last executing test programs:

1m56.666876946s ago: executing program 0 (id=590):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004680)=ANY=[@ANYBLOB="6804000010490104000000010000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003800128009000100766c616e000000002800028006000100000000001c0003800c00010007000000000000000c000100270000000000000008000500", @ANYRES32=r4, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB], 0x68}}, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000300)=0xff, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x40000001, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f00000000c0)={0x5, 0x8, 0x7fff, 0x0, <r8=>0x0})
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000004, 0x11, r6, 0x1000f0000)
connect$inet(r1, &(0x7f0000000540)={0x2, 0x4e23, @private=0xa010100}, 0x10)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
write$UHID_INPUT(r10, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b303d0e8b089b07323068090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r6, 0xc00464b4, &(0x7f0000000080)={r8})
r11 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r11, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x0, 0x0, 0x6}, 0x10)
r12 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r12, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
recvmmsg(r11, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000340)=""/179, 0xb3}], 0x1}}], 0x1, 0x7fb10727dda9, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=ANY=[@ANYBLOB="a52726b4d176a86e1de2b59a1fdbfe1fe5f0d1455eebb62ab31103734accd68f5be61ea45b0d", @ANYRESHEX=r8, @ANYRES16=r4, @ANYBLOB="fca96c077a0c63de", @ANYRES16=r4, @ANYRES32=r7, @ANYRES32=r2, @ANYRESDEC=r11, @ANYRES64=r2, @ANYRES16=r3], 0x1c}}, 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r13, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4b8, 0x2b0, 0x268, 0x300, 0x2b0, 0x268, 0x3e8, 0x460, 0x460, 0x3e8, 0x460, 0x9, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @loopback, [], [], 'veth0_to_hsr\x00', 'bond_slave_0\x00'}, 0x0, 0x270, 0x2b0, 0x0, {0x9401}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0xc28da5586c675118, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @dev, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2, @rand_addr=' \x01\x00', @dev, @mcast2, @private0, @mcast2, @private1, @remote, @private0, @remote, @private1]}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @mcast1, @private2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "1852aa405753905554ed000600ebaf5ffbbbcc15d0abddcb5ae29b3b8f45"}}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811)

1m55.700567577s ago: executing program 0 (id=601):
r0 = socket$inet(0x2, 0x2, 0x9)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000080)={<r1=>0x0, 0x8c5}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000001c0)={r1, 0xfb, 0x5}, 0x8) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000100000000000000061122000000000009500009b00060000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m55.699347789s ago: executing program 0 (id=602):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fstat(r0, &(0x7f0000000000))
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000700)=[@text64={0x40, &(0x7f0000000380)="67660f0125fe66baf80cb8e4b69a81ef45db0eb000ee660f3882332641adc4a1b96af52642d35efcc4c17c10bf0000010048b808000000000000000f23d00f21f8353000000a0f23f88f69409326360f01cf", 0xb3}], 0x1, 0x23, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m54.520100809s ago: executing program 0 (id=630):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000340)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000000)='./file0\x00')

1m54.519991779s ago: executing program 0 (id=631):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000ffffffffffffff8000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

1m54.445405365s ago: executing program 0 (id=633):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d0df91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b32346d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x31ce0f03f15c3594, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_PEC(r3, 0x708, 0x2)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000000c0)={0x1, 0x0, 0x1, &(0x7f0000000340)={0x0, "90f541a5e64f6190910d0000002b0592410aefd9cca7b2986eb5e50929e7cb8393"}})
syz_emit_ethernet(0x72, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde0800450000640000000000019078ac1e0001ac1414aa05009078e00000e0420000000000000000110004ac1414aa00020000830300070300442c0003ac1414bb0000000000007532fb4c002000000000ac14140000000000ac1414aa00000000ac141400000049c063bd10bb4c94c49cb9d8e417b4744faae202b3130bac2ac7bac01d593e6d3dc06f624a4d51285a202f801c5db410af459757704db8bd84a8adaa23a3389b24b315f56930f08fb29ecbc2f438c5168e07ffa1b6b15fdc5d3113aeccc8cc7b84c1b4406204c98623cc6c8ae7e19131b3f5a488f3b99a305a1a7c8d4f63fbae3b9444135b5172b49614e9e52801ccbcd3c968ef7a512d4a423c6c8faa7f0b2a2e0c3271795c3eb56280232748d3781829436d281fa2496251"], 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000b00)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000180)=ANY=[@ANYBLOB="e04aecc341653df449fd73b54bd2184f05670c032dea156e35d62eea713f3c19e938b7a0509a470e43fcba23b75e85aeb4036ef75132206f7734b518fd7d459a0f7775a5897adc66c27ea2919bf75abe2073be9b59324d2b91ed3265b67bcaadc955c408fc8ee906681d1cdf48894bb901af743b3237be47d4af9e8f29", @ANYRES16=r5, @ANYBLOB="010027bd7000fbdbdf2509000000080001000000000008000300", @ANYRES32=r6, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x4004000)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0xe9)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)
r10 = getpid()
write$cgroup_pid(r9, &(0x7f0000000280)=r10, 0x12)

1m54.383525069s ago: executing program 32 (id=633):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d0df91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b32346d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x31ce0f03f15c3594, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_PEC(r3, 0x708, 0x2)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000000c0)={0x1, 0x0, 0x1, &(0x7f0000000340)={0x0, "90f541a5e64f6190910d0000002b0592410aefd9cca7b2986eb5e50929e7cb8393"}})
syz_emit_ethernet(0x72, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffff1704b45adbde0800450000640000000000019078ac1e0001ac1414aa05009078e00000e0420000000000000000110004ac1414aa00020000830300070300442c0003ac1414bb0000000000007532fb4c002000000000ac14140000000000ac1414aa00000000ac141400000049c063bd10bb4c94c49cb9d8e417b4744faae202b3130bac2ac7bac01d593e6d3dc06f624a4d51285a202f801c5db410af459757704db8bd84a8adaa23a3389b24b315f56930f08fb29ecbc2f438c5168e07ffa1b6b15fdc5d3113aeccc8cc7b84c1b4406204c98623cc6c8ae7e19131b3f5a488f3b99a305a1a7c8d4f63fbae3b9444135b5172b49614e9e52801ccbcd3c968ef7a512d4a423c6c8faa7f0b2a2e0c3271795c3eb56280232748d3781829436d281fa2496251"], 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000ac0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000b00)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000180)=ANY=[@ANYBLOB="e04aecc341653df449fd73b54bd2184f05670c032dea156e35d62eea713f3c19e938b7a0509a470e43fcba23b75e85aeb4036ef75132206f7734b518fd7d459a0f7775a5897adc66c27ea2919bf75abe2073be9b59324d2b91ed3265b67bcaadc955c408fc8ee906681d1cdf48894bb901af743b3237be47d4af9e8f29", @ANYRES16=r5, @ANYBLOB="010027bd7000fbdbdf2509000000080001000000000008000300", @ANYRES32=r6, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x4004000)
r7 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r7, 0xae03, 0xe9)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)
r10 = getpid()
write$cgroup_pid(r9, &(0x7f0000000280)=r10, 0x12)

1m2.710995093s ago: executing program 2 (id=1405):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYRES32], 0x31)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000000400007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70400000000000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0x0, 0xfffffffffffffdf3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x40000, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_usb_connect$printer(0x4, 0x2d, 0x0, 0x0)
syz_emit_ethernet(0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaa6acf7427c100000000000000000000ff020000003c4b899e0000000000000173009078000000000c79ef1cfb698e35cb7c556097"], 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r9}, 0x10)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r10 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
r12 = dup(r11)
ioctl$KVM_SET_MSRS(r12, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000008010040"])
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r12], 0x40}}, 0x0)
dup3(r4, r3, 0x80000)

1m0.37089691s ago: executing program 2 (id=1433):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000700000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

1m0.146012943s ago: executing program 2 (id=1435):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616efffe000400028008000a"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

1m0.072270877s ago: executing program 2 (id=1436):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f0000000080)='./file0/../file0\x00', 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x7, 0x70bd2d, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}]}, 0x34}}, 0x20000800)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x80000, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2020)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0) (async)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) (async)
umount2(&(0x7f0000000080)='./file0/../file0\x00', 0x8) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) (async)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r1, 0x7, 0x70bd2d, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}]}, 0x34}}, 0x20000800) (async)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x80000, 0x0) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') (async)
read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2020) (async)

1m0.018170673s ago: executing program 2 (id=1438):
mknod(&(0x7f0000000040)='./file0/../file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x30000009})
epoll_pwait2(r1, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x7e, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x13)
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000300)="e7", 0x1}], 0x1)

59.719099174s ago: executing program 2 (id=1445):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x4, 0xd0, 0x8, 0x0, 0x2, "7c682162aa0c0dd0"})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x2, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000006c000100"], 0x18}}, 0x4000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)}}, 0x20)

59.699997905s ago: executing program 33 (id=1445):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./bus\x00', 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000100)={0x4, 0xd0, 0x8, 0x0, 0x2, "7c682162aa0c0dd0"})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x2, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000006c000100"], 0x18}}, 0x4000)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)}}, 0x20)

50.620815092s ago: executing program 4 (id=1593):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1, 0x0, 0x1000000}, 0x18)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000200)={&(0x7f00000001c0)=""/7, 0x1108000, 0x1000, 0x5, 0x3}, 0x20)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x13, r3, 0x0)
r4 = syz_io_uring_setup(0x76d6, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5}, 0x10)
syz_emit_ethernet(0x71, &(0x7f0000000000)={@remote, @random="eb9cf05ac442", @void, {@x25={0x805, {0x3, 0x2, 0xf9, "e8d146eb035bb9117c26697550648f2172d42c00d6a1afe071ae0c96b8d24eae1b27abe38fd435f338af271ae83b0cab7ece3177c783f254e562d5d14833941faa2d4fb56d3d9fbcc7acb55dab6cfaf519d47eb928a6867ab5c13d8076b3722d"}}}}, &(0x7f0000000080)={0x0, 0x3, [0xaef, 0x56, 0x374, 0x10c]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r1, 0x0, 0x1000000}, 0x18) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0) (async)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000200)={&(0x7f00000001c0)=""/7, 0x1108000, 0x1000, 0x5, 0x3}, 0x20) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x13, r3, 0x0) (async)
syz_io_uring_setup(0x76d6, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000080)) (async)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001f40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5}, 0x10) (async)
syz_emit_ethernet(0x71, &(0x7f0000000000)={@remote, @random="eb9cf05ac442", @void, {@x25={0x805, {0x3, 0x2, 0xf9, "e8d146eb035bb9117c26697550648f2172d42c00d6a1afe071ae0c96b8d24eae1b27abe38fd435f338af271ae83b0cab7ece3177c783f254e562d5d14833941faa2d4fb56d3d9fbcc7acb55dab6cfaf519d47eb928a6867ab5c13d8076b3722d"}}}}, &(0x7f0000000080)={0x0, 0x3, [0xaef, 0x56, 0x374, 0x10c]}) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)) (async)
sendmsg$inet(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) (async)
recvmsg$unix(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) (async)

50.619689727s ago: executing program 4 (id=1595):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000480)=[{0x20, 0x9, 0x0, 0xffffd01d}, {0x6, 0xc2, 0x1, 0x8000}]}, 0x10) (async)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000480)=[{0x20, 0x9, 0x0, 0xffffd01d}, {0x6, 0xc2, 0x1, 0x8000}]}, 0x10)

50.567579882s ago: executing program 4 (id=1597):
io_setup(0x81, &(0x7f0000000180)=<r0=>0x0) (async)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_submit(r0, 0x1, &(0x7f0000001d00)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000340)='p', 0x300}]) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) (async, rerun: 64)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c6761636865040bed45d36782a72d667363616368652c76657273696f6e3d3970323030302e75"]) (rerun: 64)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00') (async)
futex(&(0x7f0000000340)=0x1, 0x8, 0x1, 0x0, 0x0, 0x2)
read$FUSE(r3, &(0x7f0000000980)={0x2020}, 0x2020)

50.236228736s ago: executing program 4 (id=1604):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mkdir(&(0x7f0000000240)='./file0/../file0\x00', 0x88)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x199100a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x901091, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x9)

50.076148088s ago: executing program 4 (id=1607):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000780)=ANY=[@ANYBLOB="280400001600e5632bbd7000fedbdf25fc010000000000000000000000000800ac1414aa0000000000000000000000004e230fff4e2300050200808021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe800000000000000000000000000035000004d432000000ac1414bb000000000000000000000000050000000000000002000000000000000004000000000000070000000000000007000000000000006cee0000000000000700000000000000ff03000000000000010000000100000005000000000000003f0000000000000009000000000000000800000001000080090000002bbd7000ff3400000a0000039400000000000000010000000e2dcf09050019003c0000001c000400fdff4e224e200000ac1414bb000000000000000000000000ff0002006f666228616e756269732d67656e6572696329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b80500004dcb81766c6493e0f6857fe916c47729c115e4aa273e469615a5355d32be79a363623ccc7dcab2a922bd3b4c2baa17ca5e6ae361450e4c5969f5b4c65210c9ee7c0cf557f211c9571f9f3a87c4b9c8f481f633a22bb7b3b69e4f3817fee2586d30df6463f753076bd5d58289ef320db79dac318a51adeeef0d976bfc5c25a7e754a1821746f695a6515cef439129c0657e512905770fb7efe0ff370a54063c8f79c85b04378c75c6abb588bc56f4fbe71e207936465ca60028001a00ac14142d000000000000000000000000fc0200000000000000000000000000010a00000924000938"], 0x428}}, 0x0)

49.862467737s ago: executing program 4 (id=1608):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r0, &(0x7f0000000100)=""/107, 0x6b) (async)
read$nci(r0, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r0, &(0x7f0000000100)=ANY=[], 0x4)
write$vga_arbiter(r0, &(0x7f0000000080)=@unlock_all, 0xb)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c) (async)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c)
socket$netlink(0x10, 0x3, 0x8000000004)
fanotify_init(0x200, 0x0) (async)
r2 = fanotify_init(0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000007feffff720af0fff8ffffff71a4f0ff0000000061100000000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\x97k\xde\xc5\xe96\xddU\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00'/110, 0x7) (async)
r3 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\x97k\xde\xc5\xe96\xddU\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00'/110, 0x7)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c1b00001800060000000000000000001d2efb0a4060da8e0004000008000400", @ANYRES32=r5, @ANYBLOB="0600150003000000100016800c000100000000000000ecab"], 0x3c}}, 0x0)
r7 = dup(r3)
fanotify_mark(r2, 0x1, 0x48001059, r7, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x111, 0xa}}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15) (async)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r9) (async)
r10 = dup(r9)
r11 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r10}, &(0x7f0000000180)=<r12=>0x0, &(0x7f00000001c0)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r11, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async)
io_uring_enter(r11, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))

49.805552298s ago: executing program 34 (id=1608):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000380), 0x101202, 0x0)
read$nci(r0, &(0x7f0000000100)=""/107, 0x6b) (async)
read$nci(r0, &(0x7f0000000100)=""/107, 0x6b)
write$nci(r0, &(0x7f0000000100)=ANY=[], 0x4)
write$vga_arbiter(r0, &(0x7f0000000080)=@unlock_all, 0xb)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c) (async)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7}, 0x1c)
socket$netlink(0x10, 0x3, 0x8000000004)
fanotify_init(0x200, 0x0) (async)
r2 = fanotify_init(0x200, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000007feffff720af0fff8ffffff71a4f0ff0000000061100000000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\x97k\xde\xc5\xe96\xddU\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00'/110, 0x7) (async)
r3 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\x97k\xde\xc5\xe96\xddU\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00'/110, 0x7)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c1b00001800060000000000000000001d2efb0a4060da8e0004000008000400", @ANYRES32=r5, @ANYBLOB="0600150003000000100016800c000100000000000000ecab"], 0x3c}}, 0x0)
r7 = dup(r3)
fanotify_mark(r2, 0x1, 0x48001059, r7, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x111, 0xa}}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15) (async)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r9) (async)
r10 = dup(r9)
r11 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r10}, &(0x7f0000000180)=<r12=>0x0, &(0x7f00000001c0)=<r13=>0x0)
syz_io_uring_submit(r12, r13, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r11, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async)
io_uring_enter(r11, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))

24.77122667s ago: executing program 6 (id=2053):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000a40)={0xa, @pix_mp={0x0, 0x0, 0x0, 0x0, 0xb, [{0x1}, {}, {}, {}, {}, {0x200}], 0xfd, 0x0, 0x0, 0x0, 0x3}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r0, 0x0, 0x6, 0x5)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

21.547624189s ago: executing program 6 (id=2115):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x9, 0x2, 0x40, 0x8}, 0x8)
sendto$inet(r0, &(0x7f0000000040)="0898480b14c9e25a3ba4b3647bc175193d3bb552fcddaf6f47fe01f2c49d811427de3fa258a10b38d2ae3bd0f2cecb9d059555c664f1670a78b5bba2a0407071daef19d6da0f1741c672761e12ad4fecd9a273d83213c1b3c16064d1b5e5037182b563be608e20ff4cefd8891bf4d19a04bbca5ea35e493443455313b6e8bf14d4bf3a886cdcee8602c9db6ac256a3739c1eeff4ca3e98fd53b2", 0x9a, 0x800, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff})
pselect6(0x40, &(0x7f0000000180)={0x0, 0x0, 0x7, 0x5368, 0x10, 0x80000000, 0x8, 0x546}, &(0x7f00000001c0)={0x8, 0x4, 0x9, 0x5ec, 0x1, 0x4, 0xd, 0x315d}, &(0x7f0000000200)={0x2, 0x7, 0x342e, 0x9, 0xffffffff, 0x6, 0x7, 0x3}, &(0x7f0000000240), &(0x7f00000002c0)={&(0x7f0000000280)={[0xfffffffffffffffe]}, 0x8})
sendto$inet(r0, &(0x7f0000000300), 0x0, 0x4000, &(0x7f0000000340)={0x2, 0x4e24, @private=0xa010101}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r2, 0x6, 0x1a, &(0x7f0000000380)=""/130, &(0x7f0000000440)=0x82)
setsockopt$inet_tcp_int(r2, 0x6, 0x5, &(0x7f0000000480)=0x2, 0x4)
select(0x40, &(0x7f00000004c0)={0x7, 0x8001, 0x3, 0x7183, 0x200, 0xfffffffffffffff8, 0x1, 0x6}, &(0x7f0000000500)={0x3, 0x3, 0x3a7, 0x8, 0x8a6, 0x0, 0x7e, 0x8}, &(0x7f0000000540)={0xcc, 0x7, 0x6, 0x5, 0x2, 0x1, 0x100000000, 0x3}, &(0x7f0000000580))
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000005c0)='nv\x00', 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000600)='bic\x00', 0x4)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x1010, r1, 0x26abd000)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000640), 0x4)
clock_gettime(0x0, &(0x7f00000006c0)={<r3=>0x0, <r4=>0x0})
futex(&(0x7f0000000680)=0x1, 0x180, 0x2, &(0x7f0000000700)={r3, r4+60000000}, &(0x7f0000000740)=0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000780)=0x6, 0x4)
getsockopt$inet_tcp_buf(r2, 0x6, 0xb, &(0x7f00000007c0)=""/107, &(0x7f0000000840)=0x6b)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
r5 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000880), 0x200002, 0x0)
setsockopt$inet_tcp_TLS_TX(r5, 0x6, 0x1, &(0x7f00000008c0)=@ccm_128={{0x303}, "dcdf48fbb27b40ed", "6edb40872c2732d6a39c03bba84f745d", "ea013729", "9d44eabff66daeee"}, 0x28)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r5, 0x89f9, &(0x7f0000000940)={'sit0\x00', &(0x7f0000000900)={@empty, @remote, 0x1, 0x6}})
getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000ac0)={'filter\x00', 0x0, 0x4, 0xa7, [0x2, 0x3, 0xf2, 0x100000001, 0x9, 0x2ff], 0x7, &(0x7f0000000980)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000a00)=""/167}, &(0x7f0000000b40)=0x78)
read$FUSE(r2, &(0x7f0000000b80)={0x2020, 0x0, <r6=>0x0}, 0x2020)
read$FUSE(r5, &(0x7f0000002bc0)={0x2020, 0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_ATTR(r5, &(0x7f0000004c00)={0x78, 0x0, r6, {0x8001, 0x4, 0x0, {0x6, 0x2, 0x1, 0x10, 0x0, 0x1, 0xfff, 0x1, 0x7, 0x1000, 0x6, r7, 0xee01, 0x7, 0x1}}}, 0x78)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000004c80)={<r8=>0x0, 0x7fff, 0x4, [0xfff, 0x7, 0x3, 0x9]}, &(0x7f0000004cc0)=0x10)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000004d00)={r8, 0x47ec}, 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000004d40), 0x0, 0x0)

21.457132195s ago: executing program 6 (id=2118):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
capget(0x0, &(0x7f00000001c0))
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r5, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000009800)=ANY=[@ANYBLOB="380000005400e50100000000ffdbdf2507000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r6, @ANYBLOB="01000300fe80000000000000001a0000000000aa86dd"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x1a1540, 0x0)
ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async', 0x2442, 0x1)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = dup(r10)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xa8}, [@ldst={0x6, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)

21.167789652s ago: executing program 6 (id=2123):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) (async)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50) (async)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r2, 0x400442c8, &(0x7f0000001a80)={r1, 0x8, 0x1ff})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe83, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r3}, 0x10)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f0000000080)='./file0\x00')
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"])
chdir(&(0x7f0000000080)='./file0\x00') (async)
chdir(&(0x7f0000000080)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
ftruncate(r5, 0xc17c) (async)
ftruncate(r5, 0xc17c)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, 0x0, &(0x7f0000002180)) (async)
getsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, 0x0, &(0x7f0000002180))
ftruncate(r5, 0x8001)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x3, 0x0, 0x0, 0x5)
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b7040000000000008500000033000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r8}, 0xc)
ioctl$DRM_IOCTL_SET_VERSION(r6, 0xc0106407, &(0x7f0000000000)={0x1, 0x0, 0x1, 0x1})
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x7ff}, 0x8) (async)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x7ff}, 0x8)

21.148916878s ago: executing program 6 (id=2125):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
flistxattr(r0, &(0x7f0000000bc0)=""/4096, 0x1000)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000019c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x1, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xf}}, [@TCA_RATE={0x6, 0x5, {0xe4, 0x6}}]}, 0x2c}}, 0x0)

20.772290815s ago: executing program 6 (id=2128):
r0 = dup(0xffffffffffffffff) (async)
r1 = socket(0x2a, 0x2, 0x0) (async)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2) (async)
openat$sr(0xffffffffffffff9c, &(0x7f0000000400), 0x887dab077f141882, 0x0) (async)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = dup2(r3, r2)
close_range(r4, 0xffffffffffffffff, 0x0) (async)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2) (async)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000600)=<r6=>0x0)
syz_open_procfs(r6, &(0x7f00000005c0)='net/l2cap\x00') (async)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f00000008c0)={0x2, 0x0, {&(0x7f0000000840)=""/125, 0x7d, &(0x7f00000003c0)=""/19, 0x1, 0x4}}, 0x48) (async)
getsockopt$PNPIPE_INITSTATE(r5, 0x113, 0x4, &(0x7f0000000180), &(0x7f0000000080)=0x4)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000240)={0xffffffff, <r7=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000380)={0x18, r7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000a00)=@newqdisc={0x210, 0x24, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0xfff3}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8ede}, @TCA_STAB={0x58, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7f, 0x40, 0xfffe, 0x0, 0x1, 0x2, 0xffffffff, 0x5}}, {0xe, 0x2, [0x462, 0x3, 0x8, 0x4, 0x8]}}, {{0x1c, 0x1, {0x80, 0x1, 0x3, 0x0, 0x0, 0x4, 0x2ea2, 0x3}}, {0xa, 0x2, [0x96, 0x7, 0x1]}}]}, @TCA_STAB={0x184, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x0, 0x2, 0x6, 0x2, 0x40, 0x9, 0x4}}, {0xc, 0x2, [0x3, 0x1, 0x400, 0x0]}}, {{0x1c, 0x1, {0x2, 0x9a, 0x84, 0x5, 0x0, 0x9, 0x6, 0x6}}, {0x10, 0x2, [0x3, 0x0, 0x7, 0x5, 0x4, 0x5]}}, {{0x1c, 0x1, {0x0, 0x8, 0x56, 0x7, 0x2, 0x7fff, 0xffffff1e, 0x3}}, {0xa, 0x2, [0x9, 0xfff7, 0xfff9]}}, {{0x1c, 0x1, {0x4, 0x9, 0xf726, 0x7, 0x2, 0xe8, 0x10, 0x5}}, {0xe, 0x2, [0x4, 0x7, 0x7, 0x1, 0x9]}}, {{0x1c, 0x1, {0x7, 0x81, 0xa, 0x1, 0x2, 0x0, 0x0, 0x6}}, {0x10, 0x2, [0x64, 0xf801, 0x3fe1, 0x524, 0xfffc, 0x7]}}, {{0x1c, 0x1, {0x2, 0x8, 0x362, 0x9, 0x0, 0x7ff, 0x5, 0x9}}, {0x16, 0x2, [0x3, 0x401, 0x41, 0xb3af, 0xfbf7, 0x6, 0x8, 0x7, 0x6]}}, {{0x1c, 0x1, {0x6, 0x1, 0x8, 0x1ff, 0x0, 0xfffffffb, 0x6, 0x4}}, {0xc, 0x2, [0xfffd, 0xd, 0x9, 0x1]}}, {{0x1c, 0x1, {0x3, 0x2, 0x3, 0xc, 0x1, 0x80, 0x3852, 0x1}}, {0x6, 0x2, [0x9]}}, {{0x1c, 0x1, {0xe, 0x6a, 0xe739, 0xfffffff7, 0x0, 0xa, 0x7ff, 0x6}}, {0x10, 0x2, [0x4, 0x8, 0x0, 0x9, 0x3, 0x7]}}]}, @TCA_RATE={0x6, 0x5, {0x8, 0xfa}}]}, 0x210}, 0x1, 0x0, 0x0, 0x4c805}, 0x0) (async)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000000)=<r8=>0x0) (async)
getresgid(&(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000140), &(0x7f00000001c0))
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, &(0x7f00000001c0)={0x0, 0x2, 0x7ff00000000000, 0x5})
write$P9_RGETATTR(r0, &(0x7f0000000500)={0xa0, 0x19, 0x2, {0xa2, {0x1, 0x4, 0x2}, 0x1a, r8, r9, 0x7fff, 0xfffffffffffffff8, 0x7, 0xffffffffffffffff, 0xfffffffffffff4a4, 0x7fffffff, 0x6f5a1823, 0x1, 0xe, 0x7, 0x7, 0x4, 0x5, 0x8, 0x1}}, 0xa0) (async)
getsockname$packet(r10, &(0x7f00000009c0)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000940)=0x11) (async)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc211})
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r12, &(0x7f0000000580)=ANY=[@ANYRES8=r5, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="c06293d3cb3439e9"], 0x36)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x14004805}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r11, {0xf, 0xe}, {}, {0x1c, 0x10}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x40) (async)
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r14, &(0x7f00000002c0), 0x40000000000009f, 0x0)

20.752157684s ago: executing program 35 (id=2128):
r0 = dup(0xffffffffffffffff) (async)
r1 = socket(0x2a, 0x2, 0x0) (async)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2) (async)
openat$sr(0xffffffffffffff9c, &(0x7f0000000400), 0x887dab077f141882, 0x0) (async)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = dup2(r3, r2)
close_range(r4, 0xffffffffffffffff, 0x0) (async)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2) (async)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000600)=<r6=>0x0)
syz_open_procfs(r6, &(0x7f00000005c0)='net/l2cap\x00') (async)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f00000008c0)={0x2, 0x0, {&(0x7f0000000840)=""/125, 0x7d, &(0x7f00000003c0)=""/19, 0x1, 0x4}}, 0x48) (async)
getsockopt$PNPIPE_INITSTATE(r5, 0x113, 0x4, &(0x7f0000000180), &(0x7f0000000080)=0x4)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000240)={0xffffffff, <r7=>0x0, 0x1})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000380)={0x18, r7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000a00)=@newqdisc={0x210, 0x24, 0x2, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0xfff3}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8ede}, @TCA_STAB={0x58, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7f, 0x40, 0xfffe, 0x0, 0x1, 0x2, 0xffffffff, 0x5}}, {0xe, 0x2, [0x462, 0x3, 0x8, 0x4, 0x8]}}, {{0x1c, 0x1, {0x80, 0x1, 0x3, 0x0, 0x0, 0x4, 0x2ea2, 0x3}}, {0xa, 0x2, [0x96, 0x7, 0x1]}}]}, @TCA_STAB={0x184, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x0, 0x2, 0x6, 0x2, 0x40, 0x9, 0x4}}, {0xc, 0x2, [0x3, 0x1, 0x400, 0x0]}}, {{0x1c, 0x1, {0x2, 0x9a, 0x84, 0x5, 0x0, 0x9, 0x6, 0x6}}, {0x10, 0x2, [0x3, 0x0, 0x7, 0x5, 0x4, 0x5]}}, {{0x1c, 0x1, {0x0, 0x8, 0x56, 0x7, 0x2, 0x7fff, 0xffffff1e, 0x3}}, {0xa, 0x2, [0x9, 0xfff7, 0xfff9]}}, {{0x1c, 0x1, {0x4, 0x9, 0xf726, 0x7, 0x2, 0xe8, 0x10, 0x5}}, {0xe, 0x2, [0x4, 0x7, 0x7, 0x1, 0x9]}}, {{0x1c, 0x1, {0x7, 0x81, 0xa, 0x1, 0x2, 0x0, 0x0, 0x6}}, {0x10, 0x2, [0x64, 0xf801, 0x3fe1, 0x524, 0xfffc, 0x7]}}, {{0x1c, 0x1, {0x2, 0x8, 0x362, 0x9, 0x0, 0x7ff, 0x5, 0x9}}, {0x16, 0x2, [0x3, 0x401, 0x41, 0xb3af, 0xfbf7, 0x6, 0x8, 0x7, 0x6]}}, {{0x1c, 0x1, {0x6, 0x1, 0x8, 0x1ff, 0x0, 0xfffffffb, 0x6, 0x4}}, {0xc, 0x2, [0xfffd, 0xd, 0x9, 0x1]}}, {{0x1c, 0x1, {0x3, 0x2, 0x3, 0xc, 0x1, 0x80, 0x3852, 0x1}}, {0x6, 0x2, [0x9]}}, {{0x1c, 0x1, {0xe, 0x6a, 0xe739, 0xfffffff7, 0x0, 0xa, 0x7ff, 0x6}}, {0x10, 0x2, [0x4, 0x8, 0x0, 0x9, 0x3, 0x7]}}]}, @TCA_RATE={0x6, 0x5, {0x8, 0xfa}}]}, 0x210}, 0x1, 0x0, 0x0, 0x4c805}, 0x0) (async)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000000)=<r8=>0x0) (async)
getresgid(&(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000140), &(0x7f00000001c0))
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r10, 0x40305828, &(0x7f00000001c0)={0x0, 0x2, 0x7ff00000000000, 0x5})
write$P9_RGETATTR(r0, &(0x7f0000000500)={0xa0, 0x19, 0x2, {0xa2, {0x1, 0x4, 0x2}, 0x1a, r8, r9, 0x7fff, 0xfffffffffffffff8, 0x7, 0xffffffffffffffff, 0xfffffffffffff4a4, 0x7fffffff, 0x6f5a1823, 0x1, 0xe, 0x7, 0x7, 0x4, 0x5, 0x8, 0x1}}, 0xa0) (async)
getsockname$packet(r10, &(0x7f00000009c0)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000940)=0x11) (async)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc211})
r13 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r13, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r12, &(0x7f0000000580)=ANY=[@ANYRES8=r5, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="c06293d3cb3439e9"], 0x36)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x14004805}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r11, {0xf, 0xe}, {}, {0x1c, 0x10}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x40) (async)
r14 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r14, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.020746076s ago: executing program 7 (id=2354):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x36, 0x2, 0x3, "686b10ff856bc2cb00000000004000000000000000000000000000ffffffe700"})

3.943780342s ago: executing program 7 (id=2357):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000008000000000000000a20000000000a0500f400000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a300000000014000480080002400000000008"], 0xdc}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f00000001c0)={0x4000}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001200)={0x14, 0x16, 0xa01, 0x0, 0x0, {0xa, 0x2}}, 0x14}}, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000037c0000040000000c000180060006"], 0x528}}, 0xc000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'geneve0\x00'})

3.943471806s ago: executing program 7 (id=2358):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0xa, 0x14, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}}]}}}]}, 0x40}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_MSR_PLATFORM_INFO(r4, 0x4068aea3, &(0x7f0000000380)={0x9f, 0x0, 0x1})
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee2000905821704"], 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0xfffffffffffffddf, &(0x7f0000000000)=ANY=[])
syz_usb_control_io(r5, 0x0, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20088080}, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r6=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, r6, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xbc, 0xbc, 0x2, [@array, @const, @ptr, @typedef, @int, @restrict, @func, @fwd, @enum={0x0, 0x8, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}, {}, {}]}]}}, 0x0, 0xd6, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.737833031s ago: executing program 3 (id=2370):
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
read$char_usb(r0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc018aec0, 0x0)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000fffffff50000000000000000aaff02000000000000000000000000000106"], 0xffe)

2.620347719s ago: executing program 3 (id=2371):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4040890}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000"], 0x64}}, 0x0)
r1 = mq_open(&(0x7f0000000040)='\x00', 0x1, 0xe2, &(0x7f0000000140)={0xfff, 0x1, 0x400, 0xa})
ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f0000000180)={r0})
r2 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r2, 0x5)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10)
sendmmsg(r3, &(0x7f0000002980), 0x400000000000239, 0x0)

2.256750584s ago: executing program 5 (id=2381):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0xffffff23, 0x24, 0x4, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xfff2}, {0x3, 0xfff2}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'syztnl0\x00', <r2=>r1, 0x29, 0x7f, 0xd, 0x5, 0x60, @empty, @empty, 0x7, 0x8000, 0x5, 0x669}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfffffffffffffeb0, &(0x7f00000001c0)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x1, {0x0, 0x0, 0x0, r2, {0xffe0, 0xe}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtfilter={0x98, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x5, 0xfffc}, {}, {0x2, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb, 0x3, '.,\\-\\{\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x55b, 0x2, 0x10000000, 0x7, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x5, 0x1}}]}, 0x98}}, 0x801)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f0000005a00)=ANY=[@ANYBLOB="66696c7465721d00000000000000000000007d1600000000000000000000000004"], 0x68)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.202381282s ago: executing program 5 (id=2383):
creat(&(0x7f0000000000)='./file1\x00', 0x11b)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0xfffffffe)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000002c0)={0x0, 0x0, 0x4, r2, 0xb})
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0xca800, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "71aebd58"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f00000000c0)=0x2)
close(r5)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
setrlimit(0xf, &(0x7f0000000240)={0x3, 0x40})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r7=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@ipv4_getnetconf={0x3c, 0x52, 0xb20, 0x70bd2d, 0x25dfdbff, {}, [@NETCONFA_RP_FILTER={0x8, 0x3, 0xe22}, @NETCONFA_FORWARDING={0x8, 0x2, 0x5}, @NETCONFA_IFINDEX={0x8, 0x1, r7}, @NETCONFA_FORWARDING={0x8, 0x2, 0x7}, @NETCONFA_RP_FILTER={0x8}]}, 0x3c}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0200180000000000000000000000796f760000000000e1ff"], 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0)

2.133646786s ago: executing program 1 (id=2385):
r0 = io_uring_setup(0x5c9a, &(0x7f0000000000)={0x0, 0x5ef, 0x400, 0x2, 0x1b1})
mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
open(&(0x7f0000000f00)='./file0\x00', 0x0, 0x152)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00')
preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0x5, &(0x7f0000000080)=0x2, 0x4)
writev(r6, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000300004802c"], 0x84}}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
io_submit(r4, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x6, 0x0, r3, 0x0}])
read(r3, &(0x7f0000000200)=""/137, 0x89)

1.700762395s ago: executing program 3 (id=2386):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0xfffffffffffffffd, 0x0, 0x90a}}, 0x30)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [], 0xa, "e98cb89ec7e83ec7bcb26933bd27a7d60c757ee8b38455b192211ff54f3706000000000000007191d37771b3fd239c45ba171222703c"}, 0x41)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000040))
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r5, &(0x7f0000000300), 0x4)
creat(&(0x7f0000000240)='./file0\x00', 0x0) (async)
pipe2$9p(&(0x7f0000001900), 0x0) (async)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) (async)
dup(r1) (async)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0xfffffffffffffffd, 0x0, 0x90a}}, 0x30) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}}) (async)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) (async)
write$binfmt_script(r4, &(0x7f0000000640)={'#! ', './file0', [], 0xa, "e98cb89ec7e83ec7bcb26933bd27a7d60c757ee8b38455b192211ff54f3706000000000000007191d37771b3fd239c45ba171222703c"}, 0x41) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0) (async)
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000040)) (async)
chmod(&(0x7f0000000140)='./file0\x00', 0x0) (async)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) (async)
write$binfmt_misc(r5, &(0x7f0000000300), 0x4) (async)

1.519343682s ago: executing program 3 (id=2387):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x36, 0x2, 0x3, "686b10ff856bc2cb00000000004000000000000000000000000000e7ffffff00"})

1.519110801s ago: executing program 1 (id=2388):
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
read$char_usb(r0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc018aec0, 0x0)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe800000f0ffff0000000000000000aaff02000000000000000000000000000106"], 0xffe)

1.369599291s ago: executing program 1 (id=2389):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000040)) (async, rerun: 64)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) (async, rerun: 64)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000500)={'team0\x00', <r2=>0x0}) (async, rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0) (rerun: 64)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}]}]}]}}]}, 0xac}}, 0x0) (async, rerun: 64)
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) (async, rerun: 64)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

685.238234ms ago: executing program 7 (id=2390):
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (fail_nth: 7)

450.1256ms ago: executing program 3 (id=2391):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x24)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4048aecb, &(0x7f0000000080)) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)
mmap$KVM_VCPU(&(0x7f0000003000/0x2000)=nil, r4, 0x0, 0x4000032, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r4, 0x300000f, 0x12, r0, 0x0)

449.808248ms ago: executing program 5 (id=2392):
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x62, 0x5, 0x3a0, 0x0, 0x250, 0xffffffff, 0x188, 0xe0, 0x308, 0x308, 0xffffffff, 0x308, 0x308, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bond\x00', 'veth0\x00'}, 0x0, 0xa8, 0xe0, 0x0, {0x22e}, [@common=@unspec=@statistic={{0x38}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast1, @remote, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast1, @empty, @gre_key, @icmp_id}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'ipvlan0\x00'}, 0x0, 0x90, 0xc8, 0x0, {}, [@common=@socket0={{0x20}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x300, {0x0, @private, @multicast2, @gre_key}}}}, {{@ip={@remote, @dev, 0x0, 0x0, 'veth1_to_batadv\x00', 'pim6reg\x00'}, 0x0, 0x70, 0xb8}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@mcast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0)
close(r1) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="c300"})
getdents(r1, &(0x7f0000000400)=""/123, 0x7b)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{}]}) (async)
r3 = socket(0x200000100000011, 0x3, 0x0) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r5=>0x0})
bind$packet(r3, &(0x7f0000000040)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14) (async)
syz_open_pts(r1, 0x8102) (async)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)={0x2c, 0x0, 0x0, 0x0, 0x25dfdbfd, "", [@generic="d96e6c8d5e85080045f00d80724e11d569116e3a1ce41e2a56"]}, 0x2c}], 0x1}, 0x0)

449.409385ms ago: executing program 1 (id=2393):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
userfaultfd(0x800)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_debug_messages', 0x48a82, 0x0)
write$sysctl(r0, &(0x7f0000000100)='0\x00', 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x25}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mremap(&(0x7f0000062000/0x4000)=nil, 0x4000, 0x8000, 0x7, &(0x7f0000392000/0x8000)=nil)

289.85583ms ago: executing program 1 (id=2394):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000015c0), r2)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001600)={0x2c, r3, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x2c}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f00000001c0)=0x1, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r7, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000000)={'team0\x00', <r9=>0x0})
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'wg2\x00'}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x3c}}, 0x0)

289.578841ms ago: executing program 7 (id=2395):
syz_emit_vhci(&(0x7f0000000300)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0xa}, @l2cap_cid_le_signaling={{0x6}, @l2cap_cmd_rej_unk={{0x1, 0xe, 0x2}, {0x9}}}}, 0xf)
arch_prctl$ARCH_SHSTK_ENABLE(0x1011, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x2, 0x103)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x3)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000fff5000020000040"])
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='ext4\x00', 0x0, &(0x7f00000002c0)='grpquota')

193.537765ms ago: executing program 5 (id=2396):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f00000001c0)={0x14, 0x88, 0xfa00, {r1, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x5, 0x1080000001}}}, 0x90)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f00000001c0)={0x14, 0x88, 0xfa00, {r3, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x5, 0x1080000001}}}, 0x90)
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
userfaultfd(0x0)
preadv(r4, &(0x7f00000000c0)=[{&(0x7f00000010c0)=""/4097, 0x1001}], 0x1, 0x0, 0x0)
shmget$private(0x0, 0x2000, 0x200, &(0x7f0000003000/0x2000)=nil)

192.692522ms ago: executing program 1 (id=2397):
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
read$char_usb(r0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @broadcast})
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc018aec0, 0x0)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000f5ffffff0000000000000000aaff02000000000000000000000000000106"], 0xffe)

192.603655ms ago: executing program 3 (id=2398):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000180100000008000a40000000000900020073793832000000000900010073797a30000000000800054000000008740000000c0a0103f0000000000000000100000008000440000000000900010073797a30000000003800038034000080040001800400068014000780"], 0xe4}}, 0x0) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000000b80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/47, 0x2f}, 0x4}], 0x1, 0x0, 0x0) (async, rerun: 64)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) (rerun: 64)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) (async)
write$tun(r2, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000300)={0x48, 0x1, r4, 0x0, 0x3834, 0xfffffffffffffffc})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r4, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x8003})

190.357054ms ago: executing program 5 (id=2399):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000100)={0x36, 0x2, 0x3, "686b10ff856bc2cb00000000004000000000000000000000000000ffffffffff"})

477.864µs ago: executing program 7 (id=2400):
r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", "5161dc20", "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]})
r1 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02)
ioctl$CEC_TRANSMIT(r1, 0xc0386105, &(0x7f0000000d40)={0x0, 0x0, 0x4, 0x0, 0x0, 0x4063, "57c11ae721305900", 0x0, 0x0, 0x0, 0x0, 0x1, 0x4})
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000340)={"6d71f879", 0x5, 0x0, 0x0, 0x0, 0x0, "244a18d1c4e6469a005caf0c0ff58a", "ce4250d8", "bf513d1d", "136712b9", ["27e203a56a36ac4f0b8b8c4f", "5e10229555954b0f02cd1469", "cb0e83d3a15978155c384d00", "79f56ca74227234da829edb7"]})
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000100), 0x1, 0x48000)
ioctl$EVIOCGBITSW(r4, 0x80404525, &(0x7f0000000140)=""/4096)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$TUNSETVNETBE(r5, 0x400454de, &(0x7f0000000040)=0x1)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r7 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r7, 0xc040565e, &(0x7f0000000040)={0x2, 0x0, 0x0, {0x6, 0xc, 0x8, 0x5}})
write$tun(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd09032800030030"], 0xfdef)
listen(r3, 0x5)
accept(r3, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
ioctl$EVIOCGKEYCODE(r4, 0x80084504, &(0x7f0000001140)=""/146)
ioctl$VIDIOC_ENUMOUTPUT(r7, 0xc0485630, &(0x7f0000001200)={0x94, "bb6b9b4c2b0a48c726387d810bc3e4da6a1570b22ddce3ee59ed2e3c74f9b214", 0x1, 0xffffffff, 0x8, 0x1700, 0x8})
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

0s ago: executing program 5 (id=2401):
socket$netlink(0x10, 0x3, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0) (async)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) (async)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'geneve0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'geneve0\x00', <r3=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote, r3}, 0x14)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@getchain={0x34, 0x66, 0x1, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x1, 0xc}, {0xffe4, 0xffff}, {0x6, 0x6}}, [{0x8, 0xb, 0x9}, {0x8, 0xb, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0)
signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) (async)
r4 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
read(r4, &(0x7f00000002c0)=""/199, 0xc7)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x88, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x66, 0x1, 0x0, 0x1, [@generic="6b98484980faa7eeebc9b7c0d77af1f8c5fc88c9585fd7efb55724761d63a89cfee9a7b322f17a4781d904d5a33d955af22f1f13105206479cbcff6b4a91ac886071ec5480692e3d9595dfabb8d91d94697f8a994df4bedfa8d7ea01351409cd19da"]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x88}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) (async)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r5=>0x0)
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
ioctl$sock_SIOCBRDELBR(r6, 0x89a1, &(0x7f0000000140)='ip6erspan0\x00')
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) (async)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002980)=ANY=[@ANYBLOB="800000001000010400"/20, @ANYRES32=r9, @ANYBLOB="000000000000000060001280080001007674690054000280080006000d00000022000100e699a854573997a44dba3ce64b87d70aea6fe92e588be697", @ANYRES32=r9, @ANYRESOCT, @ANYBLOB="d262d793349dd0892d60f0ec89d7242bd669417d9931abd9b9d90f9d6b", @ANYBLOB="1fabf12d17a196142e58bcebcd8091a053fe64651fb522249a23484345b33839314733fe8393a0f8087236c1e6cd08b63dd9986b349a2fe8408847e0f1c2686c9712fa289b6953beb3886259f45a537a1d55541269524d20effdd21789b61f225cd1604029f6d776fccfd1eedf73f14925c37ac641f980e1ae4150f82671cd44cecb056c707dedeb125a22c99a32aa1a8cbd7d7ffefb8db9d32fc334ee7916cbd95ef38580779cd9b1d08588e38a436fbc4745737d658476f1671ed2280940ba3e75c7f8d4c7153e997ea20c82fd7f97655707e4db8b74a16f5d67900212f38d654e8589fadf42fbfd0465844714f08b1822155ba03cb68ce2de546045a2babaccc2f8b8747f08cdf221090aaaa0d9002e32cb19da31e61f60cda275f45a4901aa5f4b80173a005f2e40915662a654cac637813fa0d7721175267b423bce25c65d2c5ce7bbf8079c9165553d1982030d36f04971866c519c7606aa522bb45d680560a6d038e6546ec5a0fdc3e56e43db028745d28ecb31f219dee9f18f8369a11cd4a0f3030ce57119f0fd5512dbfb5a43da311a25010c4eeadeb66963a1420b9e87c49e352c114939ed9c0cb676dd3a8d42acba1c7af0933d6fe02d87b7eab228c00b29c0d4fd8dcd366c04a7accbd2196cd07e2ffd1a921b7ce675fb4c1a80a29604b2394c91c2ade25bf64168557dc640e2f77af042379912a85cd9c75e5529e97e04564feedde59d614aa1ff5a7552efedd8e4d3bb06cc97a90e871f3e9becd9bc30871b25d11e5ef2cb44576fe050031ded52b50ea20335afa85164637f7631fa2fc30210721059daf2f724e97b646afe9a82a83ee512187b2a51dc2f22b8271e60131d8080f533f277d2bd55b06769c6c6855b0aee920de343761da774223585c9652ec4396550a0d0bf9739a67ab440d58d32f525f960d0ef177b47936c3e02cd8479c0c0d64d38abc3b61c6060f2992ef0824d01470b0525c3d5993a0ced82d6b0f4f1ed630e5dbfa078000f75a2864d2341b5abcf1d2f937674f0999e1ed840fc1de82dec3d4581a7a567a73e1f1603aec60565f270164a6f58342fdbb9c6636e17c9f3081f9a8ce71c371a9d6f5cfb6adbc6df4504708954e1b999ea1ae8c2a0f91254856ea42b0b07b7a3f2f4be97bcfbbd942e85eff4de38e4d42ed68c17cc94b00ca769baf7bc42ef7ba28c8c9b6b798ff35065b91f95b1deb63d5d23721a8b7531061c2226cb2bdd5e548441f892f93de14d98a8e7d11cbfff10b2eadd0086bb392e236445eacbe86eaca37426a0d8403960e192db9ee55d97d2d69cfccd94cf878a4e9eea711a887e83b5b08939d61636c7819f645f201f21c007c2d21445f113a144cfea9406b19bc151c011a2e2e70acb4c00ed420a191de416968a5a08b2cf9bcd72426e71cf3474cf39fe42096bd30ba3a6a923eab0052f02bd4c30bf103f528e7dcdc04d92c1718874e2dd5fab0762e84c2143d1cf60daa8981ccf68699316b20917361fb4d205bb9918c0bb8c2dd16be49f782688593af7a6f7e44ebe6b778a7b305d34b6ab1510cd07080fcb491e4fc693bf1b9819652091e3eb59567590b1b05a1fef2631a62b360746d59242c9af2aaa4509c7c93710b5c814b8cb5b403f64ed3e40fc0f022da03c930f29bf6edecbb6a94d4a5e9fa6d33828b14b51923ad489ff8860c202d1711ea50c7ae19f0679f0c6a13d40a6a116c3a7ba560c69b9f87122b4d1868b87cd482e1f338320848846073b7bd3d1461b2640661c4c5b6b1dc0857cb093d125eb23bd4f2dab306cbc8abdb6043b73769dbd7702c94221444e69603f4a11f7c931aece7dc1574b57b440a359879eaff45f25d7cf4c0e16c0a7ed9a44e1450361f6bb5e851338b146457f8c27b952f1ddfc9535a9e8786a17ed8b45dfcec77950fb54bdeab4b0db8ed4ea8991639265db743c1fd102d468b9dbadb0f6363588c21cfcbeb1399c79003b043cd889114b8eeed700582a17b06ddb36b1fdadb9bef5a871c4d14df9e02f34422523152ae68f456cd0431bd02829d688f999c9edeb2c413eb1b7a59cb74c5a693bde3e9e1f25438ba91b3d80fdc12c441ba4ff92c4e79aa8bce49ba4a412a0c98de1b4e1387565cecee95862a785c97211f0a92777466cbcfe80a07c2eed47bba5e213836a6e21b8b88cd7b8f9cf562ea5453488f12300d7948d3990c3c1a8ae8a7f610b18ba9b45f3bf90629c1a42484754f548f06f050207beda175b16aee9f7b361c65c99ec50c41054ae052388b4f15b5c2d222adc3e9ea07df41c10c11076f6e4fdca379c2b14cd29073e595b95371c53d41ad9be519bcad965bcb5db1f7f805711de21dfeb6428444f4e82187223f0ab8ecde5a6af928c85fc82950c535c3a57e7b164ec8cc0823cc4845c609276dccf2b3bb4974d7b9c8d3a1feebc95a491b22e0d7d102c98082c364d67a67959620fe4c9562c8a613b5d0630286b724ee26e36a37ab0ae608840dce408ffde0a8af1b60fd8b2f8ddf8a8c741733c73bf5c4e49cd4a7e956d4ad133b60277474306a51554db8cc7c5326e76be73bf1dcfe286db2a07e7a791ea9aa349bb32cb635b05ed92e603ca652743b1e724614a84c228c68f0c954568230a358378d63365a84733eb47bca9a0f1bc851ac1ae466af696cfa4bfe8534168e39f386b7a2150c107dbc6fbe56ba8d625755ef39afeefbebb02c87afe9521e7d9ef2664a2756460c65a72d4dd3d707860f5959302a49add429d6cc97adb587a05ef136f2151322a01d138acb9aa77743318535946e923da6e3406aff0b61f7e70f6f4fb9b6d8cdac73bf12979cfded2a4a636896ce252e2735b72b82d2de28c520e730b5e1d70fb9c2c2c4beb7580ad81210b184a250220b4d7465445823cf9c8d1f017fc350c88493a750f89304d12e6887f116bb32581a4c53b986736e202b36c38ebb7dbc1ce744bc2c5afa48c2d8f3eb5ea85c0ac173d3e63f7b4d2b4bd8aeb37b196723a2eea9f0dfcc894c508a03922cb347c16792bb1a10d00753677aab55471f0538b9f7e87f3a5967ce17af9a660e11904a1b1cc20966240d92b3939c18fa13ce153e407ab72ce7c0553fbff3406d44e9a29c52622f35f24a14dc52666191e48f3fff60b64c84808197cd66e2200d48097471727cb08d4d8ce78a17b7172afee7e0577ae880dc4018c80f8e42dabcf1b1aede3eba55cd015def72222f2294efc8fd2fe7040401867bfba6788d5a3805fba57c7e24e9019d8acf8bd72067d6baac101d14bef8cdda2c11ec933e8c0adada0c7bfb757b7853c22397a4834f0258ac51535666e1b6722c9723f09e495a45e06bd2f0517c57273102ccc097346b5c98f4b9dce4d1715f092ca5d84cb5e732456ce8977b8ea8b9136df973b563b9a127782bb8f808d2ed4c5a8a4ed6929138ebf35127ba98fda4c28677b1d436292ac7d60a79f5f07992ca6006fea20e6f1ebc0a47bab96b80813e4295e3082addd07b44270f91269b008c493094a4127c764b2e995c5af23b09c49825f75a78d7af6d0594ff2eec6ed4081a49e16da650caedd3dc07a77030c5a227359e80b914e457f7bb43e5e793a0d86565718b8862bf3966d159bdd0abbf4bf3ac0579c45c4d192e559981afb49c450202bd6c65fc455ce9b6f06519f7d93c1408fbf27e45c1a3a7b8efaa98130541af5dd207fbe5c08dda78990d82648950555c54d7cf0f3c1ce015a5b3263b1e8f4beaeed158c91dacbafff7514a15c972c8b922e75e35ba931df18c3edc774bcde48c520ba68a74d38f92680ca19f565b6c85c112554e1ee4f8eaa5d3d6e3e7fd956f6b9d32de75358959ee50257bb6be0638a5a21d27d6326ee8e1bb892809cd9edc997534de1591e2d6e229b1f6a253f3b3dbf9fb3171af052671db954ba2d7dc47b06d589a77f9781256f895007c76bbadd60a67ba1ee01c2446cec467f12ad1d728eeee0dfe86e45a2d631be9edb5b4b7dbd31d6ce1ef28c7879632612d57096a9e25870c55c19a90d24a0efd3183df19c9c48754e425a464af81416a00914ba25bc6bf7ff76081e67335779960f4c3d17d04acebaecdadb18cad1f18d084f6ddd9af1fd4fae1995e4a9ec4c3c5de0b130b46b813753dc9dfaef01f2441eb6f5bf7bee2290fb70f097707a730497f55891f910e0f36c636d60949c323cbed7f5d140a6c9b2e7ac7f94c223b0e24faba560690088f6769ef663ebfc17474e363de856b895f6d332af6646064423b67b702920d2ed6059dbd9bdefafcaf330cee429a6e9b341d75003cd11ac93a1e395f9e1be68683624e03f218576237cadc7daa5fd46976762927d6ddb24f459643b0c4ef53bcbe8932bde3eb440e1c7626f6596bfe5f83b81088852289d14c25c57d00b5070d26796b5689cfbeb8e2f55bcdb07760255242c7f1ac0c2fb2071c37c6ea2304db93c7ef2bc5cc6ac91871c65a355cf5775c15059ef76f6d48ce54d4210c47ae0b6cfe294722efea436108c7e0b88f6142fd605ef4ca34c8e7e85055e46b5e75f4a3ccb77feeb40f1abc81f8cd37911b76de8d013ecfe38bae5c741139c434e309a8b80e807dac725d498d60d599375f59163c2269e6b788d59af74d9c86c5d39143e28b24b72530e7b0002ff4191e488793b9853025a8709a52fa9f82af54ffbcaa29166fa610b7feb127a398bb3b5ec4fbc8eb97e2423dc328f5d115235c7cfc3fa8d502198266da591325105a3a1421d2506c19a01dad3aa07069eac253672fd132cd470a50b7d58414020d3d6e1da1752ff18dbd8254bf2559b0f993badf2a34325eec487ac087b321fe1effc90102ca2abc394928d844b6de368e26186a62694b4ddd269d91ce76256e3ebf21ceaa613e88ba196cfee784e4e7d1aa8d06c6271304c3a45b7632f8899bf830220de5ec145e9de3142ba88ba145ca4a3c4e07259c3ab2cb6cf2a47ed17aef137354b8048a416cdb0c613623278883e0efef72de53f5f218e6d6ad177666998445b7fca0fae1849bbedc61212f55b913ba2c47ce69e05b396f7b94663069fc96b9c18aeb14e10fabc84bb613abe209af5b33de2c65b851d6a213a2480c59bf9a8ee5cc6962d3db6689f6a915b0da37b26768fa27700df7e8ab0a4c6dbd6eac7530fe9b4d4632fa281529f1e3bd63902923e49103b323e39604f49c8a01d76b49782445a05d6a25c9faba162df6e2b2fe4385cf8c0ce8a0149d36f4baedc49ffa2467fe2a79d3c2ffa06eede43b926ef3c62ef523cc851279d815e1ecd0a298591aa25908ef14b0cfc41d8d4f2040862b450da1bdcb40145a4ded441a520b7b174fb39a2c3b3b321228b5c0f953027736c17eb1a62dd1745cb55fc24eeb1831035222dcd33d48b026e1cecf0d7d6ac1f7fa3a5bc9586ac0389ad998e329fc8d5a3f30fac4cf98a03ec51dc818777a2e3179b36a42e9a56ebc1e25954384817b30feb45a0a5ecf9f096f87be9985a8e0757e2029bee4978b00a761a6b945b4e355faff0ca3bca033a059356d370d300e0174fd98b453a5d90ae003db2997562ecb77e8d069ff5b1625c3d82d825b170ac7c66463fe856f73b820d5032953174cfd0265681ff81688bdc1c7e77514c896f361443920e7c0de13a775f301e648dfcd0167a425154a42a4de874b4badda36532834d69b67db6d2b905bc0af3d3f304f2c57d7cc69f4894d3282941250e0318381b21ce56a0851cfb3e72be66781c199056bdfe03ee7ead15bacd4a726bcb2be1a1859ffe7f0ed0bad14c748a975aae3f5e0167027f65de464335", @ANYRES32=0x0, @ANYRESDEC=r5], 0x80}, 0x1, 0x0, 0x0, 0x40}, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f00000008c0)=""/4096)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r11, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', <r13=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r11, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000002c0)={0x48, r12, 0x1, 0x70bd29, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r13}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x2c, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}]}]}, 0x48}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="14000000100001000000000200000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000094000000060a010400000000000000000100000008000b40000000006c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000340001800c00010062697477697365002408000340000000020800014000000014080002400000001208000640000000040900010073797a3000000000140000001100010000000000000000000700000a"], 0x108}}, 0x0)

kernel console output (not intermixed with test programs):

ss=appletalk_socket permissive=1
[  154.285104][T11058] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.375234][T11063] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.380444][T11064] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.815457][T11030] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  154.818378][T11030] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  154.830293][T11030] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  154.834649][T11030] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  154.840967][T11030] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  154.842569][T11030] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  154.849810][T11030] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  154.853391][T11030] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  154.855410][T11030] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  154.858409][T11030] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  154.898367][T11066] netlink: 448 bytes leftover after parsing attributes in process `syz.3.1722'.
[  154.944943][T11074] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.955387][T11077] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  154.956415][T11078] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  154.958115][T11076] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  155.016939][T11081] fuse: Unknown parameter 'ƒ'
[  155.020400][T11081] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1727'.
[  155.089442][T11087] xt_hashlimit: size too large, truncated to 1048576
[  155.092498][T11083] geneve2: entered promiscuous mode
[  155.094330][T11083] geneve2: entered allmulticast mode
[  155.096693][T11087] syz.6.1729: vmalloc error: size 8392704, failed to allocated page array size 16392, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  155.105127][T11087] CPU: 2 UID: 0 PID: 11087 Comm: syz.6.1729 Not tainted 6.13.0-rc2-syzkaller #0
[  155.107467][T11091] syzkaller1: entered promiscuous mode
[  155.107868][T11087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.109300][T11091] syzkaller1: entered allmulticast mode
[  155.112336][T11087] Call Trace:
[  155.112344][T11087]  <TASK>
[  155.112349][T11087]  dump_stack_lvl+0x16c/0x1f0
[  155.112389][T11087]  warn_alloc+0x24d/0x3a0
[  155.112407][T11087]  ? __pfx_warn_alloc+0x10/0x10
[  155.112423][T11087]  ? __get_vm_area_node+0x1b0/0x2f0
[  155.112433][T11087]  ? __get_vm_area_node+0x1dc/0x2f0
[  155.112446][T11087]  __vmalloc_node_range_noprof+0x1105/0x1530
[  155.112458][T11087]  ? __pfx___lock_acquire+0x10/0x10
[  155.112473][T11087]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  155.112491][T11087]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  155.112503][T11087]  ? __pfx_lock_release+0x10/0x10
[  155.112514][T11087]  ? trace_lock_acquire+0x14e/0x1f0
[  155.112531][T11087]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  155.112545][T11087]  vmalloc_noprof+0x6b/0x90
[  155.112557][T11087]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  155.112570][T11087]  hashlimit_mt_check_common+0x8b0/0x1450
[  155.112587][T11087]  hashlimit_mt_check+0x71/0x90
[  155.112600][T11087]  ? __pfx_hashlimit_mt_check+0x10/0x10
[  155.112614][T11087]  xt_check_match+0x284/0xa50
[  155.112627][T11087]  ? schedule+0x42/0x350
[  155.112638][T11087]  ? __pfx_xt_check_match+0x10/0x10
[  155.112653][T11087]  ? xt_find_target+0x1ee/0x290
[  155.112666][T11087]  ? xt_find_match+0x1f2/0x290
[  155.121860][T11094] netlink: 14548 bytes leftover after parsing attributes in process `syz.3.1731'.
[  155.123078][T11087]  find_check_entry.constprop.0+0x34d/0xa20
[  155.123100][T11087]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  155.123118][T11087]  ? kvfree+0x47/0x50
[  155.123132][T11087]  translate_table+0xd06/0x17b0
[  155.123152][T11087]  ? __pfx_translate_table+0x10/0x10
[  155.123163][T11087]  ? __might_fault+0xe3/0x190
[  155.123180][T11087]  do_ip6t_set_ctl+0x605/0xc40
[  155.161087][T11087]  ? __mutex_lock+0x1cc/0xa60
[  155.162324][T11087]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  155.163698][T11087]  ? __mutex_unlock_slowpath+0x164/0x690
[  155.165170][T11087]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  155.166787][T11087]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  155.168406][T11087]  nf_setsockopt+0x8a/0xf0
[  155.169578][T11087]  ipv6_setsockopt+0x135/0x170
[  155.170831][T11087]  rawv6_setsockopt+0xd7/0x680
[  155.172087][T11087]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  155.173497][T11087]  ? selinux_socket_setsockopt+0x6a/0x80
[  155.174975][T11087]  ? sock_common_setsockopt+0x2e/0xf0
[  155.176627][T11087]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  155.178263][T11087]  do_sock_setsockopt+0x222/0x480
[  155.179662][T11087]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  155.181195][T11087]  ? lock_acquire+0x2f/0xb0
[  155.182470][T11087]  __sys_setsockopt+0x1a0/0x230
[  155.183791][T11087]  __x64_sys_setsockopt+0xbd/0x160
[  155.185162][T11087]  ? do_syscall_64+0x91/0x250
[  155.186592][T11087]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.188083][T11087]  do_syscall_64+0xcd/0x250
[  155.189358][T11087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.191034][T11087] RIP: 0033:0x7fd21337fed9
[  155.192330][T11087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.197737][T11087] RSP: 002b:00007fd214132058 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  155.199958][T11087] RAX: ffffffffffffffda RBX: 00007fd213545fa0 RCX: 00007fd21337fed9
[  155.202053][T11087] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  155.204219][T11087] RBP: 00007fd2133f3cc8 R08: 0000000000000588 R09: 0000000000000000
[  155.206362][T11087] R10: 00000000200014c0 R11: 0000000000000246 R12: 0000000000000000
[  155.208446][T11087] R13: 0000000000000000 R14: 00007fd213545fa0 R15: 00007ffff4f729c8
[  155.210530][T11087]  </TASK>
[  155.215979][T11087] Mem-Info:
[  155.217105][T11087] active_anon:6713 inactive_anon:0 isolated_anon:0
[  155.217105][T11087]  active_file:13702 inactive_file:1279 isolated_file:0
[  155.217105][T11087]  unevictable:1767 dirty:64 writeback:0
[  155.217105][T11087]  slab_reclaimable:8897 slab_unreclaimable:76054
[  155.217105][T11087]  mapped:25050 shmem:2443 pagetables:896
[  155.217105][T11087]  sec_pagetables:310 bounce:0
[  155.217105][T11087]  kernel_misc_reclaimable:0
[  155.217105][T11087]  free:498590 free_pcp:9086 free_cma:0
[  155.231330][T11087] Node 0 active_anon:26848kB inactive_anon:0kB active_file:58024kB inactive_file:5084kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100172kB dirty:248kB writeback:0kB shmem:6236kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12592kB pagetables:3584kB sec_pagetables:1240kB all_unreclaimable? no
[  155.239217][T11087] Node 1 active_anon:4kB inactive_anon:0kB active_file:8kB inactive_file:32kB unevictable:3532kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  155.246892][T11087] Node 0 DMA free:15020kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:104kB local_pcp:0kB free_cma:0kB
[  155.254531][T11087] lowmem_reserve[]: 0 1212 0 0 0
[  155.256403][T11087] Node 0 DMA32 free:396796kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:26848kB inactive_anon:0kB active_file:63852kB inactive_file:5084kB unevictable:3536kB writepending:248kB present:2080628kB managed:1269912kB mlocked:0kB bounce:0kB free_pcp:17260kB local_pcp:5196kB free_cma:0kB
[  155.266908][T11087] lowmem_reserve[]: 0 0 0 0 0
[  155.268698][T11087] Node 1 Normal free:1572996kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:8kB inactive_file:32kB unevictable:3532kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:19648kB local_pcp:2720kB free_cma:0kB
[  155.279799][T11087] lowmem_reserve[]: 0 0 0 0 0
[  155.281267][T11087] Node 0 DMA: 5*4kB (U) 5*8kB (UM) 11*16kB (UM) 6*32kB (UM) 8*64kB (UM) 2*128kB (U) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 1*2048kB (M) 2*4096kB (M) = 15020kB
[  155.285601][T11087] Node 0 DMA32: 5*4kB (ME) 152*8kB (UME) 956*16kB (UME) 824*32kB (ME) 453*64kB (UME) 43*128kB (UME) 53*256kB (UME) 55*512kB (UME) 51*1024kB (UME) 34*2048kB (M) 38*4096kB (M) = 396628kB
[  155.290392][T11087] Node 1 Normal: 8*4kB (UM) 17*8kB (ME) 8*16kB (UME) 101*32kB (UME) 78*64kB (UE) 30*128kB (UME) 14*256kB (UME) 9*512kB (UME) 4*1024kB (UE) 2*2048kB (M) 377*4096kB (M) = 1572936kB
[  155.295176][T11087] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  155.297654][T11087] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  155.300064][T11087] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  155.302606][T11087] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  155.306124][T11087] 16897 total pagecache pages
[  155.307358][T11087] 0 pages in swap cache
[  155.308462][T11087] Free swap  = 124548kB
[  155.309710][T11087] Total swap = 124996kB
[  155.310804][T11087] 1048443 pages RAM
[  155.311796][T11087] 0 pages HighMem/MovableOnly
[  155.313020][T11087] 281644 pages reserved
[  155.314172][T11087] 0 pages cma reserved
[  155.341563][T11104] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1734'.
[  155.352266][T11104] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1734'.
[  155.358580][T11108] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1736'.
[  155.361595][   T39] audit: type=1400 audit(149.387:898): avc:  denied  { shutdown } for  pid=11103 comm="syz.5.1734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  155.370441][T11104] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1734'.
[  155.444588][T11104] bond0: (slave bond_slave_0): Releasing backup interface
[  155.519653][T11117] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  155.522692][T11117] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  155.525671][T11117] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  155.528823][T11117] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  155.532093][T11117] vxlan0: entered promiscuous mode
[  155.533408][T11117] vxlan0: entered allmulticast mode
[  155.536262][T11117] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  155.539116][T11117] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  155.542054][T11117] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  155.544848][T11117] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  155.613072][T11123] bridge: RTM_NEWNEIGH with invalid ether address
[  155.620756][T11123] loop7: detected capacity change from 0 to 16384
[  155.627739][T11123] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  155.675308][T11129] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  155.681196][T11131] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  155.686416][   T39] audit: type=1400 audit(149.686:899): avc:  denied  { map } for  pid=11124 comm="syz.6.1741" path="socket:[40758]" dev="sockfs" ino=40758 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  155.802659][T11142] syzkaller1: entered promiscuous mode
[  155.804188][T11142] syzkaller1: entered allmulticast mode
[  156.054575][T11150] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  156.086888][T11154] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  156.089197][T11154] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  156.091584][T11154] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  156.094696][T11154] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  156.099683][T11154] vxlan0: entered promiscuous mode
[  156.101044][T11154] vxlan0: entered allmulticast mode
[  156.104551][T11154] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  156.107334][T11154] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  156.109582][T11154] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  156.111671][T11154] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  156.213395][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  156.433760][T11181] syzkaller1: entered promiscuous mode
[  156.435385][T11181] syzkaller1: entered allmulticast mode
[  156.442435][T11178] netlink: 'syz.6.1755': attribute type 4 has an invalid length.
[  156.579785][T11189] netlink: 448 bytes leftover after parsing attributes in process `syz.6.1760'.
[  156.623801][T11195] netlink: 'syz.6.1762': attribute type 1 has an invalid length.
[  156.919031][   T57] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  156.919063][ T5976] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  156.985282][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  157.068681][ T5946] Bluetooth: hci3: command 0x0419 tx timeout
[  157.079249][   T57] usb 8-1: Using ep0 maxpacket: 8
[  157.079274][ T5976] usb 11-1: Using ep0 maxpacket: 8
[  157.081814][   T57] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  157.083662][ T5976] usb 11-1: config 0 has an invalid interface number: 52 but max is 0
[  157.084487][   T57] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  157.087229][ T5976] usb 11-1: config 0 has an invalid descriptor of length 204, skipping remainder of the config
[  157.087248][ T5976] usb 11-1: config 0 has no interface number 0
[  157.090044][   T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  157.093466][ T5976] usb 11-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 64, changing to 10
[  157.095019][   T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.098137][ T5976] usb 11-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 16448, setting to 1024
[  157.098163][ T5976] usb 11-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  157.101240][   T57] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.104646][ T5976] usb 11-1: config 0 interface 52 has no altsetting 0
[  157.107469][   T57] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  157.113263][ T5976] usb 11-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  157.115310][   T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.117634][ T5976] usb 11-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  157.117654][ T5976] usb 11-1: Product: syz
[  157.117667][ T5976] usb 11-1: SerialNumber: syz
[  157.134816][ T5976] usb 11-1: config 0 descriptor??
[  157.339934][   T57] usb 8-1: GET_CAPABILITIES returned 0
[  157.341451][   T57] usbtmc 8-1:16.0: can't read capabilities
[  157.352990][ T5976] input: syz (Stick) as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.52/input/input18
[  157.561995][   T57] usb 8-1: USB disconnect, device number 26
[  157.642073][ T5933] usb 11-1: USB disconnect, device number 2
[  157.666461][T11205] syzkaller1: entered promiscuous mode
[  157.670552][T11205] syzkaller1: entered allmulticast mode
[  158.255540][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  158.258683][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  158.374804][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  158.437017][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  158.543226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  158.613960][T11230] syzkaller1: entered promiscuous mode
[  158.616038][T11230] syzkaller1: entered allmulticast mode
[  158.660143][T11232] IPVS: stopping master sync thread 10864 ...
[  158.666823][T11232] dvmrp8: entered allmulticast mode
[  158.670838][T11231] dvmrp8: left allmulticast mode
[  158.826244][T11247] hsr0: entered promiscuous mode
[  158.831868][T11247] ./bus: Can't lookup blockdev
[  158.920053][T11260] syzkaller1: entered promiscuous mode
[  158.922231][T11260] syzkaller1: entered allmulticast mode
[  158.943982][T11262] tmpfs: Unknown parameter 'usrquotahash:ip'
[  159.015603][   T39] kauditd_printk_skb: 1 callbacks suppressed
[  159.015614][   T39] audit: type=1326 audit(152.810:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11281 comm="syz.3.1792" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f347f37fed9 code=0x0
[  159.029926][T11280] kvm: kvm [11279]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x100000000000000
[  159.055669][T11285] binder: 11284:11285 ioctl c0306201 200001c0 returned -22
[  159.078406][   T39] audit: type=1326 audit(152.857:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11281 comm="syz.3.1792" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f347f37fed9 code=0x0
[  159.119798][   T39] audit: type=1400 audit(152.895:903): avc:  denied  { ioctl } for  pid=11284 comm="syz.6.1793" path="socket:[43421]" dev="sockfs" ino=43421 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  159.185913][   T39] audit: type=1400 audit(152.970:904): avc:  denied  { create } for  pid=11290 comm="syz.1.1795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  159.188139][T11291] __nla_validate_parse: 6 callbacks suppressed
[  159.188152][T11291] netlink: 448 bytes leftover after parsing attributes in process `syz.1.1795'.
[  159.191017][   T39] audit: type=1400 audit(152.970:905): avc:  denied  { write } for  pid=11290 comm="syz.1.1795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  159.191058][   T39] audit: type=1400 audit(152.970:906): avc:  denied  { nlmsg_write } for  pid=11290 comm="syz.1.1795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  159.196852][   T39] audit: type=1400 audit(152.970:907): avc:  denied  { write } for  pid=11288 comm="syz.5.1794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  159.217947][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  159.292275][ T5946] Bluetooth: hci3: command 0x0419 tx timeout
[  159.383287][T11303] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  159.388606][   T39] audit: type=1400 audit(153.147:908): avc:  denied  { mount } for  pid=11302 comm="syz.5.1799" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  159.451740][T11306] EXT4-fs error: 9 callbacks suppressed
[  159.451757][T11306] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  159.461737][T11307] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  159.472891][   T39] audit: type=1400 audit(153.231:909): avc:  denied  { bind } for  pid=11300 comm="syz.1.1798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  159.646695][T11313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1802'.
[  159.649918][T11313] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1802'.
[  159.740065][T11315] syzkaller1: entered promiscuous mode
[  159.741824][T11315] syzkaller1: entered allmulticast mode
[  159.851689][T11320] netlink: 448 bytes leftover after parsing attributes in process `syz.5.1804'.
[  159.880040][   T39] audit: type=1400 audit(153.606:910): avc:  denied  { execmem } for  pid=11321 comm="syz.5.1805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  159.927838][T11331] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:4: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.001586][T11339] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.012658][T11340] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.045792][T11344] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.113299][T11348] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.126643][T11349] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.133642][T11350] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.139899][T11352] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  160.143731][T11353] netlink: 448 bytes leftover after parsing attributes in process `syz.5.1813'.
[  160.286674][T11371] syzkaller1: entered promiscuous mode
[  160.288297][T11371] syzkaller1: entered allmulticast mode
[  160.441626][T11385] netlink: 448 bytes leftover after parsing attributes in process `syz.5.1823'.
[  160.537286][T11386] ieee802154 phy0 wpan0: encryption failed: -22
[  160.571090][T11395] xt_hashlimit: max too large, truncated to 1048576
[  160.660717][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  160.757251][T11410] netlink: 'syz.3.1831': attribute type 29 has an invalid length.
[  160.759833][T11411] syzkaller1: entered promiscuous mode
[  160.761872][T11411] syzkaller1: entered allmulticast mode
[  160.765106][T11410] netlink: 'syz.3.1831': attribute type 29 has an invalid length.
[  160.774518][T11410] netlink: 516 bytes leftover after parsing attributes in process `syz.3.1831'.
[  160.809080][T11413] netlink: 448 bytes leftover after parsing attributes in process `syz.3.1833'.
[  161.435474][ T5946] Bluetooth: hci1: unexpected event for opcode 0x2011
[  161.515980][ T5946] Bluetooth: hci3: command 0x0419 tx timeout
[  161.630829][T11477] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40
[  161.855338][T11491] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1857'.
[  161.857836][T11491] netlink: 'syz.1.1857': attribute type 7 has an invalid length.
[  161.860233][T11491] netlink: 'syz.1.1857': attribute type 8 has an invalid length.
[  161.862427][T11491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1857'.
[  162.380975][T11515] kvm: kvm [11514]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  162.385427][T11515] kvm: kvm [11514]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  162.408050][T11523] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  162.652828][T11543] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  162.685763][T11547] kernel profiling enabled (shift: 63)
[  162.687135][T11547] profiling shift: 63 too large
[  162.884341][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout
[  162.960408][T11590] syzkaller1: entered promiscuous mode
[  162.962341][T11590] syzkaller1: entered allmulticast mode
[  163.219643][T11615] mac80211_hwsim hwsim3 ÿÿÿÿÿÿ: renamed from wlan1 (while UP)
[  163.750261][ T5946] Bluetooth: hci3: command 0x0419 tx timeout
[  163.948651][T11630] binder: 11629:11630 ioctl c00c6211 0 returned -14
[  163.994986][T11632] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  164.177557][T11648] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  164.179871][T11654] macvlan0: entered allmulticast mode
[  164.181420][T11654] veth1_vlan: entered allmulticast mode
[  164.326622][T11659] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  164.330457][T11659] overlayfs: missing 'lowerdir'
[  164.436257][   T39] kauditd_printk_skb: 15 callbacks suppressed
[  164.436273][   T39] audit: type=1400 audit(158.879:926): avc:  denied  { audit_write } for  pid=11660 comm="syz.1.1909" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  164.440811][T11661] fuse: Unknown parameter '00000000000000000004ÝÕþ³{²’~‚‡wùÒƒë‡'ª	»Nì#á„]2Ù”¸]×\’Æ“ê‹èFA­î£™IZ<6»”ì:Rµã�ˆ'
[  164.443429][   T39] audit: type=1400 audit(158.879:927): avc:  denied  { watch } for  pid=11660 comm="syz.1.1909" path="/478/net_prio.prioidx" dev="tmpfs" ino=2641 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  164.454330][ T5946] Bluetooth: hci2: unexpected event for opcode 0x204e
[  164.456472][   T39] audit: type=1400 audit(158.879:928): avc:  denied  { watch_sb } for  pid=11660 comm="syz.1.1909" path="/478/net_prio.prioidx" dev="tmpfs" ino=2641 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  164.514218][   T39] audit: type=1400 audit(158.945:929): avc:  denied  { sendto } for  pid=24 comm="ksoftirqd/2" saddr=fe80::1b daddr=ff02::2 netif=wpan1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  164.537136][T11663] team0: Port device vlan2 added
[  165.130792][T11673] __nla_validate_parse: 14 callbacks suppressed
[  165.130805][T11673] netlink: 448 bytes leftover after parsing attributes in process `syz.5.1914'.
[  165.207270][T11678] netlink: 'syz.3.1917': attribute type 30 has an invalid length.
[  165.210059][T11678] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  165.212475][T11678] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  165.223431][T11678] bond2: entered promiscuous mode
[  165.225160][T11678] bond2: entered allmulticast mode
[  165.227730][T11678] 8021q: adding VLAN 0 to HW filter on device bond2
[  165.333687][T11682] nbd: couldn't find a device at index 127
[  165.387804][T11684] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1919'.
[  165.404142][   T39] audit: type=1400 audit(159.777:930): avc:  denied  { bind } for  pid=11683 comm="syz.3.1919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  165.509515][T11687] hpfs: hpfs_map_sector(): read error
[  165.545478][T11694] EXT4-fs error: 30 callbacks suppressed
[  165.545518][T11694] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  165.546386][T11696] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:4: corrupted in-inode xattr: bad magic number in in-inode xattr
[  165.576648][T11700] netlink: 448 bytes leftover after parsing attributes in process `syz.1.1924'.
[  165.672606][T11708] Invalid source name
[  165.673813][T11708] UBIFS error (pid: 11708): cannot open "/dev/nullb0", error -22
[  165.984910][T11727] netlink: 448 bytes leftover after parsing attributes in process `syz.1.1933'.
[  166.026105][T11729] xt_hashlimit: size too large, truncated to 1048576
[  166.059771][T11730] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  166.160664][T11733] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  166.162423][T11733] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  166.164752][T11733] vhci_hcd vhci_hcd.0: Device attached
[  166.176619][T11735] vhci_hcd: cannot find a urb of seqnum 9 max seqnum 0
[  166.180252][   T11] vhci_hcd: stop threads
[  166.181438][   T11] vhci_hcd: release socket
[  166.182623][   T11] vhci_hcd: disconnect device
[  167.598996][   T66] Bluetooth: hci3: command 0x0419 tx timeout
[  167.807633][T11742] syzkaller1: entered promiscuous mode
[  167.809378][T11742] syzkaller1: entered allmulticast mode
[  167.812397][T11750] team0: entered allmulticast mode
[  167.814453][T11750] team_slave_0: entered allmulticast mode
[  167.816337][T11750] team_slave_1: entered allmulticast mode
[  167.836350][T11752] netlink: 448 bytes leftover after parsing attributes in process `syz.3.1942'.
[  168.019008][T11778] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  168.023961][T11779] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  168.063561][T11784] IPVS: length: 184 != 24
[  168.074348][T11786] netlink: 448 bytes leftover after parsing attributes in process `syz.6.1954'.
[  168.082878][T11789] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  168.098219][T11791] netlink: 'syz.3.1956': attribute type 1 has an invalid length.
[  168.102552][T11791] NCSI netlink: No device for ifindex 0
[  168.145099][   T39] audit: type=1400 audit(162.350:931): avc:  denied  { watch } for  pid=11795 comm="syz.3.1959" path="/477/file0/file0" dev="9p" ino=37749142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  168.189147][T11804] netlink: 'syz.5.1962': attribute type 1 has an invalid length.
[  168.191493][T11804] netlink: 'syz.5.1962': attribute type 2 has an invalid length.
[  168.193524][T11804] netlink: 'syz.5.1962': attribute type 2 has an invalid length.
[  168.195518][T11804] netlink: 'syz.5.1962': attribute type 1 has an invalid length.
[  168.201310][T11804] netlink: 'syz.5.1962': attribute type 2 has an invalid length.
[  168.203334][T11804] netlink: 'syz.5.1962': attribute type 2 has an invalid length.
[  168.236332][T11812] syz.3.1961 (11812): /proc/11809/oom_adj is deprecated, please use /proc/11809/oom_score_adj instead.
[  168.249247][T11815] bpf: Bad value for 'gid'
[  168.264560][T11817] netlink: 448 bytes leftover after parsing attributes in process `syz.5.1966'.
[  168.301709][T11827] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  168.308186][   T39] audit: type=1400 audit(162.499:932): avc:  denied  { ioctl } for  pid=11828 comm="syz.5.1968" path="socket:[45433]" dev="sockfs" ino=45433 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  168.322099][T11829] devpts: called with bogus options
[  168.348486][   T39] audit: type=1400 audit(162.527:933): avc:  denied  { ioctl } for  pid=11832 comm="syz.3.1971" path="socket:[44775]" dev="sockfs" ino=44775 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  168.392984][   T39] audit: type=1400 audit(162.574:934): avc:  denied  { create } for  pid=10279 comm="syz-executor" name="#36" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  168.398265][   T39] audit: type=1400 audit(162.574:935): avc:  denied  { link } for  pid=10279 comm="syz-executor" name="#36" dev="tmpfs" ino=792 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  168.438306][T11844] netlink: 448 bytes leftover after parsing attributes in process `syz.6.1976'.
[  168.495122][T11848] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1977'.
[  168.498688][T11848] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1977'.
[  168.601433][T11864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  168.606760][T11864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  168.757147][T11877] binder: BINDER_SET_CONTEXT_MGR already set
[  168.758769][T11877] binder: 11876:11877 ioctl 4018620d 200001c0 returned -16
[  168.849724][   T57] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  169.013365][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 250, changing to 7
[  169.016861][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49853, setting to 1024
[  169.020285][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  169.025002][   T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  169.027346][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.030738][   T57] usb 6-1: config 0 descriptor??
[  169.033725][   T57] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  169.072078][T11896] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  169.078482][T11897] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  169.173554][T11899] can0: slcan on ptm0.
[  169.269830][T11898] can0 (unregistered): slcan off ptm0.
[  169.367169][T11907] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  169.402270][T11910] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[  169.745801][T11931] erofs (device erofs): cannot find valid erofs superblock
[  169.895173][   T39] kauditd_printk_skb: 9 callbacks suppressed
[  169.895189][   T39] audit: type=1400 audit(163.977:945): avc:  denied  { write } for  pid=11935 comm="syz.3.2005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  170.022527][    T9] usb 6-1: USB disconnect, device number 25
[  170.051676][T11948] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11948 comm=syz.1.2008
[  170.064189][   T66] Bluetooth: hci4: sending frame failed (-49)
[  170.067454][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  170.278467][T11968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=245 sclass=netlink_route_socket pid=11968 comm=syz.6.2013
[  171.023871][   T39] audit: type=1400 audit(165.034:946): avc:  denied  { lock } for  pid=11974 comm="syz.5.2015" path="/149/file0/file0" dev="9p" ino=37749142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  171.029780][   T39] audit: type=1804 audit(165.034:947): pid=11975 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.2015" name="/newroot/149/file0/file0" dev="9p" ino=37749142 res=1 errno=0
[  171.082255][   T39] audit: type=1804 audit(165.090:948): pid=11976 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.2015" name="/newroot/149/file0/file0" dev="9p" ino=37749142 res=1 errno=0
[  171.823784][T11985] fuse: Bad value for 'fd'
[  171.900298][   T39] audit: type=1400 audit(165.857:949): avc:  denied  { mount } for  pid=11989 comm="syz.6.2021" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  171.934120][   T39] audit: type=1400 audit(165.886:950): avc:  denied  { ioctl } for  pid=11991 comm="syz.3.2022" path="socket:[47423]" dev="sockfs" ino=47423 ioctlcmd=0x4111 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  171.965610][T11995] tc_dump_action: action bad kind
[  172.139800][   T39] audit: type=1400 audit(166.073:951): avc:  denied  { map } for  pid=11997 comm="syz.5.2023" path="/150/file0/cpuacct.usage_sys" dev="9p" ino=37749161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  172.146666][   T39] audit: type=1400 audit(166.073:952): avc:  denied  { execute } for  pid=11997 comm="syz.5.2023" path="/150/file0/cpuacct.usage_sys" dev="9p" ino=37749161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  172.217283][   T35] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  172.377653][   T35] usb 11-1: Using ep0 maxpacket: 16
[  172.389240][   T35] usb 11-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  172.393365][   T35] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 55950, setting to 64
[  172.401062][   T35] usb 11-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  172.404423][   T35] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.407295][   T35] usb 11-1: Product: syz
[  172.408849][   T35] usb 11-1: Manufacturer: syz
[  172.410893][   T35] usb 11-1: SerialNumber: syz
[  172.419963][   T35] usb 11-1: config 0 descriptor??
[  172.431663][   T35] hub 11-1:0.0: bad descriptor, ignoring hub
[  172.433967][   T35] hub 11-1:0.0: probe with driver hub failed with error -5
[  172.438410][   T35] input: syz syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input19
[  172.524399][   T39] audit: type=1400 audit(166.437:953): avc:  denied  { getopt } for  pid=12007 comm="syz.5.2028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  172.558180][T12010] batadv_slave_1: entered promiscuous mode
[  172.560182][T12010] batadv_slave_1: left promiscuous mode
[  172.844599][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  172.933838][ T7010] usb 11-1: USB disconnect, device number 3
[  173.007767][T12021] EXT4-fs error: 1 callbacks suppressed
[  173.007778][T12021] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  173.015419][T12022] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  173.022116][T12023] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  173.027495][T12024] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  173.157310][   T39] audit: type=1326 audit(167.027:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12036 comm="syz.3.2038" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347f37fed9 code=0x7ffc0000
[  173.253680][T12049] SELinux: syz.3.2041 (12049) set checkreqprot to 1. This is no longer supported.
[  173.292943][T12051] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  173.389457][T12057] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  173.394314][T12056] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  173.422786][T12060] binder: BINDER_SET_CONTEXT_MGR already set
[  173.423496][T12059] binder_alloc: binder_alloc_mmap_handler: 12058 20ffd000-21000000 already mapped failed -16
[  173.424345][T12060] binder: 12058:12060 ioctl 4018620d 200001c0 returned -16
[  173.424387][T12060] binder: BINDER_SET_CONTEXT_MGR already set
[  173.430433][T12059] binder_alloc: binder_alloc_mmap_handler: 12058 20ffd000-21000000 already mapped failed -16
[  173.433703][T12060] binder: 12058:12060 ioctl 4018620d 200001c0 returned -16
[  173.436022][T12059] binder_alloc: binder_alloc_mmap_handler: 12058 20ffd000-21000000 already mapped failed -16
[  173.587631][T12071] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  173.738094][T12085] __nla_validate_parse: 34 callbacks suppressed
[  173.738106][T12085] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2054'.
[  173.877840][T12100] 9pnet_virtio: no channels available for device syz
[  174.083829][T12109] netlink: 'syz.1.2063': attribute type 29 has an invalid length.
[  174.086461][T12110] netlink: 'syz.1.2063': attribute type 29 has an invalid length.
[  174.127658][T12113] dvmrp8: entered allmulticast mode
[  174.129395][T12112] dvmrp8: left allmulticast mode
[  174.196074][T12120] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  174.202442][T12121] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  174.242282][T12123] xt_CT: You must specify a L4 protocol and not use inversions on it
[  174.248868][T12126] syzkaller1: entered promiscuous mode
[  174.250317][T12126] syzkaller1: entered allmulticast mode
[  174.274900][T12133] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  174.280096][T12134] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  174.290910][T12137] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:11: corrupted in-inode xattr: bad magic number in in-inode xattr
[  174.333977][T12130] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2071'.
[  174.359696][T12174] netfs: Couldn't get user pages (rc=-14)
[  174.455956][T12182] syz.5.2076: attempt to access beyond end of device
[  174.455956][T12182] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[  174.461228][T12182] MINIX-fs: unable to read superblock
[  174.465051][T12184] binder: 12183:12184 ioctl 40046205 0 returned -22
[  174.603507][T12196] binder: 12193:12196 ioctl 4018620d 0 returned -22
[  174.735853][T12200] overlayfs: cannot append lower layer
[  174.738631][T12201] overlayfs: cannot append lower layer
[  174.777454][T12203] overlayfs: workdir and upperdir must reside under the same mount
[  174.961773][T12213] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1561 sclass=netlink_route_socket pid=12213 comm=syz.5.2085
[  175.150871][T12220] 9pnet_virtio: no channels available for device syz
[  175.260862][T12225] netlink: 1275 bytes leftover after parsing attributes in process `syz.1.2090'.
[  175.263882][T12225] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  175.274390][T12225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2090'.
[  175.391393][   T39] kauditd_printk_skb: 29 callbacks suppressed
[  175.391409][   T39] audit: type=1400 audit(169.113:984): avc:  denied  { accept } for  pid=12234 comm="syz.3.2093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  175.420951][T12241] [U] 
[  175.501966][T12230] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2091'.
[  175.505204][T12230] bridge_slave_1: left allmulticast mode
[  175.507094][T12230] bridge_slave_1: left promiscuous mode
[  175.511617][T12230] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.599002][   T39] audit: type=1400 audit(169.318:985): avc:  denied  { connect } for  pid=12258 comm="syz.5.2098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  175.605830][   T39] audit: type=1400 audit(169.318:986): avc:  denied  { read } for  pid=12258 comm="syz.5.2098" path="socket:[45958]" dev="sockfs" ino=45958 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  175.746575][T12273] cgroup: Need name or subsystem set
[  175.749743][T12273] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«=
[  175.801948][   T39] audit: type=1401 audit(169.505:987): op=setxattr invalid_context="system_u:"
[  175.872163][T12267] [U] J"—E:ÀÆ"


[  175.876804][T12286] netlink: 448 bytes leftover after parsing attributes in process `syz.3.2105'.
[  175.921795][T12288] SELinux: syz.3.2106 (12288) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  175.956143][T12288] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  175.962078][   T39] audit: type=1400 audit(169.655:988): avc:  denied  { create } for  pid=12287 comm="syz.3.2106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  175.967818][   T39] audit: type=1400 audit(169.655:989): avc:  denied  { getopt } for  pid=12287 comm="syz.3.2106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  176.169792][T12300] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2110'.
[  176.196811][   T39] audit: type=1400 audit(169.880:990): avc:  denied  { ioctl } for  pid=12299 comm="syz.5.2110" path="socket:[49298]" dev="sockfs" ino=49298 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  176.872957][   T39] audit: type=1400 audit(170.506:991): avc:  denied  { create } for  pid=12312 comm="syz.3.2113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  176.921553][T12315] netlink: 448 bytes leftover after parsing attributes in process `syz.3.2114'.
[  176.951459][   T39] audit: type=1400 audit(170.581:992): avc:  denied  { setopt } for  pid=12316 comm="syz.6.2115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  176.957148][   T39] audit: type=1400 audit(170.591:993): avc:  denied  { write } for  pid=12316 comm="syz.6.2115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  177.084313][T12334] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  177.258881][T12341] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2122'.
[  177.299185][T12345] 9pnet_virtio: no channels available for device syz
[  177.338058][ T5997] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  177.446413][T12349] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2126'.
[  177.474540][T10717] syz_tun (unregistering): left promiscuous mode
[  177.506584][ T5997] usb 8-1: Using ep0 maxpacket: 32
[  177.510855][ T5997] usb 8-1: config 1 interface 0 altsetting 9 bulk endpoint 0x1 has invalid maxpacket 32
[  177.513462][ T5997] usb 8-1: config 1 interface 0 altsetting 9 bulk endpoint 0x82 has invalid maxpacket 1023
[  177.516226][ T5997] usb 8-1: config 1 interface 0 has no altsetting 0
[  177.519474][ T5997] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  177.522256][ T5997] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.524443][ T5997] usb 8-1: Product: à ‰
[  177.525614][ T5997] usb 8-1: Manufacturer: ʛ瘯�躞�໡ᩦ字趶�缵魹䀔巌⠎娞㊫ꎓʮ魔蛃ꠎষ楘孰긒Ԡ섊耬࿽간댴ᣙ䱔언䄚⽛蔂ﴞ�耡筿�顳֔뿔⫱蘆⤃펺㦙훮宗�쫴ﱚ〛⬅᧵쟣῀拗��최藳ᱳ�埨戅宂ꖛ愫㔊耸椬䔗
[  177.532630][ T5997] usb 8-1: SerialNumber: syz
[  177.535709][T12333] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  177.537711][T12333] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  177.730596][ T1137] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.825313][ T1137] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.903280][   T66] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  177.913440][   T66] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  177.917903][   T66] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  177.923297][   T66] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  177.925988][   T66] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  177.930063][   T66] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  177.953829][ T1137] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.036560][ T1137] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.047212][T12356] chnl_net:caif_netlink_parms(): no params data found
[  178.121280][T12356] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.123906][T12356] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.126209][T12356] bridge_slave_0: entered allmulticast mode
[  178.128532][T12356] bridge_slave_0: entered promiscuous mode
[  178.132260][T12356] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.134195][T12356] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.136303][T12356] bridge_slave_1: entered allmulticast mode
[  178.138336][T12356] bridge_slave_1: entered promiscuous mode
[  178.163145][T12356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.194876][T12356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.246006][T12356] team0: Port device team_slave_0 added
[  178.253267][ T1137] bridge_slave_1: left allmulticast mode
[  178.255352][ T1137] bridge_slave_1: left promiscuous mode
[  178.259081][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state
[  178.264652][ T1137] bridge_slave_0: left allmulticast mode
[  178.266666][ T1137] bridge_slave_0: left promiscuous mode
[  178.270127][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.584020][ T1137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.590144][ T1137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.594835][ T1137] bond0 (unregistering): Released all slaves
[  178.605860][T12356] team0: Port device team_slave_1 added
[  178.619492][T12371] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  178.650694][T12356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  178.653311][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.662039][T12356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  178.668338][T12356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  178.670753][T12356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  178.680412][T12356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  178.762208][T12356] hsr_slave_0: entered promiscuous mode
[  178.764512][T12356] hsr_slave_1: entered promiscuous mode
[  178.766571][T12356] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  178.769689][T12356] Cannot create hsr debugfs directory
[  178.965882][T12356] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  178.969442][T12356] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  178.970207][T12384] syz.1.2137: attempt to access beyond end of device
[  178.970207][T12384] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  178.981928][T12384] exFAT-fs (nbd1): unable to read boot sector
[  178.983510][T12384] exFAT-fs (nbd1): failed to read boot sector
[  178.986039][T12384] exFAT-fs (nbd1): failed to recognize exfat type
[  178.987882][T12356] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  178.999000][T12356] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  179.003891][ T1137] batadv_slave_0: left promiscuous mode
[  179.004652][T12385] EXT4-fs error: 49 callbacks suppressed
[  179.004665][T12385] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[  179.013747][T12386] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:4: corrupted in-inode xattr: bad magic number in in-inode xattr
[  179.018870][ T1137] hsr_slave_0: left promiscuous mode
[  179.021256][ T1137] hsr_slave_1: left promiscuous mode
[  179.023679][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.026178][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.029114][ T1137] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.031573][ T1137] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.060825][ T1137] veth1_macvtap: left promiscuous mode
[  179.062323][ T1137] veth0_macvtap: left promiscuous mode
[  179.065179][ T1137] veth1_vlan: left promiscuous mode
[  179.066777][ T1137] veth0_vlan: left promiscuous mode
[  179.924380][ T1137] team0 (unregistering): Port device team_slave_1 removed
[  180.009862][ T1137] team0 (unregistering): Port device team_slave_0 removed
[  180.160834][ T5946] Bluetooth: hci3: command tx timeout
[  180.245324][ T5997] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 27 if 0 alt 9 proto 1 vid 0x0525 pid 0xA4A8
[  180.252932][ T5997] usb 8-1: USB disconnect, device number 27
[  180.260346][T12394] __nla_validate_parse: 2 callbacks suppressed
[  180.260356][T12394] netlink: 140 bytes leftover after parsing attributes in process `syz.3.2139'.
[  180.263256][ T5997] usblp0: removed
[  180.633058][T12396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2140'.
[  180.661742][T12401] syzkaller1: entered promiscuous mode
[  180.663748][T12401] syzkaller1: entered allmulticast mode
[  180.700985][T12356] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.723981][T12356] 8021q: adding VLAN 0 to HW filter on device team0
[  180.729311][ T1235] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.731157][ T1235] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.733729][ T1235] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.735625][ T1235] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.754435][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  180.754446][   T39] audit: type=1400 audit(174.136:1000): avc:  denied  { read } for  pid=12404 comm="syz.3.2143" lport=48841 faddr=::ffff:10.1.1.1 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  180.774655][T12356] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  180.783742][T12412] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.790856][T12413] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.797589][T12415] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.804537][T12416] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.815281][T12356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.819520][T12419] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:4: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.826551][T12420] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.833413][T12421] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.840453][T12422] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  180.895523][T12356] veth0_vlan: entered promiscuous mode
[  180.899824][T12356] veth1_vlan: entered promiscuous mode
[  180.914585][T12356] veth0_macvtap: entered promiscuous mode
[  180.919237][T12356] veth1_macvtap: entered promiscuous mode
[  180.929857][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.936330][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.939812][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.944383][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.947655][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  180.950436][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.954897][T12356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  180.960735][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.965115][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.968488][T12356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  180.971133][T12356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.974277][T12356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.978168][T12356] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  180.980458][T12356] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  180.982689][T12356] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  180.985403][T12356] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.033087][ T1137] IPVS: stop unused estimator thread 0...
[  181.609658][   T39] audit: type=1326 audit(174.940:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12428 comm="syz.3.2146" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f347f37fed9 code=0x0
[  181.702427][   T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.704521][   T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.711267][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  181.713293][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  181.727640][   T39] audit: type=1400 audit(175.043:1002): avc:  denied  { mounton } for  pid=12356 comm="syz-executor" path="/syzkaller.PPBJvS/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=49931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  181.792714][T12461] netlink: 448 bytes leftover after parsing attributes in process `syz.3.2152'.
[  181.934277][T12473] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2159'.
[  181.969523][T12475] fuse: Bad value for 'user_id'
[  181.971174][T12475] fuse: Bad value for 'user_id'
[  182.011059][T12477] xt_ecn: cannot match TCP bits for non-tcp packets
[  182.097768][T12487] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate.
[  182.112096][T12489] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2163'.
[  182.204223][   T39] audit: type=1804 audit(175.501:1003): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2165" name="/newroot/200/file1" dev="fuse" ino=1 res=1 errno=0
[  182.210921][   T39] audit: type=1800 audit(175.501:1004): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2165" name="/" dev="fuse" ino=1 res=0 errno=0
[  182.332664][   T39] audit: type=1804 audit(175.614:1005): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2165" name="/newroot/200/file1" dev="fuse" ino=1 res=1 errno=0
[  182.339116][   T39] audit: type=1804 audit(175.614:1006): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.2165" name="/newroot/200/file1" dev="fuse" ino=1 res=1 errno=0
[  182.339137][   T39] audit: type=1800 audit(175.614:1007): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.2165" name="/" dev="fuse" ino=1 res=0 errno=0
[  182.383991][ T5946] Bluetooth: hci3: command tx timeout
[  182.400726][T12502] netlink: 'syz.5.2168': attribute type 3 has an invalid length.
[  182.403489][T12502] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2168'.
[  182.632876][T12510] FAULT_INJECTION: forcing a failure.
[  182.632876][T12510] name failslab, interval 1, probability 0, space 0, times 0
[  182.636595][T12510] CPU: 0 UID: 0 PID: 12510 Comm: syz.5.2172 Not tainted 6.13.0-rc2-syzkaller #0
[  182.638955][T12510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.641943][T12510] Call Trace:
[  182.643042][T12510]  <TASK>
[  182.643821][T12510]  dump_stack_lvl+0x16c/0x1f0
[  182.645099][T12510]  should_fail_ex+0x497/0x5b0
[  182.646354][T12510]  ? fs_reclaim_acquire+0xae/0x150
[  182.647705][T12510]  should_failslab+0xc2/0x120
[  182.649288][T12510]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  182.650711][T12510]  ? getname_flags.part.0+0x4c/0x550
[  182.652229][T12510]  ? vfs_write+0x306/0x1150
[  182.653580][T12510]  getname_flags.part.0+0x4c/0x550
[  182.655015][T12510]  getname+0x8d/0xe0
[  182.656392][T12510]  do_sys_openat2+0x104/0x1e0
[  182.657631][T12510]  ? __pfx_do_sys_openat2+0x10/0x10
[  182.659013][T12510]  ? __fget_files+0x206/0x3a0
[  182.660269][T12510]  __x64_sys_openat+0x175/0x210
[  182.661539][T12510]  ? __pfx___x64_sys_openat+0x10/0x10
[  182.663312][T12510]  ? ksys_write+0x1ba/0x250
[  182.664518][T12510]  do_syscall_64+0xcd/0x250
[  182.665711][T12510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.667253][T12510] RIP: 0033:0x7fbb36d7fed9
[  182.668428][T12510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.673962][T12510] RSP: 002b:00007fbb37b3d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  182.676079][T12510] RAX: ffffffffffffffda RBX: 00007fbb36f45fa0 RCX: 00007fbb36d7fed9
[  182.678764][T12510] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  182.681532][T12510] RBP: 00007fbb37b3d0a0 R08: 0000000000000000 R09: 0000000000000000
[  182.684472][T12510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.687368][T12510] R13: 0000000000000001 R14: 00007fbb36f45fa0 R15: 00007ffff400fae8
[  182.690224][T12510]  </TASK>
[  182.733917][T12518] netlink: 448 bytes leftover after parsing attributes in process `syz.3.2175'.
[  183.150056][T12539] FAULT_INJECTION: forcing a failure.
[  183.150056][T12539] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.154782][T12539] CPU: 3 UID: 0 PID: 12539 Comm: syz.3.2182 Not tainted 6.13.0-rc2-syzkaller #0
[  183.157920][T12539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.161665][T12539] Call Trace:
[  183.162856][T12539]  <TASK>
[  183.163918][T12539]  dump_stack_lvl+0x16c/0x1f0
[  183.165607][T12539]  should_fail_ex+0x497/0x5b0
[  183.167283][T12539]  strncpy_from_user+0x3b/0x2d0
[  183.169016][T12539]  getname_flags.part.0+0x8f/0x550
[  183.170821][T12539]  getname+0x8d/0xe0
[  183.172216][T12539]  do_sys_openat2+0x104/0x1e0
[  183.173885][T12539]  ? __pfx_do_sys_openat2+0x10/0x10
[  183.175703][T12539]  ? __fget_files+0x206/0x3a0
[  183.177384][T12539]  __x64_sys_openat+0x175/0x210
[  183.179103][T12539]  ? __pfx___x64_sys_openat+0x10/0x10
[  183.181006][T12539]  ? ksys_write+0x1ba/0x250
[  183.182645][T12539]  do_syscall_64+0xcd/0x250
[  183.184277][T12539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.186379][T12539] RIP: 0033:0x7f347f37fed9
[  183.188073][T12539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.194885][T12539] RSP: 002b:00007f34801eb058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  183.197832][T12539] RAX: ffffffffffffffda RBX: 00007f347f545fa0 RCX: 00007f347f37fed9
[  183.200614][T12539] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  183.203333][T12539] RBP: 00007f34801eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  183.206103][T12539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.208878][T12539] R13: 0000000000000001 R14: 00007f347f545fa0 R15: 00007ffd709fbf58
[  183.211566][T12539]  </TASK>
[  183.212535][    C3] vkms_vblank_simulate: vblank timer overrun
[  183.263464][T12543] fuse: Unknown parameter 'rootm¾Wú2±õÇode'
[  183.294253][   T39] audit: type=1326 audit(176.521:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12545 comm="syz.3.2185" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f347f37fed9 code=0x0
[  183.656170][   T57] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  183.802808][T12565] xt_cgroup: xt_cgroup: no path or classid specified
[  183.830981][   T57] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  183.834109][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  183.837020][   T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  183.840368][   T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  183.843768][   T57] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  183.846116][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.855596][   T57] usb 6-1: config 0 descriptor??
[  183.858026][T12550] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  184.016352][   T39] audit: type=1400 audit(177.185:1009): avc:  denied  { accept } for  pid=12570 comm="syz.5.2194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  184.085565][T12578] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2196'.
[  184.306344][   T57] plantronics 0003:047F:FFFF.0005: unknown main item tag 0xd
[  184.310935][   T57] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  184.315977][   T57] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  184.607931][ T5946] Bluetooth: hci3: command tx timeout
[  184.609436][T12550] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  184.617740][ T5976] usb 6-1: USB disconnect, device number 26
[  184.806276][T12606] netlink: 448 bytes leftover after parsing attributes in process `syz.7.2207'.
[  184.846200][T12611] syz.7.2209: attempt to access beyond end of device
[  184.846200][T12611] nbd7: rw=0, sector=0, nr_sectors = 1 limit=0
[  184.851055][T12611] FAT-fs (nbd7): unable to read boot sector
[  185.243220][T12642] program syz.1.2216 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  185.254967][ T5996] hid-generic 0000:0000:0000.0006: unknown main item tag 0x3
[  185.256883][ T5996] hid-generic 0000:0000:0000.0006: item fetching failed at offset 1/2
[  185.259395][ T5996] hid-generic 0000:0000:0000.0006: probe with driver hid-generic failed with error -22
[  185.397645][ T5946] Bluetooth: hci2: unexpected event for opcode 0x200c
[  185.408973][T12648] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2218'.
[  185.484532][T12653] EXT4-fs error: 12 callbacks suppressed
[  185.484546][T12653] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.493262][T12654] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:0: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.531916][T12659] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.538220][T12660] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.568061][T12662] netlink: 'syz.1.2223': attribute type 10 has an invalid length.
[  185.701629][T12672] __nla_validate_parse: 1 callbacks suppressed
[  185.701641][T12672] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2228'.
[  185.731571][T12674] netlink: 'syz.1.2229': attribute type 4 has an invalid length.
[  185.759012][T12686] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.765827][T12687] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.770529][T12683] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2231'.
[  185.778051][T12692] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.786855][T12693] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  185.799721][T12695] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2233'.
[  185.802142][T12695] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  185.804200][T12695] batman_adv: batadv0: Removing interface: batadv_slave_0
[  185.808448][T12695] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  185.811148][T12695] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.030639][T12708] netlink: 448 bytes leftover after parsing attributes in process `syz.1.2239'.
[  186.130935][T12716] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2243'.
[  186.137715][T12717] vlan2: entered allmulticast mode
[  186.138654][T12720] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  186.140500][T12717] bond0: entered allmulticast mode
[  186.143365][T12717] bond_slave_0: entered allmulticast mode
[  186.145256][T12717] bond_slave_1: entered allmulticast mode
[  186.153515][T12717] bond0: left allmulticast mode
[  186.155367][T12717] bond_slave_0: left allmulticast mode
[  186.157331][T12717] bond_slave_1: left allmulticast mode
[  186.222863][T12731] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  186.227840][T12732] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  186.233716][T12716] xt_hashlimit: size too large, truncated to 1048576
[  186.294664][T12743] netlink: 448 bytes leftover after parsing attributes in process `syz.5.2249'.
[  186.324801][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  186.324815][   T39] audit: type=1400 audit(179.346:1016): avc:  denied  { bind } for  pid=12750 comm="syz.5.2251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  186.335883][   T39] audit: type=1400 audit(179.346:1017): avc:  denied  { execute } for  pid=12744 comm="syz.1.2250" path="/dev/video4" dev="devtmpfs" ino=961 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  186.566687][T12763] ip6t_srh: unknown srh match flags  B153
[  186.606828][ T1496] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  186.654191][T12771] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  186.782185][ T1496] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  186.785199][ T1496] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  186.788792][ T1496] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  186.791889][ T1496] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  186.795649][ T1496] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  186.802365][ T1496] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  186.804929][ T1496] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  186.807152][ T1496] usb 12-1: Product: syz
[  186.808642][ T1496] usb 12-1: Manufacturer: syz
[  186.813468][ T1496] cdc_wdm 12-1:1.0: skipping garbage
[  186.815391][ T1496] cdc_wdm 12-1:1.0: skipping garbage
[  186.820564][ T1496] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device
[  186.822314][ T1496] cdc_wdm 12-1:1.0: Unknown control protocol
[  186.828856][   T39] audit: type=1400 audit(179.814:1018): avc:  denied  { read } for  pid=12778 comm="syz.1.2262" path="socket:[52461]" dev="sockfs" ino=52461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  186.831701][ T5946] Bluetooth: hci3: command tx timeout
[  186.926692][T12784] xt_limit: Overflow, try lower: 1207959552/384
[  186.927445][ T5996] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  186.936420][T12784] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2263'.
[  186.940126][   T39] audit: type=1400 audit(179.926:1019): avc:  denied  { listen } for  pid=12783 comm="syz.1.2263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  186.944999][   T39] audit: type=1400 audit(179.926:1020): avc:  denied  { accept } for  pid=12783 comm="syz.1.2263" lport=43982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  187.109194][ T5996] usb 8-1: Using ep0 maxpacket: 8
[  187.111707][ T5996] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  187.113870][ T5996] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.116893][ T5996] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.119541][ T5996] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  187.123275][ T5996] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.127791][ T5996] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  187.131021][ T5996] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.299144][ T5946] Bluetooth: hci1: unknown advertising packet type: 0x2f
[  187.299212][ T5946] Bluetooth: hci1: Malformed LE Event: 0x02
[  187.350973][ T5996] usb 8-1: usb_control_msg returned -32
[  187.352458][ T5996] usbtmc 8-1:16.0: can't read capabilities
[  187.354342][   T39] audit: type=1400 audit(180.309:1021): avc:  denied  { ioctl } for  pid=12770 comm="syz.3.2259" path="socket:[51374]" dev="sockfs" ino=51374 ioctlcmd=0xf514 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  187.732595][T12791] input: syz1 as /devices/virtual/input/input21
[  188.317224][ T5996] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  188.429800][T12823] program syz.5.2272 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  188.445707][   T11] Bluetooth: hci4: Frame reassembly failed (-84)
[  188.489454][ T5996] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  188.491853][ T5996] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  188.494573][ T5996] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  188.496940][ T5996] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  188.500089][ T5996] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  188.504565][ T5996] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  188.507692][ T5996] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  188.510607][ T5996] usb 6-1: Product: syz
[  188.512148][ T5996] usb 6-1: Manufacturer: syz
[  188.516473][ T5996] cdc_wdm 6-1:1.0: skipping garbage
[  188.517937][ T5996] cdc_wdm 6-1:1.0: skipping garbage
[  188.520243][ T5996] cdc_wdm 6-1:1.0: cdc-wdm2: USB WDM device
[  188.521833][ T5996] cdc_wdm 6-1:1.0: Unknown control protocol
[  189.556143][    C0] cdc_wdm 12-1:1.0: nonzero urb status received: -71
[  189.556963][ T5976] usb 12-1: USB disconnect, device number 2
[  189.557909][    C0] cdc_wdm 12-1:1.0: wdm_int_callback - 0 bytes
[  189.557919][    C0] cdc_wdm 12-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  189.681461][T12834] netlink: 448 bytes leftover after parsing attributes in process `syz.7.2275'.
[  189.769025][   T39] audit: type=1400 audit(182.564:1022): avc:  denied  { getattr } for  pid=12835 comm="syz.7.2276" name="/" dev="9p" ino=37749124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  189.776880][   T39] audit: type=1400 audit(182.582:1023): avc:  denied  { remount } for  pid=12835 comm="syz.7.2276" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  189.872865][ T5996] usb 8-1: USB disconnect, device number 28
[  189.896879][   T39] audit: type=1400 audit(182.685:1024): avc:  denied  { write } for  pid=12841 comm="syz.3.2278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  190.062011][   T39] audit: type=1400 audit(182.844:1025): avc:  denied  { remount } for  pid=12857 comm="syz.7.2282" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  190.065696][T12863] syz.3.2284: attempt to access beyond end of device
[  190.065696][T12863] loop3: rw=0, sector=1, nr_sectors = 1 limit=0
[  190.073328][T12863] qnx4: unable to read the superblock
[  190.433117][T12898] fuse: Bad value for 'fd'
[  190.594475][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  190.594953][   T66] Bluetooth: hci4: command 0x1003 tx timeout
[  190.677887][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.706035][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.732974][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.760417][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.787518][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.798986][T12926] sp0: Synchronizing with TNC
[  190.814490][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.841094][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.864933][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.885527][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  190.906498][T12917] kvm: kvm [12911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xff
[  191.213060][  T832] usb 6-1: USB disconnect, device number 27
[  191.329022][T12928] netlink: 'syz.1.2302': attribute type 10 has an invalid length.
[  191.331048][T12928] netdevsim netdevsim1 netdevsim0: left allmulticast mode
[  191.335487][T12928] team0: Port device netdevsim0 added
[  191.420132][T12929] block nbd1: shutting down sockets
[  191.529099][T12934] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2303'.
[  191.616988][T12924] [U] è
[  191.729286][T12945] netlink: 'syz.3.2307': attribute type 11 has an invalid length.
[  191.819899][T12949] input: syz0 as /devices/virtual/input/input22
[  192.238384][T12977] EXT4-fs error: 15 callbacks suppressed
[  192.238400][T12977] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.246973][T12978] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.257137][T12979] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.263324][T12980] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.442574][T12993] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2324'.
[  192.445692][T12993] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2324'.
[  192.514698][T13004] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=13004 comm=syz.1.2327
[  192.520848][T13008] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.526037][T13004] netlink: 'syz.1.2327': attribute type 9 has an invalid length.
[  192.527977][T13004] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.2327'.
[  192.543402][T13005] xt_l2tp: v2 sid > 0xffff: 150994944
[  192.547558][T13005] IPVS: Unknown mcast interface: netpci0
[  192.563037][   T39] kauditd_printk_skb: 6 callbacks suppressed
[  192.563051][   T39] audit: type=1400 audit(185.183:1032): avc:  denied  { ioctl } for  pid=13003 comm="syz.1.2327" path="socket:[53824]" dev="sockfs" ino=53824 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  192.574891][   T39] audit: type=1326 audit(185.202:1033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.578601][T13017] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.582201][T13018] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.587504][T13020] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:2: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.590474][   T39] audit: type=1326 audit(185.202:1034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.602915][   T39] audit: type=1326 audit(185.202:1035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.612773][   T39] audit: type=1326 audit(185.202:1036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.616359][T13022] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:3: corrupted in-inode xattr: bad magic number in in-inode xattr
[  192.619110][   T39] audit: type=1326 audit(185.202:1037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.629733][   T39] audit: type=1326 audit(185.202:1038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.633656][T13024] syzkaller0: entered allmulticast mode
[  192.634809][T13025] binder: transaction release 80 bad handle 1, ret = -22
[  192.635114][   T39] audit: type=1326 audit(185.202:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.640348][T13025] binder: 13023:13025 ioctl c018620c 20000140 returned -1
[  192.644937][   T39] audit: type=1326 audit(185.202:1040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.652359][   T39] audit: type=1326 audit(185.202:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13013 comm="syz.7.2331" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5f7177fed9 code=0x7ffc0000
[  192.716018][T13027] netlink: 'syz.7.2334': attribute type 10 has an invalid length.
[  192.726649][T13027] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.729224][T13027] team0: Port device bond0 added
[  192.731927][T13027] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2334'.
[  192.839377][  T832] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  193.021122][  T832] usb 8-1: Using ep0 maxpacket: 8
[  193.024172][  T832] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  193.027181][  T832] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  193.030112][  T832] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  193.034008][  T832] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  193.037999][  T832] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  193.040808][  T832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.261006][  T832] usb 8-1: GET_CAPABILITIES returned 0
[  193.262474][  T832] usbtmc 8-1:16.0: can't read capabilities
[  193.478761][   T57] usb 8-1: USB disconnect, device number 29
[  193.943961][T13044] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  193.946991][T13044] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2341'.
[  193.951312][T13045] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u32:9: corrupted in-inode xattr: bad magic number in in-inode xattr
[  194.104326][T13061] FAULT_INJECTION: forcing a failure.
[  194.104326][T13061] name failslab, interval 1, probability 0, space 0, times 0
[  194.108420][T13061] CPU: 2 UID: 0 PID: 13061 Comm: syz.7.2346 Not tainted 6.13.0-rc2-syzkaller #0
[  194.111378][T13061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.114857][T13061] Call Trace:
[  194.115985][T13061]  <TASK>
[  194.116974][T13061]  dump_stack_lvl+0x16c/0x1f0
[  194.118555][T13061]  should_fail_ex+0x497/0x5b0
[  194.120040][T13061]  ? fs_reclaim_acquire+0xae/0x150
[  194.121317][T13061]  should_failslab+0xc2/0x120
[  194.122488][T13061]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  194.123960][T13061]  ? alloc_empty_file+0x73/0x1e0
[  194.125294][T13061]  alloc_empty_file+0x73/0x1e0
[  194.126852][T13061]  path_openat+0xe1/0x2d60
[  194.128272][T13061]  ? hlock_class+0x4e/0x130
[  194.129723][T13061]  ? __lock_acquire+0x15a9/0x3c40
[  194.131353][T13061]  ? __pfx_path_openat+0x10/0x10
[  194.132951][T13061]  ? __pfx___lock_acquire+0x10/0x10
[  194.134660][T13061]  ? lock_acquire.part.0+0x11b/0x380
[  194.136104][T13061]  ? find_held_lock+0x2d/0x110
[  194.137318][T13061]  do_filp_open+0x20c/0x470
[  194.138855][T13061]  ? __pfx_do_filp_open+0x10/0x10
[  194.140566][T13061]  ? find_held_lock+0x2d/0x110
[  194.142225][T13061]  ? alloc_fd+0x41f/0x760
[  194.143726][T13061]  do_sys_openat2+0x17a/0x1e0
[  194.145343][T13061]  ? __pfx_do_sys_openat2+0x10/0x10
[  194.147125][T13061]  ? __fget_files+0x206/0x3a0
[  194.148737][T13061]  __x64_sys_openat+0x175/0x210
[  194.150405][T13061]  ? __pfx___x64_sys_openat+0x10/0x10
[  194.152164][T13061]  ? ksys_write+0x1ba/0x250
[  194.153716][T13061]  do_syscall_64+0xcd/0x250
[  194.155240][T13061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.157249][T13061] RIP: 0033:0x7f5f7177fed9
[  194.158801][T13061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.165232][T13061] RSP: 002b:00007f5f72541058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  194.168025][T13061] RAX: ffffffffffffffda RBX: 00007f5f71945fa0 RCX: 00007f5f7177fed9
[  194.170654][T13061] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  194.172752][T13061] RBP: 00007f5f725410a0 R08: 0000000000000000 R09: 0000000000000000
[  194.175014][T13061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.176973][T13061] R13: 0000000000000001 R14: 00007f5f71945fa0 R15: 00007ffd9abaf358
[  194.178933][T13061]  </TASK>
[  194.222283][T13065] blktrace: Concurrent blktraces are not allowed on sg0
[  194.324205][T13067] syzkaller1: entered promiscuous mode
[  194.325713][T13067] syzkaller1: entered allmulticast mode
[  194.445248][T13079] tipc: Failed to remove unknown binding: 66,1,1/0:428901569/428901571
[  194.487133][T13083] FAULT_INJECTION: forcing a failure.
[  194.487133][T13083] name failslab, interval 1, probability 0, space 0, times 0
[  194.491468][T13083] CPU: 0 UID: 0 PID: 13083 Comm: syz.1.2355 Not tainted 6.13.0-rc2-syzkaller #0
[  194.494496][T13083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.498066][T13083] Call Trace:
[  194.499227][T13083]  <TASK>
[  194.499794][T13087] netlink: 1284 bytes leftover after parsing attributes in process `syz.7.2357'.
[  194.500248][T13083]  dump_stack_lvl+0x16c/0x1f0
[  194.503234][T13087] openvswitch: netlink: Missing key (keys=40, expected=80)
[  194.504838][T13083]  should_fail_ex+0x497/0x5b0
[  194.508862][T13083]  ? fs_reclaim_acquire+0xae/0x150
[  194.510687][T13083]  should_failslab+0xc2/0x120
[  194.512321][T13083]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  194.514160][T13083]  ? security_file_alloc+0x34/0x2b0
[  194.515944][T13083]  security_file_alloc+0x34/0x2b0
[  194.517689][T13083]  init_file+0x93/0x480
[  194.519143][T13083]  alloc_empty_file+0x91/0x1e0
[  194.520796][T13083]  path_openat+0xe1/0x2d60
[  194.522334][T13083]  ? hlock_class+0x4e/0x130
[  194.523910][T13083]  ? __lock_acquire+0x15a9/0x3c40
[  194.525665][T13083]  ? __pfx_path_openat+0x10/0x10
[  194.527367][T13083]  ? __pfx___lock_acquire+0x10/0x10
[  194.529174][T13083]  ? lock_acquire.part.0+0x11b/0x380
[  194.530979][T13083]  ? find_held_lock+0x2d/0x110
[  194.532637][T13083]  do_filp_open+0x20c/0x470
[  194.534208][T13083]  ? __pfx_do_filp_open+0x10/0x10
[  194.535923][T13083]  ? find_held_lock+0x2d/0x110
[  194.537610][T13083]  ? alloc_fd+0x41f/0x760
[  194.539118][T13083]  do_sys_openat2+0x17a/0x1e0
[  194.540782][T13083]  ? __pfx_do_sys_openat2+0x10/0x10
[  194.542569][T13083]  ? __fget_files+0x206/0x3a0
[  194.544186][T13083]  __x64_sys_openat+0x175/0x210
[  194.545863][T13083]  ? __pfx___x64_sys_openat+0x10/0x10
[  194.547713][T13083]  ? ksys_write+0x1ba/0x250
[  194.549309][T13083]  do_syscall_64+0xcd/0x250
[  194.550860][T13083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.553028][T13083] RIP: 0033:0x7f93d417fed9
[  194.554823][T13083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.561237][T13083] RSP: 002b:00007f93d5002058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  194.564064][T13083] RAX: ffffffffffffffda RBX: 00007f93d4345fa0 RCX: 00007f93d417fed9
[  194.566727][T13083] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  194.569382][T13083] RBP: 00007f93d50020a0 R08: 0000000000000000 R09: 0000000000000000
[  194.572041][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.574710][T13083] R13: 0000000000000001 R14: 00007f93d4345fa0 R15: 00007fff8449dfd8
[  194.577413][T13083]  </TASK>
[  194.614890][T13093] netlink: 'syz.1.2359': attribute type 1 has an invalid length.
[  194.617037][T13093] netlink: 16022 bytes leftover after parsing attributes in process `syz.1.2359'.
[  194.692242][T13099] syzkaller1: entered promiscuous mode
[  194.694073][T13099] syzkaller1: entered allmulticast mode
[  194.797732][   T57] usb 12-1: new high-speed USB device number 3 using dummy_hcd
[  194.870638][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[  194.873922][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  194.918202][T13104] bridge0: port 2(syz_tun) entered blocking state
[  194.920623][T13104] bridge0: port 2(syz_tun) entered disabled state
[  194.922992][T13104] syz_tun: entered allmulticast mode
[  194.927545][T13104] syz_tun: entered promiscuous mode
[  194.929793][T13104] bridge0: port 2(syz_tun) entered blocking state
[  194.932056][T13104] bridge0: port 2(syz_tun) entered forwarding state
[  194.934784][   T57] usb 12-1: device descriptor read/64, error -71
[  194.937028][T13104] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  195.004518][T13108] netlink: 512 bytes leftover after parsing attributes in process `syz.5.2365'.
[  195.202036][   T57] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  195.362463][   T57] usb 12-1: device descriptor read/64, error -71
[  195.431198][T13114] FAULT_INJECTION: forcing a failure.
[  195.431198][T13114] name failslab, interval 1, probability 0, space 0, times 0
[  195.434418][T13114] CPU: 3 UID: 0 PID: 13114 Comm: syz.3.2367 Not tainted 6.13.0-rc2-syzkaller #0
[  195.436684][T13114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  195.439769][T13114] Call Trace:
[  195.440628][T13114]  <TASK>
[  195.441380][T13114]  dump_stack_lvl+0x16c/0x1f0
[  195.442629][T13114]  should_fail_ex+0x497/0x5b0
[  195.443914][T13114]  ? fs_reclaim_acquire+0xae/0x150
[  195.445205][T13114]  should_failslab+0xc2/0x120
[  195.446400][T13114]  __kmalloc_noprof+0xcb/0x510
[  195.447604][T13114]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  195.449007][T13114]  ? rcu_is_watching+0x12/0xc0
[  195.450217][T13114]  tomoyo_realpath_from_path+0xb9/0x720
[  195.451614][T13114]  tomoyo_check_open_permission+0x2ad/0x3c0
[  195.453100][T13114]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  195.454708][T13114]  ? avc_has_perm_noaudit+0x119/0x3a0
[  195.456064][T13114]  ? __pfx_hook_file_open+0x10/0x10
[  195.457373][T13114]  ? lock_acquire+0x2f/0xb0
[  195.458529][T13114]  tomoyo_file_open+0x6b/0x90
[  195.459728][T13114]  security_file_open+0x84/0x1e0
[  195.460982][T13114]  do_dentry_open+0x57e/0x1ea0
[  195.462191][T13114]  ? inode_permission+0xdd/0x5f0
[  195.463440][T13114]  vfs_open+0x82/0x3f0
[  195.464466][T13114]  ? may_open+0x1f2/0x400
[  195.465554][T13114]  path_openat+0x1e6a/0x2d60
[  195.466772][T13114]  ? __pfx_path_openat+0x10/0x10
[  195.468029][T13114]  ? __pfx___lock_acquire+0x10/0x10
[  195.469346][T13114]  ? lock_acquire.part.0+0x11b/0x380
[  195.470696][T13114]  ? find_held_lock+0x2d/0x110
[  195.471900][T13114]  do_filp_open+0x20c/0x470
[  195.473056][T13114]  ? __pfx_do_filp_open+0x10/0x10
[  195.474337][T13114]  ? find_held_lock+0x2d/0x110
[  195.475562][T13114]  ? alloc_fd+0x41f/0x760
[  195.476669][T13114]  do_sys_openat2+0x17a/0x1e0
[  195.477881][T13114]  ? __pfx_do_sys_openat2+0x10/0x10
[  195.479178][T13114]  ? __fget_files+0x206/0x3a0
[  195.480356][T13114]  __x64_sys_openat+0x175/0x210
[  195.481557][T13114]  ? __pfx___x64_sys_openat+0x10/0x10
[  195.482896][T13114]  ? ksys_write+0x1ba/0x250
[  195.484056][T13114]  do_syscall_64+0xcd/0x250
[  195.485438][T13114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.486930][T13114] RIP: 0033:0x7f347f37fed9
[  195.488061][T13114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.492783][T13114] RSP: 002b:00007f34801eb058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  195.494809][T13114] RAX: ffffffffffffffda RBX: 00007f347f545fa0 RCX: 00007f347f37fed9
[  195.496769][T13114] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  195.498673][T13114] RBP: 00007f34801eb0a0 R08: 0000000000000000 R09: 0000000000000000
[  195.500556][T13114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.502441][T13114] R13: 0000000000000001 R14: 00007f347f545fa0 R15: 00007ffd709fbf58
[  195.504364][T13114]  </TASK>
[  195.505172][    C3] vkms_vblank_simulate: vblank timer overrun
[  195.507988][   T57] usb usb12-port1: attempt power cycle
[  195.509914][T13114] ERROR: Out of memory at tomoyo_realpath_from_path.
[  195.734886][T13124] syzkaller1: entered promiscuous mode
[  195.736845][T13124] syzkaller1: entered allmulticast mode
[  195.847382][T13129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2371'.
[  195.875616][   T57] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  195.897634][   T57] usb 12-1: device descriptor read/8, error -71
[  195.916803][T13132] bridge3: entered promiscuous mode
[  195.918853][T13132] bridge3: entered allmulticast mode
[  196.038063][T13151] FAULT_INJECTION: forcing a failure.
[  196.038063][T13151] name failslab, interval 1, probability 0, space 0, times 0
[  196.041165][T13151] CPU: 0 UID: 0 PID: 13151 Comm: syz.1.2378 Not tainted 6.13.0-rc2-syzkaller #0
[  196.043962][T13151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.047036][T13151] Call Trace:
[  196.047870][T13151]  <TASK>
[  196.048626][T13151]  dump_stack_lvl+0x16c/0x1f0
[  196.049818][T13151]  should_fail_ex+0x497/0x5b0
[  196.050993][T13151]  ? fs_reclaim_acquire+0xae/0x150
[  196.052329][T13151]  should_failslab+0xc2/0x120
[  196.053511][T13151]  __kmalloc_noprof+0xcb/0x510
[  196.054713][T13151]  ? d_absolute_path+0x137/0x1b0
[  196.055952][T13151]  tomoyo_encode2+0x100/0x3e0
[  196.057146][T13151]  tomoyo_encode+0x29/0x50
[  196.058264][T13151]  tomoyo_realpath_from_path+0x19d/0x720
[  196.059696][T13151]  tomoyo_check_open_permission+0x2ad/0x3c0
[  196.061170][T13151]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  196.063120][T13151]  ? avc_has_perm_noaudit+0x119/0x3a0
[  196.064898][T13151]  ? __pfx_hook_file_open+0x10/0x10
[  196.066207][T13151]  ? lock_acquire+0x2f/0xb0
[  196.067353][T13151]  tomoyo_file_open+0x6b/0x90
[  196.068087][T13153] syzkaller1: entered promiscuous mode
[  196.068541][T13151]  security_file_open+0x84/0x1e0
[  196.068570][T13151]  do_dentry_open+0x57e/0x1ea0
[  196.070018][T13153] syzkaller1: entered allmulticast mode
[  196.071369][T13151]  ? inode_permission+0xdd/0x5f0
[  196.075463][T13151]  vfs_open+0x82/0x3f0
[  196.076533][T13151]  ? may_open+0x1f2/0x400
[  196.077662][T13151]  path_openat+0x1e6a/0x2d60
[  196.078856][T13151]  ? __pfx_path_openat+0x10/0x10
[  196.080117][T13151]  ? __pfx___lock_acquire+0x10/0x10
[  196.081394][T13151]  ? lock_acquire.part.0+0x11b/0x380
[  196.082740][T13151]  ? find_held_lock+0x2d/0x110
[  196.083956][T13151]  do_filp_open+0x20c/0x470
[  196.085126][T13151]  ? __pfx_do_filp_open+0x10/0x10
[  196.086391][T13151]  ? find_held_lock+0x2d/0x110
[  196.087615][T13151]  ? alloc_fd+0x41f/0x760
[  196.088708][T13151]  do_sys_openat2+0x17a/0x1e0
[  196.089965][T13151]  ? __pfx_do_sys_openat2+0x10/0x10
[  196.091253][T13151]  ? __fget_files+0x206/0x3a0
[  196.092434][T13151]  __x64_sys_openat+0x175/0x210
[  196.093657][T13151]  ? __pfx___x64_sys_openat+0x10/0x10
[  196.095022][T13151]  ? ksys_write+0x1ba/0x250
[  196.096165][T13151]  do_syscall_64+0xcd/0x250
[  196.097308][T13151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.098801][T13151] RIP: 0033:0x7f93d417fed9
[  196.099920][T13151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.104617][T13151] RSP: 002b:00007f93d5002058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  196.106671][T13151] RAX: ffffffffffffffda RBX: 00007f93d4345fa0 RCX: 00007f93d417fed9
[  196.108618][T13151] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  196.110522][T13151] RBP: 00007f93d50020a0 R08: 0000000000000000 R09: 0000000000000000
[  196.112449][T13151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.114406][T13151] R13: 0000000000000001 R14: 00007f93d4345fa0 R15: 00007fff8449dfd8
[  196.116375][T13151]  </TASK>
[  196.118160][T13151] ERROR: Out of memory at tomoyo_realpath_from_path.
[  196.186800][   T57] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  196.207650][   T57] usb 12-1: device descriptor read/8, error -71
[  196.212780][T13155] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13155 comm=syz.5.2380
[  196.216542][T13155] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13155 comm=syz.5.2380
[  196.330784][   T57] usb usb12-port1: unable to enumerate USB device
[  196.973479][T13186] syzkaller1: entered promiscuous mode
[  196.974873][T13186] syzkaller1: entered allmulticast mode
[  197.009726][ T5946] Bluetooth: hci3: command 0x0405 tx timeout
[  197.774002][T13234] FAULT_INJECTION: forcing a failure.
[  197.774002][T13234] name failslab, interval 1, probability 0, space 0, times 0
[  197.778211][T13234] CPU: 3 UID: 0 PID: 13234 Comm: syz.7.2390 Not tainted 6.13.0-rc2-syzkaller #0
[  197.781259][T13234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  197.784836][T13234] Call Trace:
[  197.785996][T13234]  <TASK>
[  197.786976][T13234]  dump_stack_lvl+0x16c/0x1f0
[  197.788636][T13234]  should_fail_ex+0x497/0x5b0
[  197.790268][T13234]  ? fs_reclaim_acquire+0xae/0x150
[  197.792104][T13234]  should_failslab+0xc2/0x120
[  197.793774][T13234]  __kmalloc_noprof+0xcb/0x510
[  197.795399][T13234]  ? __pfx___debug_object_init+0x10/0x10
[  197.797416][T13234]  bio_kmalloc+0x41/0x70
[  197.798790][T13234]  blk_rq_map_kern+0x3b8/0x740
[  197.800360][T13234]  scsi_execute_cmd+0xc09/0xf40
[  197.801934][T13234]  ? __pfx___lock_acquire+0x10/0x10
[  197.803589][T13234]  ? hlock_class+0x4e/0x130
[  197.805083][T13234]  ? __lock_acquire+0x15a9/0x3c40
[  197.806701][T13234]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  197.808412][T13234]  ? __lock_acquire+0x15a9/0x3c40
[  197.810030][T13234]  ? hlock_class+0x4e/0x130
[  197.811591][T13234]  sr_check_events+0x1f3/0xab0
[  197.813046][T13234]  ? __pfx_sr_check_events+0x10/0x10
[  197.814712][T13234]  ? hlock_class+0x4e/0x130
[  197.816182][T13234]  ? __pfx___lock_acquire+0x10/0x10
[  197.817775][T13234]  ? lock_acquire.part.0+0x11b/0x380
[  197.819295][T13234]  ? find_held_lock+0x2d/0x110
[  197.820528][T13234]  cdrom_check_events+0x65/0x110
[  197.821828][T13234]  sr_block_check_events+0xc4/0x100
[  197.823158][T13234]  disk_check_events+0xbe/0x410
[  197.824415][T13234]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.825712][T13234]  disk_check_media_change+0x101/0x280
[  197.827095][T13234]  ? __pfx_disk_check_media_change+0x10/0x10
[  197.829017][T13234]  ? lockdep_hardirqs_on+0x7c/0x110
[  197.830476][T13234]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  197.832374][T13234]  ? __pm_runtime_resume+0xc3/0x170
[  197.834056][T13234]  sr_block_open+0xe1/0x270
[  197.835287][T13234]  ? __pfx_sr_block_open+0x10/0x10
[  197.836945][T13234]  ? __pfx_sr_block_open+0x10/0x10
[  197.838573][T13234]  blkdev_get_whole+0x96/0x290
[  197.840144][T13234]  bdev_open+0x2c7/0xe20
[  197.841543][T13234]  blkdev_open+0x329/0x400
[  197.843002][T13234]  do_dentry_open+0xf59/0x1ea0
[  197.844431][T13234]  ? __pfx_blkdev_open+0x10/0x10
[  197.845681][T13234]  vfs_open+0x82/0x3f0
[  197.846736][T13234]  ? may_open+0x1f2/0x400
[  197.847896][T13234]  path_openat+0x1e6a/0x2d60
[  197.849103][T13234]  ? __pfx_path_openat+0x10/0x10
[  197.850393][T13234]  ? __pfx___lock_acquire+0x10/0x10
[  197.851708][T13234]  ? lock_acquire.part.0+0x11b/0x380
[  197.853159][T13234]  ? find_held_lock+0x2d/0x110
[  197.854376][T13234]  do_filp_open+0x20c/0x470
[  197.855534][T13234]  ? __pfx_do_filp_open+0x10/0x10
[  197.856882][T13234]  ? find_held_lock+0x2d/0x110
[  197.858356][T13234]  ? alloc_fd+0x41f/0x760
[  197.859798][T13234]  do_sys_openat2+0x17a/0x1e0
[  197.861305][T13234]  ? __pfx_do_sys_openat2+0x10/0x10
[  197.863021][T13234]  ? __fget_files+0x206/0x3a0
[  197.864417][T13234]  __x64_sys_openat+0x175/0x210
[  197.866020][T13234]  ? __pfx___x64_sys_openat+0x10/0x10
[  197.867766][T13234]  ? ksys_write+0x1ba/0x250
[  197.869182][T13234]  do_syscall_64+0xcd/0x250
[  197.870349][T13234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.872235][T13234] RIP: 0033:0x7f5f7177fed9
[  197.873644][T13234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.878986][T13234] RSP: 002b:00007f5f72541058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  197.881696][T13234] RAX: ffffffffffffffda RBX: 00007f5f71945fa0 RCX: 00007f5f7177fed9
[  197.884285][T13234] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  197.886917][T13234] RBP: 00007f5f725410a0 R08: 0000000000000000 R09: 0000000000000000
[  197.889569][T13234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.892230][T13234] R13: 0000000000000001 R14: 00007f5f71945fa0 R15: 00007ffd9abaf358
[  197.894826][T13234]  </TASK>
[  197.901794][ T5333] EXT4-fs error: 12 callbacks suppressed
[  197.901805][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.notice kernel: [  197.774002][T13234] FAULT_INJECTION: forcing a failure.
[  197.913359][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.notice kernel: [  197.774002][T13234] name failslab, interval 1, probability 0, space 0, times 0
[  197.923793][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 [  197.927091][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
syzkaller kern.warn kernel: [  197.778211][T1323[  197.931406][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
4] CPU: 3 UID: 0 PID: 13234 Comm: syz.7.2390 Not[  197.935606][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
 tainted 6.13.0-rc2-syzkaller #0
Jan  1 00:03:1[  197.939416][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
0 syzkaller kern.warn kernel: [  197.781259][T13[  197.943191][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
234] Hardware name: QEMU Standard PC (Q35 + ICH9[  197.946951][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/[  197.951034][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
01/2014
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.784836][T13234] Call Trace:
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.785996][T13234]  <TASK>
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.786976][T13234]  dump_stack_lvl+0x16c/0x1f0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.788636][T13234]  should_fail_ex+0x497/0x5b0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.790268][T13234]  ? fs_reclaim_acquire+0xae/0x150
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.792104][T13234]  should_failslab+0xc2/0x120
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.793774][T13234]  __kmalloc_noprof+0xcb/0x510
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.795399][T13234]  ? __pfx___debug_object_init+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.797416][T13234]  bio_kmalloc+0x41/0x70
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.798790][T13234]  blk_rq_map_kern+0x3b8/0x740
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.800360][T13234]  scsi_execute_cmd+0xc09/0xf40
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.801934][T13234]  ? __pfx___lock_acquire+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.803589][T13234]  ? hlock_class+0x4e/0x130
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.805083][T13234]  ? __lock_acquire+0x15a9/0x3c40
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.806701][T13234]  ? __pfx_scsi_execute_cmd+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.808412][T13234]  ? __lock_acquire+0x15a9/0x3c40
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.810030][T13234]  ? hlock_class+0x4e/0x130
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.811591][T13234]  sr_check_events+0x1f3/0xab0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.813046][T13234]  ? __pfx_sr_check_events+0x10/0x10
Jan  1 00:03:10 [  198.021204][T13253] xt_nat: multiple ranges no longer supported
syzkaller kern.warn kernel: [  197.814712][T13234]  ? hlock_class+0x4e/0x130[  198.024461][   T39] kauditd_printk_skb: 33 callbacks suppressed

[  198.024469][   T39] audit: type=1400 audit(190.299:1075): avc:  denied  { map } for  pid=13248 comm="syz.3.2391" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  198.032278][   T39] audit: type=1400 audit(190.299:1076): avc:  denied  { execute } for  pid=13248 comm="syz.3.2391" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.816182][T13234]  ? __pfx___lock_acquire+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.817775][T13234]  ? lock_acquire.part.0+0x11b/0x380
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.819295][T13234]  ? find_held_lock+0x2d/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.820528][T13234]  cdrom_check_events+0x65/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.821828][T13234]  sr_block_check_events+0xc4/0x100
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.823158][T13234]  disk_check_events+0xbe/0x410
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.824415][T13234]  ? _raw_spin_unlock_irq+0x23/0x50
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.825712][T13234]  disk_check_media_change+0x101/0x280
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.827095][T13234]  ? __pfx_disk_check_media_change+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.829017][T13234]  ? lockdep_hardirqs_on+0x7c/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.830476][T13234]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.832374][T13234]  ? __pm_runtime_resume+0xc3/0x170
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.834056][T13234]  sr_block_open+0xe1/0x270
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.835287][T13234]  ? __pfx_sr_block_open+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.836945][T13234]  ? __pfx_sr_block_open+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.838573][T13234]  blkdev_get_whole+0x96/0x290
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.840144][T13234]  bdev_open+0x2c7/0xe20
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.841543][T13234]  blkdev_open+0x329/0x400
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.843002][T13234]  do_dentry_open+0xf59/0x1ea0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.844431][T13234]  ? __pfx_blkdev_open+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.845681][T13234]  vfs_open+0x82/0x3f0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.846736][T13234]  ? may_open+0x1f2/0x400
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.847896][T13234]  path_openat+0x1e6a/0x2d60
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.849103][T13234]  ? __pfx_path_openat+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.850393][T13234]  ? __pfx___lock_acquire+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.851708][T13234]  ? lock_acquire.part.0+0x11b/0x380
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.853159][T13234]  ? find_held_lock+0x2d/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.854376][T13234]  do_filp_open+0x20c/0x470
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.855534][T13234]  ? __pfx_do_filp_open+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.856882][T13234]  ? find_held_lock+0x2d/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.858356][T13234]  ? alloc_fd+0x41f/0x760
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.859798][T13234]  do_sys_openat2+0x17a/0x1e0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.861305][T13234]  ? __pfx_do_sys_openat2+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.863021][T13234]  ? __fget_files+0x206/0x3a0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.864417][T13234]  __x64_sys_openat+0x175/0x210
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.866020][T13234]  ? __pfx___x64_sys_openat+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.867766][T13234]  ? ksys_write+0x1ba/0x250
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.869182][T13234]  do_syscall_64+0xcd/0x250
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.870349][T13234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.872235][T13234] RIP: 0033:0x7f5f7177fed9
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.873644][T13234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.878986][T13234] RSP: 002b:00007f5f72541058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.881696][T13234] RAX: ffffffffffffffda RBX: 00007f5f71945fa0 RCX: 00007f5f7177fed9
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.884285][T13234] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.886917][T13234] RBP: 00007f5f725410a0 R08: 0000000000000000 R09: 0000000000000000
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.889569][T13234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.892230][T13234] R13: 0000000000000001 R14: 00007f5f71945fa0 R15: 00007ffd9abaf358
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.894826][T13234]  </TASK>
Jan  1 00:03:10 syzkaller kern.warn kernel: [  197.901794][ T5333] EXT4-fs error: 12 callbacks suppressed
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.901805][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.913359][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.923793][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.927091][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.931406][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.935606][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.939416][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.943191][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.946951][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.crit kernel: [  197.951034][ T5333] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1915: comm syslogd: iget: checksum invalid
Jan  1 00:03:10 syzkaller kern.info kernel: [  198.021204][T13253] xt_nat: multiple ranges no longer supported
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.024461][   T39] kauditd_printk_skb: 33 callbacks suppressed
Jan  1 00:03:10 syzkaller kern.notice kernel: [  198.024469][   T39] audit: type=1400 audit(190.299:1075): avc:  denied  { map } for  pid=13248 comm="syz.3.2391" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_
Jan  1 00:03:10 syzkaller kern.notice kernel: [  198.032278][   T39] audit: type=1400 audit(190.299:1076): avc:  denied  { execute } for  pid=13248 comm="syz.3.2391" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_dev
[  198.243276][T13265] syz.7.2395: attempt to access beyond end of device
[  198.243276][T13265] nbd7: rw=4096, sector=2, nr_sectors = 2 limit=0
[  198.248941][T13265] EXT4-fs (nbd7): unable to read superblock
[  198.256198][T13263] team0: Device wg2 is of different type
Jan  1 00:03:10 syzkaller kern.info kernel: [  198.243276][T13265] syz.7.2395: attempt to access beyond end of d[  198.265220][T13270] GUP no longer grows the stack in syz.5.2396 (13270): 20004000-20008000 (20002000)
evice[  198.268527][T13270] CPU: 2 UID: 0 PID: 13270 Comm: syz.5.2396 Not tainted 6.13.0-rc2-syzkaller #0
[  198.271019][T13270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  198.273954][T13270] Call Trace:

[  198.274956][T13270]  <TASK>
[  198.275915][T13270]  dump_stack_lvl+0x16c/0x1f0
[  198.279236][T13270]  gup_vma_lookup+0x1d2/0x220
[  198.279323][T13270]  __get_user_pages+0x236/0x3b50
[  198.279343][T13270]  ? find_held_lock+0x2d/0x110
[  198.279370][T13270]  ? mtree_load+0x30a/0xa40
[  198.279389][T13270]  ? __pfx_lock_release+0x10/0x10
[  198.279410][T13270]  ? __pfx___get_user_pages+0x10/0x10
[  198.279436][T13270]  get_user_pages_remote+0x25e/0xb30
[  198.279457][T13270]  ? __pfx_get_user_pages_remote+0x10/0x10
[  198.279484][T13270]  __access_remote_vm+0x235/0x7b0
[  198.279511][T13270]  ? __pfx___access_remote_vm+0x10/0x10
[  198.279540][T13270]  ? _copy_to_user+0xbb/0xd0
[  198.279569][T13270]  proc_pid_cmdline_read+0x4f5/0x900
[  198.279595][T13270]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  198.279622][T13270]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  198.279644][T13270]  vfs_readv+0x6bf/0x890
[  198.279666][T13270]  ? __pfx___lock_acquire+0x10/0x10
[  198.279688][T13270]  ? __pfx_vfs_readv+0x10/0x10
[  198.279713][T13270]  ? __fget_files+0x1fc/0x3a0
[  198.279728][T13270]  ? __pfx_lock_release+0x10/0x10
[  198.279752][T13270]  ? __fget_files+0x206/0x3a0
[  198.279770][T13270]  ? do_preadv+0x1b1/0x270
[  198.279791][T13270]  do_preadv+0x1b1/0x270
Jan  1 00:03:10 [  198.279813][T13270]  ? __pfx_do_preadv+0x10/0x10
syzkaller kern.i[  198.279840][T13270]  do_syscall_64+0xcd/0x250
nfo kernel: [  1[  198.279861][T13270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
98.243276][T1326[  198.279879][T13270] RIP: 0033:0x7fbb36d7fed9
5] nbd7: rw=4096[  198.279893][T13270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
, sector=2, nr_s[  198.279908][T13270] RSP: 002b:00007fbb37b3d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
ectors = 2 limit[  198.279924][T13270] RAX: ffffffffffffffda RBX: 00007fbb36f45fa0 RCX: 00007fbb36d7fed9
=0
[  198.279935][T13270] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000005
[  198.279946][T13270] RBP: 00007fbb36df3cc8 R08: 0000000000000000 R09: 0000000000000000
[  198.279957][T13270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.279968][T13270] R13: 0000000000000000 R14: 00007fbb36f45fa0 R15: 00007ffff400fae8
[  198.280011][T13270]  </TASK>
[  198.309791][T13276] syzkaller1: entered promiscuous mode
Jan  1 00:03:10 syzkaller kern.e[  198.346281][T13276] syzkaller1: entered allmulticast mode
rr kernel: [  198.248941][T13265] EXT4-fs (nbd7): unable to read superblock
Jan  1 00:03:10 syzkaller kern.err kernel: [  198.256198][T13263] team0: Device wg2 is of different type
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.265220][T13270] GUP no longer grows the stack in syz.5.2396 (13270): 20004000-20008000 (20002000)
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.268527][T13270] CPU: 2 UID: 0 PID: 13270 Comm: syz.5.2396 Not tainted 6.13.0-rc2-syzkaller #0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.271019][T13270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.273954][T13270] Call Trace:
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.274956][T13270]  <TASK>
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.275915][T13270]  dump_stack_lvl+0x16c/0x1f0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279236][T13270]  gup_vma_lookup+0x1d2/0x220
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279323][T13270]  __get_user_pages+0x236/0x3b50
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279343][T13270]  ? find_held_lock+0x2d/0x110
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279370][T13270]  ? mtree_load+0x30a/0xa40
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279389][T13270]  ? __pfx_lock_release+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279410][T13270]  ? __pfx___get_user_pages+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279436][T13270]  get_user_pages_remote+0x25e/0xb30
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279457][T13270]  ? __pfx_get_user_pages_remote+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279484][T13270]  __access_remote_vm+0x235/0x7b0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279511][T13270]  ? __pfx___access_remote_vm+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279540][T13270]  ? _copy_to_user+0xbb/0xd0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279569][T13270]  proc_pid_cmdline_read+0x4f5/0x900
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279595][T13270]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279622][T13270]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279644][T13270]  vfs_readv+0x6bf/0x890
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279666][T13270]  ? __pfx___lock_acquire+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279688][T13270]  ? __pfx_vfs_readv+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279713][T13270]  ? __fget_files+0x1fc/0x3a0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279728][T13270]  ? __pfx_lock_release+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279752][T13270]  ? __fget_files+0x206/0x3a0
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279770][T13270]  ? do_preadv+0x1b1/0x270
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279791][T13270]  do_preadv+0x1b1/0x270
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279813][T13270]  ? __pfx_do_preadv+0x10/0x10
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279840][T13270]  do_syscall_64+0xcd/0x250
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279861][T13270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279879][T13270] RIP: 0033:0x7fbb36d7fed9
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279893][T13270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279908][T13270] RSP: 002b:00007fbb37b3d058 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279924][T13270] RAX: ffffffffffffffda RBX: 00007fbb36f45fa0 RCX: 00007fbb36d7fed9
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279935][T13270] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000005
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279946][T13270] RBP: 00007fbb36df3cc8 R08: 0000000000000000 R09: 0000000000000000
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279957][T13270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.279968][T13270] R13: 0000000000000000 R14: 00007fbb36f45fa0 R15: 00007ffff400fae8
Jan  1 00:03:10 syzkaller kern.warn kernel: [  198.280011][T13270]  </TASK>
Jan  1 00:03:10 syzkaller kern.info kernel: [  198.309791][T13276] syzkaller1: entered promiscuous mode
Jan  1 00:03:10 syzkaller kern.info kernel: [  198.346281][T13276] syzkaller1: entered allmulticast mode
[  198.532615][   T39] audit: type=1400 audit(190.767:1077): avc:  denied  { accept } for  pid=13285 comm="syz.7.2400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
Jan  1 00:03:10 syzkaller kern.notice kernel: [  198.532615][   T39] audit: type=1400 audit(190.767:1077): avc:  denied  { accept } for  pid=13285 comm="syz.7.2400" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  198.588510][T13284] ------------[ cut here ]------------
[  198.590520][T13284] WARNING: CPU: 1 PID: 13284 at kernel/signal.c:2014 posixtimer_send_sigqueue+0xaf7/0x1020
[  198.593505][T13284] Modules linked in:
[  198.594762][T13284] CPU: 1 UID: 0 PID: 13284 Comm: syz.5.2401 Not tainted 6.13.0-rc2-syzkaller #0
[  198.598894][T13284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  198.601996][T13284] RIP: 0010:posixtimer_send_sigqueue+0xaf7/0x1020
[  198.603909][T13284] Code: 89 44 24 08 e8 6a 44 3b 00 8b 44 24 08 85 c0 0f 85 f1 fa ff ff e8 19 42 3b 00 e8 74 22 ad ff e9 e2 fa ff ff e8 0a 42 3b 00 90 <0f> 0b 90 e9 d4 fa ff ff e8 fc 41 3b 00 e9 f8 f6 ff ff 4c 89 e7 e8
[  198.609533][T13284] RSP: 0018:ffffc90004757bd8 EFLAGS: 00010093
[  198.611325][T13284] RAX: 0000000000000000 RBX: ffff8880331f5680 RCX: ffffffff815ebd07
[  198.613678][T13284] RDX: ffff88803ec1c880 RSI: ffffffff815ec236 RDI: 0000000000000005
[  198.616013][T13284] RBP: ffff88803ec1c880 R08: 0000000000000005 R09: 0000000000000000
[  198.618309][T13284] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880331f5724
[  198.620681][T13284] R13: 1ffff920008eaf80 R14: ffff8880331f5758 R15: ffff8880331f5740
[  198.622995][T13284] FS:  00007fbb37afb6c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000
[  198.625633][T13284] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.627570][T13284] CR2: 0000000020044000 CR3: 0000000032d54000 CR4: 0000000000352ef0
[  198.629879][T13284] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000003
[  198.632256][T13284] DR3: 0000000000000001 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  198.634605][T13284] Call Trace:
[  198.635636][T13284]  <TASK>
[  198.636555][T13284]  ? __warn+0xea/0x3c0
[  198.637771][T13284]  ? posixtimer_send_sigqueue+0xaf7/0x1020
[  198.639523][T13284]  ? report_bug+0x3c0/0x580
[  198.640896][T13284]  ? handle_bug+0x54/0xa0
[  198.642200][T13284]  ? exc_invalid_op+0x17/0x50
[  198.643609][T13284]  ? asm_exc_invalid_op+0x1a/0x20
[  198.645157][T13284]  ? posixtimer_send_sigqueue+0x5c7/0x1020
[  198.646903][T13284]  ? posixtimer_send_sigqueue+0xaf6/0x1020
[  198.648422][T13284]  ? posixtimer_send_sigqueue+0xaf7/0x1020
[  198.649991][T13284]  ? posixtimer_send_sigqueue+0xaf6/0x1020
[  198.651765][T13284]  ? cpu_clock_sample+0xc9/0x140
[  198.653263][T13284]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  198.655094][T13284]  posix_cpu_timer_set+0x9e1/0xd30
[  198.656633][T13284]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  198.658313][T13284]  ? __lock_timer+0x1a9/0x4c0
[  198.659769][T13284]  do_timer_settime+0x26c/0x400
[  198.661236][T13284]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  198.662907][T13284]  ? __pfx_do_timer_settime+0x10/0x10
[  198.664507][T13284]  ? __pfx_do_futex+0x10/0x10
[  198.665902][T13284]  __x64_sys_timer_settime+0x26a/0x2c0
[  198.667507][T13284]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  198.669060][T13284]  ? xfd_validate_state+0x5d/0x180
[  198.670265][T13284]  do_syscall_64+0xcd/0x250
[  198.671277][T13284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.672656][T13284] RIP: 0033:0x7fbb36d7fed9
[  198.673684][T13284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.678177][T13284] RSP: 002b:00007fbb37afb058 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  198.680462][T13284] RAX: ffffffffffffffda RBX: 00007fbb36f46160 RCX: 00007fbb36d7fed9
[  198.682426][T13284] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000
[  198.684150][T13284] RBP: 00007fbb36df3cc8 R08: 0000000000000000 R09: 0000000000000000
[  198.685883][T13284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.687919][T13284] R13: 0000000000000000 R14: 00007fbb36f46160 R15: 00007ffff400fae8
[  198.689768][T13284]  </TASK>
[  198.690455][T13284] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  198.692037][T13284] CPU: 1 UID: 0 PID: 13284 Comm: syz.5.2401 Not tainted 6.13.0-rc2-syzkaller #0
[  198.693952][T13284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  198.696269][T13284] Call Trace:
[  198.697041][T13284]  <TASK>
[  198.697696][T13284]  dump_stack_lvl+0x3d/0x1f0
[  198.698742][T13284]  panic+0x71d/0x800
[  198.699625][T13284]  ? __pfx_panic+0x10/0x10
[  198.700612][T13284]  ? show_trace_log_lvl+0x29d/0x3d0
[  198.701741][T13284]  ? check_panic_on_warn+0x1f/0xb0
[  198.702859][T13284]  ? posixtimer_send_sigqueue+0xaf7/0x1020
[  198.704137][T13284]  check_panic_on_warn+0xab/0xb0
[  198.705227][T13284]  __warn+0xf6/0x3c0
[  198.706102][T13284]  ? posixtimer_send_sigqueue+0xaf7/0x1020
[  198.707584][T13284]  report_bug+0x3c0/0x580
[  198.708784][T13284]  handle_bug+0x54/0xa0
[  198.709686][T13284]  exc_invalid_op+0x17/0x50
[  198.710680][T13284]  asm_exc_invalid_op+0x1a/0x20
[  198.711738][T13284] RIP: 0010:posixtimer_send_sigqueue+0xaf7/0x1020
[  198.713155][T13284] Code: 89 44 24 08 e8 6a 44 3b 00 8b 44 24 08 85 c0 0f 85 f1 fa ff ff e8 19 42 3b 00 e8 74 22 ad ff e9 e2 fa ff ff e8 0a 42 3b 00 90 <0f> 0b 90 e9 d4 fa ff ff e8 fc 41 3b 00 e9 f8 f6 ff ff 4c 89 e7 e8
[  198.717384][T13284] RSP: 0018:ffffc90004757bd8 EFLAGS: 00010093
[  198.718752][T13284] RAX: 0000000000000000 RBX: ffff8880331f5680 RCX: ffffffff815ebd07
[  198.720482][T13284] RDX: ffff88803ec1c880 RSI: ffffffff815ec236 RDI: 0000000000000005
[  198.722197][T13284] RBP: ffff88803ec1c880 R08: 0000000000000005 R09: 0000000000000000
[  198.723907][T13284] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880331f5724
[  198.725619][T13284] R13: 1ffff920008eaf80 R14: ffff8880331f5758 R15: ffff8880331f5740
[  198.727537][T13284]  ? posixtimer_send_sigqueue+0x5c7/0x1020
[  198.729060][T13284]  ? posixtimer_send_sigqueue+0xaf6/0x1020
[  198.730387][T13284]  ? posixtimer_send_sigqueue+0xaf6/0x1020
[  198.731854][T13284]  ? cpu_clock_sample+0xc9/0x140
[  198.733001][T13284]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  198.734528][T13284]  posix_cpu_timer_set+0x9e1/0xd30
[  198.736015][T13284]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  198.737686][T13284]  ? __lock_timer+0x1a9/0x4c0
[  198.739113][T13284]  do_timer_settime+0x26c/0x400
[  198.740570][T13284]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  198.742219][T13284]  ? __pfx_do_timer_settime+0x10/0x10
[  198.743817][T13284]  ? __pfx_do_futex+0x10/0x10
[  198.745251][T13284]  __x64_sys_timer_settime+0x26a/0x2c0
[  198.746881][T13284]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  198.748632][T13284]  ? xfd_validate_state+0x5d/0x180
[  198.750150][T13284]  do_syscall_64+0xcd/0x250
[  198.751526][T13284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.753274][T13284] RIP: 0033:0x7fbb36d7fed9
[  198.754612][T13284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.760197][T13284] RSP: 002b:00007fbb37afb058 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  198.762613][T13284] RAX: ffffffffffffffda RBX: 00007fbb36f46160 RCX: 00007fbb36d7fed9
[  198.764934][T13284] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000
[  198.767247][T13284] RBP: 00007fbb36df3cc8 R08: 0000000000000000 R09: 0000000000000000
[  198.769686][T13284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.772061][T13284] R13: 0000000000000000 R14: 00007fbb36f46160 R15: 00007ffff400fae8
[  198.774427][T13284]  </TASK>
[  199.846374][T13284] Shutting down cpus with NMI
[  199.848101][T13284] Kernel Offset: disabled
[  199.849332][T13284] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:52:05  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff814899ee RDX=ffff888023e4a440
RSI=ffffffff81489a0b RDI=0000000000000000 RBP=ffff8880215f6f00 RSP=ffffc900043efb28
R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffff88806a63fb00 R15=ffffed10042bede0
RIP=ffffffff81489a0c RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 000055558aae7500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5f724756c0 CR3=0000000032d54000 CR4=00352ef0
DR0=0000000000002800 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffffff Opmask01=00000000ffffffff Opmask02=00000000fff80880 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd66368c30 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000a7665 645f6b63000a3834 000a313d65766973
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851b95e5 RDI=ffffffff9ab0ac20 RBP=ffffffff9ab0abe0 RSP=ffffc90004757538
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000008
R12=0000000000000000 R13=0000000000000020 R14=ffffffff851b9580 R15=0000000000000000
RIP=ffffffff851b960f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fbb37afb6c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020044000 CR3=0000000032d54000 CR4=00352ef0
DR0=0000000000000002 DR1=0000000000000000 DR2=0000000000000003 DR3=0000000000000001 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36df4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36f10488 00007fbb36f10480 00007fbb36f10478 00007fbb36f10450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb37a7d100 00007fbb36f10440 00007fbb36f10458 00007fbb36f104a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbb36f10498 00007fbb36f10490 00007fbb36f10488 00007fbb36f10480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000795c7d51fa RBX=ffff88806a828400 RCX=00000000000006e0 RDX=0000000000000079
RSI=ffff88806a828400 RDI=0000000000000145 RBP=0000000000000145 RSP=ffffc900034afa10
R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000002
R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000019 R15=ffffed100d505085
RIP=ffffffff8146b0c5 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f5f725416c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002006b000 CR3=00000000481e6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffe0000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f717f4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 746e6576652f7475 706e692f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000012 574d4655460c5756 534d4a0c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000021cf69 RBX=0000000000000003 RCX=ffffffff8b28e679 RDX=0000000000000000
RSI=ffffffff8b6cd840 RDI=ffffffff8bd1d200 RBP=ffffed1003ad1488 RSP=ffffc900001a7e08
R8 =0000000000000001 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000
R12=0000000000000003 R13=ffff88801d68a440 R14=ffffffff905f15d0 R15=0000000000000000
RIP=ffffffff8b28fa5f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f5f7251ffb8 CR3=000000004a5fe000 CR4=00352ef0
DR0=fffffffffffffffc DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000fffffffe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8449e360 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4c42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4c4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4c49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4c5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4ce3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93d41f4dc1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000