last executing test programs:

4m28.60360193s ago: executing program 3 (id=248):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x804}, 0xd0000000)

4m28.603050601s ago: executing program 3 (id=250):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000005}, 0x11)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r2, &(0x7f0000000200)={0x0, 0xfffffffffffffd33, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r3, 0x1453df3c079a29df, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0xffffffffffffff25}, 0x1, 0x0, 0x0, 0x4f1fca89955a67fd}, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r1, r0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1101, 0x1})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

4m28.524639087s ago: executing program 3 (id=251):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x2, @multicast2}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000003f0000000006000000140008"], 0x28}}, 0x8000)

4m28.464441684s ago: executing program 3 (id=252):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0x6})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r1, 0x0, 0x2, &(0x7f0000000080)=0x3, 0x4)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000080)=0x80)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r6, 0x7, 0x70bd25}, 0x14}, 0x1, 0x0, 0x0, 0x8081}, 0x24000800)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000100)={'ip6_vti0\x00', <r7=>0x0, 0x29, 0x3, 0x5, 0x1ff, 0x1, @ipv4={'\x00', '\xff\xff', @multicast2}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8000, 0x20, 0x40, 0xf135}})
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000004c0)={0xe8, r6, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x80000000}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x7}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @remote}]}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0xa4}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x40, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x19}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e24}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r7}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3}, @MPTCP_PM_ATTR_ADDR={0x44, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xb6b40f949b4929f7}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4040001}, 0x20000000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @multicast2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000001080)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r4, 0x84, 0x23, &(0x7f0000000040)={r8, 0xf2a}, 0x8)
ioctl$DRM_IOCTL_DROP_MASTER(r3, 0x641f)
ioctl$DRM_IOCTL_SET_MASTER(r3, 0x641e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa40000000000000704000000feffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0x1005, &(0x7f000001b180)=""/4101, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m28.459623422s ago: executing program 3 (id=255):
r0 = socket(0x2, 0x80805, 0x0)
socket$unix(0x1, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x102)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_DEF_ERR_DATA_REPORTING={{0xe5}, 0xf7}}}, 0x7)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000001040)=ANY=[@ANYBLOB="00365757dd007d57650020", @ANYRES16=r2, @ANYBLOB="000128bd7000fedbdf250a0000000800390006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4004004}, 0x8)

4m28.292280254s ago: executing program 3 (id=256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468fffe00000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

4m12.903267892s ago: executing program 32 (id=256):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468fffe00000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3m42.648655792s ago: executing program 2 (id=592):
r0 = memfd_create(&(0x7f0000000140)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6#\r\x83y\xf3\xb2\xe6b\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x17?$^\xe1Ob\xe1Y\xd6\xeb\x91\x83;\xeb\xf1\xd0\xce\xe5\x19THP\xf4O\xe2\x9f\xd9\xae\xcf>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xa2c\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0\xb04\xb7T5\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x06\xb5\x03\x8a\xc40\xbe\xe3\x93A\x15\xec\xdb\xaa\t9\x11\xb4\x84$&0\xdd\xcbC\x15\xfcp\x11\xdai\f{\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\x82t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6^r\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9w\xd2\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x00\x00\x00\x00\x00\x00\x00', 0x4)
fallocate(r0, 0x3, 0x3, 0xffffffff)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000280)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000001000370400000000fcdbd42500000000", @ANYRES32=r3, @ANYBLOB="8345050001000000240012800b000100697036746e6c00001400028008000100", @ANYRES32=r3, @ANYBLOB='\b\x00\b\x00;'], 0x44}, 0x1, 0x0, 0x0, 0x4000080}, 0x40040c0)
sendmsg$nl_route(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@getnetconf={0x14, 0x52, 0x800, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x200000d0}, 0x40140d1)
sendmmsg$inet(r1, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty}}}], 0x20}}], 0x1, 0x80)

3m42.612920049s ago: executing program 2 (id=596):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000700900010073797a30000000000900030073797a320000000008000a4000000003280004800800024000000012080001400000000014000300776c616e31000000000000000000000014000000110001"], 0xa4}}, 0x0)

3m42.473713355s ago: executing program 2 (id=598):
socket$alg(0x26, 0x5, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000a80)={@local, @multicast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[@dstopts={0x2f}], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}]}}}}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x513883, 0x488)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x10000, 0xa)
getdents(r0, &(0x7f0000000080)=""/87, 0x57)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000800)=ANY=[@ANYBLOB="040e0a060e044c"], 0xd)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000010000000000000000000000791207000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m41.733692584s ago: executing program 2 (id=604):
r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e, 0x0)
accept$unix(r0, &(0x7f00000000c0)=@abs, &(0x7f0000000140)=0x6e)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000004840))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r2 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r2, r2, &(0x7f0000000080), 0x7f04)
r3 = syz_io_uring_setup(0x5ce, &(0x7f0000000240)={0x0, 0x7734, 0x1, 0x0, 0x34f}, &(0x7f0000000000), &(0x7f0000000080))
r4 = open(&(0x7f0000000000)='./bus\x00', 0x105c42, 0x5)
r5 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xe134, 0x2000, 0x0, 0x130}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000140)})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
getsockopt$inet6_mreq(r4, 0x29, 0x1c, &(0x7f0000000380)={@private1, <r8=>0x0}, &(0x7f00000003c0)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x9, 0x80000001, 0x3ff, 0x9, 0x8500, r2, 0xb, '\x00', r8, r2, 0x4, 0x4, 0x3, 0x0, @value=r2, @void, @void, @value}, 0x50)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

3m41.491885661s ago: executing program 2 (id=607):
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00000000002200001800128008000106677265000c000280"], 0x38}}, 0x0)
socket$inet(0x2, 0x0, 0x6)
add_key(&(0x7f0000000180)='trusted\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000040)=0x6, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000003c0)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x40}, 0x0)
r4 = mmap$KVM_VCPU(&(0x7f0000ffe000/0x1000)=nil, 0x0, 0x1000008, 0x1010, 0xffffffffffffffff, 0x0)
syz_memcpy_off$KVM_EXIT_MMIO(r4, 0x20, &(0x7f00000000c0)="ea0ace2ec4790ccbcbe09a61f9c3e8672b30c8d5c656f4cf", 0x0, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)

3m41.22416678s ago: executing program 2 (id=610):
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/4076, 0xfec}, {&(0x7f00000010c0)=""/150, 0x96}, {&(0x7f0000001180)=""/135, 0x87}, {&(0x7f0000001280)=""/234, 0xea}], 0x4, 0x10000, 0x223)

3m41.195189934s ago: executing program 33 (id=610):
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/4076, 0xfec}, {&(0x7f00000010c0)=""/150, 0x96}, {&(0x7f0000001180)=""/135, 0x87}, {&(0x7f0000001280)=""/234, 0xea}], 0x4, 0x10000, 0x223)

3m22.289982006s ago: executing program 1 (id=644):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x28) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x28)
setreuid(0x0, 0x0) (async)
setreuid(0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
io_uring_setup(0x62b5, &(0x7f00000000c0)={0x0, 0x86df, 0x8, 0x1, 0x3ab}) (async)
r1 = io_uring_setup(0x62b5, &(0x7f00000000c0)={0x0, 0x86df, 0x8, 0x1, 0x3ab})
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='huge=within_size'])
chdir(&(0x7f0000000240)='./file0\x00')
creat(&(0x7f0000000000)='./bus\x00', 0x181) (async)
creat(&(0x7f0000000000)='./bus\x00', 0x181)
r2 = open(&(0x7f0000000200)='./bus\x00', 0x38d2fe, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r2, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, 0x0) (async)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0xa, 0x0, 0x0)
r3 = dup2(r0, r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="dc32fba520684e54d501b8", @ANYRESHEX=r4, @ANYBLOB="2c766f99ae4d63ef52dd22a263d69aa2c7346f746d6f64653d30303030303030303030303030303030303034303030302c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYRES16=r1])
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_inet_tcp_SIOCATMARK(r5, 0x8905, &(0x7f0000000040))
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
pread64(r4, &(0x7f0000004200)=""/236, 0xec, 0x0) (async)
pread64(r4, &(0x7f0000004200)=""/236, 0xec, 0x0)
write$FUSE_INIT(r4, &(0x7f0000004300)={0x50, 0x0, r6}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000004380)='./file0/file0\x00', 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r3, &(0x7f00000003c0)=ANY=[], 0x29)
write$FUSE_NOTIFY_RESEND(r4, &(0x7f0000000080)={0x14}, 0x14)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_VDPA_GET_DEVICE_ID(r3, 0x4008af24, &(0x7f0000002d80))
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a04430012000a000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

3m21.863560158s ago: executing program 1 (id=659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001140), 0x8200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_clone3(&(0x7f0000000300)={0x4100, 0x0, &(0x7f0000000080), 0x0, {0x15}, &(0x7f0000000100)=""/23, 0x17, 0x0, 0x0}, 0x58)
migrate_pages(r2, 0xfffffffffffffff8, 0x0, &(0x7f00000003c0)=0xfffffffffffffffd) (async)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="d635bdcaa70e6d8b"], 0x22)
mprotect(&(0x7f0000d19000/0x4000)=nil, 0x4000, 0x8) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a310000000014000780050015000c0000000800084000000090050005000a000000050001000600000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581ef"], 0x0) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000040)=0x1, 0x4) (async)
r6 = socket$inet6(0xa, 0xa, 0x0)
setsockopt$inet6_opts(r6, 0x29, 0x37, &(0x7f0000000000)=ANY=[], 0x18) (async)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x46, &(0x7f0000000180), 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x12, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="07000000000000007e0800000000000005000000000000001102000000cb066b2f3965280000000600000000000000d90b000000005703000000000000000072080000000000000eaa000000000000aa0b0000000000002f000000000000ef7fdbdf00000000008824000000000000810a000000000000060376e3bc14f1324b239f2c2fc92b2cb39d7f5348595ac5707e1f0d11d648039e47c5497c13282eb97967068912e03be75fd4adeff0940d9ca565f89eb7723044d9aca089b78ec704a3b64e2f1c0cb1a593651d383478e72fdf46de60f8d8f0d84b07a8309f2fa57c17c1f27333ccb87c311238926c95e916ec7acdb5a4bc3fd26fda14d52501b96644a746e5260b00a2f99072c7cdb4ecb1bac4e58535b1ef368df15a6157386897796c211a7322b6552e59512f932d5285675f7a869e05a9ce8a954d78e162498befde58eda70e46155fc7fc0ae372669c7be617bddd41"])
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r7, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000140)=0x4)

3m21.713719138s ago: executing program 1 (id=665):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, 0x0, 0x0) (async)
sendmmsg$unix(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x7c}, [@ldst={0x6}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3c)
r2 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r3 = syz_io_uring_setup(0x76a, &(0x7f0000000080)={0x0, 0xfed5, 0x40, 0x3, 0x110}, &(0x7f0000000100), &(0x7f0000000140)) (async)
r4 = socket$caif_stream(0x25, 0x1, 0x4) (async)
r5 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r1}, 0x8) (async)
r6 = accept$unix(0xffffffffffffffff, &(0x7f00000001c0)=@abs, &(0x7f0000000240)=0x6e)
r7 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000280), 0x24480, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)=[r1, r1, r2, r3, r1, r4, r5, r2, r6, r7]}, 0xa)

3m21.630371129s ago: executing program 1 (id=668):
r0 = socket$kcm(0x29, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100, 0x0)
getdents64(r1, &(0x7f0000000380)=""/141, 0x8d)
r2 = socket$kcm(0x2, 0x0, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x84, 0x9, &(0x7f0000000380), 0x98)
syz_io_uring_setup(0x26d1, &(0x7f0000000000)={0x0, 0x1431, 0x4, 0x2, 0xc}, 0x0, 0x0)
r4 = syz_clone(0xa0000280, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r4, 0x10, &(0x7f0000000240))
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
getsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000100)={@local, @multicast2}, &(0x7f0000000140)=0x8)

3m21.433140268s ago: executing program 1 (id=673):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async)
mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x4000) (async)
write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060009"], 0x30}}, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, &(0x7f0000000040)) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3m20.801970294s ago: executing program 1 (id=686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100766574680001f0000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3m20.718542773s ago: executing program 34 (id=686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100766574680001f0000400028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3m7.653405572s ago: executing program 4 (id=929):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000019c0)=@ipv4_newroute={0x2c, 0x18, 0x1, 0x70bd2b, 0x25dfdbfd, {0x2, 0x10, 0x80, 0x4, 0xfc, 0x2, 0xff, 0x3, 0x1e00}, [@RTA_PREFSRC={0x8, 0x7, @local}, @RTA_MARK={0x8, 0x10, 0x7}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)

3m6.543837385s ago: executing program 4 (id=932):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800010000043f028008000300000000000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

3m6.420737578s ago: executing program 4 (id=934):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x8001, 0x1, 0x2, 0xc, 0x6b, 0x8}, 0x20)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = dup2(r1, r1)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0x9, 0x1, 0xa, 0x10})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)

3m6.193536667s ago: executing program 4 (id=939):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
copy_file_range(r2, 0x0, r1, &(0x7f00000000c0)=0x8800000, 0x6, 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
getsockopt$ax25_int(r3, 0x101, 0xa, &(0x7f0000000000), &(0x7f0000000ec0)=0x4)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x8)

3m6.141265916s ago: executing program 4 (id=940):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xc0}, [@ldst={0x5}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x5, [@enum={0x2, 0x2, 0x0, 0x6, 0x4, [{0x3, 0xffffffff}, {0x0, 0xb494}]}]}, {0x0, [0x61, 0x2e, 0x5f]}}, 0x0, 0x39, 0x0, 0x1, 0x6, 0x0, @void, @value}, 0x28)

3m6.062960616s ago: executing program 6 (id=942):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$CDROMREADMODE1(r1, 0x530d, &(0x7f0000000380)={0x7, 0xb, 0x5, 0xe, 0x4, 0x9})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xfffffffa}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_REVISION={0x5}]}, 0x58}}, 0x0)

3m5.893511493s ago: executing program 6 (id=945):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=<r1=>r0, @ANYBLOB="1400011400400000000000000000000000000000140002"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000240012800b000100697036746e6c0000"], 0x44}}, 0x4000000)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000000480)=[{&(0x7f0000000200)=""/145, 0x91}], 0x1, &(0x7f00000007c0)=[{&(0x7f00000004c0)=""/41, 0x29}], 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x1)
fchdir(r6)
ioctl$UFFDIO_UNREGISTER(r6, 0x8010aa01, &(0x7f00000000c0)={&(0x7f000056d000/0x2000)=nil, 0x2000})
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
r8 = syz_io_uring_setup(0x5d0, &(0x7f00000002c0)={0x0, 0x7734, 0x1, 0x8002, 0x34f}, &(0x7f0000000000)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000380)={{0x1, 0x1, 0x18, r7, {r5}}, './file0\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r8, 0x47bc, 0x0, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[], 0x50}}, 0x40008014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x44}, @hci_rp_read_local_oob_ext_data={{0xe2}, {0x6, "936d18e66764d49a21f2c3e9614f5ff0", "3872d9848e22ada2b7bfe2f582d71d0c", "ecb75ee605ee6dcc4c06f90a1251f283", "ecbb649ae27f2ef73c95fca50f3d2fbe"}}}}, 0x47)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)

3m5.513296615s ago: executing program 6 (id=954):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000000000000000000008500000017000000850000007d000000950000000000000014fea3ff2b22f21964e7545c6f9c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000001}, 0x40001)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="1e031c00008c71ef288563"], 0xffdd)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00U\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYRES32=r2], 0x58}}, 0x0)

3m4.573643552s ago: executing program 4 (id=960):
socket$key(0xf, 0x3, 0x2) (async, rerun: 32)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 32)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000007c0)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) (async)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000006100000600000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x108, &(0x7f00000002c0)=""/264, 0x40f00, 0x14, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000, @void, @value}, 0x94) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd, 0x0, <r3=>0x0}) (async)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r1, 0x100000000) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) (async, rerun: 64)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x42) (rerun: 64)
fcntl$setlease(r4, 0x400, 0x0) (async)
fremovexattr(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f09700cc19e"]) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f00000000c0), &(0x7f0000000180)=0x14) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000001800cd8d000000e5ff00000002a1de07"], 0x38}}, 0x0) (async)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000080)={r3})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

3m4.545399239s ago: executing program 35 (id=960):
socket$key(0xf, 0x3, 0x2) (async, rerun: 32)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 32)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000007c0)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) (async)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000006100000600000000bf91000000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x108, &(0x7f00000002c0)=""/264, 0x40f00, 0x14, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000, @void, @value}, 0x94) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd, 0x0, <r3=>0x0}) (async)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r1, 0x100000000) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) (async, rerun: 64)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x42) (rerun: 64)
fcntl$setlease(r4, 0x400, 0x0) (async)
fremovexattr(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f09700cc19e"]) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f00000000c0), &(0x7f0000000180)=0x14) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000001800cd8d000000e5ff00000002a1de07"], 0x38}}, 0x0) (async)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000080)={r3})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

2m52.705759934s ago: executing program 6 (id=963):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000003880), 0x0, 0x0)
read$fb(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)

2m52.70557189s ago: executing program 6 (id=964):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0xfffffffffffffffe, r1}, 0x50)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents64(r2, &(0x7f00000063c0)=""/1024, 0x400)
syz_fuse_handle_req(r0, &(0x7f00000067c0), 0x2000, &(0x7f00000087c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000008880)={0x30, 0x0, 0x0, [{0x0, 0x0, 0x4, 0x0, '#,,-'}]}, 0x0, 0x0, 0x0, 0x0})

2m51.833703241s ago: executing program 6 (id=979):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f00000000c0)={<r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r3, 0xc02064cc, &(0x7f00000001c0)={r4, r4, 0x0, 0x80000001, 0x2})
close_range(r2, 0xffffffffffffffff, 0x0)
r5 = fcntl$getown(r1, 0x9)
r6 = syz_open_procfs(r5, &(0x7f0000000780)='mounts\x00')
getdents64(r6, &(0x7f00000041c0)=""/4111, 0x100f)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x5ccc6e75}, 0x1f)
listen(r1, 0x3)
mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22'])
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r7, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffff7fc, 0x0, 0x0, 0x0, 0x47, [0xfffffffc, 0x80]}})
ioctl$sock_qrtr_SIOCGIFADDR(r0, 0x8915, &(0x7f0000001740)={'xfrm0\x00'})
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c463f09110504000000000000000200030011f7000014020800380000002c03000002000000fcff200001000d00050009000000000002000000f7ffffff0200000004000000e60f000003000000ffffffff40f6ffff2371ba87d0a06be0f54400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee9be53900"/1890], 0x762)

2m35.997000648s ago: executing program 36 (id=979):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f00000000c0)={<r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r3, 0xc02064cc, &(0x7f00000001c0)={r4, r4, 0x0, 0x80000001, 0x2})
close_range(r2, 0xffffffffffffffff, 0x0)
r5 = fcntl$getown(r1, 0x9)
r6 = syz_open_procfs(r5, &(0x7f0000000780)='mounts\x00')
getdents64(r6, &(0x7f00000041c0)=""/4111, 0x100f)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x5ccc6e75}, 0x1f)
listen(r1, 0x3)
mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22'])
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r7, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffff7fc, 0x0, 0x0, 0x0, 0x47, [0xfffffffc, 0x80]}})
ioctl$sock_qrtr_SIOCGIFADDR(r0, 0x8915, &(0x7f0000001740)={'xfrm0\x00'})
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c463f09110504000000000000000200030011f7000014020800380000002c03000002000000fcff200001000d00050009000000000002000000f7ffffff0200000004000000e60f000003000000ffffffff40f6ffff2371ba87d0a06be0f54400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ee9be53900"/1890], 0x762)

13.90195837s ago: executing program 0 (id=2183):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f04) (fail_nth: 17)
r1 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
r2 = socket(0x23, 0x80805, 0x0)
listen(r2, 0x0)
poll(&(0x7f0000000000)=[{r2, 0x9081}], 0x1, 0x2)
connect$vsock_stream(r2, 0x0, 0x0)

13.771090951s ago: executing program 5 (id=2184):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0}) (rerun: 64)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000000c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000000000003b00000008008300", @ANYRES32=r3, @ANYBLOB="3c003300d0001000ffffffffffff08021100000150505050505000400f037206030303030303751401000c00861bf0f1cbc2be5ba9c4b0da1321f485080026006c09000008009f0007000000"], 0x68}, 0x1, 0x0, 0x0, 0xd0}, 0x0) (async)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001540)=ANY=[@ANYRESDEC=r0, @ANYRESHEX=r0, @ANYBLOB="00012abd7000fbdbdf255c0000000c009900040000005500000008006b005a00000008006b001001000008006b001c02000008006b001c71b20008006b003700000008006b006e00000008006b00f000000008006b007800000008006b005a000000"], 0x68}, 0x1, 0x0, 0x0, 0x50}, 0x24044011) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000006111680000000000950000000000000068dd253aa0e2332c817c5e9376eaf9"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1d, 0x4, &(0x7f00000002c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xeffffffc}, [@call={0x85, 0x0, 0x0, 0xae}]}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = syz_open_dev$vbi(&(0x7f00000000c0), 0x2, 0x2)
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x101003, 0x0) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r7, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x4080}, 0x4000880) (async)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r5, &(0x7f00000014c0)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001480)={&(0x7f0000001440)={0x30, r7, 0x400, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x14, 0x19, {0x8001, 0xf, 0x2, 0x4}}}, ["", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x20004080) (async, rerun: 32)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r4, 0xc0405665, &(0x7f0000000280)={0x0, 0x2}) (rerun: 32)
r8 = signalfd(r0, &(0x7f0000001240)={[0xffffffff]}, 0x8)
sendmsg$can_j1939(r8, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={&(0x7f0000001280)="53949932428cbe3889809a72629be1a0ab8cb84e4e722db89732f2f501e3f623b54f87279ed14b547e021d70f8920a414dcbce5a4164053ef83ff8f8829e769b38953b0c010e4206660039f7867a151da8fc31681f20871d7d90248bcddc29ada2ce752d6974edb59e46df9000b59020716ace52397d31d513ec2ff9a5a073f3e6df82c51cd1308ab8e4001bbac80137fba73ed2351cfa378043e5a70970f90f9b51153b17c49237c8d7576d01433525cab9935d8c5278dc507050958cdb37c80d123ec3fce2064537f1e8ea8a4346", 0xcf}, 0x1, 0x0, 0x0, 0x408c0}, 0x20000000)

13.770983621s ago: executing program 0 (id=2185):
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000001640)=""/4099, 0x1003}], 0x1, 0x0, 0x0, 0x81}, 0x84)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
read$FUSE(r1, &(0x7f0000002980)={0x2020}, 0xfffffffffffffd97)

13.711649537s ago: executing program 5 (id=2186):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f04)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
shutdown(r1, 0x1)
r2 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
r3 = socket(0x23, 0x80805, 0x0)
listen(r3, 0x0)
poll(&(0x7f0000000000)=[{r3, 0x9081}], 0x1, 0x2)
connect$vsock_stream(r3, 0x0, 0x0)

13.631637719s ago: executing program 0 (id=2187):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r5], 0x54}}, 0x0) (async, rerun: 32)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10) (async, rerun: 32)
r7 = socket(0x8, 0x4, 0x0) (rerun: 32)
sendto$inet6(r7, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020b06050e020909430009003f00064c0a000000040085a168d0bf46d32345653600648d04000500eb16000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a3200040016000b000a0000000000e000e018d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) (async)
lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f0000000980)=ANY=[@ANYBLOB="7c000000150008002dbd70000000000000000000007f0000010000000000000000000000004e2300034e2200000a00209023000000c68eab476f69118b06e512bd70921bd112d78818b99121c05ddef2a141dcce4f70e7dc67c01084cd7f745f4b7feea741b8aa16267ea39eb6200b9ed3bf1445af39966942", @ANYRES32=r2, @ANYRES32=r8, @ANYBLOB="b76b6ee40100000008000c008e000000240009000900000000000000060000000000000006000a00"/52], 0x7c}, 0x1, 0x0, 0x0, 0x40088c4}, 0x40840) (async)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x208000, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000180)={<r10=>0x0, 0xa0, &(0x7f0000000500)=[@in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e20, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e24, 0x10001, @remote, 0x8001}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x2a}}, @in6={0xa, 0x4e20, 0x7f006a9a, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4}, @in6={0xa, 0x4e24, 0xfffffffd, @mcast1, 0x7}]}, &(0x7f0000000200)=0x10)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r9, 0x84, 0x75, &(0x7f0000000240)={r10, 0x2}, 0x8) (async)
socket(0x1, 0x803, 0x0) (async, rerun: 64)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) (async, rerun: 64)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$BINDER_CTL_ADD(r9, 0xc1086201, &(0x7f0000000840)={'custom1\x00'}) (async)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async, rerun: 64)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) (rerun: 64)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000001c0)="c744240077dd0000c74424027fbe0000c7442406000000000f011c24b8010000000f01c1450f01ca470f01f866baf80cb8e4f61882ef66bafc0c66b8795966ef40250000000066b8de000f00d02e0f005ffa0f01c92e640fc71f", 0x5a}], 0x1, 0xe8, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r13, 0xae80, 0x0) (async, rerun: 32)
syz_kvm_setup_cpu$x86(r12, r13, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000080)="0fc75800f30f35baf80c66b8da08d88e66efbafc0ced0f23f466b8000000000f23d80f21f86635c00000400f23f8440f20c066350b000000440f22c066b9800000c00f326635002000000f3026660f3880b500a02664f3ae", 0x58}], 0x1, 0x3c, 0x0, 0x0) (async)
ioctl$KVM_RUN(r13, 0xae80, 0x0)

12.811632823s ago: executing program 5 (id=2190):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000000900010073797a30000000000900030073797a320070000008000a4000000003280004800800024000000012080001400000000014000300776c616e31000000000000000000000014000000110001"], 0xa4}}, 0x0)

12.681989586s ago: executing program 5 (id=2191):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f00000007c0)={0x0, @bt={0xa8f, 0x870, 0x1, 0x2, 0xd59f82, 0x19f5, 0x4, 0xb, 0x0, 0x5, 0x27fd, 0x2800, 0x440, 0x3, 0x17, 0x0, {0x45, 0x80}, 0xcd, 0x3}})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000003480)={0x2020}, 0x2020)
openat$fb1(0xffffffffffffff9c, &(0x7f0000002c40), 0x44000, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @remote, @empty}, 0xc)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0xfffffff8, 0x0, r5, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x1000000}}}}}, 0x0)
r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000780), 0x20000, 0x0)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, 0x0)
r7 = fanotify_init(0x200, 0x0)
fanotify_mark(r7, 0x1, 0x40000032, r1, 0x0)
writev(r1, &(0x7f0000000100)=[{&(0x7f00000003c0)='-', 0x1}], 0x1)

12.181692883s ago: executing program 7 (id=2193):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800010000040002800800037fffffff000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

869.933875ms ago: executing program 0 (id=2195):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f04) (fail_nth: 18)
r1 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
r2 = socket(0x23, 0x80805, 0x0)
listen(r2, 0x0)
poll(&(0x7f0000000000)=[{r2, 0x9081}], 0x1, 0x2)
connect$vsock_stream(r2, 0x0, 0x0)

869.637909ms ago: executing program 5 (id=2196):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = open(&(0x7f0000000080)='./file0\x00', 0x2602, 0x0)
lseek(r2, 0x7ff, 0x1)
getdents64(r2, 0x0, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/address_bits', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000000)="260f01cfbaf80c66b835b9ca8166efbafc0cec66640f32baf80c66b83065cd8966efbafc0c66b88f9b000066efbaf80c66b8a8a86e8866efbafc0c66b80100000066efbaf80c66b8983d448366efbafc0cb000eeea012b5d00660ff96700c4e2bddfdd0f01c2", 0x66}], 0x1, 0x74, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x2, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x4, 0x410, 0xffffffff, 0x108, 0x220, 0x220, 0xffffffff, 0xffffffff, 0x340, 0x340, 0x340, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, [0xff, 0xffff00, 0xff000000, 0xffffffff], 0x4e21, 0x4e24, 0x4e23, 0x4e24, 0x1, 0x1, 0x8, 0x6, 0x7fff}}}, {{@ipv6={@mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffff00, 0x0, 0xffffff00, 0xffffff00], [0xff, 0xffffffff, 0xffffffff, 0xff000000], 'bond0\x00', 'vxcan1\x00', {0xff}, {0xff}, 0x6c, 0x0, 0x6, 0x49e40bc7f850acb5}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@dst={{0x48}, {0x100, 0x2, 0x0, [0x8d, 0x2, 0x0, 0xfffa, 0x2, 0x8, 0x6, 0x7, 0x5, 0x81, 0x8, 0x200, 0x100, 0x1ff, 0x5, 0x6], 0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@eui64={{0x28}}, @common=@inet=@set2={{0x28}, {{0x4, 0x0, 0x1}}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'veth0\x00', <r5=>0x0})
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r4, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
io_setup(0x10000cb, &(0x7f0000000040)=<r6=>0x0)
io_getevents(r6, 0xc000000000000, 0x0, 0x0, 0x0)

866.24157ms ago: executing program 7 (id=2197):
socket$kcm(0x29, 0x5, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x1c, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x4, 0xff, 0x0, 0x0, 0x8}}, 0x1c}, 0x1, 0x0, 0x0, 0x240480d4}, 0x4040)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
sendmsg$rds(r0, &(0x7f0000002940)={0x0, 0xffffff10, &(0x7f0000002800), 0x0, 0x0, 0x0, 0x240088c0}, 0x200000c4)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
read$FUSE(r3, &(0x7f0000000380)={0x2020}, 0x2020)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000005500010004000000ffdbdf2507000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="0002065e00000000000000002000ffffe000000108"], 0x38}, 0x1, 0x0, 0x0, 0x20008801}, 0x40000)
preadv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/27, 0x1b}, {&(0x7f0000000100)=""/6, 0x6}, {&(0x7f00000001c0)=""/248, 0xf8}], 0x3, 0x2, 0x3ab5)
setsockopt$MRT_PIM(r3, 0x0, 0xcf, &(0x7f0000000000), 0x4)

761.891646ms ago: executing program 7 (id=2199):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000c40), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000380), 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r4 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r4, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f04)
r5 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000031c0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r8=>0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r8, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
ioctl$BINDER_WRITE_READ(r9, 0x40046208, 0x0)

571.914039ms ago: executing program 7 (id=2201):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x164)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000400), 0x42, 0x0) (async)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000400), 0x42, 0x0)
unshare(0x2040600)
socketpair$unix(0x1, 0x2, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0) (async)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x0, 0x0) (async)
r3 = fsmount(r2, 0x0, 0x0)
r4 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r1, r3}, 0x10)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r4}, 0x8) (async)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r4}, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000ddc0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r5, {0x7, 0x2b, 0x0, 0x0, 0xb5, 0x2, 0xb, 0x3, 0x0, 0x0, 0x1, 0x3}}, 0x50)
mknodat(0xffffffffffffff9c, &(0x7f0000000980)='./file0/file0\x00', 0x8, 0x8c)
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xfffffffffffffffe, r6}, 0x10) (async)
write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xfffffffffffffffe, r6}, 0x10)
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x441, 0x0) (async)
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x441, 0x0)
r7 = socket$inet(0x2, 0x2, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r9 = syz_open_dev$sg(&(0x7f0000000500), 0x0, 0x8400)
ioctl$SCSI_IOCTL_SEND_COMMAND(r9, 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000008508"])
ioctl$SCSI_IOCTL_SEND_COMMAND(r9, 0x1, &(0x7f0000000000)={0x0, 0x6, 0x20036c6})
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'virt_wifi0\x00', &(0x7f0000000080)=@ethtool_rxfh={0x46, 0xd, 0x4, 0x230, 0x6, "7ad9b7", 0xa000000, [0x23d, 0x1, 0x5, 0xf34, 0x6, 0x9, 0x8, 0x6]}})
sendmsg$NFT_BATCH(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x3}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r7, 0x89f8, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000200)={'erspan0\x00', 0x0, 0x10, 0x8000, 0x7, 0x3, {{0x5, 0x4, 0x1, 0x7, 0x14, 0x26, 0x4, 0x3, 0x4, 0x0, @empty, @multicast1}}}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x66)
syz_clone(0xe2b6c4e41a525dd6, &(0x7f00000009c0)="c1d414211d72cd54ae955e53f4d1a76162a34554cd0cbe56cb0c48e085b7b303b764c346aa86e524ac379d1543479be7b74fcf670043a9fc151627704e622c61c8cbac79fcb51f5e792843ab1b53fed2aa06989357e7320f425d72255dcb60f4653abe9cfc5bcad2081754598b078f63f6f1f0d0a2da8ace86aecfc9ebf1c2534dfa30c4e948dafa045f41a2b48e6b87b23828f6469c7dcea0dbe2051c8dc109be836a40c7b5e516d7a2f77ad75d2619618dfb56b8d487a51960a9aefedafd67f95bf3c6d77bd00e0a0bd4ead400db0fd4a16e5986938ca36c3bc9a868e4b057904457c22a603e0e91fe7aeb6310cb7cc406d274201a2cbd1d97299f9e9e65aebfac7b328e78298b064eaaa3af131c06837e48086803bfc318603a09d8594c177ef1f6f21754cc80b9ffa10033e74192f375d40d2c73cafd5a20dcb9f9d344d0d21c903a5333f76def3e65d7dc7ead396ea718da54d985912a0bfe1c7c3700b5facd984dbbaa41521c14292e774be5e9a4a09808fa4c283ef3c435cb057e8a8da100ab78957502086f8e7e7a47fe2390981772b80b3dba9e8bc5eb49f7ed89e95dd4e6ba0aac46d0ecf32830e300e56624bdb0b7a98886d0e7eea9871e94861bbc0c9310517e393d40e62878092e51d07cccb48625fe593630076b66b4c2cbfa7f421bea3e6c0d02e3d472424224b48046e4c72b355cbf3341865bab9757e3b796e381dd807cb69a85bedcb8c9fcf02bfb01cf53df30a3612a5986058abda78c336df921c09a483888cf79802d49035c08c8cac2f08b3882da95e477d25af4201134502cb02c15134e27708ba538bba1b1606ec85ccad81f736822d27ea27b6e0e83c9354c222d3326885ef3ee239862584021665a79010d5f64f4aee62b4e9d4e68e7428ee070d57690d97912a06542dd7167abbb3e72181f97ffccdd735fec5c44916e6e2b9b34c6ce71069df5c033f0f6683ea13dbb882d5e1986fc43f54aa1e35aad12735b8ee83b47348fadf77d0dacdd35ebdc4cc0ec0faf1469cb829ecbad909ecf00f95d9572a91ff51f4a7d33a7386187bb3badddc5da8ecf042e7203b0248fe11a7297d638013308bd714445923939b10821d0fa2f6dda93c664ea86efc7a6cfaf3fae6cff445b0565cd7b2ea1c680b44c3eb4745177e265dda093a0608af5232f99ca81558148879ed6b927e3a97146dde933ab77c60f2a0be67a4e2d93fd408555df6d1e0bd2e59ba9ffed568b31380ce546946092364d3a3b17544f3239ba26fabb0d0164289627bd4112237513b558ddcbf55249d24c5770385e6dabbbdeb3ab6156856edc4b8badce94741fe548f4bcc63fc5ebed3e9daaba00894323e9e38fd79d578d91d1e22d9aea39eb54f93bb14e521e064db2193b997db82472abeee5bc4f6a8af6128d5c1ab63d659cdb899e842380bba10d7e09a7521961430ecd8b27a106f6bd8fb46a5230b468cd1867ea59867fc01fc78fd92d51d8a28bb8eb4662b623a77609e497e0b63a76eda528e570b6d766f81dd1604cbe4a8b04edc24e2189e693ba07195ee677688cbf51e263db51dd0018a06b566d9ca9c129edfd776ff187308f0b1b36e27b1d80722de4e78038f42395908d27dc6ce7784bcc81446d150de1bf80509743df1e1122c4f3a9d550f17837838a48cf75634f2640cb6c2cf266deef0b07f82299cd360885b7d21fca7957ec7fc7f9bc515daa6b087628e34f9eb9da11d6ff03fa21ef9e9debf0ef3b920673bc1f7f7b03d27c79346a1028de2b9719ee185c190be564dfb11d0605544e36686a727ab95f47acd4c777be655394875896cdb2f99dbb580380ca56b986bb8cf30185ff0b358a617b4173f6d394cdb44fcdbf0ce6d92e0e8e6704ab3272653711428b83628d47d845ed9e867be260f75b18674e93f4f7ac13bf286f2ce7637463be358c62979cf86dd9c37a3a14521008d611af9bffd5e373320fcd729e5f62c3567005bcd243c34f226d93537f7c4f29fb5d09567e32672c970a35b9bf8cf0469c20e338a46a1334515dbd2a2ad13900d559436fb31fd4960329fe18a3b97509faf282464f2cca778edb96403dd54b3d8829c6e712dd8fe377edbcbc44e1d506154dee54522c5aaac598a6fdf0a0ba9c9a7a61919e79e531d21235067a28fee4705f50ba87b7a042935c7f5d8ac32b82f317410e2e7e2df4c9843dfe2a3f82c5f64188b283e1de41e610a1f410144c5ed52e1fe94521df5bb6f3c248f19b1b676909598a9ffea1b97c4dc1fa9cfd5c499f9fa639a0f3e3b4cf8b23a9fb9e0104da210fa1ad563bbae04b501132de2004182987bd16ff6a10d5c41d00b9d572d897af3f0174a2609b5e7872839545d66ca8ee50bbf64830687807dd492ae5756dfa5baac7a00a3754eee62cbe9f5247f75ffb075ba1302a6517b5390f072bead96b2bc7e0187449c2937b98f09fd348812430d4fe64d09ef85c755cce34606bdccbb00633ce8b285c64bc5bd1ca25a05556ac91ce72634f1e9d6e6df7ef69d73e27e249d7f5ee9f25fd3e3e286c581709ec6982ea87bebf26f9667b49d7e2b0ab49edd3936cd8e9356af2678c9ce319949cf64483d472807c2dd700dd861787087e55aa22bbc19a14c5c71ba07489b40a7fc522656f03de52d683521549d365c7bc195905814cc8ab2b8df0773e83f798d18c1aad5c0559bc843704d6ccbfd221891735bd48787aab84cb98b1ce6e243f98a496192f8230c8a009aae4e9cd5719f82b51de03cf8e1e07ff82c0a922418dd448ef9ebf4d1df77d5e12132214b5052cec5d9ef7999d042891ef4e621833c0eb1bc7c6b5fce77bd260ed364f02979ff129eca7422720c065efc9db4b848a6739d406846636b7c0669a751a5eba6c3c763ae535388698a17c5b9898c92969ad986b52fcf6c985a24ffb57e2e1e26211fb6eb0d11652354e0290a6b91f231f38d410d4e670fcbb612327aeab6d72ea2ee18b4a96b02f1c4514d3d5f07e41b42283dfe6499ca1f36d27fbcd95c9726d2569d07fa91c104671af56e0dcd8755559defd278783ae40922f688b1bb6c149edd95a3f9e8f3b473fcc262c15ea181da74fa8017ade28d3319e4613894ce9d58d48f22e3617d13cac15610346e14517f6b89e65f1d2e6835daa2ba97e5eaa261baee4ea9cf4fa07fe42cd6f45f14218cd2eb3a9749d62aa72c94591a923d4f1cb702a1c3b69169746f344e4837c266f3f8d42e5e3f0729098c84339f4c1c0f184c2e39ca78e9d8aa5a69259146ca6b1cc387e95866662ebaf56b66a9fc3b302d5d95f4b6b713f8c191ee7ebf6b62a648642d06d14a1b44b92c45e5edb1a8affeae8da43a3719958201e7ef979d10dc840db7259bdfaff4ebab381cac45a567fdb04ccb6dc373bc7f0ab66233aeee17b598eebba0768db3740d82a9fb7be88209f46b29094606de4ab8496f528ffd055e6e31ddd13100fb77417cc04b22c72219bfdf9cbbd3c793c99f8b9e7881301f355526b579e39f523132f67774d19470dd31011a3e63d9b92afeb9aa3e7025543f8a8c99146a14db68c3647a33c04c363a1e56471f1ed180d2e3e61f75f174713897007444cbe99df374f9d28cd51d33f676bde21e8b27e9198984b03e216034ec6cdb2825bf4ac940704b9a67b2822acddb8961c8d20046614414504ccb8f774eef0a126016759ba5e7a0c1e3bf94dc955b02e77af3cc175b0828d3aaa60a4f138bfee5fa9d9295abfba939957343d4a3f7bc1a8914392a1ca154c1a93eec303174657c9ada5bdde16eb0248041d50f377c83ebdd05a9e2939d07ee3bedadec0f5af1b9900901bce08d23342639ae9ff36712db48e422d54cb48ecbd82f3e094a47be442675e2fe66394c64fb0fa80265d25d21573ae8067d26910444fc26fa1ebd0389927947e2dc11877b659a94c431c52e7672081e88d83b2625c8e54226bb34ae6de5019c149ac7551eb4449ecd55c7c9f3d5c1dfa45f49853e40a1368caf705d0d0f4cf36dc3bc441ca628d3c1efcaab74e7655fcaad7d574fe97bd41f0da91620abaefcb762f5ad3ee27a0a9c3e4190cdd8f18fe9faea25e8f9a61688c579896126822cd5a3df4bb81fc6a5128b41c5b96ee4764cf015114a806fee50a83bd11480ef42f42f88180ebdd47f098dd7792c23aec32d6fcfed7f9fe2f81d7354736535e85a530ed982f5afe49dac9a9d0f2be0b9ae93cec86cbac1471632adba9caeaae8e90e7084d12b117d873bc987132c07aa3261f92c9b7013e9276dab548e0da7d4fe5c03ffd08c802d8e20ee89e60ccf9957929b2580d9fb52afe32263a30fb782f385da44fb714890076bd68ac15a31ac9565a42665cdafe453c4127c8d33d7652410d755c0fa0fe51203bdb09a9b60d9062e5c8d66729ccb8d035c7c63bfdf0c40b88e11e79b0025b21e2d53f0353f8d2fdf9b5905132066eb43333eb5d599b28f736ee4bcb2ce16ea0d0f836ba7fc5e7b365f288f89d97ffb817f5669eb78a9adc6bd3baf78fd128aac3c219d99f69125a44843d854ca4d5bbdf897e9d932993a79050081d12f34bf9d68764bfe58f20fa56b27bd3d9baa23b1288972f9c9735f4a8f7802023e052bca2a59c515c2e412f5bfd5467a69fdbdc8b03f03adf6637813c0b9512bc1e8f85eda3f405b1341b791f90bee1c7a3e199d8bd0338615d146481fbe59b703a9e2935a454eebf3ea68404a5900d390869951b394cef7d024ab0baee08b50dd47f6c9a67f9dd47ecf6b9147685a05f626df20c0c13a2d14b8bbd23fd3f8cc1d219fbec88af2e5c7fd8518e3b437a070524c7d42cbc1d536db91ca96e077c967cf24411b0d329b977956eecce4130d540493998d6c807ae4efbc4ee2a33535b2bd41eb5c2adb5150c8645b34147b98f4d121985552424948e34898a9e572caced4d98a0f8955b2dab28325533af98b7745cd8516f1d7627085d7a384a6efccf440ccaf02fe42d1ee3fb04f5f90b292621c65c3f5fb6e55f505e8427dc7d4045ee9074b90295b275cc980e7d3be28f10eb9f66ba35d9476436d94c67b8bf19df117daa42a8b0c244fb46515108c692afe19dc805de6e3f9d4dcf8e8c51b84225117b262e8c6b0d6a2028694283a609f39f4b5a21e347d35b96d2b7f9117f4ea338457bdbab6ce09b66c5b4707c0bdf41ebd04b2227b9aba68bb836f5def25803087be23081425f381dc4135e0fcbe17adbb9346bd983109f0bb8a3e449dee22e27608514a1807f143eb1e18cc4915d1f13fb09e67bfdaba5d9180e26d1baf8bbeb6ef4efc459781c678b2d3e1bf08a331ba181cc8c55eff755a35e21a1fedb7926142cd087299c3c0ebcc36dc1430b94cffd24c057ce9bb8b9c067d8aff19bfa4fcb8a1f5839554e71aaa2086562c9e41aaa6ffd38a028dc0973285f8558f5825ce576ed1ff4bfd785312ffee28b99d4814d8f33dad84d5a79efee48d128ea72029d3f6ea12fca6edf7c2a8be1b95ee100ee06291ec74b73a2a16575d7966228822439fd15e8f808760ff247b8f347f184d11d39dee4ce3db0cb46b055177b1ae01506ef771678e94d10bcdb86ec2b606d9d971c7d71bf6283cd7e0266c5d8b5f948539b65b6cbfd96c5cc1a6aea3d449b1a6d91284451caa0fcd4decc51522f380fe89295a9592a7e2ba74a6a4cc1fde0b24221abe2ade6d583359c459786062560b2319fb50f668cc4902d63d1d31cc360ad02998ed7eb37d2abeda1149e3769eeb2e66d0ce4a83eff73a8206981e80d6851e0447dcde482fa354160920fb732b34a679393cdd405", 0x1000, &(0x7f0000000140), &(0x7f0000000340), &(0x7f0000000380)="1069de3436e50b961cc834ff6a7a6cde5bdde04c3dbf1708f731567ee5")
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

571.676904ms ago: executing program 8 (id=2203):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1101, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

571.108808ms ago: executing program 0 (id=2204):
r0 = syz_open_dev$vim2m(&(0x7f0000000540), 0x5, 0x2)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000300), 0x4562c0, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000640)=@mmap={0x9, 0x1, 0x4, 0x2000, 0x800, {0x0, 0xea60}, {0x2, 0x0, 0x6, 0x9, 0x2, 0xf, "ab3f6254"}, 0x0, 0x1, {}, 0x4, 0x0, r1})
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x2, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000007996b9ac61108e010000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="4c00000010001fff000000000200000000000000", @ANYRES32=0x0, @ANYBLOB="929be4c8000000002c0012800a00010069706f69620000001c0002800600020f0000000006000100050000000600020000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0xa5bfce6, 0x0, 0x3, 0x1d, 0x1, "646b4c7fed409e3eedca8000f59e164dc63367e7e08474071e9f67cc6481368e22ccf521b6bbe3a6a0157ada941ad42d2b62cb6d7dc5352a94b52ae0bde3bb2c", "0db14295dccd224f8b5ef2619871507eddc5fcc80afaa01d4c3b062568a39748aa03fab4400f982510e9de5b54ae1d7051b12a0cb84eb89391fef5ca6b49111e", "d05ec8eb94ee9afa9810416be0e28111a4a710927747eda9cb44bcdc7563144f", [0x7, 0x7fffffffffffffff]})
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000003008000240000000030800014000000012080003400000000008000340000000"], 0x122}, 0x1, 0x0, 0x0, 0x2}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000010000100000065e9366a00000000000a44000000090a010400000000000000000700000008000a40000000000900010073797a300000000008000540000000040800098004000280140000001000010000000000000000000084000a00"/108], 0x6c}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r6=>0x0})
close(0xffffffffffffffff)
syz_emit_ethernet(0x4e, &(0x7f0000000580)=ANY=[], 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f000000c400)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f000000a3c0)="61ddaf21c1282a5a6352f350c2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009985f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff418fe4bd892d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4d6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f32574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152aefdc45eac6ff786dae370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee1482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa350448ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f582300", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78, 0x0, 0x0, {0x410000003, 0x10, 0x0, {0x0, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x8001, 0x0, r7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="130000004f0039"], 0x24}, 0x1, 0x0, 0x0, 0x4004840}, 0x0)
r9 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000380)=0x60)
ioctl$sock_SIOCGSKNS(r9, 0x894c, &(0x7f0000000500)=0x7)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000140)={{{@in=@loopback, @in6=@rand_addr=' \x01\x00', 0x4e24, 0x3, 0x4e20, 0x0, 0x2, 0xe0, 0x80, 0xc, r6, r7}, {0x1, 0x3, 0x8, 0x101, 0xffffffff, 0x4, 0x0, 0xd}, {0x5, 0x7, 0xcafe, 0x101}, 0x5, 0x0, 0x2, 0x1, 0x0, 0x3}, {{@in6=@loopback, 0x4d4, 0x2b}, 0xa, @in=@rand_addr=0x64010101, 0x3500, 0x4, 0x2, 0xaf, 0x9, 0x9, 0x2}}, 0xe8)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r10, 0x29, 0x50, 0x0, &(0x7f0000000180)=0x2b)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)

522.122256ms ago: executing program 8 (id=2205):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@nat={'nat\x00', 0x8, 0x5, 0x658, 0x208, 0x328, 0xffffffff, 0xf0, 0x328, 0x588, 0x588, 0xffffffff, 0x588, 0x588, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@connlabel={{0x28}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@loopback, @ipv6=@dev, @icmp_id, @gre_key=0x4}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @local, [], [], 'wg1\x00', 'virt_wifi0\x00', {}, {}, 0x84}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@srh={{0x30}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}, @ipv4, @icmp_id, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [0x0, 0x0, 0x0, 0xffffff00], [0x0, 0xffffff00], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6b8)

521.983175ms ago: executing program 5 (id=2206):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800010000040002800800039effffff000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

458.39689ms ago: executing program 37 (id=2206):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x59, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000010003b1528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000014001280090001007665746800010000040002800800039effffff000500110001"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0)

411.761537ms ago: executing program 8 (id=2208):
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0/file0\x00', 0xc8)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x103091, 0x0)
pivot_root(&(0x7f0000001640)='./file0\x00', &(0x7f0000000100)='./file0\x00')
chroot(&(0x7f0000000000)='./file0/file0\x00')

411.560727ms ago: executing program 8 (id=2209):
r0 = socket$kcm(0x29, 0x5, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000580))
r2 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r2, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$rds(r0, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000001640)=""/4099, 0x1003}], 0x1, 0x0, 0x0, 0x81}, 0x84)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
read$FUSE(r3, &(0x7f0000000380)={0x2020}, 0x2020)

361.068415ms ago: executing program 8 (id=2210):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f04)
r1 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
r2 = socket(0x23, 0x80805, 0x0)
listen(r2, 0x0)
poll(&(0x7f0000000000)=[{r2, 0x9081}], 0x1, 0x2)
connect$vsock_stream(r2, 0x0, 0x0)

251.647021ms ago: executing program 7 (id=2211):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x441, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_OUTPUT(r1, 0x8004562e, &(0x7f0000000040))
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
listen(r2, 0x50)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r4, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000000c0)={'pim6reg0\x00', &(0x7f0000000140)=@ethtool_rxfh={0x46, 0x1ff, 0x1, 0x6, 0x5a, "0641d3", 0xe, [0x3, 0x8b]}})
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202})
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
read$dsp(r5, &(0x7f00000000c0)=""/105, 0x69)
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1)
ioctl$TUNSETLINK(r0, 0x400454ce, 0x6)

251.503507ms ago: executing program 0 (id=2212):
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x8, {{0xa, 0x3, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x310)

183.762µs ago: executing program 8 (id=2213):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000000900010073797a30000000000900030073797a32fff5000008000a4000000003280004800800024000000012080001400000000014000300776c616e31000000000000000000000014000000110001"], 0xa4}}, 0x0)

0s ago: executing program 7 (id=2214):
ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x8b, 0x800000000000d615, 0x3fb, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x100}}, {0x0, 0x12}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f04) (fail_nth: 19)
r1 = creat(0x0, 0xecf86c37d53049cc)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(0xffffffffffffffff, 0xab07, 0x1)
r2 = socket(0x23, 0x80805, 0x0)
listen(r2, 0x0)
poll(&(0x7f0000000000)=[{r2, 0x9081}], 0x1, 0x2)
connect$vsock_stream(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

eneric 0000:0000:0000.0009: unknown main item tag 0x0
[  248.249214][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.251519][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.254245][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.256569][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.259603][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.261948][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.264344][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.266687][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.269024][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.271387][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.272119][T11096] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1454'.
[  248.273745][   T52] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  248.282628][   T52] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  248.317313][T11097] fido_id[11097]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  248.329554][T11099] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1455'.
[  248.448915][T11105] fuse: Unknown parameter 'ro	Zâ�'
[  248.575214][   T40] audit: type=1400 audit(1748788053.710:584): avc:  denied  { ioctl } for  pid=11108 comm="syz.8.1460" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x4b48 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  248.611755][T11111] afs: Unknown parameter 'dynio.bfq.io_service_bytes'
[  248.615011][T11111] overlayfs: overlapping lowerdir path
[  248.655793][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.659008][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.662090][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.665558][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.668002][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.670714][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.673311][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.675944][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.678336][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.680963][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.683697][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.686124][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.688557][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.690932][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.693645][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.696100][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.698488][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.703117][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.705554][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.707975][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.710350][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.712723][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.723131][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.725496][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.727851][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.730238][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.732636][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.735126][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.737807][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.740187][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.742677][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.745303][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.747713][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.750051][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.752571][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.755951][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.758366][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.760721][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.763089][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.765643][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.768007][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.770435][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.773715][   T10] hid-generic 0000:007F:FFFFFFFE.000A: unknown main item tag 0x0
[  248.774101][T11122] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1464'.
[  248.780395][   T10] hid-generic 0000:007F:FFFFFFFE.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  248.881157][   T40] audit: type=1326 audit(1748788054.010:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11124 comm="syz.7.1465" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f390d58e969 code=0x0
[  249.082390][T11134] netlink: 'syz.8.1467': attribute type 1 has an invalid length.
[  249.100640][T11134] 8021q: adding VLAN 0 to HW filter on device bond2
[  249.150266][T11137] fuse: Unknown parameter 'ro	Zâ�'
[  249.816312][   T40] audit: type=1400 audit(1748788054.950:586): avc:  denied  { read } for  pid=11142 comm="syz.7.1470" path="socket:[37324]" dev="sockfs" ino=37324 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  249.845625][T11145] netlink: 'syz.7.1471': attribute type 10 has an invalid length.
[  249.848719][T11145] lo: entered promiscuous mode
[  249.851820][T11145] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  249.895234][T11149] netlink: 'syz.8.1473': attribute type 23 has an invalid length.
[  249.912997][T11151] netlink: 'syz.7.1474': attribute type 5 has an invalid length.
[  250.017112][ T5978] usb 10-1: New USB device found, idVendor=067b, idProduct=aaa2, bcdDevice=cc.72
[  250.023452][ T5978] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.026041][ T5978] usb 10-1: Product: ᐇ
[  250.034526][ T5978] usb 10-1: Manufacturer: 䯡痾箐僊┴圓邉佻⽻噙镭膍긠曛䞽ߢ励병⦓떥蹏讬䂵뿃蘥ﰤ渴棋젨식䋗뎣周䘭黙ᠥ卄枯䌺ꤋᅠ
[  250.043681][ T5978] usb 10-1: can't set config #5, error -71
[  250.046367][ T5978] usb 10-1: USB disconnect, device number 12
[  250.082500][T11166] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1480'.
[  250.220280][T11181] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  250.226715][   T40] audit: type=1400 audit(1748788055.360:587): avc:  denied  { append } for  pid=11176 comm="syz.0.1483" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  250.298475][T11185] fuse: Unknown parameter 'ro	Zâ�'
[  250.421475][T11196] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11196 comm=syz.0.1490
[  250.426227][T11196] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1005 sclass=netlink_route_socket pid=11196 comm=syz.0.1490
[  250.547651][T11205] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1494'.
[  250.734031][ T9687] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  250.794490][T11233] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1503'.
[  250.915012][ T9687] usb 5-1: Using ep0 maxpacket: 16
[  250.919096][ T9687] usb 5-1: config 1 has an invalid descriptor of length 132, skipping remainder of the config
[  250.923020][ T9687] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  250.943292][ T9687] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  250.946110][ T9687] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.948674][ T9687] usb 5-1: Product: 蔒瑩棖쎓鈔郏껠쳄⠫뾳莔碫峟寤鑺榪籏荒須೰ٖ鑔ठᔌ쬥䗦李嬁㐨뮢旆泲赟茛淙⮿乺볰祣嫝佪梒ļ뮷윧ꄠ䣔斓拂뇴촟鹚ﳊ䳆渇䒺清᳣㍧郒헝咸쿎蒊㾘鸐⿁૜ꭞ
[  250.956693][ T9687] usb 5-1: Manufacturer: Е
[  250.960322][ T9687] usb 5-1: SerialNumber: 什뺘粮얨烱⏺鞕ﮟ줘䏁꥾왚㬼į큛᳍饃⾇ᄞ䯩榥끱辒䨈ҏ钵⌏᳎野柑蠁宠▷ꑅ누伱倽䚬騦ࣧ㥲猾䍬僼퇄ޘ巖뚥ﻌ暈쳏퍤╂푲嘱댌㍩〗攺൷ꃛ贐箮䦩ꆯ⋀䢢뿿㜯쓂벏㲵ߠ⺎멷䥿ⲷ㹿䂣뺃⺰阢ꚁꉣ粩狶㽡ᯯ됔㋜䩤ꦵ
[  251.199186][T11199] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1491'.
[  251.206623][   T40] audit: type=1400 audit(1748788056.340:588): avc:  denied  { read open } for  pid=11254 comm="syz.7.1510" path="/" dev="configfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  251.213771][ T9687] usb 5-1: 0:2 : does not exist
[  251.223100][ T9687] usb 5-1: USB disconnect, device number 9
[  251.236759][T11035] udevd[11035]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  251.439243][   T40] audit: type=1400 audit(1748788056.570:589): avc:  denied  { map } for  pid=11258 comm="syz.7.1511" path="/dev/vhost-net" dev="devtmpfs" ino=1300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  251.696004][T11264] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1513'.
[  251.806148][T11268] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11268 comm=syz.0.1515
[  251.915813][T11288] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1519'.
[  251.922327][T11279] syz.7.1519: attempt to access beyond end of device
[  251.922327][T11279] nbd7: rw=0, sector=64, nr_sectors = 8 limit=0
[  251.927774][T11279] syz.7.1519: attempt to access beyond end of device
[  251.927774][T11279] nbd7: rw=0, sector=120, nr_sectors = 8 limit=0
[  251.933807][T11289] syz.8.1522: attempt to access beyond end of device
[  251.933807][T11289] sr0: rw=0, sector=4, nr_sectors = 4 limit=0
[  251.935561][T11279] Mount JFS Failure: -5
[  251.937877][T11289] vxfs: unable to read disk superblock at 1
[  251.940935][T11279] jfs_mount failed w/return code = -5
[  251.941854][T11289] syz.8.1522: attempt to access beyond end of device
[  251.941854][T11289] sr0: rw=0, sector=32, nr_sectors = 4 limit=0
[  251.948368][T11289] vxfs: unable to read disk superblock at 8
[  251.950645][T11289] vxfs: can't find superblock.
[  252.035530][T11310] openvswitch: netlink: Message has 5 unknown bytes.
[  252.302678][T11336] kvm: kvm [11335]: vcpu2, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x60000000000
[  252.308807][T11336] kvm: kvm [11335]: vcpu2, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x60000000000
[  252.315225][T11336] kvm: kvm [11335]: vcpu2, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x60000000080
[  252.319341][T11336] kvm: kvm [11335]: vcpu2, guest rIP: 0x1b8 Unhandled WRMSR(0xc2) = 0x60000000080
[  252.332546][T11336] netlink: 'syz.5.1535': attribute type 21 has an invalid length.
[  252.558549][T11379] __nla_validate_parse: 4 callbacks suppressed
[  252.558563][T11379] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1548'.
[  252.599291][   T40] audit: type=1400 audit(1748788057.730:590): avc:  denied  { ioctl } for  pid=11370 comm="syz.7.1546" path="socket:[38967]" dev="sockfs" ino=38967 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  252.658084][T11380] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  252.658084][T11380] The task syz.7.1546 (11380) triggered the difference, watch for misbehavior.
[  252.718266][   T40] audit: type=1400 audit(1748788057.850:591): avc:  denied  { connect } for  pid=11396 comm="syz.7.1555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  252.729231][   T40] audit: type=1400 audit(1748788057.860:592): avc:  denied  { write } for  pid=11396 comm="syz.7.1555" path="socket:[35833]" dev="sockfs" ino=35833 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  252.746602][   T40] audit: type=1804 audit(1748788057.880:593): pid=11400 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1556" name="/newroot/468/file0" dev="tmpfs" ino=2501 res=1 errno=0
[  252.849206][T11406] syz.8.1557 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  252.856126][T11401] ipt_rpfilter: unknown options
[  252.860235][T11401] syz.8.1557: attempt to access beyond end of device
[  252.860235][T11401] loop8: rw=0, sector=16, nr_sectors = 1 limit=0
[  252.865838][T11401] qnx6: unable to read the first superblock
[  252.868975][T11401] syz.8.1557: attempt to access beyond end of device
[  252.868975][T11401] loop8: rw=0, sector=0, nr_sectors = 1 limit=0
[  252.873799][T11401] qnx6: unable to read the first superblock
[  252.876315][T11401] qnx6: unable to read the first superblock
[  253.086679][T11413] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.193231][ T5978] usb 13-1: new high-speed USB device number 5 using dummy_hcd
[  253.258548][T11418] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1562'.
[  253.305305][T11413] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.314984][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.353303][ T5978] usb 13-1: Using ep0 maxpacket: 32
[  253.357320][ T5978] usb 13-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  253.361266][ T5978] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.371809][ T5978] usb 13-1: config 0 descriptor??
[  253.388839][ T5978] as10x_usb: device has been detected
[  253.391871][ T5978] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  253.414178][ T5978] usb 13-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  253.440958][   T40] audit: type=1400 audit(1748788058.570:594): avc:  denied  { firmware_load } for  pid=5978 comm="kworker/2:5" path="/lib/firmware/as102_data1_st.hex" dev="sda1" ino=297 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  253.441948][ T5978] as10x_usb: error during firmware upload part1
[  253.457809][ T5978] Registered device nBox DVB-T Dongle
[  253.535180][T11413] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.547517][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.550742][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.586252][   T40] audit: type=1400 audit(1748788058.710:595): avc:  denied  { compute_member } for  pid=11410 comm="syz.8.1560" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  253.606646][ T5978] usb 13-1: USB disconnect, device number 5
[  253.637891][ T5978] Unregistered device nBox DVB-T Dongle
[  253.643023][ T5978] as10x_usb: device has been disconnected
[  253.688517][T11413] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.717631][T11416] infiniband syz2: set down
[  253.720365][    T9] vxcan1 speed is unknown, defaulting to 1000
[  253.722574][T11416] infiniband syz2: added vxcan1
[  253.749388][T11416] RDS/IB: syz2: added
[  253.752063][T11416] smc: adding ib device syz2 with port count 1
[  253.757153][T11416] smc:    ib device syz2 port 1 has pnetid 
[  253.761596][   T29] vxcan1 speed is unknown, defaulting to 1000
[  253.767702][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.854622][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.936993][T11416] vxcan1 speed is unknown, defaulting to 1000
[  253.998657][T11413] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.008033][T11413] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.015860][T11413] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.018863][T11416] vxcan1 speed is unknown, defaulting to 1000
[  254.022740][T11413] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.099901][T11416] vxcan1 speed is unknown, defaulting to 1000
[  254.258186][T11431] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  254.341900][T11439] fuse: Unknown parameter 'ro	Zâ�'
[  254.736483][   T66] smc: removing ib device syz2
[  255.012619][T11470] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1578'.
[  255.153339][T11474] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1580'.
[  255.225032][T11474] bond3: entered promiscuous mode
[  255.236042][T11474] bond3: entered allmulticast mode
[  255.251646][T11479] bond3: (slave vcan0): The slave device specified does not support setting the MAC address
[  255.258849][T11479] bond3: (slave vcan0): Error -95 calling set_mac_address
[  255.316301][T11485] 9pnet_fd: Insufficient options for proto=fd
[  255.439560][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.441627][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.516927][   T40] audit: type=1400 audit(1748788060.650:596): avc:  denied  { bind } for  pid=11498 comm="syz.7.1589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  255.648581][   T40] audit: type=1326 audit(1748788060.780:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11521 comm="syz.5.1598" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fec98e969 code=0x7ffc0000
[  255.652052][T11522] xt_hashlimit: size too large, truncated to 1048576
[  255.663122][   T40] audit: type=1326 audit(1748788060.780:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11521 comm="syz.5.1598" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fec98e969 code=0x7ffc0000
[  255.673197][   T40] audit: type=1326 audit(1748788060.780:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11521 comm="syz.5.1598" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2fec98e969 code=0x7ffc0000
[  255.744671][T11530] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1599'.
[  255.823798][T11535] 9pnet: Unknown protocol version 9
[  255.880504][T11537] fuse: Unknown parameter 'ro	Zâ�'
[  255.987825][T11554] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=29 sclass=netlink_tcpdiag_socket pid=11554 comm=syz.7.1609
[  255.991992][T11554] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=23 sclass=netlink_tcpdiag_socket pid=11554 comm=syz.7.1609
[  256.026931][T11561] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1611'.
[  256.100204][T11564] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  256.106790][T11567] 9pnet: Unknown protocol version 9p200
[  256.106855][T11564] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1612'.
[  256.173138][   T54] usb 13-1: new high-speed USB device number 6 using dummy_hcd
[  256.185224][T11570] fuse: Unknown parameter 'ro	Zâ�'
[  256.203010][T11572] Cannot find del_set index 128 as target
[  256.207292][T11573] Cannot find del_set index 128 as target
[  256.262285][T11581] ata1.00: invalid multi_count 1 ignored
[  256.323151][   T54] usb 13-1: Using ep0 maxpacket: 32
[  256.340782][T11546] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.1606'.
[  256.347501][   T54] usb 13-1: unable to get BOS descriptor or descriptor too short
[  256.350860][   T54] usb 13-1: unable to read config index 0 descriptor/start: -71
[  256.353656][   T54] usb 13-1: can't read configurations, error -71
[  256.432687][T11594] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1621'.
[  256.535449][T11598] 9pnet: Unknown protocol version 9p200
[  257.719139][T11624] 9pnet: Unknown protocol version 9p200
[  258.120449][T11649] xt_hashlimit: max too large, truncated to 1048576
[  258.132871][T11649] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  258.219122][T11652] 9pnet: Unknown protocol version 9p2000.
[  258.291764][T11656] tc_dump_action: action bad kind
[  258.318893][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  258.318902][   T40] audit: type=1400 audit(1748788063.450:609): avc:  denied  { setopt } for  pid=11659 comm="syz.7.1648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  258.398527][T11669] bad cache= option: none

[  258.398527][T11669] 
[  258.401390][T11669] CIFS: VFS: bad cache= option: none

[  258.404070][T11669] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  258.604530][T11678] 9p: Unknown uid 00000000004294967295
[  258.693669][T11680] 9pnet: Unknown protocol version 9p2000.
[  259.022343][T11695] tmpfs: Invalid gid '0x00000000ffffffff'
[  259.048871][T11697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1663'.
[  259.096518][T11699] 9pnet: Unknown protocol version 9p2000.
[  259.393909][T11713] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1669'.
[  259.412120][T11713] 8021q: adding VLAN 0 to HW filter on device bond4
[  259.419345][T11717] netlink: 52 bytes leftover after parsing attributes in process `syz.7.1670'.
[  259.468649][T11722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1672'.
[  259.507715][T11724] netlink: 16178 bytes leftover after parsing attributes in process `syz.7.1673'.
[  259.558897][T11732] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1677'.
[  259.714795][T11747] netlink: 172 bytes leftover after parsing attributes in process `syz.7.1683'.
[  259.765779][T11745] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1679'.
[  259.806142][T11753] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1685'.
[  259.853112][   T40] audit: type=1400 audit(1748788064.980:610): avc:  denied  { read } for  pid=11754 comm="syz.0.1693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  260.015582][T11769] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  260.019769][   T40] audit: type=1400 audit(1748788065.150:611): avc:  denied  { relabelto } for  pid=11768 comm="syz.0.1691" name="506" dev="tmpfs" ino=2698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  260.030810][   T40] audit: type=1400 audit(1748788065.160:612): avc:  denied  { associate } for  pid=11768 comm="syz.0.1691" name="506" dev="tmpfs" ino=2698 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  260.033843][T11769] macsec0: entered allmulticast mode
[  260.041619][   T40] audit: type=1400 audit(1748788065.160:613): avc:  denied  { add_name } for  pid=11768 comm="syz.0.1691" name="hugetlb.2MB.rsvd.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  260.041744][T11769] veth1_macvtap: entered allmulticast mode
[  260.053233][   T40] audit: type=1400 audit(1748788065.160:614): avc:  denied  { associate } for  pid=11768 comm="syz.0.1691" name="hugetlb.2MB.rsvd.usage_in_bytes" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  260.064686][   T40] audit: type=1400 audit(1748788065.160:615): avc:  denied  { read append open } for  pid=11768 comm="syz.0.1691" path="/506/hugetlb.2MB.rsvd.usage_in_bytes" dev="tmpfs" ino=2703 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  260.076913][   T40] audit: type=1400 audit(1748788065.160:616): avc:  denied  { ioctl } for  pid=11768 comm="syz.0.1691" path="/506/hugetlb.2MB.rsvd.usage_in_bytes" dev="tmpfs" ino=2703 ioctlcmd=0x4151 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  260.078822][T11771] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1690'.
[  260.088000][   T40] audit: type=1400 audit(1748788065.190:617): avc:  denied  { map } for  pid=11768 comm="syz.0.1691" path="/506/hugetlb.2MB.rsvd.usage_in_bytes" dev="tmpfs" ino=2703 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  260.101070][   T40] audit: type=1400 audit(1748788065.220:618): avc:  denied  { remove_name } for  pid=5934 comm="syz-executor" name="hugetlb.2MB.rsvd.usage_in_bytes" dev="tmpfs" ino=2703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  260.184245][T11781] input: syz0 as /devices/virtual/input/input20
[  260.236287][T11786] IPv6: NLM_F_CREATE should be specified when creating new route
[  260.300338][T11792] 9pnet_virtio: no channels available for device syz
[  260.325263][T11794] MTD: Attempt to mount non-MTD device "/dev/nbd5"
[  260.335212][T11794] cramfs: wrong magic
[  260.346452][T11797] block device autoloading is deprecated and will be removed.
[  260.405017][T11789] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(6)
[  260.407087][T11789] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  260.412055][T11789] vhci_hcd vhci_hcd.0: Device attached
[  260.419423][T11803] vhci_hcd: cannot find a urb of seqnum 4294967226 max seqnum 0
[  260.426061][T11789] hub 9-0:1.0: USB hub found
[  260.428202][T11789] hub 9-0:1.0: 1 port detected
[  260.430514][ T1203] vhci_hcd: stop threads
[  260.431889][ T1203] vhci_hcd: release socket
[  260.433669][ T1203] vhci_hcd: disconnect device
[  260.905688][T11831] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  260.908377][T11831] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  260.990692][T11839] fuse: Bad value for 'fd'
[  261.000357][ T5297] Bluetooth: hci3: Unknown advertising packet type: 0x3e
[  261.000403][ T5297] Bluetooth: hci3: Malformed LE Event: 0x0d
[  261.007575][ T5297] Bluetooth: hci3: Unknown advertising packet type: 0x3e
[  261.007591][ T5297] Bluetooth: hci3: Malformed LE Event: 0x0d
[  261.158242][ T5297] Bluetooth: hci2: adv larger than maximum supported
[  261.233231][ T6987] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  261.245605][ T1147] Bluetooth: Error in BCSP hdr checksum
[  261.503334][  T196] Bluetooth: Error in BCSP hdr checksum
[  261.763936][ T1147] Bluetooth: Error in BCSP hdr checksum
[  262.023449][ T1147] Bluetooth: Error in BCSP hdr checksum
[  262.285081][ T1142] Bluetooth: Error in BCSP hdr checksum
[  262.543435][  T196] Bluetooth: Error in BCSP hdr checksum
[  262.804005][   T41] Bluetooth: Error in BCSP hdr checksum
[  263.023255][ T5942] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  263.023770][ T5297] Bluetooth: hci4: command 0x1003 tx timeout
[  263.063814][ T1203] Bluetooth: Error in BCSP hdr checksum
[  263.323784][ T1142] Bluetooth: Error in BCSP hdr checksum
[  263.583556][   T41] Bluetooth: Error in BCSP hdr checksum
[  263.843291][   T41] Bluetooth: Error in BCSP hdr checksum
[  264.242987][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  264.242998][   T40] audit: type=1400 audit(1748788069.370:626): avc:  denied  { getopt } for  pid=11860 comm="syz.0.1728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  264.244862][T11862] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11862 comm=syz.0.1728
[  264.256964][T11867] __nla_validate_parse: 4 callbacks suppressed
[  264.256979][T11867] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1720'.
[  264.378209][T11885] netlink: 'syz.5.1726': attribute type 1 has an invalid length.
[  264.385489][T11879] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1723'.
[  264.385723][T11882] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1723'.
[  264.385807][T11885] netlink: 'syz.5.1726': attribute type 2 has an invalid length.
[  264.385907][   T40] audit: type=1400 audit(1748788069.520:627): avc:  denied  { create } for  pid=11881 comm="syz.5.1726" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  264.448849][T11894] netlink: 196 bytes leftover after parsing attributes in process `syz.8.1732'.
[  264.451025][   T40] audit: type=1400 audit(1748788069.580:628): avc:  denied  { nlmsg_read } for  pid=11892 comm="syz.8.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  264.451117][T11893] hfsplus: unable to find HFS+ superblock
[  264.451562][T11893] binder: 11890:11893 ioctl 890b 200000000280 returned -22
[  264.519104][T11905] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1736'.
[  264.731804][T11898] kvm: kvm [11897]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  265.090038][T11943] netlink: 'syz.7.1747': attribute type 23 has an invalid length.
[  265.139055][T11949] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1748'.
[  265.584316][T11971] overlayfs: conflicting options: nfs_export=on,index=off
[  265.588814][T11972] overlayfs: conflicting options: nfs_export=on,index=off
[  265.677861][T11977] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1757'.
[  265.791228][   T40] audit: type=1400 audit(1748788070.920:629): avc:  denied  { create } for  pid=11980 comm="syz.5.1759" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  265.798272][   T40] audit: type=1400 audit(1748788070.920:630): avc:  denied  { setopt } for  pid=11980 comm="syz.5.1759" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  265.975113][T11955] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1751'.
[  265.979549][T11955] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1751'.
[  265.980108][T11990] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1762'.
[  266.085264][T12004] netlink: 'syz.7.1766': attribute type 5 has an invalid length.
[  266.123571][    T9] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  266.285401][    T9] usb 10-1: not running at top speed; connect to a high speed hub
[  266.293916][    T9] usb 10-1: config 3 has an invalid interface number: 215 but max is 2
[  266.297353][    T9] usb 10-1: config 3 has an invalid interface number: 106 but max is 2
[  266.300698][    T9] usb 10-1: config 3 has an invalid interface number: 67 but max is 2
[  266.313250][   T54] usb 13-1: new high-speed USB device number 8 using dummy_hcd
[  266.323141][    T9] usb 10-1: config 3 has 4 interfaces, different from the descriptor's value: 3
[  266.326924][    T9] usb 10-1: config 3 has no interface number 1
[  266.329495][    T9] usb 10-1: config 3 has no interface number 2
[  266.332064][    T9] usb 10-1: config 3 has no interface number 3
[  266.334852][    T9] usb 10-1: config 3 interface 215 altsetting 2 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  266.339393][    T9] usb 10-1: config 3 interface 215 altsetting 2 endpoint 0x6 has invalid maxpacket 479, setting to 64
[  266.344027][    T9] usb 10-1: config 3 interface 215 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  266.348028][    T9] usb 10-1: config 3 interface 215 altsetting 2 has a duplicate endpoint with address 0x6, skipping
[  266.351310][    T9] usb 10-1: config 3 interface 215 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[  266.354743][    T9] usb 10-1: config 3 interface 215 altsetting 2 endpoint 0xD has invalid maxpacket 512, setting to 64
[  266.358190][    T9] usb 10-1: config 3 interface 215 altsetting 2 endpoint 0xB has invalid wMaxPacketSize 0
[  266.361192][    T9] usb 10-1: too many endpoints for config 3 interface 106 altsetting 157: 43, using maximum allowed: 30
[  266.364674][    T9] usb 10-1: config 3 interface 106 altsetting 157 has 0 endpoint descriptors, different from the interface descriptor's value: 43
[  266.368787][    T9] usb 10-1: config 3 interface 67 altsetting 1 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  266.372146][    T9] usb 10-1: config 3 interface 67 altsetting 1 has a duplicate endpoint with address 0x6, skipping
[  266.376810][    T9] usb 10-1: config 3 interface 67 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[  266.380230][    T9] usb 10-1: config 3 interface 0 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  266.384400][    T9] usb 10-1: config 3 interface 0 altsetting 9 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  266.388464][    T9] usb 10-1: config 3 interface 0 altsetting 9 has an endpoint descriptor with address 0x33, changing to 0x3
[  266.391826][    T9] usb 10-1: config 3 interface 0 altsetting 9 endpoint 0x3 has invalid maxpacket 52283, setting to 64
[  266.395179][    T9] usb 10-1: config 3 interface 0 altsetting 9 has a duplicate endpoint with address 0xB, skipping
[  266.398309][    T9] usb 10-1: config 3 interface 0 altsetting 9 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  266.402190][    T9] usb 10-1: config 3 interface 215 has no altsetting 0
[  266.404383][    T9] usb 10-1: config 3 interface 106 has no altsetting 0
[  266.406494][    T9] usb 10-1: config 3 interface 67 has no altsetting 0
[  266.408572][    T9] usb 10-1: config 3 interface 0 has no altsetting 0
[  266.412202][    T9] usb 10-1: New USB device found, idVendor=1fb9, idProduct=0303, bcdDevice=c8.e2
[  266.415134][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.417607][    T9] usb 10-1: Product: Њ
[  266.418896][    T9] usb 10-1: Manufacturer: 焫襮₆ᐐ☮
[  266.420661][    T9] usb 10-1: SerialNumber: Х
[  266.424475][T11988] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  266.465805][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.469209][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  266.473304][   T54] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  266.477325][   T54] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  266.480273][   T54] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.487468][   T54] usb 13-1: config 0 descriptor??
[  266.603642][   T40] audit: type=1400 audit(1748788071.730:631): avc:  denied  { setattr } for  pid=12012 comm="syz.7.1770" name="SCTPv6" dev="sockfs" ino=42137 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  266.631612][    T9] cp210x 10-1:3.215: cp210x converter detected
[  266.633962][    T9] cp210x 10-1:3.215: failed to get vendor val 0x370b size 1: -71
[  266.636392][    T9] cp210x 10-1:3.215: querying part number failed
[  266.639695][    T9] usb 10-1: cp210x converter now attached to ttyUSB0
[  266.645872][    T9] cp210x 10-1:3.106: cp210x converter detected
[  266.648113][    T9] cp210x 10-1:3.106: failed to get vendor val 0x370b size 1: -71
[  266.650466][    T9] cp210x 10-1:3.106: querying part number failed
[  266.653716][    T9] usb 10-1: cp210x converter now attached to ttyUSB1
[  266.658553][    T9] cp210x 10-1:3.67: cp210x converter detected
[  266.660711][    T9] cp210x 10-1:3.67: failed to get vendor val 0x370b size 1: -71
[  266.665600][    T9] cp210x 10-1:3.67: querying part number failed
[  266.669180][    T9] usb 10-1: cp210x converter now attached to ttyUSB2
[  266.673309][    T9] cp210x 10-1:3.0: cp210x converter detected
[  266.675447][    T9] cp210x 10-1:3.0: failed to get vendor val 0x370b size 1: -71
[  266.677788][    T9] cp210x 10-1:3.0: querying part number failed
[  266.680895][    T9] usb 10-1: cp210x converter now attached to ttyUSB3
[  266.684796][    T9] usb 10-1: USB disconnect, device number 13
[  266.691891][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  266.694637][    T9] cp210x 10-1:3.215: device disconnected
[  266.705918][    T9] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1
[  266.708492][    T9] cp210x 10-1:3.106: device disconnected
[  266.716514][    T9] cp210x ttyUSB2: cp210x converter now disconnected from ttyUSB2
[  266.719094][    T9] cp210x 10-1:3.67: device disconnected
[  266.722854][    T9] cp210x ttyUSB3: cp210x converter now disconnected from ttyUSB3
[  266.727299][    T9] cp210x 10-1:3.0: device disconnected
[  266.900288][   T54] plantronics 0003:047F:FFFF.000B: reserved main item tag 0xd
[  266.903724][   T54] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  266.921731][   T54] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  267.318531][   T34] usb 13-1: USB disconnect, device number 8
[  267.469986][   T40] audit: type=1326 audit(1748788072.600:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12017 comm="syz.7.1771" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f390d58e969 code=0x7fc00000
[  267.533258][   T54] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  267.688060][T12047] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  267.690221][T12047] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  267.694695][   T54] usb 5-1: Using ep0 maxpacket: 8
[  267.700591][   T54] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  267.704142][   T54] usb 5-1: config 179 has no interface number 0
[  267.712310][   T54] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  267.717594][   T54] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  267.722207][   T54] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[  267.727195][   T54] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[  267.731848][   T54] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  267.738094][   T54] usb 5-1: config 179 interface 65 has no altsetting 0
[  267.740933][   T54] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  267.744972][   T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.769365][   T54] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input22
[  267.824519][ T5332] input input22: unable to receive magic message: -110
[  267.974085][ T5332] input input22: unable to receive magic message: -32
[  268.038249][T12047] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  268.040173][T12047] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  268.046953][ T5332] input input22: unable to receive magic message: -32
[  268.162435][ T5332] input input22: unable to receive magic message: -32
[  268.257856][ T5332] input input22: unable to receive magic message: -32
[  268.260725][T12047] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  268.262646][T12047] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  269.096783][ T6987] usb 5-1: USB disconnect, device number 10
[  269.096884][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  269.101433][ T6987] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  269.205831][T12148] ALSA: seq fatal error: cannot create timer (-22)
[  269.208691][T12148] overlayfs: failed to resolve './file0': -2
[  269.250228][T12161] program syz.8.1791 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  269.311298][T12175] support for the xor transformation has been removed.
[  269.348822][T12186] __nla_validate_parse: 3 callbacks suppressed
[  269.348833][T12186] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1800'.
[  269.441748][   T40] audit: type=1400 audit(1748788074.570:633): avc:  denied  { append } for  pid=12204 comm="syz.7.1804" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  269.461986][T12201] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'.
[  269.655720][   T40] audit: type=1400 audit(1748788074.790:634): avc:  denied  { write } for  pid=12229 comm="syz.7.1809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  269.749300][T12236] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1810'.
[  269.809624][T12239] netlink: 'syz.5.1811': attribute type 29 has an invalid length.
[  269.820062][T12239] netlink: 'syz.5.1811': attribute type 29 has an invalid length.
[  269.823166][T12239] netlink: 484 bytes leftover after parsing attributes in process `syz.5.1811'.
[  270.061742][   T40] audit: type=1400 audit(1748788075.190:635): avc:  denied  { listen } for  pid=12254 comm="syz.5.1817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  270.070243][   T40] audit: type=1400 audit(1748788075.190:636): avc:  denied  { accept } for  pid=12254 comm="syz.5.1817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  270.220928][   T40] audit: type=1400 audit(1748788075.350:637): avc:  denied  { create } for  pid=12265 comm="syz.5.1821" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  270.229345][   T40] audit: type=1400 audit(1748788075.360:638): avc:  denied  { mounton } for  pid=12265 comm="syz.5.1821" path="/284/file0" dev="tmpfs" ino=1555 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  270.239414][   T40] audit: type=1400 audit(1748788075.360:639): avc:  denied  { ioctl } for  pid=12265 comm="syz.5.1821" path="socket:[42431]" dev="sockfs" ino=42431 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  270.249188][   T40] audit: type=1400 audit(1748788075.370:640): avc:  denied  { bind } for  pid=12252 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  270.398575][   T40] audit: type=1400 audit(1748788075.530:641): avc:  denied  { setattr } for  pid=12271 comm="syz.5.1824" path="socket:[43393]" dev="sockfs" ino=43393 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  270.672994][T12296] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1830'.
[  270.679104][T12296] 9pnet_virtio: no channels available for device syz
[  270.856141][   T40] audit: type=1326 audit(1748788075.990:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12311 comm="syz.7.1835" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f390d58e969 code=0x7ffc0000
[  270.917669][T12317] netlink: 277 bytes leftover after parsing attributes in process `syz.8.1834'.
[  271.037504][T12328] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1840'.
[  271.044072][T12328] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1840'.
[  271.096803][T12334] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1841'.
[  271.100350][T12334] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=12334 comm=syz.5.1841
[  271.203137][T10347] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  271.363097][T10347] usb 5-1: Using ep0 maxpacket: 8
[  271.368357][T10347] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  271.371852][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  271.375733][T10347] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  271.379720][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  271.383514][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  271.391662][T10347] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  271.399403][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  271.410622][T10347] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  271.425402][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  271.439662][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  271.446947][T10347] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  271.449541][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  271.453311][T10347] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  271.456913][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  271.468348][T10347] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  271.474989][T10347] usb 5-1: string descriptor 0 read error: -22
[  271.477292][T10347] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  271.481012][T10347] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.490595][T10347] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  271.557428][T12341] autofs: Bad value for 'fd'
[  271.591045][T12344] netlink: 'syz.8.1845': attribute type 7 has an invalid length.
[  271.594224][T12344] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1845'.
[  271.695615][ T6987] usb 5-1: USB disconnect, device number 11
[  271.904568][T12352] IPv6: addrconf: prefix option has invalid lifetime
[  272.162363][T12364] kvm: MONITOR instruction emulated as NOP!
[  272.397447][T12375] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  272.534007][T12388] input: syz0 as /devices/virtual/input/input23
[  272.812948][T12399] 9pnet_virtio: no channels available for device syz
[  272.951544][T12437] netlink: 'syz.5.1872': attribute type 6 has an invalid length.
[  272.954394][T12437] netlink: 'syz.5.1872': attribute type 5 has an invalid length.
[  273.041563][T12457] openvswitch: netlink: Key type 5392 is out of range max 32
[  273.209071][T12463] 9p: Unknown Cache mode or invalid value fsca
[  274.033347][T12489] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  274.037109][T12489] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  274.097348][T12494] netlink: 'syz.5.1887': attribute type 3 has an invalid length.
[  274.099880][T12494] netlink: 'syz.5.1887': attribute type 1 has an invalid length.
[  274.157590][T12498] IPVS: Error joining to the multicast group
[  274.222019][T12502] netlink: 'syz.0.1890': attribute type 21 has an invalid length.
[  274.225517][T12502] netlink: 'syz.0.1890': attribute type 6 has an invalid length.
[  274.565070][T12516] Invalid logical block size (2)
[  274.569154][T12520] __nla_validate_parse: 8 callbacks suppressed
[  274.569164][T12520] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1894'.
[  274.577223][T12520] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=12520 comm=syz.8.1894
[  274.982004][T12544] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12544 comm=syz.0.1903
[  274.991839][T12546] IPVS: Error connecting to the multicast addr
[  274.999361][T12546] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1904'.
[  275.002186][T12546] netlink: 'syz.5.1904': attribute type 30 has an invalid length.
[  275.004836][T12546] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1904'.
[  275.008426][T12546] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  275.234609][T12562] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12562 comm=syz.0.1908
[  275.239904][T12562] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12562 comm=syz.0.1908
[  275.251883][   T40] kauditd_printk_skb: 23 callbacks suppressed
[  275.251894][   T40] audit: type=1326 audit(1748788080.380:666): auid=4294967295 uid=0 gid=4294967040 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12561 comm="syz.0.1908" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff6c558e969 code=0x0
[  275.353295][T12564] netlink: set zone limit has 8 unknown bytes
[  275.637766][   T40] audit: type=1400 audit(1748788080.770:667): avc:  denied  { ioctl } for  pid=12580 comm="syz.5.1913" path="socket:[45323]" dev="sockfs" ino=45323 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  275.655394][T12581] netlink: 'syz.5.1913': attribute type 7 has an invalid length.
[  275.657789][T12581] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1913'.
[  275.702189][T12588] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1916'.
[  275.765561][   T40] audit: type=1400 audit(1748788080.900:668): avc:  denied  { listen } for  pid=12596 comm="syz.5.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  275.801949][T12601] xt_hashlimit: invalid rate
[  275.804475][T12601] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  276.129989][T12625] dns_resolver: Unsupported server list version (0)
[  276.135928][T12626] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1927'.
[  276.463159][  T836] usb 13-1: new high-speed USB device number 9 using dummy_hcd
[  276.623307][  T836] usb 13-1: Using ep0 maxpacket: 16
[  276.629873][  T836] usb 13-1: New USB device found, idVendor=067b, idProduct=23b3, bcdDevice=da.15
[  276.633976][  T836] usb 13-1: New USB device strings: Mfr=1, Product=9, SerialNumber=3
[  276.637280][  T836] usb 13-1: Product: syz
[  276.638986][  T836] usb 13-1: Manufacturer: syz
[  276.640860][  T836] usb 13-1: SerialNumber: syz
[  276.648531][  T836] pl2303 13-1:143.0: required endpoints missing
[  276.849302][T12634] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1929'.
[  276.852054][T12634] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1929'.
[  276.857156][T12634] netlink: 'syz.8.1929': attribute type 7 has an invalid length.
[  288.618832][T12626] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  288.627929][   T40] audit: type=1400 audit(1748788093.760:669): avc:  denied  { unmount } for  pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  288.682345][T12648] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1930'.
[  288.686456][ T5978] usb 13-1: USB disconnect, device number 9
[  288.726641][T12654] pim6reg1: entered allmulticast mode
[  288.729331][T12654] netlink: 'syz.8.1933': attribute type 1 has an invalid length.
[  288.731815][T12654] netlink: 228 bytes leftover after parsing attributes in process `syz.8.1933'.
[  288.875121][   T40] audit: type=1400 audit(1748788094.010:670): avc:  denied  { bind } for  pid=12660 comm="syz.0.1936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  288.893170][   T40] audit: type=1400 audit(1748788094.010:671): avc:  denied  { listen } for  pid=12660 comm="syz.0.1936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  288.904032][T12667] fuse: Bad value for 'fd'
[  288.970407][T12669] ALSA: mixer_oss: invalid OSS volume ''
[  288.997271][T12665] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  289.049862][T12672] netlink: 160 bytes leftover after parsing attributes in process `syz.8.1940'.
[  289.086445][T12674] netlink: 132 bytes leftover after parsing attributes in process `syz.8.1941'.
[  289.115617][T12678] FAULT_INJECTION: forcing a failure.
[  289.115617][T12678] name failslab, interval 1, probability 0, space 0, times 0
[  289.120935][T12678] CPU: 0 UID: 0 PID: 12678 Comm: syz.0.1943 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  289.120955][T12678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.120965][T12678] Call Trace:
[  289.120970][T12678]  <TASK>
[  289.120976][T12678]  dump_stack_lvl+0x16c/0x1f0
[  289.121020][T12678]  should_fail_ex+0x512/0x640
[  289.121047][T12678]  ? __kvmalloc_node_noprof+0x122/0x620
[  289.121065][T12678]  should_failslab+0xc2/0x120
[  289.121084][T12678]  __kvmalloc_node_noprof+0x135/0x620
[  289.121100][T12678]  ? _kstrtoull+0x145/0x200
[  289.121115][T12678]  ? seq_read_iter+0x826/0x12c0
[  289.121135][T12678]  ? seq_read_iter+0x826/0x12c0
[  289.121149][T12678]  seq_read_iter+0x826/0x12c0
[  289.121162][T12678]  ? find_held_lock+0x2b/0x80
[  289.121185][T12678]  seq_read+0x39e/0x4e0
[  289.121201][T12678]  ? __pfx_seq_read+0x10/0x10
[  289.121214][T12678]  ? __lock_acquire+0xb8a/0x1c90
[  289.121236][T12678]  ? get_pid_task+0xfc/0x250
[  289.121258][T12678]  ? avc_policy_seqno+0x9/0x20
[  289.121278][T12678]  ? __pfx_seq_read+0x10/0x10
[  289.121293][T12678]  proc_reg_read+0x240/0x330
[  289.121314][T12678]  ? __pfx_proc_reg_read+0x10/0x10
[  289.121334][T12678]  vfs_read+0x1e4/0xc60
[  289.121353][T12678]  ? __pfx___mutex_lock+0x10/0x10
[  289.121372][T12678]  ? __pfx_vfs_read+0x10/0x10
[  289.121392][T12678]  ? __fget_files+0x20e/0x3c0
[  289.121415][T12678]  ksys_read+0x12a/0x250
[  289.121430][T12678]  ? __pfx_ksys_read+0x10/0x10
[  289.121451][T12678]  do_syscall_64+0xcd/0x4c0
[  289.121472][T12678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.121488][T12678] RIP: 0033:0x7ff6c558e969
[  289.121500][T12678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.121514][T12678] RSP: 002b:00007ff6c6379038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  289.121529][T12678] RAX: ffffffffffffffda RBX: 00007ff6c57b5fa0 RCX: 00007ff6c558e969
[  289.121538][T12678] RDX: 0000000000002020 RSI: 0000200000000380 RDI: 0000000000000004
[  289.121547][T12678] RBP: 00007ff6c6379090 R08: 0000000000000000 R09: 0000000000000000
[  289.121556][T12678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.121564][T12678] R13: 0000000000000000 R14: 00007ff6c57b5fa0 R15: 00007ffed076a4d8
[  289.121585][T12678]  </TASK>
[  289.151847][T12682] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1945'.
[  289.165399][T12683] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1945'.
[  289.189181][T12682] bond5: entered promiscuous mode
[  289.212220][T12682] bond5: entered allmulticast mode
[  289.220949][T12682] bond5: (slave vcan0): The slave device specified does not support setting the MAC address
[  289.227037][T12682] bond5: (slave vcan0): Error -95 calling set_mac_address
[  289.242573][T12692] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1947'.
[  289.266043][   T40] audit: type=1326 audit(1748788094.400:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12681 comm="syz.8.1945" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb01ad8e969 code=0x0
[  289.272860][   T40] audit: type=1326 audit(1748788094.400:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12681 comm="syz.8.1945" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb01ad8e969 code=0x0
[  289.410679][T12712] FAULT_INJECTION: forcing a failure.
[  289.410679][T12712] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.414949][T12712] CPU: 2 UID: 0 PID: 12712 Comm: syz.8.1954 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  289.414965][T12712] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.414971][T12712] Call Trace:
[  289.414975][T12712]  <TASK>
[  289.414979][T12712]  dump_stack_lvl+0x16c/0x1f0
[  289.414998][T12712]  should_fail_ex+0x512/0x640
[  289.415016][T12712]  _copy_to_iter+0x463/0x16f0
[  289.415038][T12712]  ? __pfx__copy_to_iter+0x10/0x10
[  289.415055][T12712]  ? lockdep_hardirqs_on+0x7c/0x110
[  289.415070][T12712]  ? kcm_seq_show+0xa53/0xfa0
[  289.415083][T12712]  ? __local_bh_enable_ip+0xa4/0x120
[  289.415094][T12712]  ? find_held_lock+0x2b/0x80
[  289.415106][T12712]  ? kcm_seq_stop+0x31/0xb0
[  289.415122][T12712]  seq_read_iter+0xcf8/0x12c0
[  289.415147][T12712]  seq_read+0x39e/0x4e0
[  289.415158][T12712]  ? __pfx_seq_read+0x10/0x10
[  289.415168][T12712]  ? __lock_acquire+0xb8a/0x1c90
[  289.415185][T12712]  ? get_pid_task+0xfc/0x250
[  289.415201][T12712]  ? avc_policy_seqno+0x9/0x20
[  289.415215][T12712]  ? __pfx_seq_read+0x10/0x10
[  289.415226][T12712]  proc_reg_read+0x240/0x330
[  289.415242][T12712]  ? __pfx_proc_reg_read+0x10/0x10
[  289.415258][T12712]  vfs_read+0x1e4/0xc60
[  289.415272][T12712]  ? __pfx___mutex_lock+0x10/0x10
[  289.415286][T12712]  ? __pfx_vfs_read+0x10/0x10
[  289.415301][T12712]  ? __fget_files+0x20e/0x3c0
[  289.415319][T12712]  ksys_read+0x12a/0x250
[  289.415330][T12712]  ? __pfx_ksys_read+0x10/0x10
[  289.415346][T12712]  do_syscall_64+0xcd/0x4c0
[  289.415362][T12712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.415373][T12712] RIP: 0033:0x7fb01ad8e969
[  289.415382][T12712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  289.415393][T12712] RSP: 002b:00007fb01bce4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  289.415403][T12712] RAX: ffffffffffffffda RBX: 00007fb01afb5fa0 RCX: 00007fb01ad8e969
[  289.415410][T12712] RDX: 0000000000002020 RSI: 0000200000000380 RDI: 0000000000000004
[  289.415416][T12712] RBP: 00007fb01bce4090 R08: 0000000000000000 R09: 0000000000000000
[  289.415422][T12712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.415428][T12712] R13: 0000000000000000 R14: 00007fb01afb5fa0 R15: 00007ffec88a8fd8
[  289.415442][T12712]  </TASK>
[  289.521875][T12716] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1955'.
[  289.525120][T12716] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1955'.
[  289.527882][T12716] netlink: 34 bytes leftover after parsing attributes in process `syz.8.1955'.
[  289.590829][T12721] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  289.594223][T12721] SELinux: failed to load policy
[  289.599821][   T40] audit: type=1400 audit(1748788094.730:674): avc:  denied  { map } for  pid=12722 comm="syz.5.1958" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  289.722540][   T40] audit: type=1326 audit(1748788094.850:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12732 comm="syz.0.1961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6c558e969 code=0x50000
[  289.729849][   T40] audit: type=1326 audit(1748788094.850:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12732 comm="syz.0.1961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6c558e969 code=0x50000
[  289.737190][   T40] audit: type=1326 audit(1748788094.850:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12732 comm="syz.0.1961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6c558e969 code=0x50000
[  289.746015][   T40] audit: type=1326 audit(1748788094.850:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12732 comm="syz.0.1961" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6c558e969 code=0x50000
[  289.753613][T12738] FAULT_INJECTION: forcing a failure.
[  289.753613][T12738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  289.758563][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2568 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.759028][T12738] CPU: 3 UID: 0 PID: 12738 Comm: syz.8.1963 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  289.759043][T12738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  289.759050][T12738] Call Trace:
[  289.759054][T12738]  <TASK>
[  289.759058][T12738]  dump_stack_lvl+0x16c/0x1f0
[  289.759078][T12738]  should_fail_ex+0x512/0x640
[  289.759096][T12738]  _copy_to_user+0x32/0xd0
[  289.759115][T12738]  simple_read_from_buffer+0xcb/0x170
[  289.759129][T12738]  proc_fail_nth_read+0x197/0x270
[  289.759143][T12738]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.759156][T12738]  ? rw_verify_area+0xcf/0x680
[  289.759175][T12738]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  289.759187][T12738]  vfs_read+0x1e4/0xc60
[  289.759200][T12738]  ? __pfx___mutex_lock+0x10/0x10
[  289.759216][T12738]  ? __pfx_vfs_read+0x10/0x10
[  289.759231][T12738]  ? __fget_files+0x20e/0x3c0
[  289.759248][T12738]  ksys_read+0x12a/0x250
[  289.759260][T12738]  ? __pfx_ksys_read+0x10/0x10
[  289.759276][T12738]  do_syscall_64+0xcd/0x4c0
[  289.759292][T12738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  289.759303][T12738] RIP: 0033:0x7fb01ad8d37c
[  289.759312][T12738] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  289.759324][T12738] RSP: 002b:00007fb01bce4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  289.759334][T12738] RAX: ffffffffffffffda RBX: 00007fb01afb5fa0 RCX: 00007fb01ad8d37c
[  289.759341][T12738] RDX: 000000000000000f RSI: 00007fb01bce40a0 RDI: 0000000000000005
[  289.759348][T12738] RBP: 00007fb01bce4090 R08: 0000000000000000 R09: 0000000000000000
[  289.759354][T12738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  289.759360][T12738] R13: 0000000000000000 R14: 00007fb01afb5fa0 R15: 00007ffec88a8fd8
[  289.759373][T12738]  </TASK>
[  289.828563][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.833102][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.837030][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.840879][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.844859][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.848861][T12728] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=12728 comm=syz.5.1959
[  289.911731][T12748] No such timeout policy "syz1"
[  290.368550][T12772] pim6reg1: entered promiscuous mode
[  290.371397][T12772] pim6reg1: entered allmulticast mode
[  290.986033][T12791] netlink: 'syz.7.1979': attribute type 1 has an invalid length.
[  290.999781][T12791] 8021q: adding VLAN 0 to HW filter on device bond1
[  291.012879][T12791] 8021q: adding VLAN 0 to HW filter on device bond1
[  291.015355][T12791] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  291.019280][T12791] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  291.248556][T12803] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=46637 sclass=netlink_route_socket pid=12803 comm=syz.8.1984
[  291.309700][T12805] syz.8.1985: attempt to access beyond end of device
[  291.309700][T12805] nbd8: rw=0, sector=64, nr_sectors = 1 limit=0
[  291.315535][T12805] syz.8.1985: attempt to access beyond end of device
[  291.315535][T12805] nbd8: rw=0, sector=256, nr_sectors = 1 limit=0
[  291.319512][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[  291.322582][T12805] syz.8.1985: attempt to access beyond end of device
[  291.322582][T12805] nbd8: rw=0, sector=512, nr_sectors = 1 limit=0
[  291.327324][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[  291.331303][T12805] syz.8.1985: attempt to access beyond end of device
[  291.331303][T12805] nbd8: rw=0, sector=64, nr_sectors = 2 limit=0
[  291.335560][T12805] syz.8.1985: attempt to access beyond end of device
[  291.335560][T12805] nbd8: rw=0, sector=512, nr_sectors = 2 limit=0
[  291.339829][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[  291.342804][T12805] syz.8.1985: attempt to access beyond end of device
[  291.342804][T12805] nbd8: rw=0, sector=1024, nr_sectors = 2 limit=0
[  291.347213][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[  291.350918][T12805] syz.8.1985: attempt to access beyond end of device
[  291.350918][T12805] nbd8: rw=0, sector=64, nr_sectors = 4 limit=0
[  291.355222][T12805] syz.8.1985: attempt to access beyond end of device
[  291.355222][T12805] nbd8: rw=0, sector=1024, nr_sectors = 4 limit=0
[  291.359248][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[  291.362289][T12805] syz.8.1985: attempt to access beyond end of device
[  291.362289][T12805] nbd8: rw=0, sector=2048, nr_sectors = 4 limit=0
[  291.366573][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[  291.369758][T12805] syz.8.1985: attempt to access beyond end of device
[  291.369758][T12805] nbd8: rw=0, sector=64, nr_sectors = 8 limit=0
[  291.374039][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[  291.377084][T12805] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[  291.380140][T12805] UDF-fs: warning (device nbd8): udf_fill_super: No partition found (1)
[  291.702748][T12819] netlink: 'syz.8.1990': attribute type 1 has an invalid length.
[  291.971384][T12827] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  292.278372][T12839] FAULT_INJECTION: forcing a failure.
[  292.278372][T12839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  292.282427][T12839] CPU: 1 UID: 0 PID: 12839 Comm: syz.8.1995 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  292.282443][T12839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  292.282450][T12839] Call Trace:
[  292.282453][T12839]  <TASK>
[  292.282458][T12839]  dump_stack_lvl+0x16c/0x1f0
[  292.282476][T12839]  should_fail_ex+0x512/0x640
[  292.282495][T12839]  _copy_from_user+0x2e/0xd0
[  292.282513][T12839]  __x64_sys_sendfile64+0x120/0x220
[  292.282528][T12839]  ? ksys_write+0x1ac/0x250
[  292.282539][T12839]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  292.282558][T12839]  do_syscall_64+0xcd/0x4c0
[  292.282574][T12839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.282586][T12839] RIP: 0033:0x7fb01ad8e969
[  292.282595][T12839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.282606][T12839] RSP: 002b:00007fb01bce4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  292.282616][T12839] RAX: ffffffffffffffda RBX: 00007fb01afb5fa0 RCX: 00007fb01ad8e969
[  292.282623][T12839] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  292.282629][T12839] RBP: 00007fb01bce4090 R08: 0000000000000000 R09: 0000000000000000
[  292.282635][T12839] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001
[  292.282642][T12839] R13: 0000000000000000 R14: 00007fb01afb5fa0 R15: 00007ffec88a8fd8
[  292.282655][T12839]  </TASK>
[  292.503529][T12841] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  292.552457][T12845] hpfs: hpfs_map_sector(): read error
[  292.932585][T12867] xt_l2tp: v2 doesn't support IP mode
[  292.953142][ T5942] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  292.976919][T12786] sp0: Synchronizing with TNC
[  292.990489][T12873] 9pnet_virtio: no channels available for device syz
[  292.997113][T12873] FAULT_INJECTION: forcing a failure.
[  292.997113][T12873] name failslab, interval 1, probability 0, space 0, times 0
[  293.000962][T12873] CPU: 3 UID: 0 PID: 12873 Comm: syz.5.2006 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  293.000977][T12873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.000984][T12873] Call Trace:
[  293.000987][T12873]  <TASK>
[  293.000992][T12873]  dump_stack_lvl+0x16c/0x1f0
[  293.001010][T12873]  should_fail_ex+0x512/0x640
[  293.001027][T12873]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  293.001039][T12873]  should_failslab+0xc2/0x120
[  293.001054][T12873]  __kmalloc_cache_noprof+0x6a/0x3e0
[  293.001067][T12873]  ? find_held_lock+0x2b/0x80
[  293.001078][T12873]  ? alloc_pipe_info+0x10e/0x590
[  293.001094][T12873]  alloc_pipe_info+0x10e/0x590
[  293.001109][T12873]  splice_direct_to_actor+0x77d/0xa30
[  293.001123][T12873]  ? __pfx_direct_splice_actor+0x10/0x10
[  293.001136][T12873]  ? find_held_lock+0x2b/0x80
[  293.001146][T12873]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  293.001157][T12873]  ? get_pid_task+0xfc/0x250
[  293.001175][T12873]  do_splice_direct+0x174/0x240
[  293.001187][T12873]  ? __pfx_do_splice_direct+0x10/0x10
[  293.001199][T12873]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  293.001213][T12873]  ? rw_verify_area+0xcf/0x680
[  293.001232][T12873]  do_sendfile+0xb06/0xe50
[  293.001245][T12873]  ? __pfx_do_sendfile+0x10/0x10
[  293.001261][T12873]  __x64_sys_sendfile64+0x154/0x220
[  293.001276][T12873]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  293.001295][T12873]  do_syscall_64+0xcd/0x4c0
[  293.001310][T12873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.001321][T12873] RIP: 0033:0x7f2fec98e969
[  293.001330][T12873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.001340][T12873] RSP: 002b:00007f2fed86e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  293.001351][T12873] RAX: ffffffffffffffda RBX: 00007f2fecbb5fa0 RCX: 00007f2fec98e969
[  293.001358][T12873] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  293.001364][T12873] RBP: 00007f2fed86e090 R08: 0000000000000000 R09: 0000000000000000
[  293.001370][T12873] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001
[  293.001376][T12873] R13: 0000000000000000 R14: 00007f2fecbb5fa0 R15: 00007ffd74509488
[  293.001390][T12873]  </TASK>
[  293.170596][T12884] 9pnet_virtio: no channels available for device syz
[  293.187161][T12884] fuse: Unknown parameter '�0x0000000000000006'
[  293.523177][  T836] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  293.683163][  T836] usb 10-1: Using ep0 maxpacket: 8
[  293.686185][  T836] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  293.689422][  T836] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  293.692559][  T836] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  293.696507][  T836] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  293.701570][  T836] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  293.705272][  T836] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.760903][T12903] FAULT_INJECTION: forcing a failure.
[  293.760903][T12903] name failslab, interval 1, probability 0, space 0, times 0
[  293.766146][T12903] CPU: 3 UID: 0 PID: 12903 Comm: syz.7.2016 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  293.766170][T12903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  293.766180][T12903] Call Trace:
[  293.766186][T12903]  <TASK>
[  293.766193][T12903]  dump_stack_lvl+0x16c/0x1f0
[  293.766220][T12903]  should_fail_ex+0x512/0x640
[  293.766243][T12903]  ? __kmalloc_noprof+0xbf/0x510
[  293.766262][T12903]  ? alloc_pipe_info+0x1ec/0x590
[  293.766280][T12903]  should_failslab+0xc2/0x120
[  293.766303][T12903]  __kmalloc_noprof+0xd2/0x510
[  293.766328][T12903]  alloc_pipe_info+0x1ec/0x590
[  293.766351][T12903]  splice_direct_to_actor+0x77d/0xa30
[  293.766370][T12903]  ? __pfx_direct_splice_actor+0x10/0x10
[  293.766389][T12903]  ? find_held_lock+0x2b/0x80
[  293.766405][T12903]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  293.766420][T12903]  ? get_pid_task+0xfc/0x250
[  293.766448][T12903]  do_splice_direct+0x174/0x240
[  293.766470][T12903]  ? __pfx_do_splice_direct+0x10/0x10
[  293.766490][T12903]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  293.766510][T12903]  ? rw_verify_area+0xcf/0x680
[  293.766536][T12903]  do_sendfile+0xb06/0xe50
[  293.766556][T12903]  ? __pfx_do_sendfile+0x10/0x10
[  293.766579][T12903]  __x64_sys_sendfile64+0x154/0x220
[  293.766601][T12903]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  293.766634][T12903]  do_syscall_64+0xcd/0x4c0
[  293.766658][T12903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.766675][T12903] RIP: 0033:0x7f390d58e969
[  293.766690][T12903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.766705][T12903] RSP: 002b:00007f390e3f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  293.766721][T12903] RAX: ffffffffffffffda RBX: 00007f390d7b5fa0 RCX: 00007f390d58e969
[  293.766731][T12903] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  293.766740][T12903] RBP: 00007f390e3f7090 R08: 0000000000000000 R09: 0000000000000000
[  293.766750][T12903] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001
[  293.766760][T12903] R13: 0000000000000000 R14: 00007f390d7b5fa0 R15: 00007ffe188330a8
[  293.766783][T12903]  </TASK>
[  293.916482][  T836] usb 10-1: GET_CAPABILITIES returned 0
[  293.918315][  T836] usbtmc 10-1:16.0: can't read capabilities
[  294.118028][T12893] usb 10-1: usbtmc_ioctl_clear_out_halt returned -32
[  294.120675][   T40] kauditd_printk_skb: 32883 callbacks suppressed
[  294.120690][   T40] audit: type=1400 audit(1748788099.250:33562): avc:  denied  { ioctl } for  pid=12892 comm="syz.5.2013" path="socket:[47243]" dev="sockfs" ino=47243 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  294.125674][ T6987] usb 10-1: USB disconnect, device number 14
[  294.650762][T12905] 9pnet_virtio: no channels available for device syz
[  295.106579][T12910] delete_channel: no stack
[  295.723813][   T40] audit: type=1400 audit(1748788100.850:33563): avc:  denied  { ioctl } for  pid=12911 comm="syz.5.2020" path="/dev/input/mice" dev="devtmpfs" ino=939 ioctlcmd=0x5566 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  295.726732][T12912] input: syz1 as /devices/virtual/input/input24
[  295.842944][T12923] __nla_validate_parse: 7 callbacks suppressed
[  295.842955][T12923] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2022'.
[  295.846258][T10347] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  295.991901][T12934] block device autoloading is deprecated and will be removed.
[  296.061765][T12938] 9pnet_virtio: no channels available for device syz
[  296.065298][T12938] FAULT_INJECTION: forcing a failure.
[  296.065298][T12938] name failslab, interval 1, probability 0, space 0, times 0
[  296.069979][T12938] CPU: 2 UID: 0 PID: 12938 Comm: syz.8.2027 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  296.069995][T12938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  296.070002][T12938] Call Trace:
[  296.070006][T12938]  <TASK>
[  296.070011][T12938]  dump_stack_lvl+0x16c/0x1f0
[  296.070029][T12938]  should_fail_ex+0x512/0x640
[  296.070047][T12938]  ? __kmalloc_noprof+0xbf/0x510
[  296.070061][T12938]  ? iter_file_splice_write+0x1cc/0x1150
[  296.070073][T12938]  should_failslab+0xc2/0x120
[  296.070088][T12938]  __kmalloc_noprof+0xd2/0x510
[  296.070103][T12938]  iter_file_splice_write+0x1cc/0x1150
[  296.070115][T12938]  ? current_time+0x11d/0x1a0
[  296.070129][T12938]  ? __pfx_current_time+0x10/0x10
[  296.070142][T12938]  ? __pfx_make_vfsgid+0x10/0x10
[  296.070162][T12938]  ? atime_needs_update+0x8b/0x710
[  296.070181][T12938]  ? __pfx_iter_file_splice_write+0x10/0x10
[  296.070199][T12938]  ? __lock_acquire+0xb8a/0x1c90
[  296.070238][T12938]  ? __pfx_iter_file_splice_write+0x10/0x10
[  296.070254][T12938]  direct_splice_actor+0x192/0x6c0
[  296.070268][T12938]  splice_direct_to_actor+0x342/0xa30
[  296.070281][T12938]  ? __pfx_direct_splice_actor+0x10/0x10
[  296.070296][T12938]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  296.070307][T12938]  ? get_pid_task+0xfc/0x250
[  296.070325][T12938]  do_splice_direct+0x174/0x240
[  296.070337][T12938]  ? __pfx_do_splice_direct+0x10/0x10
[  296.070352][T12938]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  296.070373][T12938]  ? rw_verify_area+0xcf/0x680
[  296.070397][T12938]  do_sendfile+0xb06/0xe50
[  296.070411][T12938]  ? __pfx_do_sendfile+0x10/0x10
[  296.070427][T12938]  __x64_sys_sendfile64+0x154/0x220
[  296.070442][T12938]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  296.070461][T12938]  do_syscall_64+0xcd/0x4c0
[  296.070476][T12938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.070488][T12938] RIP: 0033:0x7fb01ad8e969
[  296.070497][T12938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.070508][T12938] RSP: 002b:00007fb01bce4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  296.070518][T12938] RAX: ffffffffffffffda RBX: 00007fb01afb5fa0 RCX: 00007fb01ad8e969
[  296.070525][T12938] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  296.070532][T12938] RBP: 00007fb01bce4090 R08: 0000000000000000 R09: 0000000000000000
[  296.070538][T12938] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001
[  296.070544][T12938] R13: 0000000000000000 R14: 00007fb01afb5fa0 R15: 00007ffec88a8fd8
[  296.070558][T12938]  </TASK>
[  296.144387][T12942] 9pnet_virtio: no channels available for device syz
[  296.145316][    C2] vkms_vblank_simulate: vblank timer overrun
[  296.889720][T12955] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2033'.
[  296.923126][T12957] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2034'.
[  296.976817][T12960] kvm: requested 6704 ns i8254 timer period limited to 200000 ns
[  296.989211][T12960] kvm: pic: level sensitive irq not supported
[  297.033923][T12968] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2036'.
[  297.048712][T12960] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2035'.
[  297.230782][T12977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=52752 sclass=netlink_route_socket pid=12977 comm=syz.7.2040
[  297.259881][T12979] 9pnet_virtio: no channels available for device syz
[  297.368995][T12981] vivid-000: =================  START STATUS  =================
[  297.369039][T12981] vivid-000: Test Pattern: 75% Colorbar
[  297.369088][T12981] vivid-000: Fill Percentage of Frame: 100
[  297.369108][T12981] vivid-000: Horizontal Movement: No Movement
[  297.369127][T12981] vivid-000: Vertical Movement: No Movement
[  297.369146][T12981] vivid-000: OSD Text Mode: All
[  297.369208][T12981] vivid-000: Show Border: false
[  297.369228][T12981] vivid-000: Show Square: false
[  297.369247][T12981] vivid-000: Sensor Flipped Horizontally: false
[  297.369265][T12981] vivid-000: Sensor Flipped Vertically: false
[  297.369281][T12981] vivid-000: Insert SAV Code in Image: true
[  297.369298][T12981] vivid-000: Insert EAV Code in Image: false
[  297.369317][T12981] vivid-000: Insert Video Guard Band: false
[  297.369337][T12981] vivid-000: Reduced Framerate: true
[  297.369355][T12981] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[  297.369375][T12981] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[  297.369395][T12981] vivid-000: Enable Capture Cropping: true grabbed
[  297.369419][T12981] vivid-000: Enable Capture Composing: true grabbed
[  297.369441][T12981] vivid-000: Enable Capture Scaler: true grabbed
[  297.369463][T12981] vivid-000: Timestamp Source: End of Frame
[  297.369480][T12981] vivid-000: Colorspace: sRGB
[  297.369496][T12981] vivid-000: Transfer Function: Default
[  297.369514][T12981] vivid-000: Y'CbCr Encoding: Default
[  297.369530][T12981] vivid-000: HSV Encoding: Hue 0-179
[  297.369547][T12981] vivid-000: Quantization: Default
[  297.369564][T12981] vivid-000: Apply Alpha To Red Only: false
[  297.369581][T12981] vivid-000: Standard Aspect Ratio: 14x9
[  297.369599][T12981] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  297.369621][T12981] vivid-000: DV Timings: 640x480p59 inactive
[  297.369694][T12981] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  297.369714][T12981] vivid-000: Maximum EDID Blocks: 1
[  297.369733][T12981] vivid-000: Limited RGB Range (16-235): false
[  297.369752][T12981] vivid-000: Rx RGB Quantization Range: Automatic
[  297.369771][T12981] vivid-000: Power Present: 0x00000001
[  297.369790][T12981] tpg source WxH: 320x180 (Y'CbCr)
[  297.369802][T12981] tpg field: 1
[  297.369809][T12981] tpg crop: (0,0)/320x180
[  297.369821][T12981] tpg compose: (0,0)/320x180
[  297.369832][T12981] tpg colorspace: 8
[  297.369839][T12981] tpg transfer function: 0/2
[  297.369848][T12981] tpg Y'CbCr encoding: 0/1
[  297.369855][T12981] tpg quantization: 0/2
[  297.369863][T12981] tpg RGB range: 0/2
[  297.369870][T12981] vivid-000: ==================  END STATUS  ==================
[  297.401995][T12981] bio_check_eod: 3 callbacks suppressed
[  297.402011][T12981] syz.5.2041: attempt to access beyond end of device
[  297.402011][T12981] sr0: rw=0, sector=64, nr_sectors = 4 limit=0
[  297.402101][T12981] isofs_fill_super: bread failed, dev=sr0, iso_blknum=16, block=16
[  297.406916][T12984] 9pnet_virtio: no channels available for device syz
[  297.474366][T12989] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2045'.
[  297.669077][T12995] tap0: tun_chr_ioctl cmd 1074025678
[  297.669094][T12995] tap0: group set to 6
[  297.726424][T12996] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2047'.
[  297.939099][   T40] audit: type=1400 audit(1748788103.070:33564): avc:  denied  { mounton } for  pid=13002 comm="syz.7.2049" path="/285/file0/file0" dev="9p" ino=36047788 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  298.004069][T13011] 9pnet_virtio: no channels available for device syz
[  298.093152][ T6987] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  298.188858][T13015] FAULT_INJECTION: forcing a failure.
[  298.188858][T13015] name failslab, interval 1, probability 0, space 0, times 0
[  298.188900][T13015] CPU: 3 UID: 0 PID: 13015 Comm: syz.7.2054 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  298.188914][T13015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  298.188921][T13015] Call Trace:
[  298.188925][T13015]  <TASK>
[  298.188930][T13015]  dump_stack_lvl+0x16c/0x1f0
[  298.188948][T13015]  should_fail_ex+0x512/0x640
[  298.188964][T13015]  ? fs_reclaim_acquire+0xae/0x150
[  298.188983][T13015]  should_failslab+0xc2/0x120
[  298.189003][T13015]  __kmalloc_cache_noprof+0x6a/0x3e0
[  298.189015][T13015]  ? netfs_folioq_alloc+0x9e/0x3e0
[  298.189032][T13015]  netfs_folioq_alloc+0x9e/0x3e0
[  298.189049][T13015]  rolling_buffer_init+0x26/0xb0
[  298.189064][T13015]  netfs_readahead+0x5c4/0x7a0
[  298.189077][T13015]  ? __pfx_netfs_readahead+0x10/0x10
[  298.189089][T13015]  read_pages+0x1c4/0xc70
[  298.189105][T13015]  ? __pfx_read_pages+0x10/0x10
[  298.189122][T13015]  page_cache_ra_unbounded+0x421/0x7d0
[  298.189139][T13015]  page_cache_ra_order+0x9c8/0xd00
[  298.189157][T13015]  page_cache_sync_ra+0x4b4/0x9c0
[  298.189171][T13015]  filemap_get_pages+0xb62/0x1c20
[  298.189186][T13015]  ? arch_stack_walk+0xa6/0x100
[  298.189205][T13015]  ? __pfx_filemap_get_pages+0x10/0x10
[  298.189220][T13015]  ? stack_trace_save+0x8e/0xc0
[  298.189232][T13015]  ? __pfx___might_resched+0x10/0x10
[  298.189244][T13015]  ? stack_depot_save_flags+0x28/0xa40
[  298.189263][T13015]  filemap_splice_read+0x5cb/0xcd0
[  298.189278][T13015]  ? kasan_save_stack+0x33/0x60
[  298.189289][T13015]  ? kasan_save_track+0x14/0x30
[  298.189299][T13015]  ? __kasan_kmalloc+0xaa/0xb0
[  298.189310][T13015]  ? alloc_pipe_info+0x1ec/0x590
[  298.189328][T13015]  ? __pfx_filemap_splice_read+0x10/0x10
[  298.189357][T13015]  ? look_up_lock_class+0x59/0x150
[  298.189371][T13015]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  298.189383][T13015]  ? register_lock_class+0x41/0x4c0
[  298.189401][T13015]  v9fs_file_splice_read+0x95/0xe0
[  298.189416][T13015]  ? __pfx_v9fs_file_splice_read+0x10/0x10
[  298.189431][T13015]  do_splice_read+0x282/0x370
[  298.189444][T13015]  splice_direct_to_actor+0x2a1/0xa30
[  298.189457][T13015]  ? __pfx_direct_splice_actor+0x10/0x10
[  298.189472][T13015]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  298.189483][T13015]  ? get_pid_task+0xfc/0x250
[  298.189501][T13015]  do_splice_direct+0x174/0x240
[  298.189513][T13015]  ? __pfx_do_splice_direct+0x10/0x10
[  298.189525][T13015]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  298.189539][T13015]  ? rw_verify_area+0xcf/0x680
[  298.189558][T13015]  do_sendfile+0xb06/0xe50
[  298.189572][T13015]  ? __pfx_do_sendfile+0x10/0x10
[  298.189588][T13015]  __x64_sys_sendfile64+0x154/0x220
[  298.189603][T13015]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  298.189623][T13015]  do_syscall_64+0xcd/0x4c0
[  298.189638][T13015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.189649][T13015] RIP: 0033:0x7f390d58e969
[  298.189658][T13015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.189668][T13015] RSP: 002b:00007f390e3f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  298.189679][T13015] RAX: ffffffffffffffda RBX: 00007f390d7b5fa0 RCX: 00007f390d58e969
[  298.189686][T13015] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  298.189692][T13015] RBP: 00007f390e3f7090 R08: 0000000000000000 R09: 0000000000000000
[  298.189698][T13015] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001
[  298.189704][T13015] R13: 0000000000000000 R14: 00007f390d7b5fa0 R15: 00007ffe188330a8
[  298.189718][T13015]  </TASK>
[  298.253195][ T6987] usb 5-1: Using ep0 maxpacket: 16
[  298.259079][T13005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.259636][T13005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.260386][T13005] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2050'.
[  298.260401][T13005] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2050'.
[  298.314576][ T6987] usb 5-1: unable to get BOS descriptor or descriptor too short
[  298.353139][  T836] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  298.354833][ T6987] usb 5-1: unable to read config index 0 descriptor/start: -71
[  298.429158][ T6987] usb 5-1: can't read configurations, error -71
[  298.516452][  T836] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.516477][  T836] usb 10-1: config 0 has no interfaces?
[  298.517538][  T836] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.517559][  T836] usb 10-1: config 0 has no interfaces?
[  298.518723][  T836] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.518744][  T836] usb 10-1: config 0 has no interfaces?
[  298.521020][  T836] usb 10-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb
[  298.521043][  T836] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201
[  298.521060][  T836] usb 10-1: Product: syz
[  298.521073][  T836] usb 10-1: Manufacturer: syz
[  298.521086][  T836] usb 10-1: SerialNumber: syz
[  298.523462][  T836] usb 10-1: config 0 descriptor??
[  298.751958][T13013] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2053'.
[  298.802430][   T40] audit: type=1400 audit(1748788103.930:33565): avc:  denied  { shutdown } for  pid=13012 comm="syz.5.2053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  298.811114][  T838] usb 10-1: USB disconnect, device number 15
[  298.928845][T13034] netlink: 'syz.8.2059': attribute type 4 has an invalid length.
[  299.321229][T13052] 9pnet_virtio: no channels available for device syz
[  299.469245][T13060] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  299.514396][   T40] audit: type=1326 audit(1748788104.650:33566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13064 comm="syz.7.2071" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f390d58e969 code=0x0
[  299.521453][   T40] audit: type=1400 audit(1748788104.650:33567): avc:  denied  { accept } for  pid=13062 comm="syz.5.2070" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  299.572302][T13070] Cache volume key already in use (9p,syz,)
[  299.612505][   T40] audit: type=1400 audit(1748788104.740:33568): avc:  denied  { watch_mount } for  pid=13071 comm="syz.0.2073" path="/583" dev="tmpfs" ino=3098 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  299.724100][T13072] block nbd0: Device being setup by another task
[  299.778249][   T40] audit: type=1400 audit(1748788104.910:33569): avc:  denied  { connect } for  pid=13076 comm="syz.8.2075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  299.794436][T13073] block nbd0: shutting down sockets
[  299.813210][  T836] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  299.835159][T13075] nbd0: detected capacity change from 0 to 67108884
[  299.836455][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836492][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836601][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836614][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836675][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836687][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836747][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836759][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836818][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836830][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836898][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836911][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.836975][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.836988][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.837053][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.837065][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.837105][T12896] ldm_validate_partition_table(): Disk read failed.
[  299.837133][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.837145][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.837204][T12896] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  299.837216][T12896] Buffer I/O error on dev nbd0, logical block 0, async page read
[  299.837357][T12896] Dev nbd0: unable to read RDB block 0
[  299.837663][T12896]  nbd0: unable to read partition table
[  299.844937][T12896] ldm_validate_partition_table(): Disk read failed.
[  299.845158][T12896] Dev nbd0: unable to read RDB block 0
[  299.845473][T12896]  nbd0: unable to read partition table
[  299.973202][  T836] usb 12-1: Using ep0 maxpacket: 8
[  299.975023][  T836] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  299.975062][  T836] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  299.975082][  T836] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.984407][  T836] usb 12-1: config 0 descriptor??
[  300.198941][  T836] iowarrior 12-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  300.320995][T13101] tty tty3: ldisc open failed (-12), clearing slot 2
[  300.463557][T13107] overlay: ./file0 is not a directory
[  300.469586][T13113] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  300.721147][T13129] cgroup: Need name or subsystem set
[  300.754042][    T9] usb 12-1: USB disconnect, device number 4
[  300.792712][T13137] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  300.889875][T13147] __nla_validate_parse: 5 callbacks suppressed
[  300.889889][T13147] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2097'.
[  301.050828][T13155] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2100'.
[  301.168582][   T40] audit: type=1400 audit(1748788106.300:33570): avc:  denied  { getopt } for  pid=13161 comm="syz.7.2103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  301.187269][T13166] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2103'.
[  301.187420][T13166] openvswitch: netlink: nsh attr 1 has unexpected len 2 expected 8
[  301.187448][T13166] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  301.228058][T13175] CIFS: Unable to determine destination address
[  301.264368][   T40] audit: type=1400 audit(1748788106.400:33571): avc:  denied  { accept } for  pid=13176 comm="syz.8.2109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  301.268420][T13173] syzkaller0: entered promiscuous mode
[  301.268437][T13173] syzkaller0: entered allmulticast mode
[  302.200217][T13193] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2113'.
[  314.082572][T13207] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2115'.
[  314.139859][T13213] ipt_rpfilter: unknown options
[  314.164672][T13218] usb usb8: usbfs: interface 0 claimed by hub while 'syz.7.2120' resets device
[  314.180195][T13223] netlink: 2028 bytes leftover after parsing attributes in process `syz.8.2118'.
[  314.183675][T13223] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2118'.
[  314.191218][T13220] netlink: 'syz.5.2121': attribute type 1 has an invalid length.
[  314.192189][   T40] audit: type=1400 audit(1748788119.320:33572): avc:  denied  { write } for  pid=13210 comm="syz.8.2118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  314.207345][T13220] 8021q: adding VLAN 0 to HW filter on device bond4
[  314.226846][T13220] 8021q: adding VLAN 0 to HW filter on device bond4
[  314.229270][T13220] bond4: (slave wireguard0): The slave device specified does not support setting the MAC address
[  314.232961][T13220] bond4: (slave wireguard0): Error -95 calling set_mac_address
[  314.250943][T13227] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2123'.
[  314.253452][T13229] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2122'.
[  314.300558][T13231] bond4: (slave dummy0): making interface the new active one
[  314.303717][T13231] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  314.310461][T13231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=13231 comm=syz.5.2121
[  314.534269][T13240] Invalid source name
[  314.535910][T13240] UBIFS error (pid: 13240): cannot open "./file0", error -22
[  314.639552][   T40] audit: type=1400 audit(1748788119.770:33573): avc:  denied  { bind } for  pid=13243 comm="syz.5.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  314.692642][T13246] 9pnet_virtio: no channels available for device syz
[  315.223765][ T1336] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  315.386568][ T1336] usb 10-1: config index 0 descriptor too short (expected 23569, got 27)
[  315.390284][ T1336] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.396609][ T1336] usb 10-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  315.400142][ T1336] usb 10-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  315.408687][ T1336] usb 10-1: Manufacturer: syz
[  315.415157][ T1336] usb 10-1: config 0 descriptor??
[  315.483473][ T1336] rc_core: IR keymap rc-hauppauge not found
[  315.485340][ T1336] Registered IR keymap rc-empty
[  315.488424][ T1336] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0
[  315.501796][ T1336] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/rc/rc0/input26
[  315.554703][T13267] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2136'.
[  315.576012][ T5297] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  315.579985][ T5297] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  315.583589][ T5297] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  315.586676][ T5297] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  315.589417][ T5297] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  315.601309][ T5942] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  315.605358][ T5942] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  315.608556][ T5942] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  315.611849][ T5942] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  315.616762][ T5942] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  315.621562][   T10] usb 10-1: USB disconnect, device number 16
[  315.817805][T12442] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  315.821135][T12442] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.870017][T13278] overlayfs: maximum fs stacking depth exceeded
[  315.934613][T12442] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  315.937855][T12442] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.055020][T12442] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  316.058405][T12442] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.068045][T13268] chnl_net:caif_netlink_parms(): no params data found
[  316.143625][ T1336] page_pool_release_retry() stalled pool shutdown: id 67, 2 inflight 60 sec
[  316.197754][T12442] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  316.200919][T12442] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.239755][T13268] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.241888][T13268] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.244198][T13268] bridge_slave_0: entered allmulticast mode
[  316.246695][T13268] bridge_slave_0: entered promiscuous mode
[  316.249764][T13268] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.251781][T13268] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.254185][T13268] bridge_slave_1: entered allmulticast mode
[  316.257397][T13268] bridge_slave_1: entered promiscuous mode
[  316.296043][T13268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  316.304602][T13268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  316.358422][T13268] team0: Port device team_slave_0 added
[  316.363583][T13268] team0: Port device team_slave_1 added
[  316.412936][T13268] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.416446][T13268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.427704][T13268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  316.447833][T13268] batman_adv: batadv0: Adding interface: batadv_slave_1
[  316.450527][T13268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.461913][T13268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  316.555529][T13268] hsr_slave_0: entered promiscuous mode
[  316.557834][T13268] hsr_slave_1: entered promiscuous mode
[  316.559954][T13268] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  316.562272][T13268] Cannot create hsr debugfs directory
[  316.594853][T12442] bridge_slave_1: left allmulticast mode
[  316.596729][T12442] bridge_slave_1: left promiscuous mode
[  316.598531][T12442] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.614604][T12442] bridge_slave_0: left allmulticast mode
[  316.616391][T12442] bridge_slave_0: left promiscuous mode
[  316.618252][T12442] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.793195][   T52] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  316.866712][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  316.869457][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  316.940636][   T52] usb 12-1: device descriptor read/64, error -71
[  317.173377][   T52] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  317.323126][   T52] usb 12-1: device descriptor read/64, error -71
[  317.443314][   T52] usb usb12-port1: attempt power cycle
[  317.663543][ T5297] Bluetooth: hci0: command tx timeout
[  317.687836][T12442] team0: Port device geneve0 removed
[  317.783132][   T52] usb 12-1: new high-speed USB device number 7 using dummy_hcd
[  317.803617][   T52] usb 12-1: device descriptor read/8, error -71
[  318.043126][   T52] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  318.073520][   T52] usb 12-1: device descriptor read/8, error -71
[  318.184408][   T52] usb usb12-port1: unable to enumerate USB device
[  318.695814][T12442]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.734862][T12442]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  318.784737][T12442]  (unregistering): Released all slaves
[  318.791709][T12442] bond1 (unregistering): Released all slaves
[  319.531012][T12442] bond0 (unregistering): (slave veth3): Releasing active interface
[  319.585411][T12442] bond0 (unregistering): Released all slaves
[  319.635209][T13319] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2147'.
[  319.743503][ T5297] Bluetooth: hci0: command tx timeout
[  320.284619][T12442] bond2 (unregistering): (slave veth5): Releasing active interface
[  320.356484][T12442] bond2 (unregistering): Released all slaves
[  320.532740][   T40] audit: type=1400 audit(1748788125.660:33574): avc:  denied  { node_bind } for  pid=13322 comm="syz.5.2149" saddr=172.20.20.187 src=19999 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  320.671164][T13340] FAULT_INJECTION: forcing a failure.
[  320.671164][T13340] name failslab, interval 1, probability 0, space 0, times 0
[  320.679771][T13340] CPU: 2 UID: 0 PID: 13340 Comm: syz.5.2155 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  320.679796][T13340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  320.679807][T13340] Call Trace:
[  320.679814][T13340]  <TASK>
[  320.679821][T13340]  dump_stack_lvl+0x16c/0x1f0
[  320.679868][T13340]  should_fail_ex+0x512/0x640
[  320.679898][T13340]  ? __kmalloc_noprof+0xbf/0x510
[  320.679919][T13340]  ? iter_file_splice_write+0x1cc/0x1150
[  320.679940][T13340]  should_failslab+0xc2/0x120
[  320.679963][T13340]  __kmalloc_noprof+0xd2/0x510
[  320.679990][T13340]  iter_file_splice_write+0x1cc/0x1150
[  320.680030][T13340]  ? __pfx_iter_file_splice_write+0x10/0x10
[  320.680051][T13340]  ? __lock_acquire+0xb8a/0x1c90
[  320.680093][T13340]  ? __pfx_iter_file_splice_write+0x10/0x10
[  320.680116][T13340]  direct_splice_actor+0x192/0x6c0
[  320.680140][T13340]  splice_direct_to_actor+0x342/0xa30
[  320.680162][T13340]  ? __pfx_direct_splice_actor+0x10/0x10
[  320.680187][T13340]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  320.680205][T13340]  ? get_pid_task+0xfc/0x250
[  320.680236][T13340]  do_splice_direct+0x174/0x240
[  320.680257][T13340]  ? __pfx_do_splice_direct+0x10/0x10
[  320.680276][T13340]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  320.680300][T13340]  ? rw_verify_area+0xcf/0x680
[  320.680330][T13340]  do_sendfile+0xb06/0xe50
[  320.680353][T13340]  ? __pfx_do_sendfile+0x10/0x10
[  320.680381][T13340]  __x64_sys_sendfile64+0x154/0x220
[  320.680405][T13340]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  320.680437][T13340]  do_syscall_64+0xcd/0x4c0
[  320.680462][T13340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.680480][T13340] RIP: 0033:0x7f2fec98e969
[  320.680495][T13340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.680518][T13340] RSP: 002b:00007f2fed86e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  320.680535][T13340] RAX: ffffffffffffffda RBX: 00007f2fecbb5fa0 RCX: 00007f2fec98e969
[  320.680547][T13340] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  320.680558][T13340] RBP: 00007f2fed86e090 R08: 0000000000000000 R09: 0000000000000000
[  320.680568][T13340] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  320.680579][T13340] R13: 0000000000000000 R14: 00007f2fecbb5fa0 R15: 00007ffd74509488
[  320.680604][T13340]  </TASK>
[  321.119101][T13363] 9pnet_virtio: no channels available for device syz
[  321.238051][T13369] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2162'.
[  321.332057][   T40] audit: type=1400 audit(1748788126.460:33575): avc:  denied  { read } for  pid=13372 comm="syz.8.2163" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  321.428189][   T40] audit: type=1400 audit(1748788126.560:33576): avc:  denied  { setattr } for  pid=13378 comm="syz.8.2164" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  321.441334][T13268] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  321.449279][T13268] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  321.466296][T13268] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  321.473486][T13268] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  321.515334][T13268] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.524779][T13268] 8021q: adding VLAN 0 to HW filter on device team0
[  321.529731][   T66] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.530824][   T66] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.541172][T12443] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.543375][T12443] bridge0: port 2(bridge_slave_1) entered forwarding state
[  321.618946][   T40] audit: type=1400 audit(1748788126.750:33577): avc:  denied  { read } for  pid=13396 comm="syz.5.2167" dev="sockfs" ino=49744 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  321.620720][T13397] mac80211_hwsim hwsim15 `���: renamed from wlan1
[  321.696439][T13268] 8021q: adding VLAN 0 to HW filter on device batadv0
[  321.720206][T13268] veth0_vlan: entered promiscuous mode
[  321.727997][T13268] veth1_vlan: entered promiscuous mode
[  321.750718][T13268] veth0_macvtap: entered promiscuous mode
[  321.754680][T13268] veth1_macvtap: entered promiscuous mode
[  321.764489][T13268] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.770612][T13268] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.776065][T13268] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.778893][T13268] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.781589][T13268] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.785957][T13268] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.824342][ T5297] Bluetooth: hci0: command tx timeout
[  321.841501][T12432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.846683][T12432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.855987][T12442] tipc: Left network mode
[  321.867718][T13417] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2172'.
[  321.894296][T12442] IPVS: stopping backup sync thread 13113 ...
[  321.904532][T12435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.906949][T12435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.925856][   T40] audit: type=1400 audit(1748788127.060:33578): avc:  denied  { mounton } for  pid=13268 comm="syz-executor" path="/syzkaller.3N0SLI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=50369 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  321.975797][T13422] Cache volume key already in use (9p,syz,)
[  322.178789][T13437] 9pnet_fd: p9_fd_create_unix (13437): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  322.330805][T13439] batman_adv: batadv0: Adding interface: dummy0
[  322.330822][T13439] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.330871][T13439] batman_adv: batadv0: Interface activated: dummy0
[  322.340447][T13440] IPv6: sit1: Disabled Multicast RS
[  322.392463][T13442] batadv0: mtu less than device minimum
[  322.393010][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.393590][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.394092][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.394815][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.395386][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.395895][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.396397][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.396900][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.397401][T13442] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  322.407122][T13444] macvlan2: entered promiscuous mode
[  322.407138][T13444] macvlan2: entered allmulticast mode
[  322.407983][T13444] batadv0: entered promiscuous mode
[  322.408303][T13444] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  322.409535][T13444] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  322.535951][T13455] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2182'.
[  322.556900][T13457] FAULT_INJECTION: forcing a failure.
[  322.556900][T13457] name failslab, interval 1, probability 0, space 0, times 0
[  322.556944][T13457] CPU: 0 UID: 0 PID: 13457 Comm: syz.0.2183 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  322.556959][T13457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  322.556966][T13457] Call Trace:
[  322.556970][T13457]  <TASK>
[  322.556974][T13457]  dump_stack_lvl+0x16c/0x1f0
[  322.556992][T13457]  should_fail_ex+0x512/0x640
[  322.557009][T13457]  ? fs_reclaim_acquire+0xae/0x150
[  322.557027][T13457]  should_failslab+0xc2/0x120
[  322.557042][T13457]  __kmalloc_cache_noprof+0x6a/0x3e0
[  322.557053][T13457]  ? netfs_alloc_request+0x825/0xbc0
[  322.557067][T13457]  ? netfs_folioq_alloc+0x9e/0x3e0
[  322.557082][T13457]  ? do_raw_spin_unlock+0x172/0x230
[  322.557102][T13457]  netfs_folioq_alloc+0x9e/0x3e0
[  322.557119][T13457]  rolling_buffer_init+0x26/0xb0
[  322.557149][T13457]  netfs_create_write_req+0x10a/0x880
[  322.557168][T13457]  netfs_unbuffered_write_iter_locked+0x12a/0xd40
[  322.557186][T13457]  netfs_unbuffered_write_iter+0x414/0x6d0
[  322.557203][T13457]  v9fs_file_write_iter+0xbf/0x100
[  322.557219][T13457]  iter_file_splice_write+0x91f/0x1150
[  322.557241][T13457]  ? __pfx_iter_file_splice_write+0x10/0x10
[  322.557267][T13457]  ? __pfx_iter_file_splice_write+0x10/0x10
[  322.557281][T13457]  direct_splice_actor+0x192/0x6c0
[  322.557296][T13457]  splice_direct_to_actor+0x342/0xa30
[  322.557309][T13457]  ? __pfx_direct_splice_actor+0x10/0x10
[  322.557325][T13457]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  322.557336][T13457]  ? get_pid_task+0xfc/0x250
[  322.557354][T13457]  do_splice_direct+0x174/0x240
[  322.557367][T13457]  ? __pfx_do_splice_direct+0x10/0x10
[  322.557380][T13457]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  322.557394][T13457]  ? rw_verify_area+0xcf/0x680
[  322.557414][T13457]  do_sendfile+0xb06/0xe50
[  322.557428][T13457]  ? __pfx_do_sendfile+0x10/0x10
[  322.557445][T13457]  __x64_sys_sendfile64+0x154/0x220
[  322.557460][T13457]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  322.557480][T13457]  do_syscall_64+0xcd/0x4c0
[  322.557503][T13457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.557514][T13457] RIP: 0033:0x7f9ecf38e969
[  322.557523][T13457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.557534][T13457] RSP: 002b:00007f9ed018b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  322.557545][T13457] RAX: ffffffffffffffda RBX: 00007f9ecf5b5fa0 RCX: 00007f9ecf38e969
[  322.557552][T13457] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  322.557559][T13457] RBP: 00007f9ed018b090 R08: 0000000000000000 R09: 0000000000000000
[  322.557565][T13457] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  322.557572][T13457] R13: 0000000000000000 R14: 00007f9ecf5b5fa0 R15: 00007ffeadb5c138
[  322.557586][T13457]  </TASK>
[  322.741106][T12442] hsr_slave_0: left promiscuous mode
[  322.744217][T12442] hsr_slave_1: left promiscuous mode
[  322.744575][T12442] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.744691][T12442] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.770325][T12442] veth1_macvtap: left allmulticast mode
[  322.770348][T12442] veth1_macvtap: left promiscuous mode
[  322.770401][T12442] veth0_macvtap: left promiscuous mode
[  322.770480][T12442] veth1_vlan: left promiscuous mode
[  322.770505][T12442] veth0_vlan: left promiscuous mode
[  322.801746][T13469] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2187'.
[  323.103514][T10347] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  323.255274][T10347] usb 12-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  323.259078][T10347] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 3
[  323.264467][T10347] usb 12-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  323.267987][T10347] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.270764][T10347] usb 12-1: Product: 햝喱᭲碑뢛෵渑Ả铍蛒㏥ﾷỄ谄촄Ⲽ᜼黶ᶯ⺋薈哆㡷뉱鏜饢Ɯ㍝茼独젱稺䊑溥蛅⑯쵲綻앙⊊딩쥆韕ㆬ闭蓡帙ꔴ멡빛셿芇鉊䮯圉ࢠ梅뢁㛣軣䡘⯨町䈂迒뢒釰褗긕㎿솉፭哥䲊▧癞껚䩢ࣕಌ헯纎秙蝵먵뾞ㅮ⢉䳪➐䋕
[  323.281728][T10347] usb 12-1: Manufacturer: 뾵뗸䘈⒰듧ꖠ⊾⦊열凅㫰໌᤻箔畼럌胆ꦇ뛰ᝅ௜澎ꪜ螆鋇囝䠂끬쏢ꇘᚗ쒹ᠡ렀瑌빈ꦵ稼焙긣ί툽ꯛ뭀说籵丯掣䩛ᨙ뤙窨齦븞ϴ䑜ᎇ낪鮃띰뀸栎뇳湹⾂ㄍ쉄⯱뮎爽嵉滇᜵ㄎ嶀쨲輭䇣₣적䦯Ƕ焼
[  323.292233][T10347] usb 12-1: SerialNumber: 䰊
[  323.506146][T10347] usb 12-1: 0:2 : does not exist
[  323.517091][T10347] usb 12-1: USB disconnect, device number 9
[  323.532984][T13205] udevd[13205]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb12/12-1/12-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  323.815705][T12442] macsec0 (unregistering): left allmulticast mode
[  323.852651][   T40] audit: type=1400 audit(1748788128.980:33579): avc:  denied  { watch watch_reads } for  pid=13481 comm="syz.5.2191" path="pipe:[19803]" dev="pipefs" ino=19803 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  323.903577][ T5297] Bluetooth: hci0: command tx timeout
[  324.278453][T13488] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2193'.
[  329.575134][T12442] team0 (unregistering): Port device team_slave_1 removed
[  335.499900][T13470] batman_adv: batadv0: Adding interface: ip6gretap1
[  335.502016][T13470] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.510216][T13470] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active
[  335.547579][   T40] audit: type=1400 audit(1748788140.680:33580): avc:  denied  { map } for  pid=13500 comm="syz.8.2194" path="socket:[50525]" dev="sockfs" ino=50525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  335.595792][T13507] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2197'.
[  335.716170][T13512] 9pnet_virtio: no channels available for device syz
[  335.892903][   T40] audit: type=1400 audit(1748788141.020:33581): avc:  denied  { append } for  pid=13517 comm="syz.7.2201" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  335.893171][T13523] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  335.934314][T13519] program syz.7.2201 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  335.985960][T13527] program syz.7.2201 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  336.088073][T12442] IPVS: stop unused estimator thread 0...
[  336.091546][T13538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2204'.
[  336.119867][ T5942] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  336.124579][ T5942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  336.130621][ T5942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  336.134746][ T5942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  336.138370][ T5942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  336.176120][   T40] audit: type=1400 audit(1748788141.310:33582): avc:  denied  { ioctl } for  pid=13543 comm="syz.7.2211" path="socket:[50560]" dev="sockfs" ino=50560 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  336.466115][T13550] FAULT_INJECTION: forcing a failure.
[  336.466115][T13550] name failslab, interval 1, probability 0, space 0, times 0
[  336.470314][T13550] CPU: 1 UID: 0 PID: 13550 Comm: syz.7.2214 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  336.470328][T13550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  336.470335][T13550] Call Trace:
[  336.470339][T13550]  <TASK>
[  336.470344][T13550]  dump_stack_lvl+0x16c/0x1f0
[  336.470363][T13550]  should_fail_ex+0x512/0x640
[  336.470380][T13550]  ? fs_reclaim_acquire+0xae/0x150
[  336.470402][T13550]  should_failslab+0xc2/0x120
[  336.470417][T13550]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  336.470430][T13550]  ? p9_tag_alloc+0x9c/0x640
[  336.470447][T13550]  p9_tag_alloc+0x9c/0x640
[  336.470463][T13550]  ? __pfx_p9_tag_alloc+0x10/0x10
[  336.470477][T13550]  ? stack_depot_save_flags+0x28/0xa40
[  336.470500][T13550]  p9_client_prepare_req+0x19b/0x4d0
[  336.470516][T13550]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  336.470533][T13550]  ? __lock_acquire+0x622/0x1c90
[  336.470550][T13550]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  336.470562][T13550]  p9_client_rpc+0x1c4/0xc50
[  336.470579][T13550]  ? __pfx_p9_client_rpc+0x10/0x10
[  336.470593][T13550]  ? __lock_acquire+0xb8a/0x1c90
[  336.470613][T13550]  ? do_raw_spin_lock+0x12c/0x2b0
[  336.470630][T13550]  ? look_up_lock_class+0x59/0x150
[  336.470646][T13550]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  336.470658][T13550]  p9_client_write+0x245/0x6f0
[  336.470680][T13550]  ? __pfx_p9_client_write+0x10/0x10
[  336.470701][T13550]  v9fs_issue_write+0xe3/0x1b0
[  336.470716][T13550]  ? __pfx_v9fs_issue_write+0x10/0x10
[  336.470728][T13550]  ? netfs_advance_write+0x81f/0xc40
[  336.470746][T13550]  ? rcu_is_watching+0x12/0xc0
[  336.470759][T13550]  netfs_do_issue_write+0x95/0x110
[  336.470776][T13550]  netfs_end_issue_write+0x14c/0x200
[  336.470795][T13550]  netfs_unbuffered_write+0x4c3/0x670
[  336.470814][T13550]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[  336.470831][T13550]  ? trace_netfs_folioq+0x188/0x210
[  336.470846][T13550]  ? iov_iter_folio_queue+0x3e/0x1f0
[  336.470865][T13550]  ? rolling_buffer_init+0x8a/0xb0
[  336.470880][T13550]  ? netfs_create_write_req+0x511/0x880
[  336.470899][T13550]  netfs_unbuffered_write_iter_locked+0x808/0xd40
[  336.470917][T13550]  netfs_unbuffered_write_iter+0x414/0x6d0
[  336.470933][T13550]  v9fs_file_write_iter+0xbf/0x100
[  336.470948][T13550]  iter_file_splice_write+0x91f/0x1150
[  336.470970][T13550]  ? __pfx_iter_file_splice_write+0x10/0x10
[  336.470995][T13550]  ? __pfx_iter_file_splice_write+0x10/0x10
[  336.471009][T13550]  direct_splice_actor+0x192/0x6c0
[  336.471023][T13550]  splice_direct_to_actor+0x342/0xa30
[  336.471037][T13550]  ? __pfx_direct_splice_actor+0x10/0x10
[  336.471052][T13550]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  336.471063][T13550]  ? get_pid_task+0xfc/0x250
[  336.471081][T13550]  do_splice_direct+0x174/0x240
[  336.471094][T13550]  ? __pfx_do_splice_direct+0x10/0x10
[  336.471106][T13550]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  336.471120][T13550]  ? rw_verify_area+0xcf/0x680
[  336.471140][T13550]  do_sendfile+0xb06/0xe50
[  336.471153][T13550]  ? __pfx_do_sendfile+0x10/0x10
[  336.471195][T13550]  __x64_sys_sendfile64+0x154/0x220
[  336.471212][T13550]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  336.471231][T13550]  do_syscall_64+0xcd/0x4c0
[  336.471247][T13550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.471258][T13550] RIP: 0033:0x7f390d58e969
[  336.471267][T13550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.471278][T13550] RSP: 002b:00007f390e3f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  336.471289][T13550] RAX: ffffffffffffffda RBX: 00007f390d7b5fa0 RCX: 00007f390d58e969
[  336.471296][T13550] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  336.471302][T13550] RBP: 00007f390e3f7090 R08: 0000000000000000 R09: 0000000000000000
[  336.471308][T13550] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  336.471314][T13550] R13: 0000000000000000 R14: 00007f390d7b5fa0 R15: 00007ffe188330a8
[  336.471328][T13550]  </TASK>
[  336.471435][T13550] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI
[  336.595946][T13550] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  336.599680][T13550] CPU: 1 UID: 0 PID: 13550 Comm: syz.7.2214 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) 
[  336.603536][T13550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  336.606799][T13550] RIP: 0010:iter_file_splice_write+0xa4e/0x1150
[  336.608779][T13550] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83
[  336.614630][T13550] RSP: 0018:ffffc9000db27918 EFLAGS: 00010202
[  336.616513][T13550] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff8245a5a5
[  336.618967][T13550] RDX: 0000000000000001 RSI: ffffffff8245a446 RDI: 0000000000000008
[  336.621384][T13550] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  336.623825][T13550] R10: 7fffffffffffff5f R11: 0000000000000000 R12: 0000000000000000
[  336.626250][T13550] R13: ffff888024efc028 R14: ffff888024b26000 R15: 7fffffffffffff5f
[  336.628731][T13550] FS:  00007f390e3f76c0(0000) GS:ffff8880d6865000(0000) knlGS:0000000000000000
[  336.631795][T13550] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  336.633818][T13550] CR2: 00007fb01afb7bac CR3: 0000000054cde000 CR4: 0000000000352ef0
[  336.636284][T13550] Call Trace:
[  336.637332][T13550]  <TASK>
[  336.638296][T13550]  ? __pfx_iter_file_splice_write+0x10/0x10
[  336.640135][T13550]  ? __pfx_iter_file_splice_write+0x10/0x10
[  336.641955][T13550]  direct_splice_actor+0x192/0x6c0
[  336.643542][T13550]  splice_direct_to_actor+0x342/0xa30
[  336.645190][T13550]  ? __pfx_direct_splice_actor+0x10/0x10
[  336.646965][T13550]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  336.648827][T13550]  ? get_pid_task+0xfc/0x250
[  336.650263][T13550]  do_splice_direct+0x174/0x240
[  336.651779][T13550]  ? __pfx_do_splice_direct+0x10/0x10
[  336.653442][T13550]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  336.655258][T13550]  ? rw_verify_area+0xcf/0x680
[  336.656747][T13550]  do_sendfile+0xb06/0xe50
[  336.658153][T13550]  ? __pfx_do_sendfile+0x10/0x10
[  336.659722][T13550]  __x64_sys_sendfile64+0x154/0x220
[  336.661367][T13550]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  336.663569][T13550]  do_syscall_64+0xcd/0x4c0
[  336.665011][T13550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.666861][T13550] RIP: 0033:0x7f390d58e969
[  336.668302][T13550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.674201][T13550] RSP: 002b:00007f390e3f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  336.676802][T13550] RAX: ffffffffffffffda RBX: 00007f390d7b5fa0 RCX: 00007f390d58e969
[  336.679369][T13550] RDX: 0000200000000080 RSI: 0000000000000003 RDI: 0000000000000003
[  336.681889][T13550] RBP: 00007f390e3f7090 R08: 0000000000000000 R09: 0000000000000000
[  336.684324][T13550] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000002
[  336.686789][T13550] R13: 0000000000000000 R14: 00007f390d7b5fa0 R15: 00007ffe188330a8
[  336.689288][T13550]  </TASK>
[  336.690269][T13550] Modules linked in:
[  336.692365][T13550] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  336.696958][T13550] RIP: 0010:iter_file_splice_write+0xa4e/0x1150
[  336.698622][   T40] audit: type=1400 audit(1748788141.830:33583): avc:  denied  { read } for  pid=5329 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  336.699465][T13550] Code: 00 48 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 1a 05 00 00 4d 8b 65 10 49 c7 45 10 00 00 00 00 49 8d 7c 24 08 48 89 fa 48 c1 ea 03 <80> 3c 1a 00 0f 85 ee 04 00 00 49 8b 54 24 08 4c 89 ee 4c 89 f7 83
[  336.706673][T12442] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  336.707667][   T40] audit: type=1400 audit(1748788141.830:33584): avc:  denied  { search } for  pid=5329 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  336.707689][   T40] audit: type=1400 audit(1748788141.830:33585): avc:  denied  { search } for  pid=5329 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  336.707706][   T40] audit: type=1400 audit(1748788141.830:33586): avc:  denied  { add_name } for  pid=5329 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  336.707722][   T40] audit: type=1400 audit(1748788141.830:33587): avc:  denied  { create } for  pid=5329 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  336.707739][   T40] audit: type=1400 audit(1748788141.830:33588): avc:  denied  { append open } for  pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  336.707756][   T40] audit: type=1400 audit(1748788141.830:33589): avc:  denied  { getattr } for  pid=5329 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  336.712806][T13550] RSP: 0018:ffffc9000db27918 EFLAGS: 00010202
[  336.743130][T12442] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.769838][T13550] 
[  336.770646][T13550] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff8245a5a5
[  336.773527][T13550] RDX: 0000000000000001 RSI: ffffffff8245a446 RDI: 0000000000000008
[  336.776026][T13550] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000000000
[  336.778520][T13550] R10: 7fffffffffffff5f R11: 0000000000000000 R12: 0000000000000000
[  336.780973][T13550] R13: ffff888024efc028 R14: ffff888024b26000 R15: 7fffffffffffff5f
[  336.783889][T13550] FS:  00007f390e3f76c0(0000) GS:ffff8880d6865000(0000) knlGS:0000000000000000
[  336.786921][T13550] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  336.788997][T13550] CR2: 00007fb01afb7bac CR3: 0000000054cde000 CR4: 0000000000352ef0
[  336.791481][T13550] Kernel panic - not syncing: Fatal exception
[  336.794045][T13550] Kernel Offset: disabled
[  336.795411][T13550] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:24:45  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffff88806a5417a0 RCX=ffffffff81afe5ad RDX=ffff88805c530000
RSI=ffffffff81afe589 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc9000685f8a0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff9afdd048
R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d4a82f5 R15=ffff88806a43cf00
RIP=ffffffff81afe58b RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6765000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000003a80 CR3=000000000e382000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004144 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb01ae11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000001010a00 000000200a000000 0000000000000000 0001001000000014
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000003010a03 0000005c00000000 307a797300010009 0000000500000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000f5ff327a7973 0003000900000000 307a797300010009 0000000500000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003001400000000 4001000812000000 4002000880040028 03000000400a0008
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100110000001400 0000000000000000 0000316e616c7700 0300140000000040
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100081200000040 0200088004002803 000000400a000800 00f5ff327a797300
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300090000000030 7a79730001000900 0000050000000000 00000003010a0300
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005c0000000030 7a79730001000900 0000050000000000 00000001010a0000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8559a465 RDI=ffffffff9b0772e0 RBP=ffffffff9b0772a0 RSP=ffffc9000db27310
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b
R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b0772a0 R15=ffffffff8559a400
RIP=ffffffff8559a48f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f390e3f76c0 ffffffff 00c00000
GS =0000 ffff8880d6865000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fb01afb7bac CR3=0000000054cde000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe18833430 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001a10c4 RBX=0000000000000002 RCX=ffffffff8b7d6ca9 RDX=ffffed100d4c663e
RSI=ffffffff8c154420 RDI=ffffffff8191e9b1 RBP=ffffed1003bd1910 RSP=ffffc90000187df8
R8 =0000000000000000 R9 =ffffed100d4c663d R10=ffff88806a6331eb R11=0000000000000000
R12=0000000000000002 R13=ffff88801de8c880 R14=ffffffff90a7b350 R15=0000000000000000
RIP=ffffffff8b7d580f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6965000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000024bd8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf411c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf583488 00007f9ecf583480 00007f9ecf583478 00007f9ecf583450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ed00ed100 00007f9ecf583440 00007f9ecf580004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9ecf583498 00007f9ecf583490 00007f9ecf583488 00007f9ecf583480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000205ae4 RBX=0000000000000003 RCX=ffffffff8b7d6ca9 RDX=ffffed100d4e663e
RSI=ffffffff8c154420 RDI=ffffffff8191e9b1 RBP=ffffed1003c54000 RSP=ffffc90000197df8
R8 =0000000000000000 R9 =ffffed100d4e663d R10=ffff88806a7331eb R11=0000000000000000
R12=0000000000000003 R13=ffff88801e2a0000 R14=ffffffff90a7b350 R15=0000000000000000
RIP=ffffffff8b7d580f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a65000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f390e3d6d58 CR3=0000000054cde000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d611c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d783488 00007f390d783480 00007f390d783478 00007f390d783450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390e2ed100 00007f390d783440 00007f390d783458 0004000b000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f390d783498 00007f390d783490 00007f390d783488 00007f390d783480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000