][   T39] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  132.822277][ T5751] Bluetooth: hci2: hcon ffff88801bfc8000 sent 1 < count 2
[  132.859152][   T39] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x19, changing to 0x9
[  132.863362][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 21517, setting to 64
[  132.869492][   T39] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  132.872608][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.876224][   T39] usb 5-1: Product: syz
[  132.877749][   T39] usb 5-1: Manufacturer: syz
[  132.879416][   T39] usb 5-1: SerialNumber: syz
[  132.884336][   T39] usb 5-1: config 0 descriptor??
[  133.001333][ T7468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.458'.
[  133.007851][ T7468] netlink: 'syz.2.458': attribute type 15 has an invalid length.
[  133.038420][ T7468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.458'.
[  133.039427][ T6320] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  133.042026][ T7468] netlink: 'syz.2.458': attribute type 15 has an invalid length.
[  133.045013][ T6320] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  133.053088][ T6320] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  133.056581][ T6320] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  133.317375][ T2316] usb 5-1: USB disconnect, device number 6
[  133.337318][   T40] audit: type=1400 audit(1779144714.822:1058): avc:  denied  { mount } for  pid=7485 comm="syz.1.462" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  133.357105][ T7486] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  133.364457][ T7486] netlink: 8 bytes leftover after parsing attributes in process `syz.1.462'.
[  133.415376][   T54] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  133.588419][   T54] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  133.592052][   T54] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  133.603247][   T54] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  133.608132][   T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.818444][   T54] usb 7-1: usb_control_msg returned -32
[  133.820268][   T54] usbtmc 7-1:16.0: can't read capabilities
[  133.838882][   T40] audit: type=1400 audit(1779144715.322:1059): avc:  denied  { connect } for  pid=7508 comm="syz.3.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  133.854985][   T40] audit: type=1400 audit(1779144715.322:1060): avc:  denied  { remount } for  pid=7508 comm="syz.3.471" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  133.896138][ T7519] sch_fq: defrate 4294967295 ignored.
[  133.903270][   T40] audit: type=1400 audit(1779144715.382:1061): avc:  denied  { append } for  pid=7517 comm="syz.1.474" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  134.148556][   T40] audit: type=1400 audit(1779144715.632:1062): avc:  denied  { append } for  pid=7531 comm="syz.0.479" name="loop6" dev="devtmpfs" ino=664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  134.165009][ T7532] loop6: detected capacity change from 0 to 2640
[  134.180918][ T7532] buffer_io_error: 10 callbacks suppressed
[  134.180939][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.187625][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.191885][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.197566][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.202756][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.208749][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.215426][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.219714][ T7536] netlink: 'syz.1.477': attribute type 21 has an invalid length.
[  134.220410][ T7538] netlink: 'syz.1.477': attribute type 21 has an invalid length.
[  134.224148][ T7536] netlink: 156 bytes leftover after parsing attributes in process `syz.1.477'.
[  134.227561][ T7533] usbtmc 7-1:16.0: usbtmc_ioctl_request failed -32
[  134.235942][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.241685][ T7538] netlink: 156 bytes leftover after parsing attributes in process `syz.1.477'.
[  134.244371][ T7532] ldm_validate_partition_table(): Disk read failed.
[  134.248276][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.252125][ T7532] Buffer I/O error on dev loop6, logical block 0, async page read
[  134.257467][ T7532] Dev loop6: unable to read RDB block 0
[  134.262031][ T7532]  loop6: unable to read partition table
[  134.265588][ T7532] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  134.314396][   T40] audit: type=1400 audit(1779144715.792:1063): avc:  denied  { watch } for  pid=7539 comm="syz.1.480" path="/117/file0" dev="tmpfs" ino=642 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  134.328480][ T2316] usb 7-1: USB disconnect, device number 7
[  134.331571][   T40] audit: type=1400 audit(1779144715.792:1064): avc:  denied  { watch_sb watch_reads } for  pid=7539 comm="syz.1.480" path="/117/file0" dev="tmpfs" ino=642 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  134.452264][ T7546] netlink: 36 bytes leftover after parsing attributes in process `syz.1.483'.
[  134.503003][   T40] audit: type=1400 audit(1779144715.982:1065): avc:  denied  { ioctl } for  pid=7548 comm="syz.1.484" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  134.910709][ T7559] FAULT_INJECTION: forcing a failure.
[  134.910709][ T7559] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  134.915359][ T7559] CPU: 1 UID: 0 PID: 7559 Comm: syz.2.487 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  134.915380][ T7559] Tainted: [L]=SOFTLOCKUP
[  134.915384][ T7559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  134.915392][ T7559] Call Trace:
[  134.915398][ T7559]  <TASK>
[  134.915403][ T7559]  dump_stack_lvl+0x100/0x190
[  134.915425][ T7559]  should_fail_ex.cold+0x5/0xa
[  134.915440][ T7559]  ? prepare_alloc_pages+0x16d/0x5f0
[  134.915457][ T7559]  should_fail_alloc_page+0xeb/0x140
[  134.915472][ T7559]  prepare_alloc_pages+0x1f0/0x5f0
[  134.915486][ T7559]  ? arch_stack_walk+0xa6/0xf0
[  134.915506][ T7559]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  134.915529][ T7559]  ? stack_trace_save+0x8e/0xc0
[  134.915543][ T7559]  ? __pfx_stack_trace_save+0x10/0x10
[  134.915556][ T7559]  ? stack_depot_save_flags+0x27/0x9d0
[  134.915603][ T7559]  ? is_bpf_text_address+0x8a/0x1a0
[  134.915621][ T7559]  ? is_bpf_text_address+0x8a/0x1a0
[  134.915637][ T7559]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  134.915656][ T7559]  ? kasan_save_stack+0x3f/0x50
[  134.915667][ T7559]  ? kasan_save_stack+0x30/0x50
[  134.915677][ T7559]  ? kasan_save_track+0x14/0x30
[  134.915687][ T7559]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  134.915707][ T7559]  ? __get_vm_area_node+0x1ca/0x330
[  134.915720][ T7559]  ? __vmalloc_node_range_noprof+0x228/0x1630
[  134.915735][ T7559]  ? __vmalloc_node_noprof+0xad/0xf0
[  134.915749][ T7559]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.915767][ T7559]  ? kvm_arch_vcpu_create+0x53c/0xac0
[  134.915791][ T7559]  ? kvm_vm_ioctl+0x756/0x4050
[  134.915808][ T7559]  ? __x64_sys_ioctl+0x18e/0x210
[  134.915821][ T7559]  ? do_syscall_64+0x10b/0xf80
[  134.915837][ T7559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.915855][ T7559]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  134.915871][ T7559]  ? policy_nodemask+0xed/0x4f0
[  134.915886][ T7559]  alloc_pages_mpol+0x1fb/0x540
[  134.915900][ T7559]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  134.915917][ T7559]  alloc_pages_noprof+0x1a/0x160
[  134.915933][ T7559]  get_free_pages_noprof+0x10/0xb0
[  134.915945][ T7559]  __kasan_populate_vmalloc+0xa0/0x210
[  134.915966][ T7559]  alloc_vmap_area+0x95d/0x2b70
[  134.915985][ T7559]  ? __pfx_alloc_vmap_area+0x10/0x10
[  134.916001][ T7559]  __get_vm_area_node+0x1ca/0x330
[  134.916017][ T7559]  __vmalloc_node_range_noprof+0x228/0x1630
[  134.916033][ T7559]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.916053][ T7559]  ? rcu_is_watching+0x12/0xc0
[  134.916073][ T7559]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.916096][ T7559]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  134.916112][ T7559]  ? __memcg_slab_post_alloc_hook+0x734/0xff0
[  134.916132][ T7559]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.916150][ T7559]  __vmalloc_node_noprof+0xad/0xf0
[  134.916165][ T7559]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.916185][ T7559]  fpu_alloc_guest_fpstate+0x20/0x4a0
[  134.916205][ T7559]  kvm_arch_vcpu_create+0x53c/0xac0
[  134.916224][ T7559]  kvm_vm_ioctl+0x756/0x4050
[  134.916246][ T7559]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  134.916272][ T7559]  ? kasan_quarantine_put+0x104/0x240
[  134.916291][ T7559]  ? lockdep_hardirqs_on+0x78/0x100
[  134.916308][ T7559]  ? find_held_lock+0x2b/0x80
[  134.916320][ T7559]  ? tomoyo_path_number_perm+0x28f/0x580
[  134.916336][ T7559]  ? tomoyo_path_number_perm+0x28f/0x580
[  134.916353][ T7559]  ? tomoyo_path_number_perm+0x188/0x580
[  134.916368][ T7559]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  134.916387][ T7559]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  134.916402][ T7559]  ? do_vfs_ioctl+0x226/0x13e0
[  134.916414][ T7559]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  134.916426][ T7559]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  134.916448][ T7559]  ? __fget_files+0x215/0x3d0
[  134.916463][ T7559]  ? hook_file_ioctl_common+0x149/0x410
[  134.916477][ T7559]  ? selinux_file_ioctl+0x13b/0x290
[  134.916493][ T7559]  ? selinux_file_ioctl+0xb6/0x290
[  134.916510][ T7559]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  134.916528][ T7559]  __x64_sys_ioctl+0x18e/0x210
[  134.916541][ T7559]  do_syscall_64+0x10b/0xf80
[  134.916558][ T7559]  ? clear_bhb_loop+0x40/0x90
[  134.916572][ T7559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.916584][ T7559] RIP: 0033:0x7fde0439ce59
[  134.916595][ T7559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.916606][ T7559] RSP: 002b:00007fde051e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  134.916619][ T7559] RAX: ffffffffffffffda RBX: 00007fde04615fa0 RCX: 00007fde0439ce59
[  134.916626][ T7559] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004
[  134.916633][ T7559] RBP: 00007fde051e5090 R08: 0000000000000000 R09: 0000000000000000
[  134.916640][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.916647][ T7559] R13: 00007fde04616038 R14: 00007fde04615fa0 R15: 00007ffd78d75a68
[  134.916661][ T7559]  </TASK>
[  134.916693][ T7559] kvm: failed to allocate vcpu's fpu
[  135.231018][ T7575] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=7575 comm=syz.3.490
[  135.236024][ T7575] netem: change failed
[  135.238733][ T7575] netlink: 4 bytes leftover after parsing attributes in process `syz.3.490'.
[  135.303262][ T7577] veth3: entered allmulticast mode
[  135.432805][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.443739][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.453868][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.464009][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.474129][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.484258][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.490582][ T7597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=7597 comm=syz.1.496
[  135.628105][ T7615] FAULT_INJECTION: forcing a failure.
[  135.628105][ T7615] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  135.633097][ T7615] CPU: 2 UID: 0 PID: 7615 Comm: syz.0.501 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  135.633126][ T7615] Tainted: [L]=SOFTLOCKUP
[  135.633132][ T7615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  135.633141][ T7615] Call Trace:
[  135.633148][ T7615]  <TASK>
[  135.633155][ T7615]  dump_stack_lvl+0x100/0x190
[  135.633353][ T7615]  should_fail_ex.cold+0x5/0xa
[  135.633395][ T7615]  ? prepare_alloc_pages+0x16d/0x5f0
[  135.633459][ T7615]  should_fail_alloc_page+0xeb/0x140
[  135.633479][ T7615]  prepare_alloc_pages+0x1f0/0x5f0
[  135.633502][ T7615]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  135.633532][ T7615]  ? rcu_is_watching+0x12/0xc0
[  135.633576][ T7615]  ? trace_mm_page_alloc+0x163/0x1d0
[  135.633595][ T7615]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  135.633621][ T7615]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  135.633648][ T7615]  ? __pfx_stack_trace_save+0x10/0x10
[  135.633667][ T7615]  ? stack_depot_save_flags+0x27/0x9d0
[  135.633753][ T7615]  ? is_bpf_text_address+0x8a/0x1a0
[  135.633783][ T7615]  ? is_bpf_text_address+0x8a/0x1a0
[  135.633807][ T7615]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  135.633833][ T7615]  ? kasan_save_stack+0x3f/0x50
[  135.633848][ T7615]  ? kasan_save_stack+0x30/0x50
[  135.633863][ T7615]  ? kasan_save_track+0x14/0x30
[  135.633878][ T7615]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  135.633905][ T7615]  ? __get_vm_area_node+0x1ca/0x330
[  135.633924][ T7615]  ? __vmalloc_node_range_noprof+0x228/0x1630
[  135.633946][ T7615]  ? __vmalloc_node_noprof+0xad/0xf0
[  135.633965][ T7615]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.633993][ T7615]  ? kvm_arch_vcpu_create+0x53c/0xac0
[  135.634018][ T7615]  ? kvm_vm_ioctl+0x756/0x4050
[  135.634041][ T7615]  ? __x64_sys_ioctl+0x18e/0x210
[  135.634099][ T7615]  ? do_syscall_64+0x10b/0xf80
[  135.634135][ T7615]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.634160][ T7615]  alloc_pages_bulk_noprof+0x657/0x1390
[  135.634192][ T7615]  ? policy_nodemask+0xed/0x4f0
[  135.634213][ T7615]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  135.634254][ T7615]  __kasan_populate_vmalloc+0xf0/0x210
[  135.634286][ T7615]  alloc_vmap_area+0x95d/0x2b70
[  135.634318][ T7615]  ? __pfx_alloc_vmap_area+0x10/0x10
[  135.634343][ T7615]  __get_vm_area_node+0x1ca/0x330
[  135.634368][ T7615]  __vmalloc_node_range_noprof+0x228/0x1630
[  135.634390][ T7615]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.634421][ T7615]  ? rcu_is_watching+0x12/0xc0
[  135.634449][ T7615]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.634482][ T7615]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  135.634506][ T7615]  ? __memcg_slab_post_alloc_hook+0x734/0xff0
[  135.634537][ T7615]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.634562][ T7615]  __vmalloc_node_noprof+0xad/0xf0
[  135.634584][ T7615]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.634612][ T7615]  fpu_alloc_guest_fpstate+0x20/0x4a0
[  135.634640][ T7615]  kvm_arch_vcpu_create+0x53c/0xac0
[  135.634669][ T7615]  kvm_vm_ioctl+0x756/0x4050
[  135.634703][ T7615]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  135.634744][ T7615]  ? kasan_quarantine_put+0x104/0x240
[  135.634777][ T7615]  ? lockdep_hardirqs_on+0x78/0x100
[  135.634804][ T7615]  ? find_held_lock+0x2b/0x80
[  135.634821][ T7615]  ? tomoyo_path_number_perm+0x28f/0x580
[  135.634869][ T7615]  ? tomoyo_path_number_perm+0x28f/0x580
[  135.634894][ T7615]  ? tomoyo_path_number_perm+0x188/0x580
[  135.634916][ T7615]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  135.634946][ T7615]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  135.634970][ T7615]  ? do_vfs_ioctl+0x226/0x13e0
[  135.634989][ T7615]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  135.635008][ T7615]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  135.635041][ T7615]  ? __fget_files+0x215/0x3d0
[  135.635062][ T7615]  ? hook_file_ioctl_common+0x149/0x410
[  135.635083][ T7615]  ? selinux_file_ioctl+0x13b/0x290
[  135.635104][ T7615]  ? selinux_file_ioctl+0xb6/0x290
[  135.635127][ T7615]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  135.635152][ T7615]  __x64_sys_ioctl+0x18e/0x210
[  135.635170][ T7615]  do_syscall_64+0x10b/0xf80
[  135.635192][ T7615]  ? clear_bhb_loop+0x40/0x90
[  135.635213][ T7615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.635230][ T7615] RIP: 0033:0x7f502439ce59
[  135.635246][ T7615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  135.635263][ T7615] RSP: 002b:00007f502519f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  135.635301][ T7615] RAX: ffffffffffffffda RBX: 00007f5024615fa0 RCX: 00007f502439ce59
[  135.635312][ T7615] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004
[  135.635322][ T7615] RBP: 00007f502519f090 R08: 0000000000000000 R09: 0000000000000000
[  135.635331][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  135.635340][ T7615] R13: 00007f5024616038 R14: 00007f5024615fa0 R15: 00007fff1ac1e868
[  135.635362][ T7615]  </TASK>
[  135.711535][ T7625] binder: 7620:7625 ioctl c0306201 2000000003c0 returned -14
[  135.718502][ T7615] kvm: failed to allocate vcpu's fpu
[  135.767722][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.502'.
[  135.829167][ T7628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.502'.
[  136.120883][ T7653] netlink: 'syz.3.512': attribute type 1 has an invalid length.
[  136.122534][ T7654] netlink: 28 bytes leftover after parsing attributes in process `syz.3.512'.
[  136.137320][ T7653] 8021q: adding VLAN 0 to HW filter on device bond2
[  136.244531][ T7667] ptrace attach of "/syz-executor exec"[7668] was attempted by "/syz-executor exec"[7667]
[  136.254605][ T7667] openvswitch: netlink: EtherType 50a is less than min 600
[  136.305807][ T7671] bridge0: port 3(vlan2) entered blocking state
[  136.307942][ T7671] bridge0: port 3(vlan2) entered disabled state
[  136.310276][ T7671] vlan2: entered allmulticast mode
[  136.312287][ T7671] geneve0: entered allmulticast mode
[  136.319434][ T7671] vlan2: entered promiscuous mode
[  136.321184][ T7671] geneve0: entered promiscuous mode
[  136.333000][ T7661] SELinux:  policydb magic number 0x4 does not match expected magic number 0xf97cff8c
[  136.336911][ T7661] SELinux: failed to load policy
[  136.340028][ T7677] loop2: detected capacity change from 0 to 8
[  136.440834][ T7696] bond2: ARP target 9.0.0.0 is already present
[  136.443090][ T7696] bond2: option arp_ip_target: invalid value (9)
[  136.450062][ T7696] bond2 (unregistering): Released all slaves
[  136.565443][ T6320] nci: nci_data_exchange_complete: no rx callback, dropping rx data...
[  136.705718][ T7715] input: syz1 as /devices/virtual/input/input14
[  136.738486][ T7716] IPv6: NLM_F_CREATE should be specified when creating new route
[  136.741112][ T7716] IPv6: Can't replace route, no match found
[  136.784726][ T7719] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  137.006208][ T7728] netlink: 'syz.0.534': attribute type 5 has an invalid length.
[  137.235309][ T7691] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  137.485968][ T7744] FAULT_INJECTION: forcing a failure.
[  137.485968][ T7744] name failslab, interval 1, probability 0, space 0, times 0
[  137.490574][ T7744] CPU: 1 UID: 0 PID: 7744 Comm: syz.2.538 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  137.490596][ T7744] Tainted: [L]=SOFTLOCKUP
[  137.490601][ T7744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  137.490609][ T7744] Call Trace:
[  137.490615][ T7744]  <TASK>
[  137.490620][ T7744]  dump_stack_lvl+0x100/0x190
[  137.490643][ T7744]  should_fail_ex.cold+0x5/0xa
[  137.490663][ T7744]  ? lsm_blob_alloc+0x68/0x90
[  137.490676][ T7744]  should_failslab+0xc2/0x120
[  137.490692][ T7744]  __kmalloc_noprof+0xe0/0x850
[  137.490713][ T7744]  ? audit_alloc+0xa2/0x7b0
[  137.490734][ T7744]  lsm_blob_alloc+0x68/0x90
[  137.490748][ T7744]  security_task_alloc+0x2a/0x260
[  137.490769][ T7744]  copy_process+0x2865/0x7ed0
[  137.490782][ T7744]  ? stack_trace_save+0x8e/0xc0
[  137.490806][ T7744]  ? __pfx_copy_process+0x10/0x10
[  137.490817][ T7744]  ? io_handle_tw_list+0x4d8/0x580
[  137.490836][ T7744]  ? tctx_task_work+0x7a/0xd0
[  137.490848][ T7744]  ? task_work_run+0x150/0x240
[  137.490866][ T7744]  ? get_signal+0x1b9/0x2210
[  137.490887][ T7744]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.490904][ T7744]  ? __pfx_io_wq_worker+0x10/0x10
[  137.490917][ T7744]  create_io_thread+0xc2/0x110
[  137.490930][ T7744]  ? __pfx_create_io_thread+0x10/0x10
[  137.490947][ T7744]  ? __pfx_io_wq_worker+0x10/0x10
[  137.490961][ T7744]  ? lockdep_init_map_type+0x5c/0x250
[  137.490979][ T7744]  ? lockdep_init_map_type+0x5c/0x250
[  137.490996][ T7744]  ? __init_swait_queue_head+0xca/0x150
[  137.491017][ T7744]  create_io_worker+0x1cd/0x5b0
[  137.491038][ T7744]  io_wq_enqueue+0x4d8/0x970
[  137.491049][ T7744]  ? __pfx_io_arm_apoll+0x10/0x10
[  137.491061][ T7744]  ? __pfx_io_wq_enqueue+0x10/0x10
[  137.491072][ T7744]  ? __pfx_io_wq_work_match_item+0x10/0x10
[  137.491091][ T7744]  ? io_prep_async_work+0x3ab/0x720
[  137.491113][ T7744]  io_queue_iowq+0x232/0x5c0
[  137.491132][ T7744]  io_queue_async+0x22e/0x290
[  137.491153][ T7744]  io_req_task_submit+0x266/0x290
[  137.491165][ T7744]  ? __pfx_io_req_task_submit+0x10/0x10
[  137.491177][ T7744]  ? find_held_lock+0x2b/0x80
[  137.491188][ T7744]  ? io_handle_tw_list+0x50/0x580
[  137.491203][ T7744]  ? __pfx_io_req_task_submit+0x10/0x10
[  137.491215][ T7744]  io_handle_tw_list+0x4d8/0x580
[  137.491232][ T7744]  tctx_task_work_run+0x59/0x330
[  137.491246][ T7744]  tctx_task_work+0x7a/0xd0
[  137.491259][ T7744]  ? __pfx_tctx_task_work+0x10/0x10
[  137.491271][ T7744]  ? rcu_is_watching+0x12/0xc0
[  137.491290][ T7744]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.491307][ T7744]  ? lockdep_hardirqs_on+0x78/0x100
[  137.491334][ T7744]  task_work_run+0x150/0x240
[  137.491351][ T7744]  ? __pfx_task_work_run+0x10/0x10
[  137.491367][ T7744]  ? __do_sys_io_uring_enter+0xbac/0x1b50
[  137.491383][ T7744]  get_signal+0x1b9/0x2210
[  137.491401][ T7744]  ? blk_finish_plug+0x83/0xa0
[  137.491414][ T7744]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  137.491452][ T7744]  ? __pfx_get_signal+0x10/0x10
[  137.491474][ T7744]  arch_do_signal_or_restart+0x91/0x7e0
[  137.491497][ T7744]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  137.491521][ T7744]  ? fput+0x79/0x100
[  137.491539][ T7744]  ? rcu_is_watching+0x12/0xc0
[  137.491559][ T7744]  exit_to_user_mode_loop+0x8b/0x4f0
[  137.491576][ T7744]  ? rcu_is_watching+0x12/0xc0
[  137.491596][ T7744]  do_syscall_64+0x706/0xf80
[  137.491613][ T7744]  ? clear_bhb_loop+0x40/0x90
[  137.491628][ T7744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.491641][ T7744] RIP: 0033:0x7fde0439ce59
[  137.491652][ T7744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  137.491664][ T7744] RSP: 002b:00007fde051c4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  137.491678][ T7744] RAX: 0000000000000004 RBX: 00007fde04616090 RCX: 00007fde0439ce59
[  137.491685][ T7744] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[  137.491692][ T7744] RBP: 00007fde051c4090 R08: 0000000000000000 R09: 0000000000000000
[  137.491699][ T7744] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000002
[  137.491706][ T7744] R13: 00007fde04616128 R14: 00007fde04616090 R15: 00007ffd78d75a68
[  137.491721][ T7744]  </TASK>
[  137.776841][ T7751] bond2: Unable to set down delay as MII monitoring is disabled
[  137.780713][ T7751] bond2 (unregistering): Released all slaves
[  137.906207][   T40] kauditd_printk_skb: 14 callbacks suppressed
[  137.906228][   T40] audit: type=1400 audit(1779144719.392:1080): avc:  denied  { remount } for  pid=7756 comm="syz.0.543" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  137.943235][   T40] audit: type=1400 audit(1779144719.422:1081): avc:  denied  { bind } for  pid=7754 comm="syz.2.542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  137.953934][   T40] audit: type=1400 audit(1779144719.422:1082): avc:  denied  { node_bind } for  pid=7754 comm="syz.2.542" saddr=224.0.0.2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  137.963357][   T40] audit: type=1400 audit(1779144719.422:1083): avc:  denied  { listen } for  pid=7754 comm="syz.2.542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  137.971787][ T7762] ipt_rpfilter: unknown options
[  137.974830][ T7762] netlink: 'syz.0.544': attribute type 7 has an invalid length.
[  138.019821][ T7764] __nla_validate_parse: 13 callbacks suppressed
[  138.019853][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.545'.
[  138.027324][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.545'.
[  138.030703][ T7764] netlink: 'syz.2.545': attribute type 15 has an invalid length.
[  138.034769][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.545'.
[  138.038768][ T7764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.545'.
[  138.042657][ T7764] netlink: 'syz.2.545': attribute type 15 has an invalid length.
[  138.052584][ T7765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=7765 comm=syz.0.544
[  138.055321][ T7764] bridge0: port 3(syz_tun) entered blocking state
[  138.062411][ T7764] bridge0: port 3(syz_tun) entered disabled state
[  138.065476][ T7764] syz_tun: entered allmulticast mode
[  138.079648][ T7764] syz_tun: entered promiscuous mode
[  138.085036][ T7764] bridge0: port 3(syz_tun) entered blocking state
[  138.089082][ T7764] bridge0: port 3(syz_tun) entered forwarding state
[  138.112964][ T7764] netlink: 276 bytes leftover after parsing attributes in process `syz.2.545'.
[  138.244675][ T1436] ieee802154 phy0 wpan0: encryption failed: -22
[  138.248943][ T1436] ieee802154 phy1 wpan1: encryption failed: -22
[  138.288378][ T7773] netlink: 20 bytes leftover after parsing attributes in process `syz.1.548'.
[  138.368969][ T7775] FAULT_INJECTION: forcing a failure.
[  138.368969][ T7775] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  138.375423][ T7775] CPU: 3 UID: 0 PID: 7775 Comm: syz.3.549 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  138.375453][ T7775] Tainted: [L]=SOFTLOCKUP
[  138.375459][ T7775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  138.375470][ T7775] Call Trace:
[  138.375478][ T7775]  <TASK>
[  138.375486][ T7775]  dump_stack_lvl+0x100/0x190
[  138.375718][ T7775]  should_fail_ex.cold+0x5/0xa
[  138.375800][ T7775]  ? prepare_alloc_pages+0x16d/0x5f0
[  138.375880][ T7775]  should_fail_alloc_page+0xeb/0x140
[  138.375899][ T7775]  prepare_alloc_pages+0x1f0/0x5f0
[  138.375921][ T7775]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  138.375956][ T7775]  ? rcu_is_watching+0x12/0xc0
[  138.376003][ T7775]  ? trace_mm_page_alloc+0x163/0x1d0
[  138.376027][ T7775]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  138.376058][ T7775]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  138.376088][ T7775]  ? __pfx_stack_trace_save+0x10/0x10
[  138.376107][ T7775]  ? stack_depot_save_flags+0x27/0x9d0
[  138.376197][ T7775]  ? is_bpf_text_address+0x8a/0x1a0
[  138.376221][ T7775]  ? is_bpf_text_address+0x8a/0x1a0
[  138.376245][ T7775]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  138.376273][ T7775]  ? kasan_save_stack+0x3f/0x50
[  138.376289][ T7775]  ? kasan_save_stack+0x30/0x50
[  138.376305][ T7775]  ? kasan_save_track+0x14/0x30
[  138.376321][ T7775]  ? kmem_cache_alloc_node_noprof+0x25a/0x6f0
[  138.376351][ T7775]  ? __get_vm_area_node+0x1ca/0x330
[  138.376371][ T7775]  ? __vmalloc_node_range_noprof+0x228/0x1630
[  138.376391][ T7775]  ? __vmalloc_node_noprof+0xad/0xf0
[  138.376408][ T7775]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.376431][ T7775]  ? kvm_arch_vcpu_create+0x53c/0xac0
[  138.376457][ T7775]  ? kvm_vm_ioctl+0x756/0x4050
[  138.376482][ T7775]  ? __x64_sys_ioctl+0x18e/0x210
[  138.376521][ T7775]  ? do_syscall_64+0x10b/0xf80
[  138.376561][ T7775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.376588][ T7775]  alloc_pages_bulk_noprof+0x657/0x1390
[  138.376620][ T7775]  ? policy_nodemask+0xed/0x4f0
[  138.376645][ T7775]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  138.376688][ T7775]  __kasan_populate_vmalloc+0xf0/0x210
[  138.376718][ T7775]  alloc_vmap_area+0x95d/0x2b70
[  138.376771][ T7775]  ? __pfx_alloc_vmap_area+0x10/0x10
[  138.376793][ T7775]  __get_vm_area_node+0x1ca/0x330
[  138.376819][ T7775]  __vmalloc_node_range_noprof+0x228/0x1630
[  138.376848][ T7775]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.376873][ T7775]  ? rcu_is_watching+0x12/0xc0
[  138.376897][ T7775]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.376932][ T7775]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  138.376955][ T7775]  ? __memcg_slab_post_alloc_hook+0x734/0xff0
[  138.376988][ T7775]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.377017][ T7775]  __vmalloc_node_noprof+0xad/0xf0
[  138.377039][ T7775]  ? fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.377063][ T7775]  fpu_alloc_guest_fpstate+0x20/0x4a0
[  138.377087][ T7775]  kvm_arch_vcpu_create+0x53c/0xac0
[  138.377118][ T7775]  kvm_vm_ioctl+0x756/0x4050
[  138.377150][ T7775]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  138.377196][ T7775]  ? kasan_quarantine_put+0x104/0x240
[  138.377224][ T7775]  ? lockdep_hardirqs_on+0x78/0x100
[  138.377247][ T7775]  ? find_held_lock+0x2b/0x80
[  138.377261][ T7775]  ? tomoyo_path_number_perm+0x28f/0x580
[  138.377304][ T7775]  ? tomoyo_path_number_perm+0x28f/0x580
[  138.377330][ T7775]  ? tomoyo_path_number_perm+0x188/0x580
[  138.377351][ T7775]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  138.377382][ T7775]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  138.377406][ T7775]  ? do_vfs_ioctl+0x226/0x13e0
[  138.377425][ T7775]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  138.377444][ T7775]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  138.377478][ T7775]  ? __fget_files+0x215/0x3d0
[  138.377494][ T7775]  ? hook_file_ioctl_common+0x149/0x410
[  138.377517][ T7775]  ? selinux_file_ioctl+0x13b/0x290
[  138.377540][ T7775]  ? selinux_file_ioctl+0xb6/0x290
[  138.377565][ T7775]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  138.377591][ T7775]  __x64_sys_ioctl+0x18e/0x210
[  138.377611][ T7775]  do_syscall_64+0x10b/0xf80
[  138.377629][ T7775]  ? clear_bhb_loop+0x40/0x90
[  138.377646][ T7775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.377660][ T7775] RIP: 0033:0x7f07bf79ce59
[  138.377676][ T7775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.377690][ T7775] RSP: 002b:00007f07bd9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  138.377727][ T7775] RAX: ffffffffffffffda RBX: 00007f07bfa15fa0 RCX: 00007f07bf79ce59
[  138.377737][ T7775] RDX: 0000000000000002 RSI: 000000000000ae41 RDI: 0000000000000004
[  138.377750][ T7775] RBP: 00007f07bd9f6090 R08: 0000000000000000 R09: 0000000000000000
[  138.377760][ T7775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.377770][ T7775] R13: 00007f07bfa16038 R14: 00007f07bfa15fa0 R15: 00007ffd3d596a38
[  138.377790][ T7775]  </TASK>
[  138.377869][ T7775] kvm: failed to allocate vcpu's fpu
[  138.410198][ T7778] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  138.540425][   T40] audit: type=1400 audit(1779144720.022:1084): avc:  denied  { read write } for  pid=7777 comm="syz.2.550" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  138.544905][ T7778] loop2: detected capacity change from 0 to 3
[  138.550658][   T40] audit: type=1400 audit(1779144720.022:1085): avc:  denied  { open } for  pid=7777 comm="syz.2.550" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  138.565504][ T7778] ldm_validate_privheads(): Disk read failed.
[  138.613121][ T7778] Dev loop2: unable to read RDB block 3
[  138.615785][ T7778]  loop2: unable to read partition table
[  138.618321][ T7778] loop2: partition table beyond EOD, truncated
[  138.620965][ T7778] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  138.866027][   T24] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  139.015458][   T24] usb 8-1: Using ep0 maxpacket: 16
[  139.029682][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  139.034781][   T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.039173][   T24] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  139.045690][   T24] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  139.049471][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.056824][   T24] usb 8-1: config 0 descriptor??
[  139.270366][   T24] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0
[  139.274852][   T24] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max
[  139.303152][   T24] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:045E:07DA.0004/input/input15
[  139.389295][ T7831] §: renamed from sit0 (while UP)
[  139.396771][   T24] microsoft 0003:045E:07DA.0004: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  139.436122][ T7837] netlink: 16 bytes leftover after parsing attributes in process `syz.1.574'.
[  139.483777][   T24] usb 8-1: USB disconnect, device number 7
[  139.766028][ T7863] netlink: 'syz.2.586': attribute type 5 has an invalid length.
[  139.768567][ T7863] netlink: 5096 bytes leftover after parsing attributes in process `syz.2.586'.
[  140.156200][   T40] audit: type=1400 audit(1779144721.642:1086): avc:  denied  { read } for  pid=7874 comm="syz.3.592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  140.550852][ T7891] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27766 sclass=netlink_route_socket pid=7891 comm=syz.0.599
[  140.554931][ T7891] netlink: 'syz.0.599': attribute type 29 has an invalid length.
[  140.573797][   T40] audit: type=1400 audit(1779144722.052:1087): avc:  denied  { ioctl } for  pid=7893 comm="syz.1.600" path="socket:[24057]" dev="sockfs" ino=24057 ioctlcmd=0x8b34 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  140.607213][ T7900] netlink: 48 bytes leftover after parsing attributes in process `syz.3.602'.
[  140.626860][ T7902] C: renamed from veth1_to_team (while UP)
[  140.636641][ T7902] netlink: 'syz.1.604': attribute type 3 has an invalid length.
[  140.641453][ T7902] netlink: 152 bytes leftover after parsing attributes in process `syz.1.604'.
[  140.881508][   T40] audit: type=1400 audit(1779144722.362:1088): avc:  denied  { relabelfrom } for  pid=7931 comm="syz.3.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  140.890692][   T40] audit: type=1400 audit(1779144722.372:1089): avc:  denied  { relabelto } for  pid=7931 comm="syz.3.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  141.738452][ T8013] netlink: 'syz.3.658': attribute type 1 has an invalid length.
[  141.823679][ T8022] netlink: zone id is out of range
[  141.831138][ T8022] netlink: zone id is out of range
[  141.961289][ T8034] netlink: 'syz.0.668': attribute type 16 has an invalid length.
[  141.965221][ T8034] netlink: 'syz.0.668': attribute type 3 has an invalid length.
[  141.968742][ T8034] netlink: 'syz.0.668': attribute type 1 has an invalid length.
[  142.958209][ T8073] netlink: 'syz.2.684': attribute type 29 has an invalid length.
[  142.962549][ T8067] netlink: 'syz.2.684': attribute type 29 has an invalid length.
[  142.986815][ T8073] netlink: 'syz.2.684': attribute type 29 has an invalid length.
[  143.028717][ T8084] netlink: 'syz.2.692': attribute type 16 has an invalid length.
[  143.037197][ T8084] netlink: 'syz.2.692': attribute type 1 has an invalid length.
[  143.040184][ T8084] __nla_validate_parse: 20 callbacks suppressed
[  143.040195][ T8084] netlink: 112 bytes leftover after parsing attributes in process `syz.2.692'.
[  143.181072][ T8108] netlink: 24 bytes leftover after parsing attributes in process `syz.3.703'.
[  143.193812][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  143.193830][   T40] audit: type=1400 audit(1779144724.672:1095): avc:  denied  { mounton } for  pid=8109 comm="syz.0.704" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=62 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  143.194547][ T8110] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.704'.
[  143.236317][ T8117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.705'.
[  143.272261][ T8121] ÿÿÿÿÿÿ: renamed from bond0 (while UP)
[  143.398505][ T8139] netlink: 32 bytes leftover after parsing attributes in process `syz.3.714'.
[  143.402261][ T8139] netlink: 8 bytes leftover after parsing attributes in process `syz.3.714'.
[  143.440807][ T8142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.717'.
[  143.444485][ T8142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.717'.
[  143.761006][ T8191] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  143.781501][ T8182] bond0: (slave syz_tun): Releasing backup interface
[  144.037407][ T8228] netlink: 16 bytes leftover after parsing attributes in process `syz.0.757'.
[  144.211204][ T8249] fuse: Unknown parameter 'f{Ã'
[  144.214429][ T8249] overlay: ./file0 is not a directory
[  144.215811][   T40] audit: type=1400 audit(1779144725.692:1096): avc:  denied  { mounton } for  pid=8248 comm="syz.0.767" path="/199/file0" dev="tmpfs" ino=1052 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  144.373281][   T40] audit: type=1400 audit(1779144725.852:1097): avc:  denied  { map } for  pid=8263 comm="syz.0.775" path="socket:[24376]" dev="sockfs" ino=24376 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  144.401263][ T8269] syzkaller0: tun_chr_ioctl cmd 2147767506
[  144.404341][ T8269] syzkaller0: tun_chr_ioctl cmd 1074025673
[  144.710898][ T8299] netlink: 36 bytes leftover after parsing attributes in process `syz.1.791'.
[  144.931349][ T8326] bridge: RTM_NEWNEIGH with invalid ether address
[  145.061365][ T8343] veth0_vlan: entered allmulticast mode
[  145.075706][ T8343] veth0_vlan: left promiscuous mode
[  145.080140][ T8343] veth0_vlan: entered promiscuous mode
[  145.864658][ T8420] netlink: 'syz.1.850': attribute type 2 has an invalid length.
[  146.082403][ T8442] team0: entered allmulticast mode
[  146.085123][ T8442] team_slave_0: entered allmulticast mode
[  146.092933][ T8442] team_slave_1: entered allmulticast mode
[  146.098576][ T8442] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  146.108842][ T8442] bridge0: port 4(team0) entered blocking state
[  146.115442][ T8442] bridge0: port 4(team0) entered disabled state
[  146.122501][ T8442] team0: entered promiscuous mode
[  146.124841][ T8442] team_slave_0: entered promiscuous mode
[  146.128905][ T8442] team_slave_1: entered promiscuous mode
[  146.131732][ T8442] netdevsim netdevsim2 netdevsim1: entered promiscuous mode
[  146.983367][ T8485] validate_nla: 3 callbacks suppressed
[  146.983389][ T8485] netlink: 'syz.0.882': attribute type 10 has an invalid length.
[  146.989077][ T8485] team0: entered promiscuous mode
[  146.991503][ T8485] team_slave_0: entered promiscuous mode
[  146.994257][ T8485] team_slave_1: entered promiscuous mode
[  146.997150][ T8485] team0: entered allmulticast mode
[  146.999225][ T8485] team_slave_0: entered allmulticast mode
[  147.001613][ T8485] team_slave_1: entered allmulticast mode
[  147.004752][ T8485] bridge0: port 3(team0) entered blocking state
[  147.008458][ T8485] bridge0: port 3(team0) entered disabled state
[  147.016000][ T8485] bridge0: port 3(team0) entered blocking state
[  147.020395][ T8485] bridge0: port 3(team0) entered forwarding state
[  147.370405][ T8512] 8021q: VLANs not supported on ip_vti0
[  147.386925][   T40] audit: type=1400 audit(1779144728.872:1098): avc:  denied  { watch watch_reads } for  pid=8514 comm="syz.2.895" path="pipe:[26080]" dev="pipefs" ino=26080 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  147.552582][ T8526] netlink: 'syz.3.899': attribute type 83 has an invalid length.
[  147.561653][ T8526] dns_resolver: Unsupported content type (234)
[  147.922688][   T40] audit: type=1400 audit(1779144729.402:1099): avc:  denied  { map } for  pid=8556 comm="syz.3.910" path="socket:[26118]" dev="sockfs" ino=26118 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  147.934822][   T40] audit: type=1400 audit(1779144729.402:1100): avc:  denied  { read accept } for  pid=8556 comm="syz.3.910" path="socket:[26118]" dev="sockfs" ino=26118 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  147.970330][   T40] audit: type=1400 audit(1779144729.452:1101): avc:  denied  { bind } for  pid=8554 comm="syz.2.911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  147.981956][ T8555] overlayfs: failed to clone upperpath
[  148.161055][   T40] audit: type=1400 audit(1779144729.642:1102): avc:  denied  { getopt } for  pid=8572 comm="syz.1.914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  148.164947][ T8573] __nla_validate_parse: 14 callbacks suppressed
[  148.164961][ T8573] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.914'.
[  148.186927][ T8573] support for cryptoloop has been removed.  Use dm-crypt instead.
[  148.239697][ T8568] netlink: 112 bytes leftover after parsing attributes in process `syz.2.915'.
[  148.384766][ T8593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.925'.
[  148.392356][ T8604] bridge_slave_1: default FDB implementation only supports local addresses
[  148.399144][   T40] audit: type=1400 audit(1779144729.872:1103): avc:  denied  { name_bind } for  pid=8592 comm="syz.0.925" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  148.410139][   T40] audit: type=1400 audit(1779144729.892:1104): avc:  denied  { listen } for  pid=8602 comm="syz.2.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  149.454580][   T40] audit: type=1400 audit(1779144730.932:1105): avc:  denied  { setopt } for  pid=8681 comm="syz.0.956" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  150.274488][ T8713] netlink: 42 bytes leftover after parsing attributes in process `syz.0.969'.
[  150.280882][   T40] audit: type=1400 audit(1779144731.762:1106): avc:  denied  { wake_alarm } for  pid=8712 comm="syz.0.969" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  150.518668][ T8717] netlink: 24 bytes leftover after parsing attributes in process `syz.3.971'.
[  150.555407][ T5749] Bluetooth: hci4: command 0x1003 tx timeout
[  150.556928][ T5751] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  150.653357][ T8722] xt_hashlimit: size too large, truncated to 1048576
[  150.710446][ T8724] netlink: 20 bytes leftover after parsing attributes in process `syz.1.973'.
[  150.713678][ T8724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  150.725688][ T8724] netlink: 20 bytes leftover after parsing attributes in process `syz.1.973'.
[  150.729073][ T8724] netlink: 8 bytes leftover after parsing attributes in process `syz.1.973'.
[  151.101533][ T8742] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[  151.104938][ T8742] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  151.147882][ T8745] netlink: 4 bytes leftover after parsing attributes in process `syz.3.978'.
[  151.150926][ T8745] openvswitch: netlink: Flow key attr not present in new flow.
[  151.158402][   T40] audit: type=1400 audit(1779144732.642:1107): avc:  denied  { connect } for  pid=8744 comm="syz.3.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  151.212168][   T40] audit: type=1400 audit(1779144732.692:1108): avc:  denied  { create } for  pid=8744 comm="syz.3.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  151.220893][   T40] audit: type=1400 audit(1779144732.692:1109): avc:  denied  { bind } for  pid=8744 comm="syz.3.978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  152.171516][ T8801] Bluetooth: MGMT ver 1.23
[  152.175546][ T8801] sctp: [Deprecated]: syz.1.1001 (pid 8801) Use of int in max_burst socket option.
[  152.175546][ T8801] Use struct sctp_assoc_value instead
[  152.229913][ T8804] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  152.432261][ T8815] tmpfs: Group quota inode hardlimit too large.
[  152.588189][   T40] audit: type=1326 audit(1779144734.072:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8830 comm="syz.2.1012" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde0439ce59 code=0x0
[  152.641568][ T8838] UHID_CREATE from different security context by process 618 (syz.1.1014), this is not allowed.
[  152.727062][   T40] audit: type=1400 audit(1779144734.212:1111): avc:  denied  { mount } for  pid=8845 comm="syz.1.1016" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  152.728249][ T8846] devpts: Bad value for 'max'
[  152.734476][   T40] audit: type=1400 audit(1779144734.212:1112): avc:  denied  { remount } for  pid=8845 comm="syz.1.1016" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  152.956681][ T8867] program syz.1.1021 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.987460][ T8869] Option 'Í'M•O§±' to dns_resolver key: bad/missing value
[  152.991685][ T8867] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=62224 sclass=netlink_route_socket pid=8867 comm=syz.1.1021
[  153.003722][ T8869] netem: change failed
[  153.126514][ T8877] netlink: 'syz.0.1025': attribute type 10 has an invalid length.
[  153.168208][ T8877] geneve1: entered promiscuous mode
[  153.193087][ T8877] ÿÿÿÿÿÿ: (slave geneve1): Enslaving as an active interface with an up link
[  153.465617][ T8902] netlink: 'syz.2.1033': attribute type 10 has an invalid length.
[  153.625897][ T8921] __nla_validate_parse: 5 callbacks suppressed
[  153.625909][ T8921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1040'.
[  153.632336][ T8921] openvswitch: netlink: nsh attr 8 is out of range max 3
[  153.643696][ T8921] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  153.660427][ T8921] geneve2: entered promiscuous mode
[  153.664041][ T8921] geneve2: entered allmulticast mode
[  153.772997][ T8929] trusted_key: encrypted_key: master key parameter '' is invalid
[  153.792228][ T8929] input: syz0 as /devices/virtual/input/input16
[  153.801856][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  153.801873][   T40] audit: type=1400 audit(1779144735.282:1115): avc:  denied  { getopt } for  pid=8922 comm="syz.1.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  153.886270][ T8936] SET target dimension over the limit!
[  153.918479][ T8929] program syz.0.1044 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.074120][ T5751] Bluetooth: hci2: ACL packet for unknown connection handle 1993
[  154.101163][ T8954] input input17: cannot allocate more than FF_MAX_EFFECTS effects
[  154.118520][ T8954] fuse: fd is not a fuse device
[  154.120870][   T40] audit: type=1400 audit(1779144735.602:1116): avc:  denied  { ioctl } for  pid=8952 comm="syz.3.1051" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  154.212468][ T8963] overlayfs: failed to clone upperpath
[  154.267619][ T8965] Mount JFS Failure: -5
[  154.282441][ T8965] jfs_mount failed w/return code = -5
[  154.468861][ T8988] netlink: 152868 bytes leftover after parsing attributes in process `syz.1.1062'.
[  154.473084][ T8988] netlink: Unknown conntrack attr (type=6322, max=9)
[  154.482619][ T8990] netlink: 152868 bytes leftover after parsing attributes in process `syz.1.1062'.
[  154.486242][ T8990] netlink: Unknown conntrack attr (type=6322, max=9)
[  154.725880][ T9010] openvswitch: netlink: VLAN attribute unexpected.
[  154.879893][ T9016] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9016 comm=syz.2.1072
[  154.934065][ T9018] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  154.938493][ T9019] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  154.951389][ T9019] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1073'.
[  154.951426][ T9018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1073'.
[  154.964460][ T9019] bridge0: port 3(syz_tun) entered disabled state
[  154.967786][ T9019] syz_tun: refused to change device tx_queue_len
[  154.970201][ T9018] syz_tun: refused to change device tx_queue_len
[  155.003317][   T40] audit: type=1400 audit(1779144736.482:1117): avc:  denied  { listen } for  pid=9023 comm="syz.3.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  155.087980][ T9031] loop2: detected capacity change from 0 to 7
[  155.091944][ T9031]  loop2:
[  155.093391][ T9031] loop2: partition table partially beyond EOD, truncated
[  155.280249][ T9036] netlink: 'syz.3.1079': attribute type 2 has an invalid length.
[  155.282933][ T9036] netlink: 46 bytes leftover after parsing attributes in process `syz.3.1079'.
[  155.483215][ T9054] tmpfs: Unknown parameter 'grp|uota_inode_hardlimit'
[  155.658238][   T40] audit: type=1400 audit(1779144737.142:1118): avc:  denied  { read } for  pid=9072 comm="syz.3.1089" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  155.670131][   T40] audit: type=1400 audit(1779144737.142:1119): avc:  denied  { open } for  pid=9072 comm="syz.3.1089" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  155.788950][ T9079] raw_sendmsg: syz.3.1091 forgot to set AF_INET. Fix it!
[  155.841383][ T9089] fuse: Bad value for 'fd'
[  155.939814][ T9097] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1098'.
[  156.286055][ T9115] fuse: Bad value for 'fd'
[  156.372906][ T9125] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  156.379437][ T9124] wireguard: wg2: Could not create IPv6 socket
[  156.465651][   T40] audit: type=1400 audit(1779144737.952:1120): avc:  denied  { bind } for  pid=9128 comm="syz.2.1107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  156.611800][ T9139] bond1: entered promiscuous mode
[  156.852088][ T9160] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1115'.
[  156.857215][   T40] audit: type=1400 audit(1779144738.342:1121): avc:  denied  { ioctl } for  pid=9163 comm="syz.3.1119" path="socket:[29999]" dev="sockfs" ino=29999 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  156.877749][   T40] audit: type=1400 audit(1779144738.342:1122): avc:  denied  { connect } for  pid=9163 comm="syz.3.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  156.895383][   T40] audit: type=1400 audit(1779144738.342:1123): avc:  denied  { getopt } for  pid=9163 comm="syz.3.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  156.961416][ T9173] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  157.047756][ T5739] overlayfs: failed lookup in lower (newroot/292, name='bus', err=-40): overlapping layers
[  157.051901][ T5739] overlayfs: failed lookup in lower (newroot/292, name='bus', err=-40): overlapping layers
[  157.231019][   T40] audit: type=1400 audit(1779144738.712:1124): avc:  denied  { create } for  pid=9188 comm="syz.0.1127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  157.231220][ T9190] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1127'.
[  157.253190][ T9193] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1128'.
[  157.412582][ T6320] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.502403][ T9204] 9p: Bad value for 'version'
[  157.654934][ T6320] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.656987][ T5749] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  157.665028][ T9215] uprobe: syz.2.1139:9215 failed to unregister, leaking uprobe
[  157.675996][ T5749] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  157.681784][ T5749] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  157.692239][ T5749] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  157.697074][ T5749] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  157.847764][ T6320] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.854086][ T9233] 9p: Bad value for 'version'
[  157.890775][ T9236] overlayfs: failed to clone upperpath
[  157.943276][ T9236] tmpfs: Unknown parameter 'lowerdir'
[  157.963878][ T6320] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.047637][ T9214] lo speed is unknown, defaulting to 1000
[  158.177678][ T6320] bridge_slave_1: left allmulticast mode
[  158.181553][ T6320] bridge_slave_1: left promiscuous mode
[  158.186368][ T6320] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.196091][ T9263] 9p: Bad value for 'version'
[  158.204631][ T6320] bridge_slave_0: left allmulticast mode
[  158.208476][ T6320] bridge_slave_0: left promiscuous mode
[  158.212329][ T6320] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.274449][ T9269] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  158.285618][ T9269] CIFS mount error: No usable UNC path provided in device string!
[  158.285618][ T9269] 
[  158.291090][ T9269] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  158.421103][ T9275] gfs2: path_lookup on c::: returned error -2
[  158.517146][ T9282] cgroup: noprefix used incorrectly
[  158.599302][ T6320] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.611914][ T6320] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.618339][ T6320] bond0 (unregistering): Released all slaves
[  158.626511][ T6320] bond1 (unregistering): Released all slaves
[  158.642546][ T6320] bond2 (unregistering): Released all slaves
[  158.663233][ T9295] 9p: Bad value for 'version'
[  158.682348][ T9214] xfrm0 speed is unknown, defaulting to 1000
[  158.701112][ T9283] macsec1: entered promiscuous mode
[  158.703490][ T9283] macsec1: entered allmulticast mode
[  158.788690][ T6320] tipc: Left network mode
[  158.834042][ T6320] IPVS: stopping master sync thread 6541 ...
[  158.838644][ T9303] __nla_validate_parse: 2 callbacks suppressed
[  158.838655][ T9303] netlink: 4436 bytes leftover after parsing attributes in process `syz.2.1164'.
[  158.878219][ T9303] x_tables: ip_tables: osf.0 match: invalid size 48 (kernel) != (user) 4096
[  158.942518][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  158.942538][   T40] audit: type=1400 audit(1779144740.422:1134): avc:  denied  { write } for  pid=9308 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  158.991630][ T9317] fuse: Bad value for 'fd'
[  159.010306][ T9319] netlink: 'syz.1.1167': attribute type 49 has an invalid length.
[  159.013462][   T40] audit: type=1400 audit(1779144740.492:1135): avc:  denied  { write } for  pid=9315 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  159.093012][ T9328] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x0000000000000003'
[  159.099286][   T40] audit: type=1400 audit(1779144740.582:1136): avc:  denied  { setattr } for  pid=9329 comm="syz.2.1171" name="PACKET" dev="sockfs" ino=27596 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  159.139129][ T9335] Cannot find del_set index 14804 as target
[  159.168197][ T9338] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  159.172261][ T5444] 8021q: adding VLAN 0 to HW filter on device eth2
[  159.201496][ T9214] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.208841][ T9214] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.215599][ T9214] bridge_slave_0: entered allmulticast mode
[  159.223069][ T9214] bridge_slave_0: entered promiscuous mode
[  159.256260][ T9214] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.258702][ T9214] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.261433][ T9214] bridge_slave_1: entered allmulticast mode
[  159.280470][ T9214] bridge_slave_1: entered promiscuous mode
[  159.353818][   T40] audit: type=1400 audit(1779144740.832:1137): avc:  denied  { mounton } for  pid=9327 comm="syz.1.1169" path="/274/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  159.453523][   T40] audit: type=1400 audit(1779144740.932:1138): avc:  denied  { write } for  pid=9357 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  159.505629][   T40] audit: type=1400 audit(1779144740.992:1139): avc:  denied  { write } for  pid=9361 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  159.756828][ T5751] Bluetooth: hci0: command tx timeout
[  159.965652][ T6320] hsr_slave_0: left promiscuous mode
[  159.973184][ T6320] hsr_slave_1: left promiscuous mode
[  159.976173][ T6320] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.978814][ T6320] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.988336][ T6320] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.990907][ T6320] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.033466][ T6320] veth1_macvtap: left promiscuous mode
[  160.036675][ T6320] veth0_macvtap: left promiscuous mode
[  160.038928][ T6320] veth1_vlan: left promiscuous mode
[  160.042345][ T6320] veth0_vlan: left promiscuous mode
[  160.274129][ T6320] team0 (unregistering): Port device team_slave_1 removed
[  160.283009][ T6320] team0 (unregistering): Port device team_slave_0 removed
[  160.394214][ T6329] smc: removing ib device s
z1
[  160.430739][ T5444] 8021q: adding VLAN 0 to HW filter on device eth3
[  160.454097][ T6329] smbdirect: ib_dev[s
z1] removed
[  160.458272][   T29] lo speed is unknown, defaulting to 1000
[  160.460959][   T29] s
z1: Port: 1 Link DOWN
[  160.471702][ T9371] syzkaller1: entered promiscuous mode
[  160.473862][ T9371] syzkaller1: entered allmulticast mode
[  160.483530][ T9214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  160.523797][ T9214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  160.617509][ T9214] team0: Port device team_slave_0 added
[  160.706806][ T9214] team0: Port device team_slave_1 added
[  160.711046][ T9383] netlink: 'syz.2.1182': attribute type 11 has an invalid length.
[  160.828550][ T9392] 9p: Bad value for 'version'
[  160.857343][ T9214] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.861862][ T9214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  160.870282][ T9214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.895626][ T9214] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.898042][ T9214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  160.908022][ T9214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.986902][ T9405] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1187'.
[  160.990744][ T9405] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1187'.
[  161.013054][   T40] audit: type=1400 audit(1779144742.492:1140): avc:  denied  { write } for  pid=9406 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  161.020487][ T9405] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1187'.
[  161.100214][   T40] audit: type=1400 audit(1779144742.582:1141): avc:  denied  { write } for  pid=9415 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  161.207611][ T9214] hsr_slave_0: entered promiscuous mode
[  161.211369][ T9214] hsr_slave_1: entered promiscuous mode
[  161.253770][ T9423] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1189'.
[  161.254127][ T5444] 8021q: adding VLAN 0 to HW filter on device eth5
[  161.259216][ T9423] block nbd0: Unsupported socket: should be TCP or UNIX.
[  161.443650][   T40] audit: type=1400 audit(1779144742.922:1142): avc:  denied  { write } for  pid=9426 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  161.521456][   T40] audit: type=1400 audit(1779144743.002:1143): avc:  denied  { write } for  pid=9430 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  161.523612][ T9214] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  161.544428][ T9214] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  161.548663][ T9214] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  161.554123][ T9214] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  161.557368][ T9214] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  161.567244][ T9214] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  161.573833][ T5444] 8021q: adding VLAN 0 to HW filter on device eth4
[  161.575505][   T54] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  161.583843][ T9214] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  161.590894][ T9214] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  161.722347][ T9214] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.740322][ T9214] 8021q: adding VLAN 0 to HW filter on device team0
[  161.747304][   T54] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  161.749676][ T6329] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.751901][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  161.754426][ T6329] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.758885][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  161.766047][   T54] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  161.771367][   T54] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  161.775134][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.778493][ T6329] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.781528][ T6329] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.782128][   T54] usb 6-1: config 0 descriptor??
[  161.789016][ T9424] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  161.835548][ T5751] Bluetooth: hci0: command tx timeout
[  161.878506][ T9450] 9p: Bad value for 'version'
[  161.942967][ T9453] netlink: 'syz.2.1194': attribute type 1 has an invalid length.
[  161.966841][ T9453] 8021q: adding VLAN 0 to HW filter on device bond2
[  162.172620][ T9214] 8021q: adding VLAN 0 to HW filter on device batadv0
[  162.207026][   T54] plantronics 0003:047F:FFFF.0005: reserved main item tag 0xd
[  162.231162][   T54] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  162.370619][ T9480] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1197'.
[  162.432867][ T9214] veth0_vlan: entered promiscuous mode
[  162.441395][ T9214] veth1_vlan: entered promiscuous mode
[  162.474530][ T9214] veth0_macvtap: entered promiscuous mode
[  162.479865][ T9423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  162.482867][ T9214] veth1_macvtap: entered promiscuous mode
[  162.487154][ T9423] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.492272][ T5893] usb 6-1: USB disconnect, device number 8
[  162.500936][ T9214] batman_adv: batadv0: Interface activated: batadv_slave_0
[  162.515023][ T9214] batman_adv: batadv0: Interface activated: batadv_slave_1
[  162.530427][ T6328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.534260][ T6328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.540608][ T6328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.549338][ T6328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.653553][ T6329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.663975][ T6329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.752764][ T6329] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  162.758103][ T6329] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  162.832463][ T9516] fuse: Bad value for 'rootmode'
[  162.981515][ T9525] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1206'.
[  163.066303][ T9530] xfrm0 speed is unknown, defaulting to 1000
[  163.158119][ T9539] FAULT_INJECTION: forcing a failure.
[  163.158119][ T9539] name failslab, interval 1, probability 0, space 0, times 0
[  163.175377][ T9539] CPU: 3 UID: 0 PID: 9539 Comm: syz.0.1208 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  163.175409][ T9539] Tainted: [L]=SOFTLOCKUP
[  163.175416][ T9539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  163.175426][ T9539] Call Trace:
[  163.175433][ T9539]  <TASK>
[  163.175441][ T9539]  dump_stack_lvl+0x100/0x190
[  163.175684][ T9539]  should_fail_ex.cold+0x5/0xa
[  163.175727][ T9539]  ? tomoyo_realpath_from_path+0xb6/0x690
[  163.175851][ T9539]  should_failslab+0xc2/0x120
[  163.175909][ T9539]  __kmalloc_noprof+0xe0/0x850
[  163.175933][ T9539]  ? kfree+0x1dd/0x6c0
[  163.175960][ T9539]  tomoyo_realpath_from_path+0xb6/0x690
[  163.175989][ T9539]  tomoyo_path_number_perm+0x23c/0x580
[  163.176008][ T9539]  ? tomoyo_path_number_perm+0x22e/0x580
[  163.176031][ T9539]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  163.176069][ T9539]  ? find_held_lock+0x2b/0x80
[  163.176103][ T9539]  ? __fget_files+0x215/0x3d0
[  163.176158][ T9539]  ? hook_file_ioctl_common+0x149/0x410
[  163.176173][ T9539]  ? __fget_files+0x215/0x3d0
[  163.176197][ T9539]  ? __fget_files+0x21f/0x3d0
[  163.176221][ T9539]  security_file_ioctl+0xd3/0x230
[  163.176246][ T9539]  __x64_sys_ioctl+0xb7/0x210
[  163.176266][ T9539]  do_syscall_64+0x10b/0xf80
[  163.176324][ T9539]  ? clear_bhb_loop+0x40/0x90
[  163.176346][ T9539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.176388][ T9539] RIP: 0033:0x7f502439ce59
[  163.176402][ T9539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  163.176417][ T9539] RSP: 002b:00007f502517d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.176475][ T9539] RAX: ffffffffffffffda RBX: 00007f5024616090 RCX: 00007f502439ce59
[  163.176486][ T9539] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  163.176496][ T9539] RBP: 00007f502517d090 R08: 0000000000000000 R09: 0000000000000000
[  163.176506][ T9539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.176515][ T9539] R13: 00007f5024616128 R14: 00007f5024616090 R15: 00007fff1ac1e868
[  163.176544][ T9539]  </TASK>
[  163.176567][ T9539] ERROR: Out of memory at tomoyo_realpath_from_path.
[  163.224475][ T9546] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  163.512220][ T9552] openvswitch: netlink: EtherType 50a is less than min 600
[  163.730932][ T9558] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1217'.
[  163.918558][ T5751] Bluetooth: hci0: command tx timeout
[  163.951355][ T9573] IPv6: Can't replace route, no match found
[  163.964001][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  163.964072][   T40] audit: type=1400 audit(1779144745.442:1151): avc:  denied  { write } for  pid=9570 comm="syz.0.1216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  164.102276][ T9581] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1223'.
[  164.328989][ T9596] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  164.332173][ T9597] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  164.461725][ T9602] [U] 
[  164.463367][ T9602] [U] 
[  164.464324][ T9602] [U] 
[  164.465250][ T9602] [U] 
[  164.469729][   T40] audit: type=1400 audit(1779144745.952:1152): avc:  denied  { shutdown } for  pid=9604 comm="syz.0.1234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  164.480420][ T9602] [U] 
[  164.481607][ T9602] [U] 
[  164.482827][ T9602] [U] 
[  164.483796][ T9602] [U] 
[  164.486653][ T9602] [U] 
[  164.487948][ T9602] [U] 
[  164.489299][ T9602] [U] 
[  164.490638][ T9602] [U] 
[  164.491936][ T9602] [U] 
[  164.493151][ T9602] [U] 
[  164.494294][ T9602] [U] 
[  164.495433][ T9602] [U] 
[  164.500198][ T9601] [U] 
[  164.511256][ T9607] fuse: Unknown parameter 'grou00000000000000000000'
[  164.523250][ T9608] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1234'.
[  164.620166][ T9614] ata1.00: invalid cdb length 6
[  165.114504][ T9627] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1240'.
[  165.125100][ T9627] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.493402][ T9659] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1249'.
[  165.830975][ T9676] fuse: Unknown parameter 'grou00000000000000000000'
[  165.850608][   T40] audit: type=1400 audit(1779144747.332:1153): avc:  denied  { write } for  pid=9672 comm="syz.1.1256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  165.995450][ T5751] Bluetooth: hci0: command tx timeout
[  166.249241][ T9689] FAULT_INJECTION: forcing a failure.
[  166.249241][ T9689] name failslab, interval 1, probability 0, space 0, times 0
[  166.253664][ T9689] CPU: 1 UID: 0 PID: 9689 Comm: syz.4.1259 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  166.253688][ T9689] Tainted: [L]=SOFTLOCKUP
[  166.253692][ T9689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  166.253699][ T9689] Call Trace:
[  166.253709][ T9689]  <TASK>
[  166.253714][ T9689]  dump_stack_lvl+0x100/0x190
[  166.253863][ T9689]  should_fail_ex.cold+0x5/0xa
[  166.253914][ T9689]  should_failslab+0xc2/0x120
[  166.253966][ T9689]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  166.253984][ T9689]  ? copy_process+0x69a/0x7ed0
[  166.254009][ T9689]  ? mark_held_locks+0x40/0x70
[  166.254027][ T9689]  copy_process+0x69a/0x7ed0
[  166.254045][ T9689]  ? __pfx_copy_process+0x10/0x10
[  166.254057][ T9689]  ? lockdep_init_map_type+0x5c/0x250
[  166.254073][ T9689]  ? lockdep_init_map_type+0x5c/0x250
[  166.254089][ T9689]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  166.254106][ T9689]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  166.254125][ T9689]  vhost_task_create+0x1db/0x370
[  166.254142][ T9689]  ? __pfx_vhost_task_create+0x10/0x10
[  166.254157][ T9689]  ? register_lock_class+0x40/0x560
[  166.254175][ T9689]  ? __pfx_vhost_task_fn+0x10/0x10
[  166.254192][ T9689]  ? __pfx___mutex_lock+0x10/0x10
[  166.254218][ T9689]  ? kasan_quarantine_put+0x104/0x240
[  166.254246][ T9689]  kvm_mmu_post_init_vm+0x1b3/0x370
[  166.254269][ T9689]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  166.254293][ T9689]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  166.254311][ T9689]  kvm_vcpu_ioctl+0x730/0x1720
[  166.254325][ T9689]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.254337][ T9689]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.254355][ T9689]  ? do_vfs_ioctl+0x226/0x13e0
[  166.254384][ T9689]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  166.254396][ T9689]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.254476][ T9689]  ? __fget_files+0x215/0x3d0
[  166.254494][ T9689]  ? hook_file_ioctl_common+0x149/0x410
[  166.254518][ T9689]  ? selinux_file_ioctl+0x13b/0x290
[  166.254534][ T9689]  ? selinux_file_ioctl+0xb6/0x290
[  166.254550][ T9689]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.254563][ T9689]  __x64_sys_ioctl+0x18e/0x210
[  166.254576][ T9689]  do_syscall_64+0x10b/0xf80
[  166.254592][ T9689]  ? clear_bhb_loop+0x40/0x90
[  166.254606][ T9689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.254619][ T9689] RIP: 0033:0x7f6dfe79ce59
[  166.254629][ T9689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.254641][ T9689] RSP: 002b:00007f6dff6ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.254672][ T9689] RAX: ffffffffffffffda RBX: 00007f6dfea15fa0 RCX: 00007f6dfe79ce59
[  166.254679][ T9689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  166.254685][ T9689] RBP: 00007f6dff6ae090 R08: 0000000000000000 R09: 0000000000000000
[  166.254692][ T9689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.254698][ T9689] R13: 00007f6dfea16038 R14: 00007f6dfea15fa0 R15: 00007ffd3bb91d58
[  166.254712][ T9689]  </TASK>
[  166.889468][ T9730] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1268'.
[  167.014816][ T9744] FAULT_INJECTION: forcing a failure.
[  167.014816][ T9744] name failslab, interval 1, probability 0, space 0, times 0
[  167.036104][ T9744] CPU: 0 UID: 0 PID: 9744 Comm: syz.0.1269 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  167.036140][ T9744] Tainted: [L]=SOFTLOCKUP
[  167.036164][ T9744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  167.036177][ T9744] Call Trace:
[  167.036184][ T9744]  <TASK>
[  167.036192][ T9744]  dump_stack_lvl+0x100/0x190
[  167.036224][ T9744]  should_fail_ex.cold+0x5/0xa
[  167.036250][ T9744]  ? lsm_blob_alloc+0x68/0x90
[  167.036268][ T9744]  should_failslab+0xc2/0x120
[  167.036289][ T9744]  __kmalloc_noprof+0xe0/0x850
[  167.036350][ T9744]  ? audit_alloc+0xa2/0x7b0
[  167.036380][ T9744]  lsm_blob_alloc+0x68/0x90
[  167.036399][ T9744]  security_task_alloc+0x2a/0x260
[  167.036428][ T9744]  copy_process+0x2865/0x7ed0
[  167.036463][ T9744]  ? __pfx_copy_process+0x10/0x10
[  167.036485][ T9744]  ? lockdep_init_map_type+0x5c/0x250
[  167.036513][ T9744]  ? lockdep_init_map_type+0x5c/0x250
[  167.036539][ T9744]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  167.036562][ T9744]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  167.036593][ T9744]  vhost_task_create+0x1db/0x370
[  167.036619][ T9744]  ? __pfx_vhost_task_create+0x10/0x10
[  167.036642][ T9744]  ? register_lock_class+0x40/0x560
[  167.036674][ T9744]  ? __pfx_vhost_task_fn+0x10/0x10
[  167.036701][ T9744]  ? __pfx___mutex_lock+0x10/0x10
[  167.036729][ T9744]  ? kasan_quarantine_put+0x104/0x240
[  167.036765][ T9744]  kvm_mmu_post_init_vm+0x1b3/0x370
[  167.036794][ T9744]  kvm_arch_vcpu_ioctl_run+0x66/0x1890
[  167.036821][ T9744]  ? kvm_vcpu_ioctl+0x1546/0x1720
[  167.036848][ T9744]  kvm_vcpu_ioctl+0x730/0x1720
[  167.036871][ T9744]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.036892][ T9744]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  167.036917][ T9744]  ? do_vfs_ioctl+0x226/0x13e0
[  167.036939][ T9744]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  167.036959][ T9744]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  167.036995][ T9744]  ? __fget_files+0x215/0x3d0
[  167.037017][ T9744]  ? hook_file_ioctl_common+0x149/0x410
[  167.037044][ T9744]  ? selinux_file_ioctl+0x13b/0x290
[  167.037068][ T9744]  ? selinux_file_ioctl+0xb6/0x290
[  167.037095][ T9744]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  167.037117][ T9744]  __x64_sys_ioctl+0x18e/0x210
[  167.037139][ T9744]  do_syscall_64+0x10b/0xf80
[  167.037164][ T9744]  ? clear_bhb_loop+0x40/0x90
[  167.037187][ T9744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.037206][ T9744] RIP: 0033:0x7f502439ce59
[  167.037222][ T9744] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  167.037240][ T9744] RSP: 002b:00007f502517d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.037281][ T9744] RAX: ffffffffffffffda RBX: 00007f5024616090 RCX: 00007f502439ce59
[  167.037292][ T9744] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  167.037303][ T9744] RBP: 00007f502517d090 R08: 0000000000000000 R09: 0000000000000000
[  167.037314][ T9744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.037331][ T9744] R13: 00007f5024616128 R14: 00007f5024616090 R15: 00007fff1ac1e868
[  167.037358][ T9744]  </TASK>
[  167.076459][ T9730] overlayfs: missing 'lowerdir'
[  167.104710][ T9750] fuse: Bad value for 'fd'
[  167.277905][ T9759] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9759 comm=syz.0.1274
[  167.284918][ T9759] comedi comedi1: 8255: I/O base address not correctly aligned
[  167.412953][   T40] audit: type=1326 audit(1779144748.892:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9772 comm="syz.1.1276" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7dc79ce59 code=0xffff0000
[  167.485603][ T9775] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1279'.
[  167.493556][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1279'.
[  167.506425][   T40] audit: type=1400 audit(1779144748.992:1155): avc:  denied  { read write } for  pid=9778 comm="syz.0.1277" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  167.519247][   T40] audit: type=1400 audit(1779144748.992:1156): avc:  denied  { open } for  pid=9778 comm="syz.0.1277" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  167.565840][ T9781] fuse: Unknown parameter 'group_i00000000000000000000'
[  167.581706][   T40] audit: type=1400 audit(1779144749.062:1157): avc:  denied  { ioctl } for  pid=9778 comm="syz.0.1277" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  167.668236][   T40] audit: type=1400 audit(1779144749.152:1158): avc:  denied  { remount } for  pid=9789 comm="syz.2.1284" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  167.885367][   T39] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  168.035285][   T39] usb 5-1: Using ep0 maxpacket: 32
[  168.041069][   T39] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  168.045937][   T39] usb 5-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  168.049991][   T39] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  168.054072][   T39] usb 5-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  168.063327][   T39] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  168.066733][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.069915][   T39] usb 5-1: Product: syz
[  168.071900][   T39] usb 5-1: Manufacturer: syz
[  168.074288][   T39] usb 5-1: SerialNumber: syz
[  168.098874][    C2] imon 5-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  168.111481][   T39] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/input/input20
[  168.190056][ T9798] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1287'.
[  168.325304][   T39] imon 5-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  168.327976][   T39]  (id 0x00)
[  168.375407][   T39] rc_core: IR keymap rc-imon-pad not found
[  168.377318][   T39] Registered IR keymap rc-empty
[  168.381826][   T39] imon 5-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  168.388959][   T39] imon 5-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  168.469343][ T9806] overlayfs: conflicting options: nfs_export=on,index=off
[  168.552679][   T39] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0
[  168.560067][   T39] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0/input21
[  168.588516][   T39] imon 5-1:155.0: iMON device (15c2:ffdc, intf0) on usb<5:7> initialized
[  168.621789][ T9806] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.630688][ T9806] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.813815][ T9806] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.827567][ T9806] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.999414][ T6329] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.008377][ T6329] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.014017][ T6329] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.020296][   T40] audit: type=1400 audit(1779144750.502:1159): avc:  denied  { unmount } for  pid=9214 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  169.021125][ T6329] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  169.070674][ T9820] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1290'.
[  169.133908][ T9824] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1290'.
[  169.179484][ T9829] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  169.229920][ T9832] fuse: Bad value for 'fd'
[  169.281170][ T9834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  169.283838][ T9782] imon:send_packet: packet tx failed (-71)
[  169.284041][   T29] usb 5-1: USB disconnect, device number 7
[  169.301574][ T9834] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  169.315499][ T9782] imon:vfd_write: send packet #0 failed
[  169.721115][   T40] audit: type=1400 audit(1779144751.202:1160): avc:  denied  { shutdown } for  pid=9850 comm="syz.1.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  169.950424][   T40] audit: type=1400 audit(1779144751.432:1161): avc:  denied  { execute } for  pid=9856 comm="syz.0.1306" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=33336 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  169.962068][   T40] audit: type=1400 audit(1779144751.432:1162): avc:  denied  { lock } for  pid=9856 comm="syz.0.1306" path="socket:[32747]" dev="sockfs" ino=32747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  170.009064][   T40] audit: type=1400 audit(1779144751.492:1163): avc:  denied  { remount } for  pid=9859 comm="syz.0.1307" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  170.134040][ T9869] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1311'.
[  170.223813][   T40] audit: type=1400 audit(1779144751.702:1164): avc:  denied  { getopt } for  pid=9872 comm="syz.2.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  170.619524][ T9851] overlayfs: statfs failed on './file0'
[  170.707146][ T9889] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  170.718247][ T9889] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.190880][ T9913] siw: device registration error -23
[  171.199804][   T40] audit: type=1400 audit(1779144752.682:1165): avc:  denied  { sqpoll } for  pid=9912 comm="syz.0.1326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  171.655415][   T29] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  171.805373][   T29] usb 6-1: Using ep0 maxpacket: 32
[  171.808585][   T29] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  171.811897][   T29] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  171.816559][   T29] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.821145][   T29] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  171.829738][   T29] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  171.833959][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.840706][   T29] usb 6-1: Product: syz
[  171.842545][   T29] usb 6-1: Manufacturer: syz
[  171.844541][   T29] usb 6-1: SerialNumber: syz
[  171.856152][    C1] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  171.862531][   T29] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/input/input22
[  171.877193][   T40] audit: type=1400 audit(1779144753.362:1166): avc:  denied  { write } for  pid=9929 comm="syz.0.1332" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  171.879638][ T9930] random: crng reseeded on system resumption
[  171.887016][   T40] audit: type=1400 audit(1779144753.362:1167): avc:  denied  { open } for  pid=9929 comm="syz.0.1332" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  171.909452][   T40] audit: type=1400 audit(1779144753.392:1168): avc:  denied  { ioctl } for  pid=9929 comm="syz.0.1332" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x330f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  171.912516][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  171.961547][ T9935] netlink: 232 bytes leftover after parsing attributes in process `syz.2.1333'.
[  171.967932][ T9935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1333'.
[  171.975704][ T9935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1333'.
[  171.980061][ T9935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1333'.
[  172.115400][   T29] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  172.118153][   T29]  (id 0x00)
[  172.205403][   T29] rc_core: IR keymap rc-imon-pad not found
[  172.208301][   T29] Registered IR keymap rc-empty
[  172.210100][   T29] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  172.213501][   T29] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  172.316367][   T29] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0
[  172.334981][   T29] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:155.0/rc/rc0/input23
[  172.337814][ T9959] FAULT_INJECTION: forcing a failure.
[  172.337814][ T9959] name failslab, interval 1, probability 0, space 0, times 0
[  172.346513][ T9959] CPU: 3 UID: 0 PID: 9959 Comm: syz.4.1340 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  172.346545][ T9959] Tainted: [L]=SOFTLOCKUP
[  172.346551][ T9959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  172.346562][ T9959] Call Trace:
[  172.346569][ T9959]  <TASK>
[  172.346575][ T9959]  dump_stack_lvl+0x100/0x190
[  172.346747][ T9959]  should_fail_ex.cold+0x5/0xa
[  172.346799][ T9959]  should_failslab+0xc2/0x120
[  172.346860][ T9959]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  172.346886][ T9959]  ? do_getname+0x35/0x390
[  172.346932][ T9959]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  172.346989][ T9959]  do_getname+0x35/0x390
[  172.347017][ T9959]  user_path_at+0x26/0x60
[  172.347038][ T9959]  __x64_sys_mount+0x1fb/0x310
[  172.347066][ T9959]  ? __pfx___x64_sys_mount+0x10/0x10
[  172.347095][ T9959]  ? rcu_is_watching+0x12/0xc0
[  172.347142][ T9959]  do_syscall_64+0x10b/0xf80
[  172.347166][ T9959]  ? clear_bhb_loop+0x40/0x90
[  172.347189][ T9959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.347206][ T9959] RIP: 0033:0x7f6dfe79ce59
[  172.347224][ T9959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.347241][ T9959] RSP: 002b:00007f6dff6ae028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  172.347281][ T9959] RAX: ffffffffffffffda RBX: 00007f6dfea15fa0 RCX: 00007f6dfe79ce59
[  172.347293][ T9959] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000000
[  172.347303][ T9959] RBP: 00007f6dff6ae090 R08: 0000000000000000 R09: 0000000000000000
[  172.347313][ T9959] R10: 0000000002048808 R11: 0000000000000246 R12: 0000000000000001
[  172.347322][ T9959] R13: 00007f6dfea16038 R14: 00007f6dfea15fa0 R15: 00007ffd3bb91d58
[  172.347347][ T9959]  </TASK>
[  172.349836][   T29] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:9> initialized
[  172.605326][ T9969] fuse: Unknown parameter ''
[  172.677918][ T9974] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  172.717267][ T9978] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  172.804903][ T9984] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1349'.
[  173.053663][ T9921] imon:send_packet: packet tx failed (-71)
[  173.058458][ T5827] usb 6-1: USB disconnect, device number 9
[  173.086518][ T9921] imon:vfd_write: send packet #0 failed
[  173.126533][T10006] overlayfs: failed to clone upperpath
[  173.212097][T10016] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1359'.
[  173.696693][T10061] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1379'.
[  173.957837][T10088] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1386'.
[  174.147976][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  174.147998][   T40] audit: type=1400 audit(1779144755.632:1179): avc:  denied  { ioctl } for  pid=10111 comm="syz.0.1397" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x9402 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  174.168338][   T40] audit: type=1400 audit(1779144755.652:1180): avc:  denied  { setattr } for  pid=10111 comm="syz.0.1397" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  174.193855][T10114] /dev/sr0: Can't open blockdev
[  174.200421][   T40] audit: type=1400 audit(1779144755.682:1181): avc:  denied  { read write } for  pid=10112 comm="syz.1.1398" name="cgroup.max.descendants" dev="cgroup2" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.210606][   T40] audit: type=1400 audit(1779144755.682:1182): avc:  denied  { open } for  pid=10112 comm="syz.1.1398" path="<too_long>" dev="cgroup2" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.220516][   T40] audit: type=1400 audit(1779144755.682:1183): avc:  denied  { setattr } for  pid=10112 comm="syz.1.1398" name="cgroup.max.descendants" dev="cgroup2" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.231113][   T40] audit: type=1400 audit(1779144755.692:1184): avc:  denied  { ioctl } for  pid=10112 comm="syz.1.1398" path="<too_long>" dev="cgroup2" ino=265 ioctlcmd=0x5828 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  174.292244][T10122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1403'.
[  174.296478][T10122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1403'.
[  174.298912][T10124] fuse: Bad value for 'user_id'
[  174.302032][T10124] fuse: Bad value for 'user_id'
[  174.498340][T10134] xfrm0 speed is unknown, defaulting to 1000
[  174.704417][T10147] can: request_module (can-proto-0) failed.
[  174.712310][T10157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1413'.
[  174.714252][   T40] audit: type=1400 audit(1779144756.192:1185): avc:  denied  { execute_no_trans } for  pid=10146 comm="syz.4.1410" path=2F6D656D66643A5B0BDB58AE5B1A02FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="hugetlbfs" ino=33628 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  174.887787][ T5751] Bluetooth: hci0: command tx timeout
[  174.999727][   T40] audit: type=1804 audit(1779144756.482:1186): pid=10179 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1421" name="bus" dev="ramfs" ino=33648 res=1 errno=0
[  175.009019][   T40] audit: type=1804 audit(1779144756.482:1187): pid=10179 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.1421" name="bus" dev="ramfs" ino=33648 res=1 errno=0
[  175.028989][   T40] audit: type=1326 audit(1779144756.512:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10180 comm="syz.1.1423" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7dc79ce59 code=0x0
[  175.095752][T10184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1424'.
[  175.253072][T10196] netlink: 236 bytes leftover after parsing attributes in process `syz.0.1428'.
[  175.260641][T10196] /dev/sg0: Can't lookup blockdev
[  175.558665][T10212] fuse: Bad value for 'fd'
[  176.243501][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1443'.
[  176.538573][T10269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1454'.
[  176.616101][T10277] fuse: Bad value for 'fd'
[  176.955676][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  177.269315][T10311] msdos: Unknown parameter 'OȈg'
[  177.893718][T10360] fuse: Bad value for 'fd'
[  177.995787][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  178.451303][T10373] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1493'.
[  178.772588][T10401] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1502'.
[  178.819825][T10406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1505'.
[  178.894790][ T5751] Bluetooth: hci2: unexpected cc 0x2023 length: 4 < 5
[  178.994159][T10431] fuse: Bad value for 'fd'
[  179.035602][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  179.048232][T10435] netlink: 'syz.2.1514': attribute type 8 has an invalid length.
[  179.119605][T10450] sctp: [Deprecated]: syz.0.1519 (pid 10450) Use of int in max_burst socket option.
[  179.119605][T10450] Use struct sctp_assoc_value instead
[  179.167901][T10459] fuse: Bad value for 'fd'
[  179.348763][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  179.349025][   T40] audit: type=1400 audit(1779144760.832:1198): avc:  denied  { getopt } for  pid=10478 comm="syz.2.1530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  179.434256][T10491] fuse: Bad value for 'fd'
[  179.489944][T10493] vlan0: entered promiscuous mode
[  179.539731][T10501] __nla_validate_parse: 5 callbacks suppressed
[  179.539750][T10501] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1537'.
[  179.545933][T10501] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1537'.
[  179.955366][ T5892] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  180.105413][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  180.109717][ T5892] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  180.114460][ T5892] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  180.119297][ T5892] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  180.124899][ T5892] usb 5-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  180.128058][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  180.130807][ T5892] usb 5-1: Product: syz
[  180.132316][ T5892] usb 5-1: Manufacturer: syz
[  180.133891][ T5892] usb 5-1: SerialNumber: syz
[  180.138968][ T5892] usb 5-1: config 0 descriptor??
[  180.195419][ T5892] rc_core: IR keymap rc-imon-rsc not found
[  180.197326][ T5892] Registered IR keymap rc-empty
[  180.201598][ T5892] rc rc0: iMON Station as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0
[  180.206742][ T5892] input: iMON Station as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input24
[  180.303623][T10515] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1541'.
[  180.330142][T10515] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10515 comm=syz.2.1541
[  180.400871][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1546'.
[  180.404066][T10524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1546'.
[  180.409061][T10509] netlink: 2024 bytes leftover after parsing attributes in process `syz.0.1539'.
[  180.412227][T10509] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1539'.
[  180.478395][T10532] overlayfs: failed to clone upperpath
[  180.484619][T10532] overlayfs: failed to clone lowerpath
[  180.491795][T10532] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1549'.
[  180.570197][T10541] fuse: Invalid rootmode
[  180.617766][   T40] audit: type=1400 audit(1779144762.102:1199): avc:  denied  { ioctl } for  pid=10542 comm="syz.1.1553" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  180.635924][T10544] ip6gre1: entered promiscuous mode
[  180.637928][T10544] ip6gre1: entered allmulticast mode
[  180.642750][ T6328] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  180.643359][T10544] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  180.645818][ T6328] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  180.665509][ T5892] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  180.693989][T10551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1556'.
[  180.697182][T10551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1556'.
[  181.225501][ T5892] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  181.237860][   T40] audit: type=1400 audit(1779144762.722:1200): avc:  denied  { lock } for  pid=10566 comm="syz.1.1559" path="socket:[37219]" dev="sockfs" ino=37219 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  181.336766][   T40] audit: type=1400 audit(1779144762.822:1201): avc:  denied  { write } for  pid=10575 comm="syz.1.1564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  181.436031][ T5892] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  181.488226][   T40] audit: type=1400 audit(1779144762.972:1202): avc:  denied  { listen } for  pid=10590 comm="syz.4.1570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  181.498695][T10593] ip6erspan0: entered promiscuous mode
[  181.720586][T10617] fuse: Bad value for 'fd'
[  181.862078][T10626] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  181.927127][T10631] overlay: ./file0 is not a directory
[  181.998960][   T40] audit: type=1400 audit(1779144763.482:1203): avc:  denied  { getopt } for  pid=10634 comm="syz.2.1586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  182.050238][T10652] fuse: Bad value for 'fd'
[  182.058003][T10649] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  182.081163][T10653] cgroup2: Unknown parameter 'rlimit'
[  182.221909][T10665] xt_cgroup: invalid path, errno=-2
[  182.225523][T10666] netlink: 'syz.4.1596': attribute type 10 has an invalid length.
[  182.231799][T10666] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.237468][T10666] team0: Port device bond0 added
[  182.239236][T10665] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  182.459492][T10682] fuse: Bad value for 'fd'
[  182.572911][T10695] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  182.750353][T10713] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10713 comm=syz.2.1610
[  182.759534][ T5892] usb 5-1: USB disconnect, device number 8
[  182.804412][T10720] fuse: Bad value for 'rootmode'
[  183.355300][ T3262] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  183.506820][ T3262] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  183.510604][ T3262] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  183.514017][ T3262] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  183.517448][ T3262] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  183.521654][ T3262] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  183.524451][ T3262] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.528337][ T3262] usb 6-1: config 0 descriptor??
[  183.670276][T10752] netlink: 'syz.0.1621': attribute type 15 has an invalid length.
[  183.673594][T10752] netlink: 'syz.0.1621': attribute type 15 has an invalid length.
[  183.681218][T10752] bridge0: port 4(syz_tun) entered blocking state
[  183.685453][T10752] bridge0: port 4(syz_tun) entered disabled state
[  183.688391][T10752] syz_tun: entered allmulticast mode
[  183.693228][T10752] syz_tun: entered promiscuous mode
[  183.823316][   T40] audit: type=1400 audit(1779144765.302:1204): avc:  denied  { setattr } for  pid=10764 comm="syz.0.1626" name="/" dev="configfs" ino=2070 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  183.938834][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.946707][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.949268][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.951800][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.955623][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.961666][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.964220][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.968766][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.971308][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.974654][ T3262] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  183.981699][ T3262] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  183.992722][T10777] fuse: Bad value for 'fd'
[  184.015504][T10779] fuse: Bad value for 'fd'
[  184.319459][    T9] usb 6-1: USB disconnect, device number 10
[  184.475380][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.426008][T10793] __nla_validate_parse: 9 callbacks suppressed
[  185.426022][T10793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1637'.
[  185.430869][T10793] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1637'.
[  185.433939][T10793] netlink: 'syz.1.1637': attribute type 15 has an invalid length.
[  185.443948][ T6328] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  185.446167][T10793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1637'.
[  185.447687][ T6328] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  185.450818][T10793] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1637'.
[  185.453687][ T6328] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  185.456865][T10793] netlink: 'syz.1.1637': attribute type 15 has an invalid length.
[  185.459644][ T6328] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  185.479503][T10793] bridge0: port 4(syz_tun) entered blocking state
[  185.481812][T10793] bridge0: port 4(syz_tun) entered disabled state
[  185.484217][T10793] syz_tun: entered allmulticast mode
[  185.487529][T10793] syz_tun: entered promiscuous mode
[  185.497992][T10793] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1637'.
[  185.564981][T10805] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1640'.
[  185.597798][T10807] fuse: Unknown parameter 'use00000000000000000000'
[  186.455484][T10827] fuse: Bad value for 'fd'
[  186.564308][T10839] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1652'.
[  192.635434][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  198.435364][ T5749] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  198.439948][ T5749] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  198.443282][ T5749] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  198.451029][ T5749] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  198.457085][ T5749] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  198.687007][T10849] xfrm0 speed is unknown, defaulting to 1000
[  198.928488][T10849] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.931761][T10849] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.935540][T10849] bridge_slave_0: entered allmulticast mode
[  198.939677][T10849] bridge_slave_0: entered promiscuous mode
[  198.944809][T10849] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.948097][T10849] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.951279][T10849] bridge_slave_1: entered allmulticast mode
[  198.955375][T10849] bridge_slave_1: entered promiscuous mode
[  198.982188][T10849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.988723][T10849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.015811][T10849] team0: Port device team_slave_0 added
[  199.020855][T10849] team0: Port device team_slave_1 added
[  199.045698][T10849] batman_adv: batadv0: Adding interface: batadv_slave_0
[  199.048679][T10849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.059736][T10849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.066075][T10849] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.069243][T10849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  199.080105][T10849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.120050][T10849] hsr_slave_0: entered promiscuous mode
[  199.123503][T10849] hsr_slave_1: entered promiscuous mode
[  199.126640][T10849] debugfs: 'hsr0' already exists in 'hsr'
[  199.129032][T10849] Cannot create hsr debugfs directory
[  199.319373][T10849] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  199.323984][T10849] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  199.329637][T10849] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  199.334825][T10849] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  199.342383][T10849] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  199.348500][T10849] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  199.351463][T10849] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  199.359042][T10849] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  199.364677][T10871] fuse: Unknown parameter 'use00000000000000000000'
[  199.401285][T10849] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.405730][T10849] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.409738][T10849] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.412415][T10849] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.506644][T10849] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.522773][ T6328] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.529432][ T6328] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.554481][T10849] 8021q: adding VLAN 0 to HW filter on device team0
[  199.566888][ T6321] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.569510][ T6321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.578581][ T6328] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.581785][ T6328] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.679709][ T1436] ieee802154 phy0 wpan0: encryption failed: -22
[  199.682010][ T1436] ieee802154 phy1 wpan1: encryption failed: -22
[  199.803863][T10894] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1661'.
[  200.032411][T10849] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.112205][T10919] overlayfs: failed to clone upperpath
[  200.230556][T10929] fuse: Bad value for 'fd'
[  200.254886][T10849] veth0_vlan: entered promiscuous mode
[  200.262290][T10849] veth1_vlan: entered promiscuous mode
[  200.300025][T10849] veth0_macvtap: entered promiscuous mode
[  200.313308][T10849] veth1_macvtap: entered promiscuous mode
[  200.332940][T10849] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.340721][T10849] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.347388][ T6323] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.355310][ T6323] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.359596][ T6323] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.365883][ T6323] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.467514][ T6323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.484254][ T6323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.508773][ T6321] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.515347][ T6321] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.555454][ T5751] Bluetooth: hci4: command tx timeout
[  200.596889][T10941] xfrm0 speed is unknown, defaulting to 1000
[  200.610618][T10948] Driver unsupported XDP return value 0 on prog  (id 187) dev N/A, expect packet loss!
[  200.681446][T10951] ipvlan1: entered promiscuous mode
[  200.686308][T10951] ipvlan1: entered allmulticast mode
[  200.745037][T10955] fuse: Bad value for 'fd'
[  201.069374][T10977] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1673'.
[  201.072530][T10974] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1673'.
[  201.076394][T10977] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1673'.
[  201.150258][T10987] fuse: Unknown parameter 'user_i00000000000000000000'
[  201.196265][T10992] SELinux:  policydb magic number 0xfb7cff8c does not match expected magic number 0xf97cff8c
[  201.201469][T10992] SELinux: failed to load policy
[  201.204448][   T40] audit: type=1400 audit(1779144782.682:1205): avc:  denied  { wake_alarm } for  pid=10990 comm="syz.0.1683" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  201.319200][T11005] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  201.624657][T11030] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  201.648116][T11030] VFS: Can't find a romfs filesystem on dev nullb0.
[  201.648116][T11030] 
[  201.659314][   T40] audit: type=1400 audit(1779144783.142:1206): avc:  denied  { shutdown } for  pid=11029 comm="syz.5.1697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  201.870054][T11044] SELinux: security_context_str_to_sid („) failed with errno=-22
[  201.914436][T11046] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1703'.
[  201.923639][T11046] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1703'.
[  202.010303][T11050] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  202.094970][   T40] audit: type=1400 audit(1779144783.572:1207): avc:  denied  { set_context_mgr } for  pid=11053 comm="syz.1.1708" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  202.095058][T11054] binder: BINDER_SET_CONTEXT_MGR already set
[  202.103634][T11054] binder: 11053:11054 ioctl 4018620d 2000000000c0 returned -16
[  202.106232][   T40] audit: type=1400 audit(1779144783.582:1208): avc:  denied  { set_context_mgr } for  pid=11057 comm="syz.0.1709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  202.181623][T11067] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1712'.
[  202.196635][T11067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1712'.
[  202.360594][T11077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1716'.
[  202.370923][T11077] IPVS: Error connecting to the multicast addr
[  202.406048][T11080] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1717'.
[  202.462932][T11083] blkio.reset_stats is deprecated
[  202.581642][T11091] fuse: Unknown parameter 'user_i00000000000000000000'
[  202.635990][ T5751] Bluetooth: hci4: command tx timeout
[  202.685102][T11098] batadv_slave_1: entered promiscuous mode
[  202.690402][   T40] audit: type=1400 audit(1779144784.172:1209): avc:  denied  { bind } for  pid=11097 comm="syz.5.1723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  202.710086][   T40] audit: type=1400 audit(1779144784.172:1210): avc:  denied  { listen } for  pid=11097 comm="syz.5.1723" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  202.763383][T11097] 
[  202.764552][T11097] ======================================================
[  202.767802][T11097] WARNING: possible circular locking dependency detected
[  202.770845][T11097] syzkaller #0 Tainted: G             L     
[  202.773593][T11097] ------------------------------------------------------
[  202.776572][T11097] syz.5.1723/11097 is trying to acquire lock:
[  202.779244][T11097] ffff88803fa3fae8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0
[  202.784172][T11097] 
[  202.784172][T11097] but task is already holding lock:
[  202.787383][T11097] ffff88803fd28260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  202.791247][T11097] 
[  202.791247][T11097] which lock already depends on the new lock.
[  202.791247][T11097] 
[  202.795596][T11097] 
[  202.795596][T11097] the existing dependency chain (in reverse order) is:
[  202.799342][T11097] 
[  202.799342][T11097] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  202.802621][T11097]        lock_sock_nested+0x41/0xf0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  202.804988][T11097]        smc_listen_out+0x1f5/0x4b0
[  202.807476][T11097]        smc_listen_work+0x767/0x50e0
[  202.809889][T11097]        process_one_work+0xa0e/0x1980
[  202.812264][T11097]        worker_thread+0x5ef/0xe50
[  202.814191][T11097]        kthread+0x370/0x450
[  202.816175][T11097]        ret_from_fork+0x72b/0xd50
[  202.818546][T11097]        ret_from_fork_asm+0x1a/0x30
[  202.821089][T11097] 
[  202.821089][T11097] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  202.825817][T11097]        __lock_acquire+0x14b8/0x2630
[  202.828312][T11097]        lock_acquire+0x1b1/0x370
[  202.830422][T11097]        __flush_work+0x4de/0xcb0
[  202.832590][T11097]        cancel_work_sync+0xd1/0xf0
[  202.834783][T11097]        smc_clcsock_release+0x5f/0xe0
[  202.837108][T11097]        __smc_release+0x5c2/0x880
[  202.839378][T11097]        smc_close_non_accepted+0xda/0x200
[  202.841996][T11097]        smc_close_active+0x4ff/0x1070
[  202.844561][T11097]        __smc_release+0x634/0x880
[  202.846774][T11097]        smc_release+0x1fc/0x620
[  202.849052][T11097]        __sock_release+0xb3/0x260
[  202.851354][T11097]        sock_close+0x1c/0x30
[  202.853592][T11097]        __fput+0x3ff/0xb50
[  202.856120][T11097]        task_work_run+0x150/0x240
[  202.858371][T11097]        exit_to_user_mode_loop+0x107/0x4f0
[  202.860992][T11097]        do_syscall_64+0x706/0xf80
[  202.863222][T11097]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.865875][T11097] 
[  202.865875][T11097] other info that might help us debug this:
[  202.865875][T11097] 
[  202.870133][T11097]  Possible unsafe locking scenario:
[  202.870133][T11097] 
[  202.873698][T11097]        CPU0                    CPU1
[  202.876001][T11097]        ----                    ----
[  202.878222][T11097]   lock(sk_lock-AF_SMC/1);
[  202.880185][T11097]                                lock((work_completion)(&new_smc->smc_listen_work));
[  202.884108][T11097]                                lock(sk_lock-AF_SMC/1);
[  202.887112][T11097]   lock((work_completion)(&new_smc->smc_listen_work));
[  202.890266][T11097] 
[  202.890266][T11097]  *** DEADLOCK ***
[  202.890266][T11097] 
[  202.893836][T11097] 3 locks held by syz.5.1723/11097:
[  202.895993][T11097]  #0: ffff88803b9f5c40 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  202.900203][T11097]  #1: ffff88803fd28260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  202.904354][T11097]  #2: ffffffff8e7e5620 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0
[  202.908525][T11097] 
[  202.908525][T11097] stack backtrace:
[  202.910922][T11097] CPU: 2 UID: 0 PID: 11097 Comm: syz.5.1723 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  202.910948][T11097] Tainted: [L]=SOFTLOCKUP
[  202.910954][T11097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  202.910965][T11097] Call Trace:
[  202.910973][T11097]  <TASK>
[  202.910982][T11097]  dump_stack_lvl+0x100/0x190
[  202.911009][T11097]  print_circular_bug.cold+0x178/0x1c7
[  202.911039][T11097]  check_noncircular+0x146/0x160
[  202.911061][T11097]  __lock_acquire+0x14b8/0x2630
[  202.911087][T11097]  lock_acquire+0x1b1/0x370
[  202.911108][T11097]  ? __flush_work+0x4ca/0xcb0
[  202.911132][T11097]  ? mark_held_locks+0x40/0x70
[  202.911153][T11097]  ? __flush_work+0x4ca/0xcb0
[  202.911176][T11097]  __flush_work+0x4de/0xcb0
[  202.911198][T11097]  ? __flush_work+0x4ca/0xcb0
[  202.911222][T11097]  ? __pfx___flush_work+0x10/0x10
[  202.911245][T11097]  ? __pfx_wq_barrier_func+0x10/0x10
[  202.911278][T11097]  ? __pfx___might_resched+0x10/0x10
[  202.911307][T11097]  cancel_work_sync+0xd1/0xf0
[  202.911333][T11097]  smc_clcsock_release+0x5f/0xe0
[  202.911357][T11097]  __smc_release+0x5c2/0x880
[  202.911379][T11097]  ? __pfx_sock_def_readable+0x10/0x10
[  202.911395][T11097]  smc_close_non_accepted+0xda/0x200
[  202.911418][T11097]  smc_close_active+0x4ff/0x1070
[  202.911449][T11097]  __smc_release+0x634/0x880
[  202.911470][T11097]  smc_release+0x1fc/0x620
[  202.911490][T11097]  __sock_release+0xb3/0x260
[  202.911509][T11097]  ? __pfx_sock_close+0x10/0x10
[  202.911527][T11097]  sock_close+0x1c/0x30
[  202.911544][T11097]  __fput+0x3ff/0xb50
[  202.911569][T11097]  ? _raw_spin_unlock_irq+0x23/0x50
[  202.911593][T11097]  task_work_run+0x150/0x240
[  202.911615][T11097]  ? __pfx_task_work_run+0x10/0x10
[  202.911638][T11097]  ? rcu_is_watching+0x12/0xc0
[  202.911666][T11097]  exit_to_user_mode_loop+0x107/0x4f0
[  202.911689][T11097]  ? rcu_is_watching+0x12/0xc0
[  202.911716][T11097]  do_syscall_64+0x706/0xf80
[  202.911740][T11097]  ? clear_bhb_loop+0x40/0x90
[  202.911759][T11097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.911801][T11097] RIP: 0033:0x7f68fcd9ce59
[  202.911819][T11097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.911836][T11097] RSP: 002b:00007ffd18fad838 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  202.911882][T11097] RAX: 0000000000000000 RBX: 00007ffd18fad920 RCX: 00007f68fcd9ce59
[  202.911893][T11097] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  202.911903][T11097] RBP: 000000000003171c R08: 0000000000000001 R09: 0000000000000000
[  202.911913][T11097] R10: 0000001b32020000 R11: 0000000000000246 R12: 00007ffd18fad960
[  202.911924][T11097] R13: 00007f68fd015fac R14: 0000000000031786 R15: 00007f68fd015fa0
[  202.911943][T11097]  </TASK>
[  203.117238][T11097] batadv_slave_1: left promiscuous mode
[  203.206103][ T9211] syz_tun (unregistering): left allmulticast mode
[  203.208310][ T9211] bridge0: port 3(syz_tun) entered disabled state
[  203.417273][ T9553] bridge0: port 4(syz_tun) entered disabled state
[  203.429506][ T9553] syz_tun (unregistering): left allmulticast mode
[  203.432357][ T9553] syz_tun (unregistering): left promiscuous mode
[  203.435021][ T9553] bridge0: port 4(syz_tun) entered disabled state
[  203.610595][ T6321] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.642977][T11087] syz_tun (unregistering): left allmulticast mode
[  203.645321][T11087] syz_tun (unregistering): left promiscuous mode
[  203.647355][T11087] bridge0: port 4(syz_tun) entered disabled state
[  203.691081][ T6321] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.846136][ T6321] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.920237][ T6321] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.017118][ T6321] bridge0: port 3(team0) entered disabled state
[  204.020693][ T6321] bridge_slave_1: left allmulticast mode
[  204.022803][ T6321] bridge_slave_1: left promiscuous mode
[  204.024660][ T6321] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.028632][ T6321] bridge_slave_0: left allmulticast mode
[  204.031068][ T6321] bridge_slave_0: left promiscuous mode
[  204.033388][ T6321] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.097782][ T6321] ÿÿÿÿÿÿ (unregistering): (slave geneve1): Releasing backup interface
[  204.399483][ T6321] ÿÿÿÿÿÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.404991][ T6321] ÿÿÿÿÿÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.410097][ T6321] ÿÿÿÿÿÿ (unregistering): Released all slaves
[  204.414920][ T6321] bond1 (unregistering): Released all slaves
[  204.421615][ T6321] bond0 (unregistering): Released all slaves
[  204.478840][   T40] audit: type=1400 audit(1779144785.962:1211): avc:  denied  { write } for  pid=11104 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  204.522780][   T40] audit: type=1400 audit(1779144786.002:1212): avc:  denied  { write } for  pid=11107 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  204.557185][ T5444] 8021q: adding VLAN 0 to HW filter on device eth6
[  204.622074][   T40] audit: type=1400 audit(1779144786.102:1213): avc:  denied  { write } for  pid=11110 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  204.668452][   T40] audit: type=1400 audit(1779144786.152:1214): avc:  denied  { write } for  pid=11113 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  204.694937][ T5444] 8021q: adding VLAN 0 to HW filter on device eth7
[  204.721398][ T6321] hsr_slave_0: left promiscuous mode
[  204.724239][ T6321] hsr_slave_1: left promiscuous mode
[  204.727366][ T6321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.730514][ T6321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.734066][ T6321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.737347][ T6321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.743365][ T6321] veth1_macvtap: left allmulticast mode
[  204.745311][ T6321] veth1_macvtap: left promiscuous mode
[  204.747143][ T6321] veth0_macvtap: left promiscuous mode
[  204.748922][ T6321] veth1_vlan: left promiscuous mode
[  204.817640][ T6321] team_slave_1 (unregistering): left promiscuous mode
[  204.819870][ T6321] team_slave_1 (unregistering): left allmulticast mode
[  204.822394][ T6321] team0 (unregistering): Port device team_slave_1 removed
[  204.827291][ T6321] team_slave_0 (unregistering): left promiscuous mode
[  204.829654][ T6321] team_slave_0 (unregistering): left allmulticast mode
[  204.832634][ T6321] team0 (unregistering): Port device team_slave_0 removed
[  204.858023][ T5444] 8021q: adding VLAN 0 to HW filter on device eth8
[  205.024407][ T5444] 8021q: adding VLAN 0 to HW filter on device eth9
[  205.318030][ T6321] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.391362][ T6321] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.451149][ T6321] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.519024][ T6321] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.615334][ T6321] bridge_slave_1: left allmulticast mode
[  205.618164][ T6321] bridge_slave_1: left promiscuous mode
[  205.621061][ T6321] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.626210][ T6321] bridge_slave_0: left allmulticast mode
[  205.628618][ T6321] bridge_slave_0: left promiscuous mode
[  205.631066][ T6321] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.778656][ T6321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.783283][ T6321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.787143][ T6321] bond0 (unregistering): Released all slaves
[  205.919404][ T5444] 8021q: adding VLAN 0 to HW filter on device eth10
[  206.050729][ T5444] 8021q: adding VLAN 0 to HW filter on device eth11
[  206.104226][ T6321] hsr_slave_0: left promiscuous mode
[  206.106386][ T6321] hsr_slave_1: left promiscuous mode
[  206.108320][ T6321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  206.110885][ T6321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  206.114200][ T6321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  206.117140][ T6321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  206.121568][ T6321] veth1_macvtap: left promiscuous mode
[  206.123395][ T6321] veth0_macvtap: left promiscuous mode
[  206.125158][ T6321] veth1_vlan: left promiscuous mode
[  206.127189][ T6321] veth0_vlan: left promiscuous mode
[  206.179331][ T6321] team0 (unregistering): Port device team_slave_1 removed
[  206.184418][ T6321] team0 (unregistering): Port device team_slave_0 removed
[  206.211191][ T5444] 8021q: adding VLAN 0 to HW filter on device eth12
[  206.275466][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  206.275481][   T40] audit: type=1400 audit(1779144787.752:1225): avc:  denied  { write } for  pid=11152 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  206.310324][   T40] audit: type=1400 audit(1779144787.792:1226): avc:  denied  { write } for  pid=11155 comm="rm" name="hook-state" dev="tmpfs" ino=1841 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  206.341915][ T5444] 8021q: adding VLAN 0 to HW filter on device eth13
[  207.355498][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!