last executing test programs:

11m18.805890915s ago: executing program 3 (id=138):
close(0xffffffffffffffff)
ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000a80)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0}, 0x50)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
r2 = socket$kcm(0x29, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), r2)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000180)={r0, r1})
sendmmsg$inet(r2, &(0x7f000000a3c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40)

11m17.877435055s ago: executing program 3 (id=144):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000300)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0x1, 0x2000000000000000, 0x80000004000000, 0xffffffffffffffff], 0x8000000, 0x2010d3})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000200)="440f20c0350b000000440f22c0360f09c4217d700c9d0000000028b8010000000f01c166b82e000f00d80f20d835080000000f22d82e0f019885000000b9b1060000b86f8d0000ba0000000066b8b5008ec036363ef3420f51a600000000b9e30b0000b8f233278fba000000000f30", 0x6f}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$autofs(0xffffff9c, &(0x7f0000000000), 0x22482, 0x0)

11m17.541948622s ago: executing program 3 (id=149):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f00000007c0)=[{&(0x7f0000000180)="8be7ee177cdad9b4b47380e588cafd4371f8fb16063b45b29ec0b5366dcc00f042fe6d886a4f9f5af688724d3bc8df", 0x2f}], 0x1)

11m12.786310505s ago: executing program 3 (id=168):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="a1", 0x1}], 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x74, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$char_usb(r0, &(0x7f00000001c0)="64e9", 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000740)=[0x2], 0x0, 0x0, 0x1}}, 0x40)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)

11m12.67866618s ago: executing program 3 (id=169):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x12d)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

11m11.792853474s ago: executing program 3 (id=173):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)

10m56.747105162s ago: executing program 32 (id=173):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)

5m57.483150898s ago: executing program 2 (id=1433):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000001c0)={<r1=>0x0, 0x2}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000240)={r1, 0x2, 0xca69}, 0x8)
r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = getpid()
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000001640)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x34, r5, 0x1, 0x70bd28, 0x25dfdbff, {}, [@NL802154_ATTR_PID={0x8, 0x1c, r3}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x0)
timerfd_gettime(r2, &(0x7f0000000280))
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r8=>0xffffffffffffffff}, 0x106, 0x1}}, 0x20)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010012000000000000000000000a20000000000a03000000000000000400070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000215c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c006c80080003400000000220000b80"], 0xe0}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, {0xa, 0x4e24, 0x101, @remote, 0x7}, r8, 0x6}}, 0x48)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f00000025c0)}}, 0x10)

5m56.388612832s ago: executing program 2 (id=1435):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendto$inet6(r0, 0x0, 0x0, 0x240880c0, &(0x7f0000000280)={0xa, 0xe20, 0x0, @mcast1}, 0x1c)
sendto$inet6(r0, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
sendto$inet6(r0, 0x0, 0x0, 0x4010, 0x0, 0x0)

5m48.942980054s ago: executing program 2 (id=1450):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x74}, 0x1, 0x0, 0x0, 0x20004844}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5m48.665885791s ago: executing program 2 (id=1453):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000300)}}, {{&(0x7f0000000600)=@can, 0x80, &(0x7f0000000680)=[{&(0x7f0000000580)}], 0x1, &(0x7f0000000b40)=[@timestamping={{0x14, 0x1, 0x25, 0x101}}, @timestamping={{0x14, 0x1, 0x25, 0x7}}], 0x30}}], 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x80000000, @remote, 0x7}, 0x1c, &(0x7f0000000f00)=[{0x0}, {&(0x7f0000000540)}, {0x0}, {0x0}], 0x4}}], 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000006c0)=[@text16={0x10, &(0x7f0000000500)="0f0766b9800000c00f326635000100000f3066b9cf09000066b80000000066ba000000000f300f0014ae0f01b200000fc71c6766c744240095d400006766c74424027a6800006766c744240600000000670f011c2466b80500000066b9000000000f01d9ba4200b0d4ee", 0x6a}], 0x1, 0x59, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5m48.439710066s ago: executing program 2 (id=1454):
fsopen(&(0x7f00000014c0)='proc\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82, 0x6, @random="a55378321800"}, 0x14)
shutdown(r4, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x42804}, 0x0)

5m46.56548331s ago: executing program 2 (id=1458):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x51a9497)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={[], [], 0x2f})
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[], [], 0x2f})

5m31.211987153s ago: executing program 33 (id=1458):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x51a9497)
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={[], [], 0x2f})
mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[], [], 0x2f})

17.319491526s ago: executing program 1 (id=2258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0xc000)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x50, 0x7fff7ffc}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}}, 0x50)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="9002000000000000f9ffffffffffffff03000000000000000100000000000000070000000000000004c600000000000004000000fd090000000000000000000000000000000000000500000000000000630c00000000000002000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r6, @ANYRES32=0x0, @ANYBLOB="7b000000090000000000000004000000000000000500000000000000020000000300000066640000000000000400000000000000020000"], 0x0, 0x0, 0x0})
getdents64(r8, &(0x7f0000000100)=""/134, 0x86)
close_range(r3, 0xffffffffffffffff, 0x0)

16.615276938s ago: executing program 1 (id=2259):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x4b, 0x1, 0xffffffff, 0x6, 0x0)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mlock(&(0x7f0000449000/0x3000)=nil, 0x3000)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)

14.464006063s ago: executing program 4 (id=2264):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000040)={0x9, 0x100, 0x0, {0xffffffff, 0xbde, 0xb, 0x10000}})
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'xchacha20\x00'}}}, 0xe0}}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x3a85ef35342a412e)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000300)={[0x5, 0x8, 0xa, 0x80000000009, 0x8, 0x404, 0x1041, 0x80004, 0x0, 0xfc1a, 0xffffffffffffffff, 0x100000002, 0x49, 0x6, 0x7f, 0x6b], 0xc000, 0x202010})
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {0x0}}, 0x18)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x20440, 0x0)

14.461369461s ago: executing program 6 (id=2265):
epoll_create1(0x80000)
r0 = socket$netlink(0x10, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002100), 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8)
r2 = syz_open_dev$vivid(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0xe)
sendmsg$NFNL_MSG_CTHELPER_GET(r0, 0x0, 0x240080c0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
r6 = socket(0xa, 0x1, 0x0)
setsockopt(r6, 0x29, 0x17, 0x0, 0x2000)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0x80000008, 0x775a, 0xd25, 0x8000000, 0x6}]})

13.407462194s ago: executing program 4 (id=2266):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd1, 0x0, 0x0)
ioctl$SIOCGETVIFCNT(r4, 0x89e0, &(0x7f0000000040))
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000100)={'gre0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x80, 0x20, 0x391e, 0x8, {{0x5, 0x4, 0x3, 0x1d, 0x14, 0x68, 0x0, 0xa, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x35}}}}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x10, 0xffffffaf, 0x1, 0xd299, 0x9, 0x6d9c, 0x9, 0x5}, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)

13.191292979s ago: executing program 6 (id=2267):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x2, 0x3, 0x0, 0x2, 0x10, 0x0, 0x0, 0x0, [@sadb_key={0x2, 0x8, 0x8, 0x0, 'f'}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfd}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}]}, 0x80}, 0x1, 0x7}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000500)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x458, 0x138, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x1, "", [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0xeb}}, {{{0x9, 0x5, 0x81, 0x3, 0x10}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x6, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x9841, 0xffffffffffffffff, 0x0, 0x0, 0x200005, 0x0, 0x1}])
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xc0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x160b, 0x0, 0x0, {0x2, 0x0, 0x8}}], {0x14}}, 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
ioctl$TCXONC(r2, 0x540a, 0x2)
ioctl$TCXONC(r2, 0x540a, 0x0)
r5 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r5, &(0x7f0000000240)=[{&(0x7f0000000040)='\n8', 0x2}, {0x0}], 0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000180001000000005955ee0e662d"], 0x24}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmmsg(r6, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100))

12.717499711s ago: executing program 1 (id=2268):
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x800400, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4054)
fanotify_init(0x8, 0x8000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}], {0x14, 0x10}}, 0xa4}}, 0x4)
syz_genetlink_get_family_id$nfc(&(0x7f0000000340), 0xffffffffffffffff)

11.624035688s ago: executing program 4 (id=2270):
futex(0x0, 0x80000000000b, 0x1, 0x0, &(0x7f0000048000), 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
syz_usb_connect$uac1(0x0, 0x72, &(0x7f0000000680)=ANY=[@ANYBLOB="120100020000002082057d004000010203010902600003010680070904000000010100000a2401a80f0a0002010209040100000102000009040101010102000104050100090402"], 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(r0, 0xc, 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000180)={0x1, 0x6, 0x9, 0x9, 0x7})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x790, 0x80000000002, 0x180, 0x400000004, 0xffffffffffffffff, 0xf5, 0x3, 0xfffffffffffffd7e, 0x42, 0x4, 0x3b9, 0xfffffffffffffffe, 0x0, 0x0, 0x8a], 0x8000000, 0x3c4210})
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa00000000000000000000000000bbff020000000000000000006b"], 0x0)

10.497396635s ago: executing program 1 (id=2272):
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)

8.374765515s ago: executing program 6 (id=2277):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000a00)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002440), 0xffffffffffffffff)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r2, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000002480)={0x1c, r3, 0x109, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x80)
ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f0000000080))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000d00)=ANY=[@ANYBLOB="120100021982302013042360e5ec0102030109021b0001000060020904840001ee48b100090582"], 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io$rtl8150(r6, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r6, 0x0, 0x0)
syz_usb_control_io$rtl8150(r6, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000340)={0x40, 0x6, 0x1, "b3"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r6, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000100)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c12106803200e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a60800000f00510066b87a000f02d86161300f300fc79d53bf0000c4b961edc30101220f27c3", 0xac}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r7, 0xaea2, 0x1)
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x20, 0x1418, 0x1, 0x2, 0x3, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x0)

7.184837023s ago: executing program 0 (id=2278):
socket$unix(0x1, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$unix(0x1, 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000200)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYRES64=r3, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0)
sendmsg$sock(r5, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0)
r6 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
io_uring_register$IORING_REGISTER_FILES2(r6, 0xd, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0)

7.17699266s ago: executing program 4 (id=2279):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fsopen(0x0, 0x1)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000021c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chroot(&(0x7f0000000000)='./bus\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)

6.984194508s ago: executing program 1 (id=2280):
syz_emit_vhci(0x0, 0x0)
get_mempolicy(0xffffffffffffffff, 0x0, 0x2000400000043ff, &(0x7f0000ff9000/0x2000)=nil, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x181)
socket(0x2, 0x80805, 0x0)
io_setup(0x2278, &(0x7f0000000180)=<r3=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
io_submit(r3, 0x2, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r5, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x5, 0x2, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000240)=0x10)

6.617027618s ago: executing program 5 (id=2281):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="07000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddde8f58e0b287be23000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000100000002004e28000000000000000000000000000080000000000000000000000000000000000000000000000000000000009d36000000000000000000000000000000000000000000000000000000000000000c31c1010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc00abc4ab749d128947b5fa76e375b1fbfb559f4d8e2b3b829f271da3723b2e740ac6b5628d2aa555c864a73a4308cf6530450e5b877be18d403f2414f972e9d4345b7ba01f56b161ae9b796be2"], 0x110)
ioctl$TCSETS(r1, 0x4b72, &(0x7f0000000180)={0x5, 0x5, 0x1, 0x6, 0x13, "006093ff8e000000000000edffffffffffffff"})
listen(r0, 0x4)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000)=0x1, 0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x670, 0x5, 0x460, 0x0, 0x240, 0xffffffff, 0x1a0, 0x0, 0x3c8, 0x3c8, 0xffffffff, 0x3c8, 0x3c8, 0x5, 0x0, {[{{@ip={@rand_addr=0x64010100, @local, 0xff0000ff, 0xffffff00, 'veth1_to_bridge\x00', 'veth0_macvtap\x00', {}, {0xff}, 0x16}, 0x0, 0x168, 0x1a0, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x7, 0xc, 'kmp\x00', "4801d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x76, 0x2, {0x1}}}, @common=@unspec=@devgroup={{0x38}, {0x3, 0x0, 0x3, 0x3, 0x81}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0xae, {0xf, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x65, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0xfffc, 0xd, 0x1}, {0x2, 0x4, 0x3}, 0x1000, 0x100}}}, {{@ip={@multicast2, @broadcast, 0xff, 0x0, 'virt_wifi0\x00', 'veth1_to_bridge\x00', {}, {}, 0x0, 0x0, 0x4e}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@rand_addr=0x64010102, @ipv4=@private=0xa010101, @icmp_id=0x68, @icmp_id=0x64}}}, {{@ip={@loopback, @remote, 0xff, 0x0, 'batadv_slave_1\x00', 'ip_vti0\x00', {}, {0xff}, 0x6, 0x1, 0x5}, 0x0, 0x98, 0xd0, 0x0, {}, [@common=@icmp={{0x28}, {0x4, '\\Q', 0x1}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x10, @local, @dev={0xac, 0x14, 0x14, 0x2a}, @port=0x4e22, @gre_key=0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4c0)

5.691414499s ago: executing program 4 (id=2282):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0xa9, 0x8000000000000000, 0x8, 0x7, 0x8000003}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1002}]})
pipe2$watch_queue(0x0, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x3c, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x24044000, 0x0, 0x0)
shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4050000ffe0f50571103f00000000006700000000800080950000000000000072c2f98cb7333011f1cf97f165ac0dc8c84c1ed04a84f6243cec3706bd2d671c2c"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r3 = socket(0x2d, 0x2, 0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000080)={@empty, 0x57})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x20, &(0x7f0000000000), 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/fib_triestat\x00')
preadv(r4, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)

5.479963509s ago: executing program 5 (id=2283):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r0)
add_key(&(0x7f0000000140)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_emit_ethernet(0x1aa, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8090}, 0x4000001)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x19, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004980)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)}], 0x1}}], 0x1, 0x20008000)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x6, 0x20000000008001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="5000000040000100fcff0700040000000100000004004880300001802c00108014000c80100090800c00588008007300", @ANYRES32=0x0, @ANYBLOB="28000c00000093b0b9a0fab1946d000000000000080002"], 0x50}, 0x1, 0x0, 0x0, 0x4000805}, 0x2004c094)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r3, 0x0, 0x4000004)
sendmsg$TIPC_NL_BEARER_SET(r3, 0x0, 0x4040140)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f00000000c0), 0x18)

5.367925381s ago: executing program 0 (id=2284):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000300)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x800, 0xfffe, 0xff80, 0x5, 0x3, 0x0, 0x0, 0x10, 0x2}}, 0x50)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r4, 0x114, 0x7, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x800}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}]}], {0x14}}, 0xb8}}, 0x0)

5.320166394s ago: executing program 1 (id=2285):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r4 = dup3(r3, r2, 0x0)
recvmmsg(r4, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}, 0x1}], 0x1, 0x40000001, 0x0)
read$FUSE(r4, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)

5.186055913s ago: executing program 5 (id=2286):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x1, 0xfffff109, 0x3132564e, 0x1, 0xc, [{0x27b, 0x1}, {0x7, 0xffffff65}, {0x3ff, 0x7f}, {0x7, 0xa}, {0x0, 0x10001}, {0x8da, 0x2}, {0xbbf3, 0x80000001}, {0x4b82}], 0xd2, 0x7, 0x9, 0x1, 0x2}})
sendmsg$rds(r3, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000280), 0x450000, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000ac0)=@ccm_128={{0x304}, "5c000002010400", "ccaa54dbfef3216ec09b63757e98ed63", "cde21de0", "bcad0b2f6d5df9b2"}, 0x28)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)

4.157354969s ago: executing program 5 (id=2287):
r0 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r0, 0x0, 0x0, 0x4, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$SEG6_CMD_SETHMAC(r1, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000240)=@gcm_256={{0x304}, "5b1404c3bd0038c6", "a1d6fcca11a60f84f8fb6cd0934e7699eb89e1ac24e540159e8e5d7aaf029a2e", '\b\x00', "82020b23ec3a405d"}, 0x38)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xa4}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x58, 0x2, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x80000000}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x44000}, 0x0)

3.986905122s ago: executing program 0 (id=2288):
bpf$BPF_PROG_TEST_RUN(0x12, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000002600)=[{0x0}, {0x0}, {0x0}], 0x3}}], 0x1, 0x20008000)
recvmsg(0xffffffffffffffff, 0x0, 0x123)
shutdown(0xffffffffffffffff, 0x1)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaa"], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.834296962s ago: executing program 0 (id=2289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd1, 0x0, 0x0)
ioctl$SIOCGETVIFCNT(r4, 0x89e0, &(0x7f0000000040))
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000100)={'gre0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x80, 0x20, 0x391e, 0x8, {{0x5, 0x4, 0x3, 0x1d, 0x14, 0x68, 0x0, 0xa, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x35}}}}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x10, 0xffffffaf, 0x1, 0xd299, 0x9, 0x6d9c, 0x9, 0x5}, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)

3.082063204s ago: executing program 5 (id=2290):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
lsetxattr$system_posix_acl(&(0x7f0000000400)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x5}, {0x20, 0x4}}, 0x24, 0x3)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f00000000c0)='nat\x00')
close(0x3)

3.080460669s ago: executing program 6 (id=2300):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(0x0, 0x2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x100a7c1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000300)='illinois', 0x8)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f00000000c0), 0xffffffffffffffef, 0x0, 0x0, 0x0)
r4 = io_uring_setup(0x667, &(0x7f0000000000)={0x0, 0xa14a, 0x1000, 0x2, 0x235})
close_range(r4, 0xffffffffffffffff, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

2.926885243s ago: executing program 0 (id=2291):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mount$cgroup2(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={[{@memory_hugetlb_accounting}, {@favordynmods}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
socket$igmp(0x2, 0x3, 0x2)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0xcc, &(0x7f0000000100)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5", 0x0, 0xcc, 0xffffffff}, 0x3c)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)

1.829246624s ago: executing program 6 (id=2292):
writev(0xffffffffffffffff, &(0x7f0000000c40), 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="c8", 0x1}], 0x1}, 0x8c0)
recvmmsg(r0, &(0x7f00000005c0), 0x40000000000026c, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f0, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00', {}, {0xff}}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket3={{0x28}, 0x6}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x13}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x450)
getpid()

980.239599ms ago: executing program 5 (id=2293):
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$sndctrl(0x0, 0x80, 0x2)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(0xffffffffffffffff, 0xc034564b, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x228, 0x0, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0x70, 0xb8, 0x7000000}, @unspec=@CT0={0x48}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x20000, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x288)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000042000b06"], 0x14}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000021c0)=[{{0x0, 0x0, 0x0}, 0xf7d}, {{0x0, 0x0, 0x0}}], 0x2, 0x10002, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00')
pread64(r4, &(0x7f0000002240)=""/236, 0xec, 0x4eb)

273.734792ms ago: executing program 0 (id=2294):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2}, 0x0, 0x0, &(0x7f0000000000))
ioctl$VT_DISALLOCATE(r1, 0x5608)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="fc0000001900e1f6ddedabc4ac5c000000000000000000000000000000000001ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000100000006000000000000000000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c000000020000000a0101020000000000000000000000000600000004030000"], 0xfc}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0)

273.403591ms ago: executing program 4 (id=2295):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r1=>0x0}, &(0x7f00000002c0)=0xc)
ptrace$poke(0x4, r1, &(0x7f0000000e40), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r5 = fanotify_init(0xf00, 0x1)
fanotify_mark(r5, 0x105, 0x40009965, r4, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x3)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001500)=ANY=[@ANYBLOB="b702000010000000bfa300000000000007030000f0ffffff7a0af0ff0000000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b2314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8dd63d4b77b206000000000000e254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3813e2c25a61ec45c3af9948f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469600241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c12e28ef97d9ebd9c77f1774cf4683c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f011000000f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497a6103876843ee04ed9ff002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd1304202274f20675eb781925440578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b96508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e25c89b552d7fcd116bce9c764c714c9402c21d1aac59efb28d4f91652f6000000000000000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a575939206d0c0f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8000000edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db76cf059f40fa2640b6bfb74dd35391b8fa18479da9f4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847db97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ccfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000000000000000000003ba34b611569a451564d3a5400f9097ffe7a37e765be352be71ee24250d6828562c7e24cb763062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89a0000bde05c114e7a020fc1a5fd3eeeb822008b2d7d1cc062b51b0aca4956b557e51a1385cc572b0074b0950fb1437de2590bf99ec7ceb69e1fe2465fce099c992d57b804a22e148ae3411523814aee03ee2df877edfabf4aa94f07c6fdd127e57a8bf7975f2e606c25a299980a6e52fcf7849d45bb38573fbba8afef1aa7a24c805f7aee3e39a3000000000000000000000000000000000000878f88c4742ac490951c36c610a0d266588ec6a0bd300cf160b5a5d9e9fafa49ecc8430832d795e727b7fc2b76e7fc4141fdbb82f45d3cdd3fb8d4b443ab4954fdf5c1b9a6ab3e457f098329307ccb0a1989b6c37509692e952e7244f48bc12569ff8eb30d0f887b85b5ef44fb9a7571319190be0c226ed72f346cc4aa071ae0c72fa8bd00d5590c4f4ba65d0c8e1f4870fe3c414681e41b40163eb1aa2a7429a2208cd6e69c7d959e87da3fd0101159a03ab7fe78881ee7a1ee7a2edff75fb18a181e0c54352be2b7a5b5273198291c28d9141deeb3cdba5d414ae4b0000000000000000000000000009eacd83458d8a606be71970497a4fd4ca3b48ca482ab3804e2fac216b3ba613608b1a465456a33fd08491d337d7344c01cfc9e73"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r6, 0x115, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe3b, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r7 = memfd_create(&(0x7f0000000100)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x17\xfd\xc5\xad\xd5y\x15\x1fx\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8s\x95\x95B\xee_\x98\x91)\xe7\xa8+\x8c\xee\x83@q\x16\xcf3\x0f\x81\xa8\xa9`i\x01m:\xcc\x1c\xed<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00'/201, 0x2)
fcntl$addseals(r7, 0x409, 0x12)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r7, 0x0)

0s ago: executing program 6 (id=2296):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2, 0x0, @empty}, 0x10, 0x0}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
accept4$llc(0xffffffffffffffff, &(0x7f0000000580)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000005c0)=0x10, 0x1000)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000500)=ANY=[@ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)=r4}, 0x20)
sendmsg$inet(r3, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1, 0x0, 0x0, 0x6000}, 0x20)

kernel console output (not intermixed with test programs):

0.1209" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  333.895689][T10292] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1218'.
[  333.915650][T10292] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1218'.
[  333.940931][T10292] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1218'.
[  333.967384][T10292] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1218'.
[  334.510059][T10280] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  334.559442][   T30] audit: type=1400 audit(1775197178.007:492): avc:  denied  { ioctl } for  pid=10298 comm="syz.5.1221" path="socket:[23805]" dev="sockfs" ino=23805 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  336.344683][   T30] audit: type=1400 audit(1775197179.807:493): avc:  denied  { read } for  pid=10314 comm="syz.1.1226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  336.442009][   T30] audit: type=1400 audit(1775197179.897:494): avc:  denied  { setopt } for  pid=10314 comm="syz.1.1226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  337.167374][T10331] netlink: 'syz.0.1230': attribute type 1 has an invalid length.
[  337.299228][T10331] 8021q: adding VLAN 0 to HW filter on device bond1
[  337.571073][T10335] bond1: (slave ip6gretap1): making interface the new active one
[  337.582961][T10335] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  337.616766][T10333] bond1: entered allmulticast mode
[  337.666825][T10333] ip6gretap1: entered allmulticast mode
[  338.157008][T10345] wg1 speed is unknown, defaulting to 1000
[  339.833866][T10365] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10365 comm=syz.1.1238
[  340.918074][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  340.929888][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  340.995803][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.276705][T10385] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  341.472072][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.480049][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.487919][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.495848][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.503616][T10385] virt_wifi0 speed is unknown, defaulting to 1000
[  341.844252][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  346.744621][T10438] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1254'.
[  349.833233][   T30] audit: type=1400 audit(1775197192.597:495): avc:  denied  { write } for  pid=10455 comm="syz.2.1262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  350.006158][   T30] audit: type=1400 audit(1775197193.077:496): avc:  denied  { mount } for  pid=10459 comm="syz.0.1263" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  351.517567][   T24] IPVS: starting estimator thread 0...
[  351.605625][T10492] IPVS: using max 44 ests per chain, 105600 per kthread
[  354.786929][   T30] audit: type=1400 audit(1775197198.037:497): avc:  denied  { setopt } for  pid=10526 comm="syz.2.1281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  359.354205][   T30] audit: type=1400 audit(1775197202.817:498): avc:  denied  { create } for  pid=10591 comm="syz.0.1294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  360.066037][T10605] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1298'.
[  361.888528][T10614] random: crng reseeded on system resumption
[  362.264840][T10615] FAT-fs (nbd4): unable to read boot sector
[  362.394272][   T30] audit: type=1400 audit(1775197205.717:499): avc:  denied  { mounton } for  pid=10608 comm="syz.4.1301" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  363.061958][   T30] audit: type=1400 audit(1775197206.527:500): avc:  denied  { create } for  pid=10618 comm="syz.1.1304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  363.126287][  T792] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  363.135727][   T30] audit: type=1400 audit(1775197206.557:501): avc:  denied  { bind } for  pid=10618 comm="syz.1.1304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  363.200958][   T30] audit: type=1800 audit(1775197206.667:502): pid=10613 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.1300" name="bus" dev="ramfs" ino=24212 res=0 errno=0
[  363.388965][T10633] siw: device registration error -23
[  363.397931][  T792] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  363.407253][  T792] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.415250][  T792] usb 1-1: Product: syz
[  363.419671][  T792] usb 1-1: Manufacturer: syz
[  363.424265][  T792] usb 1-1: SerialNumber: syz
[  364.009517][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  364.041459][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  364.404467][T10648] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=10648 comm=syz.1.1311
[  364.575663][   T30] audit: type=1400 audit(1775197208.027:503): avc:  denied  { setopt } for  pid=10652 comm="syz.1.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  365.339182][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  366.391822][T10668] wg1 speed is unknown, defaulting to 1000
[  366.531849][T10668] virt_wifi0 speed is unknown, defaulting to 1000
[  367.723296][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -EPROTO
[  367.736631][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  367.749143][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  367.863490][  T792] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  367.896217][  T792] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  367.911695][  T792] usb 1-1: USB disconnect, device number 13
[  367.959949][T10687] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1321'.
[  368.085740][T10692] trusted_key: syz.4.1324 sent an empty control message without MSG_MORE.
[  370.520386][T10713] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1326'.
[  373.108826][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  373.115747][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  373.192500][T10734] mmap: syz.4.1333 (10734) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  374.153032][T10747] netlink: 'syz.4.1337': attribute type 4 has an invalid length.
[  374.160902][T10747] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1337'.
[  374.189361][T10747] .`: renamed from bond0 (while UP)
[  374.457289][   T30] audit: type=1400 audit(1775197217.927:504): avc:  denied  { sys_module } for  pid=10744 comm="syz.4.1337" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  374.628571][T10750] netlink: 'syz.0.1336': attribute type 39 has an invalid length.
[  383.365796][T10841] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  383.707616][T10846] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1360'.
[  383.719513][T10843] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  384.155804][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1361'.
[  384.187922][T10849] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1361'.
[  384.835754][   T30] audit: type=1400 audit(1775197228.287:505): avc:  denied  { mount } for  pid=10855 comm="syz.1.1364" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  384.968482][T10863] bond0: (slave bond_slave_1): Releasing backup interface
[  386.353358][T10878] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1367'.
[  386.835003][T10889] fuse: Bad value for 'fd'
[  387.685669][   T30] audit: type=1400 audit(1775197231.127:506): avc:  denied  { shutdown } for  pid=10891 comm="syz.2.1371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  388.591405][   T30] audit: type=1400 audit(1775197232.057:507): avc:  denied  { read } for  pid=10903 comm="syz.0.1376" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  388.675219][   T30] audit: type=1400 audit(1775197232.057:508): avc:  denied  { open } for  pid=10903 comm="syz.0.1376" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  388.915089][ T5913] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  389.087217][ T5913] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  389.103875][ T5913] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  389.128054][ T5913] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.148324][ T5913] usb 1-1: config 0 descriptor??
[  389.166759][ T5913] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  389.386318][   T24] usb 1-1: USB disconnect, device number 14
[  389.476103][T10916] nbd: couldn't find a device at index -2146435068
[  392.619917][T10963] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  400.473174][T11044] netlink: 'syz.5.1410': attribute type 2 has an invalid length.
[  400.816239][T11048] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  401.348245][T11053] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1411'.
[  402.058942][T11067] netlink: 'syz.2.1415': attribute type 1 has an invalid length.
[  403.041940][   T30] audit: type=1326 audit(1775197246.507:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  403.065680][   T30] audit: type=1326 audit(1775197246.537:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  403.361104][   T30] audit: type=1326 audit(1775197246.557:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  403.763331][   T30] audit: type=1326 audit(1775197246.557:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  403.787195][   T30] audit: type=1326 audit(1775197246.557:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  404.356640][   T30] audit: type=1326 audit(1775197246.557:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  404.685775][   T30] audit: type=1326 audit(1775197246.557:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  404.719818][   T30] audit: type=1326 audit(1775197246.557:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  404.806114][   T30] audit: type=1326 audit(1775197246.557:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  405.054882][   T30] audit: type=1326 audit(1775197246.557:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11072 comm="syz.2.1421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ee39c819 code=0x7ffc0000
[  407.880311][T11129] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1436'.
[  408.064384][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  408.064402][   T30] audit: type=1400 audit(1775197251.527:532): avc:  denied  { read } for  pid=11127 comm="syz.4.1436" path="socket:[25823]" dev="sockfs" ino=25823 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  412.571106][T11173] netlink: zone id is out of range
[  412.576376][T11173] netlink: get zone limit has 4 unknown bytes
[  414.364768][   T30] audit: type=1400 audit(1775197257.827:533): avc:  denied  { open } for  pid=11179 comm="syz.0.1448" path="/dev/ptyq5" dev="devtmpfs" ino=124 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  414.451652][   T30] audit: type=1400 audit(1775197257.827:534): avc:  denied  { ioctl } for  pid=11179 comm="syz.0.1448" path="/dev/ptyq5" dev="devtmpfs" ino=124 ioctlcmd=0x5401 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  414.933100][   T30] audit: type=1400 audit(1775197258.397:535): avc:  denied  { map } for  pid=11195 comm="syz.4.1452" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  415.827700][T11212] SELinux: syz.0.1455 (11212) set checkreqprot to 1. This is no longer supported.
[  416.272830][   T30] audit: type=1400 audit(1775197259.297:536): avc:  denied  { setcheckreqprot } for  pid=11206 comm="syz.0.1455" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  418.786002][  T792] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  419.065596][T11234] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  419.105813][  T792] usb 5-1: Using ep0 maxpacket: 16
[  419.162875][  T792] usb 5-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  419.275658][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.288755][  T792] usb 5-1: Product: syz
[  419.294165][  T792] usb 5-1: Manufacturer: syz
[  419.308664][  T792] usb 5-1: SerialNumber: syz
[  419.469222][   T30] audit: type=1400 audit(1775197262.917:537): avc:  denied  { watch watch_reads } for  pid=11244 comm="syz.5.1465" path="pipe:[12104]" dev="pipefs" ino=12104 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  419.537333][  T792] usb 5-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  419.578531][  T792] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  419.603803][  T792] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  419.628498][  T792] usb 5-1: media controller created
[  419.663833][  T792] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  419.940482][   T30] audit: type=1400 audit(1775197263.407:538): avc:  denied  { lock } for  pid=11232 comm="syz.4.1462" path="socket:[25003]" dev="sockfs" ino=25003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  419.976800][  T792] zl10353_read_register: readreg error (reg=127, ret==-110)
[  420.183983][  T792] dvb_usb_gl861 5-1:157.0: probe with driver dvb_usb_gl861 failed with error -5
[  420.266031][  T792] usb 5-1: USB disconnect, device number 17
[  420.853995][T11257] overlayfs: missing 'lowerdir'
[  422.118845][   T30] audit: type=1400 audit(1775197265.227:539): avc:  denied  { shutdown } for  pid=11267 comm="syz.5.1471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  423.103127][   T30] audit: type=1326 audit(1775197266.567:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11279 comm="syz.0.1473" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x0
[  424.364739][T11298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1477'.
[  424.373747][T11298] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1477'.
[  424.387927][T11298] netlink: 'syz.1.1477': attribute type 11 has an invalid length.
[  424.405701][T11298] netlink: 'syz.1.1477': attribute type 13 has an invalid length.
[  424.459442][T11298] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.466698][T11298] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.474712][T11298] bridge0: entered allmulticast mode
[  424.498975][T11298] bridge_slave_1: left allmulticast mode
[  424.504898][T11298] bridge_slave_1: left promiscuous mode
[  424.512101][T11298] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.525717][T11298] bridge_slave_0: left allmulticast mode
[  424.531367][T11298] bridge_slave_0: left promiscuous mode
[  424.538616][T11298] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.928955][   T30] audit: type=1326 audit(1775197270.397:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11322 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e0099c819 code=0x7ffc0000
[  426.975829][   T30] audit: type=1326 audit(1775197270.417:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11322 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e0099c819 code=0x7ffc0000
[  427.000860][   T30] audit: type=1326 audit(1775197270.417:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11322 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3e0099c819 code=0x7ffc0000
[  427.315452][   T30] audit: type=1326 audit(1775197270.417:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11322 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e0099c819 code=0x7ffc0000
[  427.427124][T11331] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1486'.
[  428.315397][   T30] audit: type=1326 audit(1775197270.417:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11322 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3e0099c819 code=0x7ffc0000
[  431.980641][T11351] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1490'.
[  432.028761][T11351] tipc: Started in network mode
[  432.034484][T11351] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  432.313351][T11351] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  432.526813][ T5812] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  432.537696][ T5812] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  432.548845][ T5812] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  432.558807][ T5812] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  432.567768][ T5812] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  432.568007][T11365] fuse: Bad value for 'fd'
[  432.657013][T11362] wg1 speed is unknown, defaulting to 1000
[  432.872884][   T30] audit: type=1400 audit(1775197276.337:546): avc:  denied  { audit_write } for  pid=11375 comm="syz.1.1499" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  433.329234][T11362] virt_wifi0 speed is unknown, defaulting to 1000
[  433.968014][T11362] chnl_net:caif_netlink_parms(): no params data found
[  434.553813][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  434.562415][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  434.637113][ T5812] Bluetooth: hci3: command tx timeout
[  434.899614][   T87] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.921173][   T87] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  434.985858][T11362] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.000737][T11362] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.069641][T11362] bridge_slave_0: entered allmulticast mode
[  435.097107][T11362] bridge_slave_0: entered promiscuous mode
[  435.714462][   T87] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.727329][   T87] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  436.050628][T11362] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.136505][T11362] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.183746][T11362] bridge_slave_1: entered allmulticast mode
[  436.206422][T11362] bridge_slave_1: entered promiscuous mode
[  436.246739][   T87] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.277721][   T87] netdevsim netdevsim2 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  436.317839][   T30] audit: type=1400 audit(1775197279.767:547): avc:  denied  { mounton } for  pid=11421 comm="syz.4.1507" path="/290/file0" dev="configfs" ino=1068 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  436.402644][T11362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  436.452661][   T87] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.477323][   T87] netdevsim netdevsim2 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  436.628762][T11362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  436.775855][ T5812] Bluetooth: hci3: command tx timeout
[  437.642424][   T30] audit: type=1400 audit(1775197280.177:548): avc:  denied  { ioctl } for  pid=11429 comm="syz.0.1509" path="socket:[26239]" dev="sockfs" ino=26239 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  437.970409][T11436] qnx4: no qnx4 filesystem (no root dir).
[  437.988860][T11362] team0: Port device team_slave_0 added
[  438.014496][T11362] team0: Port device team_slave_1 added
[  438.702254][T11362] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.713457][T11362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  438.749847][T11362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.927140][ T5812] Bluetooth: hci3: command tx timeout
[  439.480110][T11362] batman_adv: batadv0: Adding interface: batadv_slave_1
[  439.563397][T11362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  439.590089][T11362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  439.854365][ T5812] Bluetooth: hci0: unexpected event 0x04 length: 245 > 10
[  439.854564][ T5812] Bluetooth: hci0: connection err: -111
[  440.495027][   T30] audit: type=1400 audit(1775197283.427:549): avc:  denied  { write } for  pid=11452 comm="syz.1.1515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  440.667928][   T30] audit: type=1400 audit(1775197283.427:550): avc:  denied  { read } for  pid=11452 comm="syz.1.1515" path="socket:[25397]" dev="sockfs" ino=25397 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  440.975693][ T5812] Bluetooth: hci3: command tx timeout
[  441.713555][T11362] hsr_slave_0: entered promiscuous mode
[  441.730408][   T30] audit: type=1400 audit(1775197285.197:551): avc:  denied  { unmount } for  pid=5805 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  441.734958][T11362] hsr_slave_1: entered promiscuous mode
[  441.805923][T11362] debugfs: 'hsr0' already exists in 'hsr'
[  441.819169][   T30] audit: type=1400 audit(1775197285.227:552): avc:  denied  { unmount } for  pid=5805 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  441.821224][T11362] Cannot create hsr debugfs directory
[  442.460579][T11485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2634 sclass=netlink_route_socket pid=11485 comm=syz.5.1522
[  443.046814][   T30] audit: type=1800 audit(1775197286.497:553): pid=11478 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.1519" name="bus" dev="ramfs" ino=25478 res=0 errno=0
[  443.468982][   T87] bond2 (unregistering): (slave geneve3): Releasing active interface
[  443.480442][   T87] geneve3 (unregistering): left promiscuous mode
[  443.522637][   T87] bond1 (unregistering): (slave geneve2): Releasing active interface
[  443.754879][   T87] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  443.773813][   T87] bond0 (unregistering): Released all slaves
[  443.793789][   T87] bond1 (unregistering): Released all slaves
[  443.840773][   T87] bond2 (unregistering): Released all slaves
[  444.096609][T11504] IPv6: NLM_F_CREATE should be specified when creating new route
[  444.105016][T11504] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  444.112521][T11504] IPv6: NLM_F_CREATE should be set when creating new route
[  446.526602][   T30] audit: type=1400 audit(1775197289.997:554): avc:  denied  { create } for  pid=11513 comm="syz.4.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  446.621695][T11520] netlink: 'syz.4.1527': attribute type 12 has an invalid length.
[  446.785652][   T30] audit: type=1400 audit(1775197290.017:555): avc:  denied  { setopt } for  pid=11513 comm="syz.4.1527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  449.418470][T11549] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1534'.
[  449.534678][T11544] wg1 speed is unknown, defaulting to 1000
[  449.679044][T11544] virt_wifi0 speed is unknown, defaulting to 1000
[  449.705432][T11362] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  449.804487][T11554] No such timeout policy "syz0"
[  450.242408][T11362] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  450.416968][T11362] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  450.606638][   T87] hsr_slave_0: left promiscuous mode
[  450.627887][   T87] hsr_slave_1: left promiscuous mode
[  451.176189][   T87] veth1_macvtap: left allmulticast mode
[  451.209017][   T87] veth1_macvtap: left promiscuous mode
[  451.230134][   T87] veth0_macvtap: left promiscuous mode
[  451.254115][   T87] veth1_vlan: left promiscuous mode
[  452.090273][T11362] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  452.192106][T11575] wg1 speed is unknown, defaulting to 1000
[  452.309081][T11575] virt_wifi0 speed is unknown, defaulting to 1000
[  452.898262][T11594] ptrace attach of "./syz-executor exec"[5805] was attempted by "./syz-executor exec"[11594]
[  453.180532][T11599] netlink: 'syz.0.1541': attribute type 1 has an invalid length.
[  453.188537][T11599] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1541'.
[  453.197765][T11599] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1541'.
[  453.206728][T11599] netlink: 'syz.0.1541': attribute type 1 has an invalid length.
[  453.214484][T11599] netlink: 634 bytes leftover after parsing attributes in process `syz.0.1541'.
[  453.354878][T11362] 8021q: adding VLAN 0 to HW filter on device bond0
[  453.421040][T11362] 8021q: adding VLAN 0 to HW filter on device team0
[  453.468998][ T6379] bridge0: port 1(bridge_slave_0) entered blocking state
[  453.476122][ T6379] bridge0: port 1(bridge_slave_0) entered forwarding state
[  453.627056][ T6379] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.634151][ T6379] bridge0: port 2(bridge_slave_1) entered forwarding state
[  454.932410][T11362] 8021q: adding VLAN 0 to HW filter on device batadv0
[  457.265392][T11645] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.1548'.
[  458.199912][T11658] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1549'.
[  458.594552][ T5812] Bluetooth: hci5: unexpected event for opcode 0x0411
[  459.632789][T11362] veth0_vlan: entered promiscuous mode
[  460.626647][T11362] veth1_vlan: entered promiscuous mode
[  460.825582][T11692] IPVS: set_ctl: invalid protocol: 20 0.0.0.0:256
[  460.829365][T11695] IPVS: rr: FWM 3 0x00000003 - no destination available
[  461.280855][T11362] veth0_macvtap: entered promiscuous mode
[  461.290138][T11362] veth1_macvtap: entered promiscuous mode
[  461.338806][T11362] batman_adv: batadv0: Interface activated: batadv_slave_0
[  461.375666][T11362] batman_adv: batadv0: Interface activated: batadv_slave_1
[  461.674099][ T6388] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  461.754034][ T6388] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  461.795210][ T6388] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  461.860952][ T6388] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  462.037160][   T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  462.646789][ T5812] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  462.657482][ T5812] Bluetooth: hci5: Injecting HCI hardware error event
[  462.681243][ T5810] Bluetooth: hci5: hardware error 0x00
[  463.012893][   T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.385920][ T6379] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  463.393776][ T6379] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.476070][T11714] kAFS: unable to lookup cell 'Þ({^ú@'
[  463.494376][T11718] netlink: 'syz.4.1563': attribute type 4 has an invalid length.
[  463.708540][   T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  463.900971][   T24] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  464.059029][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.084573][   T24] usb 1-1: Product: syz
[  464.094189][   T24] usb 1-1: Manufacturer: syz
[  464.214734][   T24] usb 1-1: SerialNumber: syz
[  464.800275][T11734] siw: device registration error -23
[  464.957619][T11739] netlink: 'syz.5.1567': attribute type 10 has an invalid length.
[  464.977129][T11739] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  465.425587][ T5810] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  465.554173][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  465.577557][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  466.292978][  T792] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  466.847609][  T792] usb 5-1: config 0 has an invalid descriptor of length 249, skipping remainder of the config
[  466.859074][  T792] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  466.869023][  T792] usb 5-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  466.882582][  T792] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.894536][  T792] usb 5-1: config 0 descriptor??
[  467.523796][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  467.541693][   T36] wlan1: Trigger new scan to find an IBSS to join
[  467.695530][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  467.705531][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  467.945541][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  468.015644][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  468.616257][   T30] audit: type=1326 audit(1775197311.597:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11762 comm="syz.6.1574" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff8e799c819 code=0x0
[  468.666000][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO
[  468.686948][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  468.699345][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  468.710371][   T24] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  468.739702][T11772] ubi0: attaching mtd0
[  468.771495][   T24] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  469.162272][   T24] usb 1-1: USB disconnect, device number 15
[  470.469771][   T24] usb 5-1: USB disconnect, device number 18
[  470.757525][   T30] audit: type=1400 audit(1775197314.227:557): avc:  denied  { bind } for  pid=11792 comm="syz.4.1580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  471.413177][   T30] audit: type=1400 audit(1775197314.227:558): avc:  denied  { ioctl } for  pid=11792 comm="syz.4.1580" path="socket:[28149]" dev="sockfs" ino=28149 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  472.770478][   T12] wlan1: Trigger new scan to find an IBSS to join
[  473.829293][ T6381] wlan1: Creating new IBSS network, BSSID 86:c4:86:a0:1d:cf
[  474.675083][   T30] audit: type=1400 audit(1775197318.087:559): avc:  denied  { mount } for  pid=11820 comm="syz.0.1586" name="/" dev="hugetlbfs" ino=27311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  475.378268][   T30] audit: type=1400 audit(1775197318.747:560): avc:  denied  { nlmsg_read } for  pid=11826 comm="syz.4.1588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  478.255780][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  479.605673][   T24] IPVS: starting estimator thread 0...
[  479.755628][T11895] IPVS: using max 54 ests per chain, 129600 per kthread
[  479.766594][T11892] sysfs: cannot create duplicate filename '/class/ieee80211/1ùà^!'
[  479.971333][T11892] CPU: 0 UID: 0 PID: 11892 Comm: syz.6.1601 Not tainted syzkaller #0 PREEMPT(full) 
[  479.971364][T11892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  479.971376][T11892] Call Trace:
[  479.971384][T11892]  <TASK>
[  479.971391][T11892]  dump_stack_lvl+0x100/0x190
[  479.971429][T11892]  sysfs_warn_dup.cold+0x1c/0x28
[  479.971458][T11892]  sysfs_do_create_link_sd+0x113/0x140
[  479.971492][T11892]  sysfs_create_link+0x61/0xc0
[  479.971510][T11892]  device_add+0x675/0x1950
[  479.971535][T11892]  ? __pfx_device_add+0x10/0x10
[  479.971556][T11892]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  479.971586][T11892]  ? ieee80211_set_bitrate_flags+0x41b/0x6b0
[  479.971621][T11892]  wiphy_register+0x1e5b/0x2d30
[  479.971641][T11892]  ? __rtnl_unlock+0xb9/0xf0
[  479.971671][T11892]  ? netdev_run_todo+0x7a0/0x12c0
[  479.971704][T11892]  ? __pfx_wiphy_register+0x10/0x10
[  479.971724][T11892]  ? __asan_memset+0x23/0x50
[  479.971750][T11892]  ? minstrel_ht_alloc+0x5e6/0x7f0
[  479.971780][T11892]  ieee80211_register_hw+0x2cfd/0x4140
[  479.971814][T11892]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  479.971839][T11892]  ? __pfx___debug_object_init+0x10/0x10
[  479.971874][T11892]  ? find_held_lock+0x2b/0x80
[  479.971900][T11892]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  479.971929][T11892]  ? __hrtimer_setup+0x178/0x280
[  479.971952][T11892]  mac80211_hwsim_new_radio+0x2847/0x57d0
[  479.972002][T11892]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  479.972034][T11892]  ? __asan_memcpy+0x3c/0x60
[  479.972067][T11892]  hwsim_new_radio_nl+0xc1f/0x1340
[  479.972098][T11892]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  479.972136][T11892]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  479.972157][T11892]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  479.972184][T11892]  genl_family_rcv_msg_doit+0x214/0x300
[  479.972208][T11892]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  479.972238][T11892]  ? bpf_lsm_capable+0x9/0x10
[  479.972257][T11892]  ? security_capable+0x80/0x260
[  479.972282][T11892]  ? ns_capable+0xd2/0xf0
[  479.972307][T11892]  genl_rcv_msg+0x560/0x800
[  479.972331][T11892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  479.972353][T11892]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  479.972392][T11892]  netlink_rcv_skb+0x159/0x420
[  479.972421][T11892]  ? __pfx_genl_rcv_msg+0x10/0x10
[  479.972443][T11892]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  479.972484][T11892]  ? netlink_deliver_tap+0x1ae/0xcc0
[  479.972516][T11892]  genl_rcv+0x28/0x40
[  479.972532][T11892]  netlink_unicast+0x5aa/0x870
[  479.972566][T11892]  ? __pfx_netlink_unicast+0x10/0x10
[  479.972604][T11892]  netlink_sendmsg+0x8b0/0xda0
[  479.972639][T11892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  479.972666][T11892]  ? __might_fault+0x50/0x140
[  479.972702][T11892]  ____sys_sendmsg+0x9e1/0xb70
[  479.972721][T11892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  479.972753][T11892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  479.972778][T11892]  ? __pfx_futex_wake_mark+0x10/0x10
[  479.972808][T11892]  ___sys_sendmsg+0x190/0x1e0
[  479.972837][T11892]  ? __pfx____sys_sendmsg+0x10/0x10
[  479.972892][T11892]  __sys_sendmsg+0x170/0x220
[  479.972919][T11892]  ? __pfx___sys_sendmsg+0x10/0x10
[  479.972944][T11892]  ? __x64_sys_futex+0x34f/0x4d0
[  479.972981][T11892]  do_syscall_64+0x106/0xf80
[  479.973009][T11892]  ? clear_bhb_loop+0x40/0x90
[  479.973033][T11892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.973052][T11892] RIP: 0033:0x7ff8e799c819
[  479.973070][T11892] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  479.973088][T11892] RSP: 002b:00007ff8e8796028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  479.973109][T11892] RAX: ffffffffffffffda RBX: 00007ff8e7c15fa0 RCX: 00007ff8e799c819
[  479.973122][T11892] RDX: 0000000004000010 RSI: 0000200000000100 RDI: 000000000000000a
[  479.973133][T11892] RBP: 00007ff8e7a32c91 R08: 0000000000000000 R09: 0000000000000000
[  479.973145][T11892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  479.973157][T11892] R13: 00007ff8e7c16038 R14: 00007ff8e7c15fa0 R15: 00007ffea46183e8
[  479.973185][T11892]  </TASK>
[  480.880632][T11913] hub 9-0:1.0: USB hub found
[  480.888665][T11913] hub 9-0:1.0: 1 port detected
[  481.244419][T11901] wg1 speed is unknown, defaulting to 1000
[  482.510544][   T30] audit: type=1400 audit(1775197325.977:561): avc:  denied  { append } for  pid=11920 comm="syz.0.1607" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  484.178436][T11901] virt_wifi0 speed is unknown, defaulting to 1000
[  484.209934][T11946] overlayfs: missing 'lowerdir'
[  484.245891][T11946] netlink: 'syz.5.1611': attribute type 1 has an invalid length.
[  484.325840][T11946] 8021q: adding VLAN 0 to HW filter on device bond5
[  485.016091][T11950] 8021q: adding VLAN 0 to HW filter on device bond5
[  485.027743][T11950] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  485.044585][T11950] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  485.290166][T11959] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1613'.
[  486.264397][   T30] audit: type=1400 audit(1775197329.707:562): avc:  denied  { mount } for  pid=11967 comm="syz.1.1615" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  486.270498][T11976] random: crng reseeded on system resumption
[  487.611747][   T30] audit: type=1400 audit(1775197331.077:563): avc:  denied  { shutdown } for  pid=11982 comm="syz.1.1619" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  489.572870][T12019] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  489.860173][   T30] audit: type=1400 audit(1775197333.327:564): avc:  denied  { getopt } for  pid=12021 comm="syz.0.1626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  491.728328][T12043] loop6: detected capacity change from 0 to 2640
[  491.729561][T12043] buffer_io_error: 25 callbacks suppressed
[  491.729577][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729614][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729640][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729665][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729690][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729733][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729769][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729795][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729811][T12043] ldm_validate_partition_table(): Disk read failed.
[  491.729835][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729860][T12043] Buffer I/O error on dev loop6, logical block 0, async page read
[  491.729903][T12043] Dev loop6: unable to read RDB block 0
[  491.730035][T12043]  loop6: unable to read partition table
[  491.730268][T12043] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  491.748539][T12043] blk_print_req_error: 25 callbacks suppressed
[  491.748560][T12043] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 1
[  491.748634][T12043] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 1
[  491.748953][T12043] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 1
[  491.749005][T12043] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 1
[  491.751448][T12043] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 1
[  491.751497][T12043] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 1
[  491.751609][T12043] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 1
[  491.751646][T12043] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 1
[  492.329827][   T24] IPVS: starting estimator thread 0...
[  492.506029][T12058] IPVS: using max 77 ests per chain, 184800 per kthread
[  492.614254][   T24] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  492.936688][   T24] usb 1-1: config index 0 descriptor too short (expected 28277, got 36)
[  492.936713][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  492.936724][   T24] usb 1-1: config 0 has no interfaces?
[  492.936740][   T24] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  492.936754][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.942951][   T24] usb 1-1: config 0 descriptor??
[  493.257670][T12067] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=18 sclass=netlink_audit_socket pid=12067 comm=syz.1.1634
[  495.024203][   T30] audit: type=1400 audit(1775197338.387:565): avc:  denied  { accept } for  pid=12081 comm="syz.4.1637" path="socket:[28578]" dev="sockfs" ino=28578 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  495.996301][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  495.996362][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  496.000347][T12097] syzkaller0: entered promiscuous mode
[  496.000362][T12097] syzkaller0: entered allmulticast mode
[  497.204293][    T9] usb 1-1: USB disconnect, device number 16
[  497.353803][   T30] audit: type=1400 audit(1775197340.817:566): avc:  denied  { read } for  pid=12111 comm="syz.0.1645" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  498.017992][   T30] audit: type=1400 audit(1775197340.847:567): avc:  denied  { open } for  pid=12111 comm="syz.0.1645" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  498.287015][   T30] audit: type=1400 audit(1775197340.847:568): avc:  denied  { ioctl } for  pid=12111 comm="syz.0.1645" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  498.779070][T12113] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  499.845800][ T5916] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  501.247197][ T5916] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  501.275620][ T5916] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  501.464196][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.929231][ T5916] usb 5-1: config 0 descriptor??
[  501.967172][ T5916] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  502.218249][ T5916] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  502.257148][T12134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  502.358132][T12134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  502.638448][ T5872] usb 5-1: USB disconnect, device number 19
[  502.955611][ T5916] usb 1-1: Using ep0 maxpacket: 8
[  502.962796][ T5916] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  502.971034][ T5916] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.004007][ T5916] usb 1-1: config 0 has no interface number 0
[  503.064952][ T5916] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  503.121872][T12175] xt_TCPMSS: Only works on TCP SYN packets
[  503.224156][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.263483][ T5916] usb 1-1: config 0 descriptor??
[  503.283923][ T5916] iowarrior 1-1:0.1: no interrupt-in endpoint found
[  503.433393][   T30] audit: type=1400 audit(1775197346.897:569): avc:  denied  { getattr } for  pid=12183 comm="syz.1.1664" name="/" dev="iomem" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  504.359574][   T87] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  504.891291][T12188] comedi comedi3: rti800: I/O port conflict (0x3,16)
[  505.131692][   T29] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  505.323880][T12200] xt_SECMARK: invalid mode: 2
[  505.775571][   T29] usb 7-1: Using ep0 maxpacket: 16
[  505.791616][   T29] usb 7-1: config 157 has an invalid descriptor of length 0, skipping remainder of the config
[  505.806939][   T29] usb 7-1: config 157 has 0 interfaces, different from the descriptor's value: 1
[  505.828328][   T29] usb 7-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  505.838722][   T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.846955][   T29] usb 7-1: Product: syz
[  505.855613][   T29] usb 7-1: Manufacturer: syz
[  505.860361][   T29] usb 7-1: SerialNumber: syz
[  506.434420][T10669] usb 7-1: USB disconnect, device number 2
[  506.461411][ T5916] usb 1-1: USB disconnect, device number 17
[  508.161623][    T9] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  508.723041][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.745830][    T9] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  509.034766][T12240] kAFS: unable to lookup cell 'ÿ'
[  509.047411][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.151657][    T9] usb 1-1: config 0 descriptor??
[  509.160383][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  509.727628][T12222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.753880][T12222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.785137][   T29] usb 1-1: USB disconnect, device number 18
[  509.982585][T12251] kAFS: unable to lookup cell 'Þ({^ú@'
[  510.350245][   T30] audit: type=1800 audit(1775197353.577:570): pid=12245 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.6.1680" name="file0" dev="overlay" ino=134 res=0 errno=0
[  511.044299][   T30] audit: type=1400 audit(1775197354.507:571): avc:  denied  { create } for  pid=12258 comm="syz.5.1687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  512.120384][   T30] audit: type=1400 audit(1775197355.447:572): avc:  denied  { write } for  pid=12274 comm="syz.1.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  513.934718][T12286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  515.453125][   T30] audit: type=1400 audit(1775197358.917:573): avc:  denied  { create } for  pid=12302 comm="syz.0.1695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  515.462883][T12305] netlink: 'syz.5.1696': attribute type 12 has an invalid length.
[  515.525229][   T30] audit: type=1400 audit(1775197358.917:574): avc:  denied  { ioctl } for  pid=12302 comm="syz.0.1695" path="socket:[29973]" dev="sockfs" ino=29973 ioctlcmd=0x89e5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  515.541859][T12308] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1698'.
[  515.742381][T12311] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1697'.
[  515.934946][T12312] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1697'.
[  517.161817][T12318] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1700'.
[  518.618113][   T30] audit: type=1326 audit(1775197361.837:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  518.659597][   T30] audit: type=1326 audit(1775197361.837:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  519.243067][   T30] audit: type=1326 audit(1775197361.837:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  519.365616][T12340] comedi comedi2: reset error (fatal)
[  519.369193][   T30] audit: type=1326 audit(1775197361.837:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  519.666557][   T30] audit: type=1326 audit(1775197361.837:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.207340][   T30] audit: type=1326 audit(1775197361.837:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.233046][   T30] audit: type=1326 audit(1775197361.837:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.522610][   T30] audit: type=1326 audit(1775197361.837:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.615782][T12358] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  520.949592][   T30] audit: type=1326 audit(1775197361.837:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.973073][   T30] audit: type=1326 audit(1775197361.837:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  520.987844][T12349] : entered promiscuous mode
[  521.155607][   T30] audit: type=1326 audit(1775197361.837:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.251759][   T30] audit: type=1326 audit(1775197361.837:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.415638][   T30] audit: type=1326 audit(1775197361.837:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.453604][   T30] audit: type=1326 audit(1775197361.837:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.507562][ T5872] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  521.835665][   T30] audit: type=1326 audit(1775197361.837:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.859868][   T30] audit: type=1326 audit(1775197361.837:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.912479][   T30] audit: type=1326 audit(1775197361.837:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12336 comm="syz.0.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe6039c819 code=0x7ffc0000
[  521.975658][ T5872] usb 7-1: Using ep0 maxpacket: 32
[  522.013765][ T5872] usb 7-1: config 0 has an invalid interface number: 89 but max is 0
[  522.022414][ T5872] usb 7-1: config 0 has no interface number 0
[  522.032985][ T5872] usb 7-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  522.548599][ T5872] usb 7-1: config 0 interface 89 has no altsetting 0
[  522.557366][ T5872] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a
[  522.566449][ T5872] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.574582][ T5872] usb 7-1: Product: syz
[  522.578985][ T5872] usb 7-1: Manufacturer: syz
[  522.583583][ T5872] usb 7-1: SerialNumber: syz
[  522.590766][ T5872] usb 7-1: config 0 descriptor??
[  522.608652][ T5872] em28xx 7-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  522.771520][ T5872] em28xx 7-1:0.89: Video interface 89 found:
[  523.750849][ T5872] em28xx 7-1:0.89: unknown em28xx chip ID (0)
[  524.445211][ T5872] em28xx 7-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  524.467570][ T5872] em28xx 7-1:0.89: board has no eeprom
[  524.575639][ T5872] em28xx 7-1:0.89: Identified as Terratec Grabby (card=67)
[  524.584329][ T5872] em28xx 7-1:0.89: analog set to bulk mode.
[  524.589464][T12405] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1721'.
[  524.602089][T12405] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  524.611935][ T5913] em28xx 7-1:0.89: Registering V4L2 extension
[  524.635759][ T5872] usb 7-1: USB disconnect, device number 3
[  524.670981][ T5872] em28xx 7-1:0.89: Disconnecting em28xx
[  524.722836][ T5913] em28xx 7-1:0.89: Config register raw data: 0xffffffed
[  524.734645][ T5913] em28xx 7-1:0.89: AC97 chip type couldn't be determined
[  524.795402][ T5913] em28xx 7-1:0.89: No AC97 audio processor
[  525.534867][ T5913] usb 7-1: Decoder not found
[  525.601332][ T5913] em28xx 7-1:0.89: failed to create media graph
[  525.799032][ T5913] em28xx 7-1:0.89: V4L2 device video103 deregistered
[  526.033961][ T5913] em28xx 7-1:0.89: Registering snapshot button...
[  526.117607][ T5913] input: em28xx snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.89/input/input16
[  526.219618][ T5913] em28xx 7-1:0.89: Remote control support is not available for this card.
[  526.355768][ T5872] em28xx 7-1:0.89: Closing input extension
[  526.363169][ T5872] em28xx 7-1:0.89: Deregistering snapshot button
[  526.374234][T12425] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1726'.
[  526.414900][ T5872] em28xx 7-1:0.89: Freeing device
[  526.805665][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  526.805698][   T30] audit: type=1400 audit(1775197370.207:602): avc:  denied  { write } for  pid=12429 comm="syz.6.1728" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  529.064979][T12467] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  529.072917][T12467] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  530.056406][T12485] binder: 12484:12485 ioctl 4018620d 0 returned -22
[  531.257185][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1744'.
[  531.257291][T12495] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  531.351680][T12495] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.131833][   T30] audit: type=1400 audit(1775197376.537:603): avc:  denied  { getopt } for  pid=12511 comm="syz.5.1747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  534.977505][T12529] netlink: 'syz.4.1751': attribute type 4 has an invalid length.
[  534.989793][T12533] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1752'.
[  535.002035][T12533] unsupported nlmsg_type 40
[  535.218678][T12529] netlink: 'syz.4.1751': attribute type 1 has an invalid length.
[  535.226473][T12529] netlink: 'syz.4.1751': attribute type 1 has an invalid length.
[  535.314988][T12535] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12535 comm=syz.5.1753
[  536.496623][ T6381] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  536.902829][T12555] netlink: 64 bytes leftover after parsing attributes in process `syz.5.1757'.
[  537.233189][T12557] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1759'.
[  537.438161][T12558] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  539.695601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  539.880144][T12579] random: crng reseeded on system resumption
[  540.381118][T12583] pimreg: entered allmulticast mode
[  541.074206][T12591] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1770'.
[  541.961667][T12602] o2cb: This node has not been configured.
[  541.968573][T12602] o2cb: Cluster check failed. Fix errors before retrying.
[  541.976018][T12602] (syz.0.1773,12602,0):user_dlm_register:674 ERROR: status = -22
[  541.983866][T12602] (syz.0.1773,12602,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[  542.003362][   T30] audit: type=1400 audit(1775197385.427:604): avc:  denied  { add_name } for  pid=12599 comm="syz.0.1773" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  542.287304][   T30] audit: type=1400 audit(1775197385.427:605): avc:  denied  { create } for  pid=12599 comm="syz.0.1773" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  542.314521][   T30] audit: type=1400 audit(1775197385.427:606): avc:  denied  { associate } for  pid=12599 comm="syz.0.1773" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  544.156149][T12621] overlayfs: failed to clone upperpath
[  545.615232][T12627] netlink: 'syz.5.1779': attribute type 1 has an invalid length.
[  547.326200][   T30] audit: type=1800 audit(1775197390.767:607): pid=12641 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.1782" name="SYSV00000000" dev="tmpfs" ino=3 res=0 errno=0
[  549.134653][T12654] uprobe: syz.6.1783:12654 failed to unregister, leaking uprobe
[  550.414107][T12677] openvswitch: netlink: Flow actions attr not present in new flow.
[  552.478079][T12683] netlink: 'syz.6.1793': attribute type 1 has an invalid length.
[  552.487339][T12683] netlink: 'syz.6.1793': attribute type 1 has an invalid length.
[  552.730285][T12687] kAFS: unable to lookup cell 'Þ({^ú@'
[  553.870817][T12702] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1797'.
[  554.795453][   T30] audit: type=1400 audit(1775197398.227:608): avc:  denied  { connect } for  pid=12705 comm="syz.6.1798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  557.438156][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  557.444439][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  559.964544][ T5812] Bluetooth: hci3: command 0x0406 tx timeout
[  560.807064][T12772] netlink: 'syz.1.1813': attribute type 21 has an invalid length.
[  561.321418][T12772] netlink: 'syz.1.1813': attribute type 6 has an invalid length.
[  561.329342][T12772] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1813'.
[  562.133838][   T30] audit: type=1400 audit(1775197405.597:609): avc:  denied  { create } for  pid=12782 comm="syz.0.1818" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  562.361086][T12790] block device autoloading is deprecated and will be removed.
[  562.675613][   T30] audit: type=1400 audit(1775197405.597:610): avc:  denied  { write } for  pid=12782 comm="syz.0.1818" name="file0" dev="tmpfs" ino=1798 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  562.704813][   T30] audit: type=1400 audit(1775197405.597:611): avc:  denied  { open } for  pid=12782 comm="syz.0.1818" path="/347/file0" dev="tmpfs" ino=1798 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  562.797149][   T30] audit: type=1400 audit(1775197406.137:612): avc:  denied  { unlink } for  pid=5803 comm="syz-executor" name="file0" dev="tmpfs" ino=1798 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  562.853002][   T30] audit: type=1400 audit(1775197406.137:613): avc:  denied  { ioctl } for  pid=5803 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=3037 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  563.449724][T12805] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1822'.
[  563.455568][ T5916] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  563.478672][ T5810] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  563.707157][ T5916] usb 7-1: Using ep0 maxpacket: 32
[  564.607798][ T5916] usb 7-1: config 0 has an invalid interface number: 61 but max is 1
[  564.616767][ T5916] usb 7-1: config 0 has no interface number 1
[  564.624752][ T5916] usb 7-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  564.634430][ T5916] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.642639][ T5916] usb 7-1: Product: syz
[  564.647585][ T5916] usb 7-1: Manufacturer: syz
[  564.652192][ T5916] usb 7-1: SerialNumber: syz
[  564.668458][ T5916] usb 7-1: config 0 descriptor??
[  565.119639][ T5916] viperboard 7-1:0.61: version 0.00 found at bus 007 address 004
[  565.153508][T12828] comedi comedi2: dt2815: I/O port conflict (0xfffffffffffffffd,2)
[  565.177714][ T5916] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[  565.189633][ T5916] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  565.208051][ T5916] viperboard 7-1:0.0: version 0.00 found at bus 007 address 004
[  565.224948][ T5916] viperboard-i2c viperboard-i2c.5.auto: error -EIO: failure setting i2c_bus_freq to 100
[  565.335836][ T5916] viperboard-i2c viperboard-i2c.5.auto: probe with driver viperboard-i2c failed with error -5
[  565.415417][T12831] x_tables: duplicate underflow at hook 3
[  566.137091][T12843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1831'.
[  566.253481][ T5858] usb 7-1: USB disconnect, device number 4
[  567.556470][T12866] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  568.023023][   T30] audit: type=1400 audit(1775197411.487:614): avc:  denied  { read write } for  pid=12855 comm="syz.6.1835" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  568.190290][   T30] audit: type=1400 audit(1775197411.487:615): avc:  denied  { open } for  pid=12855 comm="syz.6.1835" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  568.687526][T12857] loop6: detected capacity change from 0 to 8
[  568.827218][T12861] loop6: detected capacity change from 8 to 7
[  568.850675][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  568.860325][    C0] buffer_io_error: 6 callbacks suppressed
[  568.860339][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  568.895718][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  568.905309][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  568.915490][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  568.925066][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  568.933286][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  568.942942][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  568.963572][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  568.973278][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.099802][ T6379] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  569.133104][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  569.142781][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.250256][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  569.259898][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.267769][T12846] ldm_validate_partition_table(): Disk read failed.
[  569.286281][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  569.296269][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.304772][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  569.314387][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.323154][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  569.332768][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  569.347114][T12846] Dev loop6: unable to read RDB block 0
[  569.361744][T12846]  loop6: unable to read partition table
[  569.474767][T12846] loop6: partition table beyond EOD, truncated
[  569.493927][T12861] ldm_validate_partition_table(): Disk read failed.
[  569.501341][T12861] Dev loop6: unable to read RDB block 0
[  569.512799][T12861]  loop6: unable to read partition table
[  569.548332][T12861] loop6: partition table beyond EOD, truncated
[  569.611423][T12891] pimreg: entered allmulticast mode
[  569.938014][T12861] loop_reread_partitions: partition scan of loop6 (aQ¤"¸ÍAZD–Îå0�̹¨Š¾<wÁ?ÿûF4Ç"@/}©~ZÍ.ž-îØb	?›e9u×®/5¸êÅ) failed (rc=-5)
[  570.080157][T12894] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12894 comm=syz.4.1842
[  570.113409][T12894] loop8: detected capacity change from 0 to 4
[  570.133907][T12894] Dev loop8: unable to read RDB block 4
[  570.156611][T12894]  loop8: unable to read partition table
[  570.162771][T12894] loop8: partition table beyond EOD, truncated
[  570.170021][T12894] loop_reread_partitions: partition scan of loop8 (þ被xü—ŸÑà– ) failed (rc=-5)
[  570.549025][T12900] syz.0.1844: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  570.716108][T12900] CPU: 0 UID: 0 PID: 12900 Comm: syz.0.1844 Not tainted syzkaller #0 PREEMPT(full) 
[  570.716137][T12900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  570.716148][T12900] Call Trace:
[  570.716155][T12900]  <TASK>
[  570.716163][T12900]  dump_stack_lvl+0x100/0x190
[  570.716200][T12900]  warn_alloc.cold+0x95/0x1c1
[  570.716234][T12900]  ? __pfx_warn_alloc+0x10/0x10
[  570.716271][T12900]  ? kasan_save_stack+0x3f/0x50
[  570.716300][T12900]  ? kasan_save_stack+0x30/0x50
[  570.716329][T12900]  ? kasan_save_track+0x14/0x30
[  570.716360][T12900]  ? xskq_create+0xfb/0x1d0
[  570.716386][T12900]  __vmalloc_node_range_noprof+0x1252/0x1530
[  570.716416][T12900]  ? xskq_create+0xfb/0x1d0
[  570.716447][T12900]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  570.716481][T12900]  ? xskq_create+0xfb/0x1d0
[  570.716503][T12900]  vmalloc_user_noprof+0x9e/0xe0
[  570.716526][T12900]  ? xskq_create+0xfb/0x1d0
[  570.716549][T12900]  xskq_create+0xfb/0x1d0
[  570.716574][T12900]  xsk_setsockopt+0x743/0xab0
[  570.716598][T12900]  ? __pfx_xsk_setsockopt+0x10/0x10
[  570.716621][T12900]  ? find_held_lock+0x2b/0x80
[  570.716645][T12900]  ? __fget_files+0x215/0x3d0
[  570.716669][T12900]  ? selinux_socket_setsockopt+0x6a/0x80
[  570.716696][T12900]  ? __pfx_xsk_setsockopt+0x10/0x10
[  570.716720][T12900]  do_sock_setsockopt+0xf3/0x1d0
[  570.716753][T12900]  __sys_setsockopt+0x195/0x220
[  570.716785][T12900]  __x64_sys_setsockopt+0xbd/0x160
[  570.716807][T12900]  ? do_syscall_64+0x95/0xf80
[  570.716836][T12900]  ? lockdep_hardirqs_on+0x78/0x100
[  570.716864][T12900]  do_syscall_64+0x106/0xf80
[  570.716892][T12900]  ? clear_bhb_loop+0x40/0x90
[  570.716915][T12900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.716934][T12900] RIP: 0033:0x7efe6039c819
[  570.716951][T12900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  570.716967][T12900] RSP: 002b:00007efe61182028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  570.716986][T12900] RAX: ffffffffffffffda RBX: 00007efe60616090 RCX: 00007efe6039c819
[  570.716997][T12900] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  570.717008][T12900] RBP: 00007efe60432c91 R08: 0000000000000004 R09: 0000000000000000
[  570.717019][T12900] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  570.717030][T12900] R13: 00007efe60616128 R14: 00007efe60616090 R15: 00007ffc9d32bf58
[  570.717065][T12900]  </TASK>
[  570.717072][T12900] Mem-Info:
[  571.033962][T12908] ±ÿ: renamed from lo
[  571.457109][T12900] active_anon:33892 inactive_anon:1 isolated_anon:0
[  571.457109][T12900]  active_file:20766 inactive_file:41219 isolated_file:0
[  571.457109][T12900]  unevictable:768 dirty:427 writeback:0
[  571.457109][T12900]  slab_reclaimable:12808 slab_unreclaimable:105396
[  571.457109][T12900]  mapped:38167 shmem:25436 pagetables:1666
[  571.457109][T12900]  sec_pagetables:0 bounce:0
[  571.457109][T12900]  kernel_misc_reclaimable:0
[  571.457109][T12900]  free:1252397 free_pcp:19373 free_cma:0
[  571.592399][T12910] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  571.710836][T12900] Node 0 active_anon:126404kB inactive_anon:4kB active_file:83064kB inactive_file:164608kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:147588kB dirty:1776kB writeback:0kB shmem:95064kB shmem_thp:4096kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13096kB pagetables:6512kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  571.760655][T12912] netlink: 260 bytes leftover after parsing attributes in process `syz.4.1847'.
[  571.801592][T12912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1847'.
[  571.814915][T12900] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:268kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  571.844038][T12912] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1847'.
[  571.912514][T12900] Node 0 DMA free:15296kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB
[  571.996644][T12900] lowmem_reserve[]: 0 2477 2478 2478 2478
[  572.002951][T12900] Node 0 DMA32 free:1080580kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:121472kB inactive_anon:4kB active_file:83064kB inactive_file:164608kB unevictable:1536kB writepending:1776kB zspages:0kB present:3129332kB managed:2537064kB mlocked:0kB bounce:0kB free_pcp:65096kB local_pcp:35136kB free_cma:0kB
[  572.075738][T12900] lowmem_reserve[]: 0 0 1 1 1
[  572.080945][T12900] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1044kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  572.221620][T12900] lowmem_reserve[]: 0 0 0 0 0
[  572.252824][T12900] Node 1 Normal free:3926380kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:268kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:14336kB local_pcp:0kB free_cma:0kB
[  572.383876][T12900] lowmem_reserve[]: 0 0 0 0 0
[  572.393987][T12900] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15296kB
[  572.421319][T12900] Node 0 DMA32: 1795*4kB (UM) 2705*8kB (UM) 1009*16kB (UME) 174*32kB (UME) 353*64kB (ME) 163*128kB (UME) 89*256kB (UME) 42*512kB (UME) 28*1024kB (UME) 4*2048kB (UE) 220*4096kB (UM) = 1076260kB
[  572.975605][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  573.235589][T12900] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  573.292656][T12900] Node 1 Normal: 3*4kB (U) 14*8kB (UM) 9*16kB (UM) 13*32kB (UM) 9*64kB (U) 3*128kB (UM) 3*256kB (UM) 4*512kB (UM) 2*1024kB (UM) 2*2048kB (UM) 956*4096kB (UM) = 3926380kB
[  573.390637][T12900] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  573.435552][T12900] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  573.471957][T12900] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  573.535646][T12900] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  573.557494][T12900] 97375 total pagecache pages
[  573.570354][T12900] 6 pages in swap cache
[  573.578923][T12900] Free swap  = 124500kB
[  573.588900][T12900] Total swap = 124996kB
[  573.597580][T12900] 2097051 pages RAM
[  573.609022][T12900] 0 pages HighMem/MovableOnly
[  573.619147][T12900] 430909 pages reserved
[  573.649509][T12900] 0 pages cma reserved
[  574.485226][T12943] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  574.493428][T12943] overlayfs: failed to set xattr on upper
[  574.499231][T12943] overlayfs: ...falling back to redirect_dir=nofollow.
[  574.506406][T12943] overlayfs: ...falling back to index=off.
[  574.512581][T12943] overlayfs: ...falling back to uuid=null.
[  574.816258][T12944] netlink: 165 bytes leftover after parsing attributes in process `syz.6.1858'.
[  574.869707][   T30] audit: type=1400 audit(1775197418.327:616): avc:  denied  { ioctl } for  pid=12939 comm="syz.6.1858" path="socket:[31048]" dev="sockfs" ino=31048 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  575.726267][   T12] bond0: (slave bond_slave_0): interface is now down
[  575.739111][T12954] netlink: 'syz.1.1860': attribute type 10 has an invalid length.
[  576.725368][   T12] bond0: now running without any active interface!
[  577.065917][T12954] syz_tun: entered promiscuous mode
[  577.101655][T12954] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  577.126844][   T36] bond0: (slave syz_tun): interface is now down
[  577.166445][   T36] bond0: (slave syz_tun): interface is now down
[  577.226279][ T6379] bond0: (slave syz_tun): interface is now down
[  577.255635][ T6379] bond0: (slave syz_tun): interface is now down
[  577.276364][   T59] bond0: (slave syz_tun): interface is now down
[  577.313215][ T6379] bond0: (slave syz_tun): interface is now down
[  577.337906][ T6379] bond0: now running without any active interface!
[  577.356011][   T30] audit: type=1400 audit(1775197420.827:617): avc:  denied  { append } for  pid=12968 comm="syz.6.1864" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  577.356401][T12972] No control pipe specified
[  578.392242][   T30] audit: type=1400 audit(1775197420.907:618): avc:  denied  { create } for  pid=12964 comm="syz.4.1863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  580.343369][ T5810] Bluetooth: hci3: Malformed MSFT vendor event: 0x02
[  580.975049][T13003] netlink: 180 bytes leftover after parsing attributes in process `syz.5.1870'.
[  581.065785][T13003] overlayfs: failed to clone upperpath
[  583.143654][   T30] audit: type=1326 audit(1775197426.607:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  583.593224][   T30] audit: type=1326 audit(1775197426.607:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  583.620852][T13023] ceph: No mds server is up or the cluster is laggy
[  583.630952][   T29] libceph: connect (1)[c::]:6789 error -101
[  583.647737][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  583.712767][   T30] audit: type=1326 audit(1775197426.637:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  583.757395][   T30] audit: type=1326 audit(1775197426.637:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  583.840505][T13038] netlink: 'syz.0.1879': attribute type 39 has an invalid length.
[  583.971888][ T5810] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  584.641565][   T30] audit: type=1326 audit(1775197426.637:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  584.674138][   T30] audit: type=1326 audit(1775197426.637:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  585.671546][   T30] audit: type=1326 audit(1775197426.637:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  585.696045][   T30] audit: type=1326 audit(1775197426.647:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  585.772027][   T30] audit: type=1326 audit(1775197426.647:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  585.798873][   T30] audit: type=1326 audit(1775197426.647:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13017 comm="syz.4.1876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  591.393773][T13109] sp0: Synchronizing with TNC
[  591.483881][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.494991][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.507158][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.517706][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.531035][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.540592][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.553011][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.562367][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.574748][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  591.584235][T13109] netlink: 3 bytes leftover after parsing attributes in process `syz.6.1892'.
[  593.876033][T13124] kvm: emulating exchange as write
[  594.213874][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  594.213947][   T30] audit: type=1400 audit(1775197437.677:634): avc:  denied  { connect } for  pid=13120 comm="syz.6.1899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  596.563085][   T30] audit: type=1400 audit(1775197439.587:635): avc:  denied  { audit_read } for  pid=13138 comm="syz.6.1902" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  596.898332][T13152] __nla_validate_parse: 138 callbacks suppressed
[  596.898369][T13152] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1904'.
[  598.128020][   T30] audit: type=1400 audit(1775197441.567:636): avc:  denied  { bind } for  pid=13153 comm="syz.6.1905" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  600.476262][   T49] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  602.444620][T13193] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  602.632975][T13193] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  602.643902][T13193] overlayfs: failed to look up (tracing) for ino (-66)
[  602.880485][   T30] audit: type=1400 audit(1775197446.347:637): avc:  denied  { unmount } for  pid=11362 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  604.914242][T13209] openvswitch: netlink: IP tunnel dst address not specified
[  605.006401][T13221] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1917'.
[  605.392525][   T30] audit: type=1400 audit(1775197448.707:638): avc:  denied  { firmware_load } for  pid=13219 comm="syz.1.1921" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  606.030711][T13228] tipc: Failed to remove unknown binding: 66,0,0/0:2010800737/2010800738
[  606.040233][T13228] tipc: Failed to remove unknown binding: 66,0,0/0:2010800737/2010800738
[  606.356607][   T30] audit: type=1400 audit(1775197449.627:639): avc:  denied  { bpf } for  pid=13230 comm="syz.0.1923" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  606.721280][T13225] syz.1.1921 (13225) used greatest stack depth: 18280 bytes left
[  606.801571][   T30] audit: type=1400 audit(1775197449.637:640): avc:  denied  { perfmon } for  pid=13230 comm="syz.0.1923" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  606.842509][   T30] audit: type=1400 audit(1775197450.287:641): avc:  denied  { read write } for  pid=5805 comm="syz-executor" name="loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  606.924737][   T30] audit: type=1400 audit(1775197450.287:642): avc:  denied  { open } for  pid=5805 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=651 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  606.982487][   T30] audit: type=1400 audit(1775197450.287:643): avc:  denied  { ioctl } for  pid=5805 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=651 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  607.535018][T13247] SET target dimension over the limit!
[  608.446383][   T30] audit: type=1400 audit(1775197451.917:644): avc:  denied  { read } for  pid=13256 comm="syz.6.1931" path="socket:[31532]" dev="sockfs" ino=31532 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  611.891900][T13295] ±ÿ: renamed from lo (while UP)
[  613.435942][   T30] audit: type=1400 audit(1775197456.907:645): avc:  denied  { wake_alarm } for  pid=13309 comm="syz.1.1943" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  614.585905][T13317] kAFS: unable to lookup cell '('
[  615.174772][T13321] kAFS: unable to lookup cell '(,c¾ûL'
[  615.900937][T13328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1946'.
[  616.053369][T13333] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1947'.
[  617.682880][T13355] ±ÿ: renamed from lo
[  618.869843][T13365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1957'.
[  618.891681][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  618.925788][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  619.009002][T13368] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1958'.
[  619.126017][T13368] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1958'.
[  619.233076][T13372] syz.5.1951 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  620.629183][T13385] x_tables: duplicate underflow at hook 2
[  620.666471][T13385] overlay: ./file0 is not a directory
[  622.332500][T13403] xt_socket: unknown flags 0xc
[  623.777373][ T5913] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  624.029612][ T5913] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  624.043658][ T5913] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  624.202507][ T5913] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  624.216351][ T5913] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  624.225431][ T5913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.245778][ T5913] usb 5-1: config 0 descriptor??
[  624.354991][T13430] netlink: 180 bytes leftover after parsing attributes in process `syz.6.1972'.
[  624.395569][T13430] evm: overlay not supported
[  625.177501][   T30] audit: type=1400 audit(1775197468.637:646): avc:  denied  { write } for  pid=13397 comm="syz.4.1967" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  625.197936][ T5913] usbhid 5-1:0.0: can't add hid device: -71
[  625.205731][ T5913] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  625.227152][ T5913] usb 5-1: USB disconnect, device number 20
[  625.767384][   T30] audit: type=1400 audit(1775197469.227:647): avc:  denied  { getopt } for  pid=13434 comm="syz.0.1965" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  625.772411][T13437] bridge1: entered promiscuous mode
[  626.842051][   T30] audit: type=1400 audit(1775197470.307:648): avc:  denied  { mount } for  pid=13445 comm="syz.1.1976" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  626.866044][T13446] syz_tun: entered allmulticast mode
[  626.894223][T13446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1976'.
[  627.017271][   T30] audit: type=1400 audit(1775197470.347:649): avc:  denied  { create } for  pid=13445 comm="syz.1.1976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  627.055689][T13446] syz_tun (unregistering): left allmulticast mode
[  627.081700][T13446] bond0: (slave syz_tun): Releasing backup interface
[  631.704115][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.717224][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.726620][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.736279][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.745958][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.756516][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.765928][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.775954][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.785228][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  631.794845][T13502] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'.
[  632.300350][ T6381] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  635.305952][T13525] Non-string source
[  637.445165][T13550] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  638.772708][T13567] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=13567 comm=syz.5.2008
[  638.824020][   T30] audit: type=1326 audit(1775197482.287:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13558 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8e799c819 code=0x7ffc0000
[  638.882400][   T30] audit: type=1326 audit(1775197482.287:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13558 comm="syz.6.2006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8e799c819 code=0x7ffc0000
[  641.210345][T13601] ksmbd: Unknown IPC event: 4, ignore.
[  642.277162][   T30] audit: type=1400 audit(1775197485.747:652): avc:  denied  { name_bind } for  pid=13614 comm="syz.6.2017" src=65530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  643.182900][T13635] overlayfs: cannot append lower layer
[  644.028579][T13647] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  644.035127][T13647] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  644.043222][T13647] vhci_hcd vhci_hcd.0: Device attached
[  644.346987][T13643] netlink: 'syz.1.2022': attribute type 15 has an invalid length.
[  644.355784][T13643] __nla_validate_parse: 10 callbacks suppressed
[  644.355796][T13643] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2022'.
[  644.454697][T13654] overlayfs: failed to resolve './cgroup': -2
[  644.461190][ T5913] usb 45-1: new low-speed USB device number 2 using vhci_hcd
[  645.019845][T13649] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  645.050002][T13648] vhci_hcd: connection closed
[  645.075686][   T59] vhci_hcd vhci_hcd.6: stop threads
[  645.122308][   T59] vhci_hcd vhci_hcd.6: release socket
[  645.149672][   T59] vhci_hcd vhci_hcd.6: disconnect device
[  647.194199][T13677] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2029'.
[  648.990491][T13698] No control pipe specified
[  649.006804][T13698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2035'.
[  649.463194][T13698] hsr_slave_0: left promiscuous mode
[  649.504675][T13698] hsr_slave_1: left promiscuous mode
[  650.205592][ T5913] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  650.468964][T13708] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2038'.
[  653.264839][T13721] SELinux: failed to load policy
[  653.317300][   T30] audit: type=1400 audit(1775197496.727:653): avc:  denied  { load_policy } for  pid=13719 comm="syz.4.2042" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  656.436623][   T30] audit: type=1400 audit(1775197499.877:654): avc:  denied  { bind } for  pid=13726 comm="syz.4.2044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  656.638219][ T5913] libceph: connect (1)[c::]:6789 error -101
[  656.694178][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  656.731568][   T30] audit: type=1400 audit(1775197499.907:655): avc:  denied  { listen } for  pid=13726 comm="syz.4.2044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  657.001299][T13735] ceph: No mds server is up or the cluster is laggy
[  657.011930][ T5913] libceph: connect (1)[c::]:6789 error -101
[  657.037780][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  662.297243][   T30] audit: type=1400 audit(1775197505.567:656): avc:  denied  { ioctl } for  pid=13772 comm="syz.1.2054" path="socket:[33780]" dev="sockfs" ino=33780 ioctlcmd=0x6687 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  662.415534][T13779] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  664.285017][T13789] netlink: 'syz.0.2057': attribute type 1 has an invalid length.
[  664.943756][ T6388] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  665.020291][T13789] bond2: (slave bridge3): Enslaving as a backup interface with an up link
[  665.226480][T13789] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2057'.
[  665.243893][ T5872] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  665.246880][T13789] 8021q: adding VLAN 0 to HW filter on device bond2
[  665.254434][ T6388] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  665.531050][   T30] audit: type=1400 audit(1775197508.807:657): avc:  denied  { ioctl } for  pid=13803 comm="syz.6.2060" path="/dev/uhid" dev="devtmpfs" ino=1273 ioctlcmd=0x9408 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  665.560218][ T5872] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  665.699573][   T49] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  667.301223][T13829] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2066'.
[  667.344588][T13829] comedi comedi0: Minor 2 could not be opened
[  668.118143][T13836] overlayfs: missing 'lowerdir'
[  670.920093][T13857] ubi31: attaching mtd0
[  670.940063][T13857] ubi31: scanning is finished
[  670.944817][T13857] ubi31: empty MTD device detected
[  671.028986][ T5810] Bluetooth: Frame is too long (len 12, expected len 4)
[  671.363953][T13866] bridge0: port 2(bridge_slave_1) entered blocking state
[  671.371239][T13866] bridge0: port 2(bridge_slave_1) entered forwarding state
[  671.377211][T13857] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  671.378758][T13866] bridge0: port 1(bridge_slave_0) entered blocking state
[  671.386302][T13857] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  671.393088][T13866] bridge0: port 1(bridge_slave_0) entered forwarding state
[  671.400285][T13857] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  671.414545][T13857] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  671.422040][T13857] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  671.428899][T13857] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  671.437022][T13857] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1669592048
[  671.447076][T13857] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  671.479616][T13867] ubi31: background thread "ubi_bgt31d" started, PID 13867
[  671.524396][T13866] bridge0: left allmulticast mode
[  671.626217][   T30] audit: type=1400 audit(1775197515.097:658): avc:  denied  { map_create } for  pid=13845 comm="syz.0.2070" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  671.785773][T13866] 8021q: adding VLAN 0 to HW filter on device .`
[  671.802489][   T30] audit: type=1400 audit(1775197515.117:659): avc:  denied  { prog_load } for  pid=13845 comm="syz.0.2070" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  672.306561][   T30] audit: type=1400 audit(1775197515.117:660): avc:  denied  { prog_run } for  pid=13845 comm="syz.0.2070" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  673.251257][T13866] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  674.415104][T13887] syz_tun: entered allmulticast mode
[  674.425213][   T30] audit: type=1400 audit(1775197517.887:661): avc:  denied  { write } for  pid=13885 comm="syz.0.2082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  674.437524][T13887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2082'.
[  674.883889][T13887] syz_tun (unregistering): left allmulticast mode
[  675.120940][   T30] audit: type=1400 audit(1775197518.567:662): avc:  denied  { map_read map_write } for  pid=13895 comm="syz.5.2084" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  679.426743][   T30] audit: type=1400 audit(1775197522.437:663): avc:  denied  { allowed } for  pid=13925 comm="syz.1.2092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  679.449231][   T30] audit: type=1400 audit(1775197522.447:664): avc:  denied  { sqpoll } for  pid=13925 comm="syz.1.2092" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  680.884936][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  680.935899][T13943] overlayfs: failed to clone upperpath
[  685.065612][   T24] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  685.452608][T13987] tmpfs: Bad value for 'nr_inodes'
[  685.562148][   T30] audit: type=1400 audit(1775197529.027:665): avc:  denied  { bind } for  pid=13982 comm="syz.1.2106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  685.628372][   T24] usb 5-1: Using ep0 maxpacket: 32
[  685.652973][   T24] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  686.452898][   T24] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  686.462319][   T24] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  686.470678][   T24] usb 5-1: Product: syz
[  686.475066][   T24] usb 5-1: Manufacturer: syz
[  686.480773][   T24] usb 5-1: SerialNumber: syz
[  686.493673][   T24] usb 5-1: config 0 descriptor??
[  686.504405][T13978] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  686.513174][   T24] hub 5-1:0.0: bad descriptor, ignoring hub
[  686.519616][   T24] hub 5-1:0.0: probe with driver hub failed with error -5
[  686.814158][   T30] audit: type=1400 audit(1775197530.237:666): avc:  denied  { read } for  pid=14001 comm="syz.6.2110" dev="nsfs" ino=4026533439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  687.121592][   T30] audit: type=1400 audit(1775197530.237:667): avc:  denied  { open } for  pid=14001 comm="syz.6.2110" path="net:[4026533439]" dev="nsfs" ino=4026533439 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  687.446597][ T5913] usb 5-1: USB disconnect, device number 21
[  688.293251][T13985] delete_channel: no stack
[  688.444427][T14019] netlink: 'syz.6.2112': attribute type 10 has an invalid length.
[  689.092001][T14019] 8021q: adding VLAN 0 to HW filter on device batadv0
[  689.104815][T14019] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  689.534701][T14035] x_tables: duplicate underflow at hook 4
[  691.182874][   T30] audit: type=1400 audit(1775197534.567:668): avc:  denied  { listen } for  pid=14045 comm="syz.0.2121" path=0000204E0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  691.731010][T14053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  693.911051][T14083] netlink: 'syz.5.2130': attribute type 4 has an invalid length.
[  693.918879][T14083] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2130'.
[  693.929270][T14083] wlan1: mtu less than device minimum
[  694.740319][T14098] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  695.702626][T14114] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  695.958807][   T30] audit: type=1400 audit(1775197539.147:669): avc:  denied  { mounton } for  pid=14107 comm="syz.6.2136" path="/101/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  696.781879][T13076] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  696.864105][T14121] IPVS: set_ctl: invalid protocol: 22 0.0.0.0:20003
[  697.176795][T14126] nbd: must specify a device to reconfigure
[  700.295805][   T30] audit: type=1400 audit(1775197543.757:670): avc:  denied  { append } for  pid=14154 comm="syz.4.2149" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  700.413979][T14155] input: syz1 as /devices/virtual/input/input17
[  700.976607][   T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  701.197612][   T30] audit: type=1326 audit(1775197544.637:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  701.226482][   T24] usb 7-1: Using ep0 maxpacket: 32
[  701.297526][   T24] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  701.313470][   T30] audit: type=1326 audit(1775197544.637:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  701.417482][   T24] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  701.440918][   T24] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  701.455597][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  701.465580][   T30] audit: type=1326 audit(1775197544.637:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  701.489787][   T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  701.646834][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  701.675517][   T30] audit: type=1326 audit(1775197544.637:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  701.707011][   T24] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  701.746622][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.941627][   T24] usb 7-1: config 0 descriptor??
[  702.042296][   T30] audit: type=1326 audit(1775197544.637:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  702.167819][   T24] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  702.215405][   T30] audit: type=1326 audit(1775197544.637:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  702.215711][   T24] usb 7-1: USB disconnect, device number 5
[  702.342613][   T30] audit: type=1326 audit(1775197544.637:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  702.419619][   T24] usblp0: removed
[  702.480329][   T30] audit: type=1326 audit(1775197544.637:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  702.596206][   T30] audit: type=1326 audit(1775197544.637:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14162 comm="syz.4.2151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  704.678751][T14190] wg1 speed is unknown, defaulting to 1000
[  705.183667][T14190] virt_wifi0 speed is unknown, defaulting to 1000
[  705.960364][   T30] kauditd_printk_skb: 47 callbacks suppressed
[  705.960383][   T30] audit: type=1400 audit(1775197549.417:727): avc:  denied  { name_connect } for  pid=14194 comm="syz.5.2161" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  705.965614][T14196] Bluetooth: MGMT ver 1.23
[  706.135498][   T30] audit: type=1400 audit(1775197549.597:728): avc:  denied  { read } for  pid=14194 comm="syz.5.2161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  706.215572][   T30] audit: type=1400 audit(1775197549.627:729): avc:  denied  { setopt } for  pid=14201 comm="syz.4.2162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  706.255048][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'.
[  706.285503][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'.
[  706.296415][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'.
[  706.310290][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'.
[  706.320463][T14203] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2162'.
[  707.734081][T14215] mac80211_hwsim hwsim13 syzkaller0: entered allmulticast mode
[  707.802603][T14215] mac80211_hwsim hwsim13 syzkaller0: entered promiscuous mode
[  708.385145][T14214] mac80211_hwsim hwsim13 syzkaller0: left promiscuous mode
[  708.400854][T14214] mac80211_hwsim hwsim13 syzkaller0: left allmulticast mode
[  708.677438][T14223] netlink: 2108 bytes leftover after parsing attributes in process `syz.0.2169'.
[  708.721207][   T30] audit: type=1400 audit(1775197552.177:730): avc:  denied  { bind } for  pid=14228 comm="syz.1.2170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  708.761823][   T30] audit: type=1400 audit(1775197552.177:731): avc:  denied  { name_bind } for  pid=14228 comm="syz.1.2170" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  708.813987][   T30] audit: type=1400 audit(1775197552.177:732): avc:  denied  { node_bind } for  pid=14228 comm="syz.1.2170" saddr=ff01::1 src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  709.234031][T14244] tipc: Enabled bearer <ib:wg1>, priority 0
[  711.695985][   T30] audit: type=1400 audit(1775197555.167:733): avc:  denied  { create } for  pid=14258 comm="syz.0.2179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  712.735817][T14251] syz.4.2177 (14251): drop_caches: 2
[  713.232015][T14287] netlink: 2796 bytes leftover after parsing attributes in process `syz.5.2182'.
[  714.843555][T14293] random: crng reseeded on system resumption
[  714.896242][T14293] FAT-fs (nbd6): unable to read boot sector
[  716.792803][T14310] netlink: 'syz.6.2191': attribute type 10 has an invalid length.
[  716.801377][T14310] bridge0: port 2(bridge_slave_1) entered disabled state
[  716.808945][T14310] bridge0: port 1(bridge_slave_0) entered disabled state
[  716.830070][T14310] bridge0: port 2(bridge_slave_1) entered blocking state
[  716.837247][T14310] bridge0: port 2(bridge_slave_1) entered forwarding state
[  716.844701][T14310] bridge0: port 1(bridge_slave_0) entered blocking state
[  716.851856][T14310] bridge0: port 1(bridge_slave_0) entered forwarding state
[  716.871865][T14310] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  718.482460][T14330] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2196'.
[  718.662876][T14332] overlayfs: failed to clone lowerpath
[  719.007230][   T30] audit: type=1326 audit(1775197561.957:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  719.175529][   T30] audit: type=1326 audit(1775197561.957:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  719.608655][   T30] audit: type=1326 audit(1775197561.967:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  719.623779][T14347] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2189'.
[  720.160626][   T30] audit: type=1326 audit(1775197561.967:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  720.209419][   T30] audit: type=1326 audit(1775197561.967:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  720.243596][   T30] audit: type=1326 audit(1775197561.967:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f092295d04e code=0x7ffc0000
[  720.326757][   T30] audit: type=1326 audit(1775197561.967:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  720.381940][   T30] audit: type=1326 audit(1775197561.967:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  720.533887][   T30] audit: type=1326 audit(1775197561.967:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  720.560030][   T30] audit: type=1326 audit(1775197561.967:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14320 comm="syz.4.2194" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  721.554556][T14362] libceph: resolve '400' (ret=-3): failed
[  721.567477][T14362] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2203'.
[  721.586672][T14362] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2203'.
[  721.637842][T14362] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2203'.
[  722.028360][T14375] overlayfs: failed to clone upperpath
[  725.886611][T14404] wg1 speed is unknown, defaulting to 1000
[  725.929897][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  725.929913][   T30] audit: type=1400 audit(1775197825.398:755): avc:  denied  { connect } for  pid=14403 comm="syz.1.2213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  726.033924][T14404] virt_wifi0 speed is unknown, defaulting to 1000
[  726.201865][T14407] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  727.858342][T14426] overlayfs: failed to resolve './cgroup': -2
[  727.992471][T14428] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  728.359016][ T6379] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  730.791275][T14444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2220'.
[  731.598753][T14444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2220'.
[  734.329469][T14474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2228'.
[  734.338561][T14474] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  734.612824][T14482] siw: device registration error -23
[  735.140125][T14474] batman_adv: batadv0: Removing interface: batadv_slave_0
[  735.942961][T14491] overlayfs: failed to resolve './file0': -2
[  737.353949][ T5810] Bluetooth: Frame is too long (len 12, expected len 4)
[  737.667906][T14509] binder: 14506:14509 ioctl 4018620d 0 returned -22
[  737.688400][T14509] dlm: no local IP address has been set
[  737.694221][T14509] dlm: cannot start dlm midcomms -107
[  737.796981][   T30] audit: type=1400 audit(1775197837.134:756): avc:  denied  { set_context_mgr } for  pid=14506 comm="syz.6.2234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  738.069076][T14512] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2236'.
[  740.440817][   T30] audit: type=1400 audit(1775197839.915:757): avc:  denied  { bind } for  pid=14537 comm="syz.6.2243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  740.955824][T14547] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  741.737065][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  742.047236][T14554] wg1 speed is unknown, defaulting to 1000
[  742.099488][   T30] audit: type=1400 audit(1775197841.576:758): avc:  denied  { append } for  pid=14551 comm="syz.6.2247" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  742.341036][T14554] virt_wifi0 speed is unknown, defaulting to 1000
[  744.638133][ T5916] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  745.712979][ T5916] usb 5-1: Using ep0 maxpacket: 32
[  746.046567][ T5916] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  746.060136][ T5916] usb 5-1: config 1 interface 1 altsetting 1 has an invalid endpoint descriptor of length 4, skipping
[  746.083713][ T5916] usb 5-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40
[  746.100524][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.133912][ T5916] usb 5-1: Product: syz
[  746.141450][ T5916] usb 5-1: Manufacturer: syz
[  746.153101][ T5916] usb 5-1: SerialNumber: syz
[  746.303582][T14593] netlink: 'syz.5.2257': attribute type 10 has an invalid length.
[  746.317309][T14597] netlink: 'syz.0.2256': attribute type 5 has an invalid length.
[  747.056360][T14593] syz_tun: entered promiscuous mode
[  747.175532][ T5916] snd-ua101 5-1:1.1: invalid bNumEndpoints
[  747.194180][ T5916] snd-ua101 5-1:1.0: invalid num_altsetting
[  747.222114][T14593] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  747.536216][ T5916] usb 5-1: USB disconnect, device number 22
[  752.880475][ T5872] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  753.121389][ T5872] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  753.217762][ T5872] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  753.243745][   T10] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  753.371775][ T5872] usb 7-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  753.479168][   T10] usb 5-1: Using ep0 maxpacket: 32
[  753.488065][ T5872] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.515287][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  753.587821][ T5872] usb 7-1: config 0 descriptor??
[  753.594956][   T10] usb 5-1: config 1 interface 1 altsetting 1 has an invalid endpoint descriptor of length 4, skipping
[  753.685643][   T10] usb 5-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice= 0.40
[  753.707028][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.723872][   T10] usb 5-1: Product: syz
[  753.732812][   T10] usb 5-1: Manufacturer: syz
[  753.742789][   T10] usb 5-1: SerialNumber: syz
[  755.194297][ T5872] usbhid 7-1:0.0: can't add hid device: -71
[  755.206169][ T5872] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  755.227430][ T5872] usb 7-1: USB disconnect, device number 6
[  756.431154][   T10] snd-ua101 5-1:1.1: invalid bNumEndpoints
[  756.437007][   T10] snd-ua101 5-1:1.0: invalid num_altsetting
[  756.623739][   T10] usb 5-1: USB disconnect, device number 23
[  757.395345][T14693] overlayfs: overlapping lowerdir path
[  757.549985][T14688] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  757.603265][ T5916] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  757.726194][T14696] overlayfs: failed to resolve './cgroup': -2
[  758.187064][ T5916] usb 7-1: Using ep0 maxpacket: 32
[  758.194338][ T5916] usb 7-1: config 0 has an invalid interface number: 132 but max is 0
[  758.203898][ T5916] usb 7-1: config 0 has no interface number 0
[  758.212416][ T5916] usb 7-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  758.256505][T14700] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  758.277276][ T5916] usb 7-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  758.301567][ T5916] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.319294][ T5916] usb 7-1: Product: syz
[  758.323489][ T5916] usb 7-1: Manufacturer: syz
[  758.417420][ T5916] usb 7-1: SerialNumber: syz
[  758.760245][ T5916] usb 7-1: config 0 descriptor??
[  759.388637][ T5916] em28xx 7-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  759.399007][ T5916] em28xx 7-1:0.132: Video interface 132 found:
[  759.406284][   T30] audit: type=1326 audit(1775197858.835:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  759.651223][ T5916] em28xx 7-1:0.132: unknown em28xx chip ID (0)
[  759.745622][ T5916] em28xx 7-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  759.788145][   T30] audit: type=1326 audit(1775197858.835:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  759.896708][   T30] audit: type=1326 audit(1775197858.835:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  759.920327][   T30] audit: type=1326 audit(1775197858.835:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  759.944649][   T30] audit: type=1326 audit(1775197858.835:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  759.972697][ T5916] em28xx 7-1:0.132: board has no eeprom
[  760.036011][ T5916] em28xx 7-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  760.349921][   T30] audit: type=1326 audit(1775197858.835:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  760.399680][ T5916] em28xx 7-1:0.132: analog set to bulk mode.
[  760.409307][   T29] em28xx 7-1:0.132: Registering V4L2 extension
[  760.448198][   T30] audit: type=1326 audit(1775197858.835:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  760.524315][ T5916] usb 7-1: USB disconnect, device number 7
[  760.540570][   T29] em28xx 7-1:0.132: failed to trigger read from i2c address 0x4a (error=-19)
[  760.548845][   T30] audit: type=1326 audit(1775197858.835:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  760.575068][   T30] audit: type=1326 audit(1775197858.835:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  760.601660][ T5916] em28xx 7-1:0.132: Disconnecting em28xx
[  761.713081][   T30] audit: type=1326 audit(1775197858.845:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14699 comm="syz.4.2282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f092299c819 code=0x7ffc0000
[  761.810065][T14739] overlayfs: failed to clone upperpath
[  762.718501][   T29] em28xx 7-1:0.132: Config register raw data: 0xffffffed
[  762.729469][   T29] em28xx 7-1:0.132: AC97 chip type couldn't be determined
[  762.740287][   T29] em28xx 7-1:0.132: No AC97 audio processor
[  763.297170][  T237] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  763.317694][   T29] usb 7-1: Decoder not found
[  763.329878][   T29] em28xx 7-1:0.132: failed to create media graph
[  763.342614][   T29] em28xx 7-1:0.132: V4L2 device video103 deregistered
[  763.602388][   T29] em28xx 7-1:0.132: Remote control support is not available for this card.
[  763.857634][ T5916] em28xx 7-1:0.132: Closing input extension
[  763.864714][ T5916] ==================================================================
[  763.872789][ T5916] BUG: KASAN: slab-use-after-free in media_device_unregister+0x59d/0x610
[  763.881557][ T5916] Read of size 8 at addr ffff888068660218 by task kworker/1:6/5916
[  763.889438][ T5916] 
[  763.891744][ T5916] CPU: 1 UID: 0 PID: 5916 Comm: kworker/1:6 Not tainted syzkaller #0 PREEMPT(full) 
[  763.891759][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  763.891767][ T5916] Workqueue: usb_hub_wq hub_event
[  763.891789][ T5916] Call Trace:
[  763.891795][ T5916]  <TASK>
[  763.891799][ T5916]  dump_stack_lvl+0x100/0x190
[  763.891819][ T5916]  print_report+0x156/0x4c9
[  763.891836][ T5916]  ? __virt_addr_valid+0x81/0x620
[  763.891862][ T5916]  ? __phys_addr+0xe8/0x180
[  763.891889][ T5916]  ? media_device_unregister+0x59d/0x610
[  763.891902][ T5916]  kasan_report+0xdf/0x1e0
[  763.891913][ T5916]  ? media_device_unregister+0x59d/0x610
[  763.891926][ T5916]  media_device_unregister+0x59d/0x610
[  763.891939][ T5916]  em28xx_unregister_media_device+0x4e/0xe0
[  763.891957][ T5916]  em28xx_release_resources+0x79/0x1b0
[  763.891973][ T5916]  em28xx_usb_disconnect.cold+0x17d/0x253
[  763.891990][ T5916]  usb_unbind_interface+0x1dd/0x9e0
[  763.892010][ T5916]  ? kernfs_remove_by_name_ns+0x9f/0xf0
[  763.892024][ T5916]  ? __pfx_usb_unbind_interface+0x10/0x10
[  763.892041][ T5916]  device_remove+0x12a/0x180
[  763.892058][ T5916]  device_release_driver_internal+0x44e/0x620
[  763.892070][ T5916]  bus_remove_device+0x2bc/0x560
[  763.892086][ T5916]  ? __pfx_bus_remove_device+0x10/0x10
[  763.892101][ T5916]  ? __pfx_device_remove_attrs+0x10/0x10
[  763.892116][ T5916]  ? up_write+0x290/0x4f0
[  763.892129][ T5916]  device_del+0x376/0x9b0
[  763.892153][ T5916]  ? __pfx_device_del+0x10/0x10
[  763.892168][ T5916]  ? kobject_put+0xb9/0x640
[  763.892181][ T5916]  usb_disable_device+0x367/0x810
[  763.892201][ T5916]  usb_disconnect+0x2e2/0x9a0
[  763.892218][ T5916]  hub_event+0x1d0c/0x4af0
[  763.892238][ T5916]  ? __lock_acquire+0x4a5/0x2630
[  763.892248][ T5916]  ? do_raw_spin_unlock+0x145/0x1e0
[  763.892261][ T5916]  ? __pfx_hub_event+0x10/0x10
[  763.892276][ T5916]  ? debug_object_deactivate+0x2e4/0x3b0
[  763.892295][ T5916]  ? rcu_is_watching+0x12/0xc0
[  763.892309][ T5916]  process_one_work+0xa23/0x19a0
[  763.892324][ T5916]  ? __pfx_process_one_work+0x10/0x10
[  763.892337][ T5916]  ? __pfx_hub_event+0x10/0x10
[  763.892352][ T5916]  worker_thread+0x5ef/0xe50
[  763.892365][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  763.892377][ T5916]  ? kthread+0x13a/0x450
[  763.892388][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  763.892399][ T5916]  kthread+0x370/0x450
[  763.892409][ T5916]  ? __pfx_kthread+0x10/0x10
[  763.892419][ T5916]  ret_from_fork+0x754/0xd80
[  763.892430][ T5916]  ? __pfx_ret_from_fork+0x10/0x10
[  763.892442][ T5916]  ? __switch_to+0x7b4/0x1120
[  763.892455][ T5916]  ? __pfx_kthread+0x10/0x10
[  763.892465][ T5916]  ret_from_fork_asm+0x1a/0x30
[  763.892482][ T5916]  </TASK>
[  763.892486][ T5916] 
[  764.151247][ T5916] Allocated by task 29:
[  764.155376][ T5916]  kasan_save_stack+0x30/0x50
[  764.160039][ T5916]  kasan_save_track+0x14/0x30
[  764.164703][ T5916]  __kasan_kmalloc+0xaa/0xb0
[  764.169278][ T5916]  em28xx_v4l2_init.cold+0x94/0x3503
[  764.174537][ T5916]  em28xx_init_extension+0x13a/0x200
[  764.179814][ T5916]  request_module_async+0x61/0x80
[  764.184817][ T5916]  process_one_work+0xa23/0x19a0
[  764.189733][ T5916]  worker_thread+0x5ef/0xe50
[  764.194295][ T5916]  kthread+0x370/0x450
[  764.198342][ T5916]  ret_from_fork+0x754/0xd80
[  764.202912][ T5916]  ret_from_fork_asm+0x1a/0x30
[  764.207670][ T5916] 
[  764.209966][ T5916] Freed by task 29:
[  764.213741][ T5916]  kasan_save_stack+0x30/0x50
[  764.218395][ T5916]  kasan_save_track+0x14/0x30
[  764.223053][ T5916]  kasan_save_free_info+0x3b/0x70
[  764.228072][ T5916]  __kasan_slab_free+0x5f/0x80
[  764.232809][ T5916]  kfree+0x1f6/0x6b0
[  764.236677][ T5916]  kref_put.isra.0+0x56/0x90
[  764.241240][ T5916]  em28xx_v4l2_init.cold+0x280/0x3503
[  764.246582][ T5916]  em28xx_init_extension+0x13a/0x200
[  764.251836][ T5916]  request_module_async+0x61/0x80
[  764.256831][ T5916]  process_one_work+0xa23/0x19a0
[  764.261741][ T5916]  worker_thread+0x5ef/0xe50
[  764.266302][ T5916]  kthread+0x370/0x450
[  764.270346][ T5916]  ret_from_fork+0x754/0xd80
[  764.274910][ T5916]  ret_from_fork_asm+0x1a/0x30
[  764.279648][ T5916] 
[  764.281942][ T5916] The buggy address belongs to the object at ffff888068660000
[  764.281942][ T5916]  which belongs to the cache kmalloc-8k of size 8192
[  764.295973][ T5916] The buggy address is located 536 bytes inside of
[  764.295973][ T5916]  freed 8192-byte region [ffff888068660000, ffff888068662000)
[  764.309821][ T5916] 
[  764.312128][ T5916] The buggy address belongs to the physical page:
[  764.318509][ T5916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888068664000 pfn:0x68660
[  764.328542][ T5916] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  764.337012][ T5916] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  764.345480][ T5916] page_type: f5(slab)
[  764.349441][ T5916] raw: 00fff00000000240 ffff88813fe41280 ffffea0001ae6010 ffff88813fe3bac8
[  764.358009][ T5916] raw: ffff888068664000 0000000800020001 00000000f5000000 0000000000000000
[  764.366569][ T5916] head: 00fff00000000240 ffff88813fe41280 ffffea0001ae6010 ffff88813fe3bac8
[  764.375215][ T5916] head: ffff888068664000 0000000800020001 00000000f5000000 0000000000000000
[  764.383858][ T5916] head: 00fff00000000003 ffffea0001a19801 00000000ffffffff 00000000ffffffff
[  764.392499][ T5916] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  764.401139][ T5916] page dumped because: kasan: bad access detected
[  764.407520][ T5916] page_owner tracks the page as allocated
[  764.413202][ T5916] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 29, tgid 29 (kworker/1:1), ts 760432488678, free_ts 760296285838
[  764.434269][ T5916]  post_alloc_hook+0x153/0x170
[  764.439025][ T5916]  get_page_from_freelist+0x111d/0x3140
[  764.444573][ T5916]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  764.450451][ T5916]  new_slab+0xa6/0x6b0
[  764.454502][ T5916]  refill_objects+0x26b/0x400
[  764.459162][ T5916]  __pcs_replace_empty_main+0x1ab/0x660
[  764.464701][ T5916]  __kmalloc_cache_noprof+0x493/0x6f0
[  764.470066][ T5916]  em28xx_v4l2_init.cold+0x94/0x3503
[  764.475336][ T5916]  em28xx_init_extension+0x13a/0x200
[  764.480595][ T5916]  request_module_async+0x61/0x80
[  764.485589][ T5916]  process_one_work+0xa23/0x19a0
[  764.490497][ T5916]  worker_thread+0x5ef/0xe50
[  764.495077][ T5916]  kthread+0x370/0x450
[  764.499116][ T5916]  ret_from_fork+0x754/0xd80
[  764.503678][ T5916]  ret_from_fork_asm+0x1a/0x30
[  764.508426][ T5916] page last free pid 13076 tgid 13076 stack trace:
[  764.514896][ T5916]  __free_frozen_pages+0x7e1/0x10d0
[  764.520077][ T5916]  qlist_free_all+0x47/0xe0
[  764.524555][ T5916]  kasan_quarantine_reduce+0x1a0/0x1f0
[  764.529990][ T5916]  __kasan_slab_alloc+0x69/0x90
[  764.534818][ T5916]  kmem_cache_alloc_noprof+0x241/0x6e0
[  764.540260][ T5916]  ext4_init_io_end+0x24/0x170
[  764.545005][ T5916]  ext4_do_writepages+0x9cf/0x3f50
[  764.550105][ T5916]  ext4_writepages+0x347/0x790
[  764.554854][ T5916]  do_writepages+0x278/0x600
[  764.559417][ T5916]  __writeback_single_inode+0x164/0x13c0
[  764.565026][ T5916]  writeback_sb_inodes+0x766/0x1c70
[  764.570201][ T5916]  __writeback_inodes_wb+0xf8/0x2d0
[  764.575382][ T5916]  wb_writeback+0x755/0xbe0
[  764.579872][ T5916]  wb_workfn+0x8c6/0xc00
[  764.584096][ T5916]  process_one_work+0xa23/0x19a0
[  764.589008][ T5916]  worker_thread+0x5ef/0xe50
[  764.593570][ T5916] 
[  764.595867][ T5916] Memory state around the buggy address:
[  764.601466][ T5916]  ffff888068660100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  764.609508][ T5916]  ffff888068660180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  764.617538][ T5916] >ffff888068660200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  764.625574][ T5916]                             ^
[  764.630401][ T5916]  ffff888068660280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  764.638430][ T5916]  ffff888068660300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  764.646464][ T5916] ==================================================================
[  764.798373][ T5916] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  764.805688][ T5916] CPU: 1 UID: 0 PID: 5916 Comm: kworker/1:6 Not tainted syzkaller #0 PREEMPT(full) 
[  764.815059][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  764.825121][ T5916] Workqueue: usb_hub_wq hub_event
[  764.830158][ T5916] Call Trace:
[  764.833419][ T5916]  <TASK>
[  764.836349][ T5916]  dump_stack_lvl+0x100/0x190
[  764.841007][ T5916]  vpanic+0x552/0x970
[  764.844985][ T5916]  ? __pfx_vpanic+0x10/0x10
[  764.849465][ T5916]  ? media_device_unregister+0x59d/0x610
[  764.855078][ T5916]  panic+0xd1/0xe0
[  764.858797][ T5916]  ? __pfx_panic+0x10/0x10
[  764.863195][ T5916]  ? media_device_unregister+0x59d/0x610
[  764.868810][ T5916]  ? preempt_schedule_common+0x42/0xc0
[  764.874271][ T5916]  check_panic_on_warn.cold+0x19/0x34
[  764.879634][ T5916]  end_report.part.0+0x3a/0x90
[  764.884384][ T5916]  kasan_report.cold+0xe/0x18
[  764.889046][ T5916]  ? media_device_unregister+0x59d/0x610
[  764.894673][ T5916]  media_device_unregister+0x59d/0x610
[  764.900114][ T5916]  em28xx_unregister_media_device+0x4e/0xe0
[  764.905995][ T5916]  em28xx_release_resources+0x79/0x1b0
[  764.911441][ T5916]  em28xx_usb_disconnect.cold+0x17d/0x253
[  764.917148][ T5916]  usb_unbind_interface+0x1dd/0x9e0
[  764.922350][ T5916]  ? kernfs_remove_by_name_ns+0x9f/0xf0
[  764.927880][ T5916]  ? __pfx_usb_unbind_interface+0x10/0x10
[  764.933586][ T5916]  device_remove+0x12a/0x180
[  764.938165][ T5916]  device_release_driver_internal+0x44e/0x620
[  764.944212][ T5916]  bus_remove_device+0x2bc/0x560
[  764.949138][ T5916]  ? __pfx_bus_remove_device+0x10/0x10
[  764.954580][ T5916]  ? __pfx_device_remove_attrs+0x10/0x10
[  764.960210][ T5916]  ? up_write+0x290/0x4f0
[  764.964528][ T5916]  device_del+0x376/0x9b0
[  764.968846][ T5916]  ? __pfx_device_del+0x10/0x10
[  764.973682][ T5916]  ? kobject_put+0xb9/0x640
[  764.978168][ T5916]  usb_disable_device+0x367/0x810
[  764.983179][ T5916]  usb_disconnect+0x2e2/0x9a0
[  764.987854][ T5916]  hub_event+0x1d0c/0x4af0
[  764.992261][ T5916]  ? __lock_acquire+0x4a5/0x2630
[  764.997178][ T5916]  ? do_raw_spin_unlock+0x145/0x1e0
[  765.002361][ T5916]  ? __pfx_hub_event+0x10/0x10
[  765.007113][ T5916]  ? debug_object_deactivate+0x2e4/0x3b0
[  765.012741][ T5916]  ? rcu_is_watching+0x12/0xc0
[  765.017503][ T5916]  process_one_work+0xa23/0x19a0
[  765.022426][ T5916]  ? __pfx_process_one_work+0x10/0x10
[  765.027785][ T5916]  ? __pfx_hub_event+0x10/0x10
[  765.032807][ T5916]  worker_thread+0x5ef/0xe50
[  765.037392][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  765.042488][ T5916]  ? kthread+0x13a/0x450
[  765.046712][ T5916]  ? __pfx_worker_thread+0x10/0x10
[  765.051804][ T5916]  kthread+0x370/0x450
[  765.055853][ T5916]  ? __pfx_kthread+0x10/0x10
[  765.060426][ T5916]  ret_from_fork+0x754/0xd80
[  765.065000][ T5916]  ? __pfx_ret_from_fork+0x10/0x10
[  765.070093][ T5916]  ? __switch_to+0x7b4/0x1120
[  765.074765][ T5916]  ? __pfx_kthread+0x10/0x10
[  765.079338][ T5916]  ret_from_fork_asm+0x1a/0x30
[  765.084091][ T5916]  </TASK>
[  765.087370][ T5916] Kernel Offset: disabled
[  765.091676][ T5916] Rebooting in 86400 seconds..