last executing test programs:

32.370569299s ago: executing program 1 (id=563):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000004c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000440)="b9990900000f32b9800000c00f3235008000000f3066ba2000ec6530d7c4e31c7d6dfa008fe978e292ffaa9d4a0f01c366988b008ee89a5200000006000fc734a1", 0x41}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xfd, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r4, 0xae80, 0x600)

32.201288103s ago: executing program 1 (id=564):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) (async)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
rmdir(&(0x7f0000000040)='./cgroup/../file0/file0\x00') (async)
ioctl$FS_IOC_GETVERSION(r1, 0x40045b0a, &(0x7f0000000040)) (async)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0x34325258, 0x0, 0xb, [{}, {0x0, 0xffffffff}, {0x4}, {0x2}, {}, {}, {0xefe}], 0x0, 0x0, 0x0, 0x0, 0x6}}) (async)
creat(&(0x7f00000002c0)='./bus\x00', 0x74)
r3 = socket$kcm(0x10, 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r4}, 0x10) (async)
sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)="5c00000013006bcd9e3fe3dceb48aa31086b8703110000001fa1ff0000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)}, 0x12141)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0xfeffff, 0xa40, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40) (async)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0)
openat$cgroup_type(r8, &(0x7f0000000040), 0x2, 0x0) (async)
openat$fb0(0xffffffffffffff9c, &(0x7f00000004c0), 0x200080, 0x0) (async)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000005d40), r6)
sendmsg$IEEE802154_ASSOCIATE_RESP(r6, &(0x7f000000b880)={0x0, 0x0, &(0x7f000000b840)={&(0x7f0000000500)={0x2c, r9, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008846) (async)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan0\x00', <r10=>0x0})
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r9, 0x300, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x9}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}]}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x10)
setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000680)={{}, {}, [], {}, [], {0x10, 0x1}}, 0x24, 0x3)
listxattr(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)

31.481791479s ago: executing program 1 (id=579):
mount$tmpfs(0x0, 0x0, 0x0, 0x1808000, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'bind', '=relative'}}}]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000000)={0x79, 0x0, 0x52f})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC(r2, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="080000004800000090000040"])

31.421258554s ago: executing program 1 (id=583):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000180)='.\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x45110, 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000300)={[{@gid}]})
r0 = epoll_create1(0x80000)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x20000001})
poll(&(0x7f0000000080)=[{r2, 0x80}], 0x1, 0xe32000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0xa000201e})

30.540128748s ago: executing program 1 (id=602):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x401)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r2], 0x48}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000180)=ANY=[], 0xc)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x3c}, @l2cap_cid_signaling={{0x38}, [@l2cap_info_req={{0xa, 0x3, 0x2}, {0x3}}, @l2cap_conn_rsp={{0x3, 0x41, 0x8}, {0x42fa, 0x40, 0x9, 0x6}}, @l2cap_create_chan_req={{0xc, 0xf, 0x5}, {0xd, 0x0, 0x8}}, @l2cap_create_chan_req={{0xc, 0x5, 0x5}, {0x7, 0x8386, 0x6}}, @l2cap_conn_req={{0x2, 0x1, 0x4}, {0x2, 0x8}}, @l2cap_conn_rsp={{0x3, 0x3, 0x8}, {0x5, 0x4, 0xde9, 0x8}}]}}, 0x41)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="02c8101800140001000a0d0225b947a6d2efccea000300ff07000053056fd14b1612b3dddb280abce7616cd8a56a1bee76de8cf58861fb0c59ce5a9922df752c51a44139c3b587f3782d13cc4e15974f82656af6a0b49d2bb24d7c5853d350ac53e9dfae9e958da5ddcaf5da035fa12e51a6875f081bc6d969b212b802c0b48a23ffd5841609a92252e0c6a3806cd981e197f63c42e5c85600bf312a9b3b0e758ac60b1e799d7d8d36fc5a70142c01673050208a884865d5430b3c540aeafc0cebbc3f4b26d0492b0e655cb9fbf8a0e72424fa4b6e87234f1e5d93f79a3aeaac16814d4b050caee40bd4c7f198051260126f21b439b0aa7ba71bf24009801dae4e"], 0x1d)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)

30.539928525s ago: executing program 1 (id=603):
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
fsopen(&(0x7f0000000000)='ntfs3\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
syz_io_uring_setup(0xbc3, &(0x7f0000000280)={0x0, 0x40001064, 0x1, 0xffffffff, 0x224}, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
userfaultfd(0x80001)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000002c0), 0x1f000000})

30.4767872s ago: executing program 32 (id=603):
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
fsopen(&(0x7f0000000000)='ntfs3\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
syz_io_uring_setup(0xbc3, &(0x7f0000000280)={0x0, 0x40001064, 0x1, 0xffffffff, 0x224}, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
userfaultfd(0x80001)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000002c0), 0x1f000000})

5.871283064s ago: executing program 4 (id=1105):
r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x108)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x40009975, r0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)

5.80131486s ago: executing program 4 (id=1108):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000d80)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x4, @loopback={0x9000000}, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x4080)

5.750546702s ago: executing program 4 (id=1109):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$rfkill(r0, &(0x7f0000000040), 0x8)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x460000, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f00000000c0)={<r2=>0x0, "1f428b0296d8d1fc31aef90426a6b936"})
ioctl$BTRFS_IOC_RESIZE(r1, 0x50009403, &(0x7f00000010c0)={{r0}, {@val={r2}, @max}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000001140)={'erspan0\x00', &(0x7f0000001100)={'syztnl2\x00', <r3=>0x0, 0x1, 0x10, 0x40, 0x7, {{0x7, 0x4, 0x2, 0x9, 0x1c, 0x66, 0x0, 0x7, 0x29, 0x0, @multicast1, @multicast2, {[@rr={0x7, 0x7, 0xbb, [@broadcast]}]}}}}})
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000001180)=r3)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000011c0)={'ipvlan1\x00', 0x1000})
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000001240)=<r4=>0x0)
sendmsg$nl_generic(r0, &(0x7f0000001480)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001440)={&(0x7f0000001280)={0x19c, 0x12, 0x400, 0x70bd2b, 0x25dfdbfd, {0x15}, [@generic="5b115dc8cfd117ee898b874c2853d70a2227d790", @nested={0x8, 0x149, 0x0, 0x1, [@nested={0x4, 0x1b}]}, @nested={0x28, 0x86, 0x0, 0x1, [@nested={0x4, 0x4f}, @typed={0x8, 0x124, 0x0, 0x0, @pid=r4}, @typed={0x8, 0x13f, 0x0, 0x0, @u32=0x7ce8}, @typed={0xe, 0x24, 0x0, 0x0, @str='/dev/full\x00'}]}, @typed={0x87, 0x2a, 0x0, 0x0, @binary="fe89de4616a67e6fcad4e8f332612305ddd58836fb0153429f99f78c1655154513cd7293570c1f541f4b22294649d68720a1c11b775379f26c5b5b8208b26e5a69d6ebc95a11dcd7c19722d7753098dbd2af2aab26b59e870996099adcad7e24f908d07b31d99e0a3d8f25b1a341738f46279f5cc0a8bb82787b135110ce82e5110388"}, @generic="12741de455b3bf41a566f6f6325f635850244f99648e5feab40c754b2801a5d8a34f9950e59dead842ac486db6a7a1ba1dddeac37625972bd6828b0cfb6d7fe5acb68927f34979b1a099e4d5a5b9f2374fbdb80e702f94ce6ab2ee1ca3d84276d31c7da07f2d133165e1e669604ed7c8ae926e352873210291d617900484ba3bc2938e2ff17b1ef95513acb0503f1aa2f12336ead97848783af4cac1fe982b149ccba6861b7bbbff49", @typed={0x8, 0x13f, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x38}}, @typed={0x5, 0x71, 0x0, 0x0, @str='\x00'}]}, 0x19c}, 0x1, 0x0, 0x0, 0x4008084}, 0x4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f00000014c0)={@rand_addr=' \x01\x00', 0x11, r3})
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001540), r0)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000001640)={&(0x7f0000001500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001600)={&(0x7f0000001580)={0x50, r6, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x24004810)
r7 = accept$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f0000001680))
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000016c0), &(0x7f0000001700)=0x4)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000001740), &(0x7f0000001780)=0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001840)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000017c0)="54190bbca4b3f8c5149c1003e0e9c228bddf6513fc4bef6f460f0e78235c1101025e952425a6826c29f10887c5e577ece9c17dff1104d2dc229186b6a94e28b44e0899da22742ef619dae13eafd92d71c7e26c51275b1233d0f93506b25c00cf0170f1e7b15a6e08183818509396b604a30e704af14d", 0x76, r7}, 0x68)
getpeername$ax25(r0, &(0x7f00000018c0)={{0x3, @netrom}, [@default, @netrom, @remote, @null, @bcast, @default, @default, @bcast]}, &(0x7f0000001940)=0x48)
ioctl$SNDCTL_TMR_SELECT(r0, 0x40045408)
r8 = dup(r7)
setsockopt$inet6_mreq(r8, 0x29, 0x1, &(0x7f0000001980)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, r3}, 0x14)
accept4$llc(0xffffffffffffffff, 0x0, &(0x7f00000019c0), 0x80800)
ioctl$PPPIOCSMRRU(r0, 0x4004743b, &(0x7f0000001a00)=0x3f)
io_uring_setup(0x5aca, &(0x7f0000001a40)={0x0, 0x28af, 0x8088, 0x3, 0x37a, 0x0, r0})
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000001ac0)={<r9=>0x0, 0x3, 0x2, [0x8, 0xa4c]}, &(0x7f0000001b00)=0xc)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000001b40)={r9, @in6={{0xa, 0x4e24, 0xff, @local}}, 0xfffffff8, 0x0, 0x1, 0x0, 0xa, 0xfffffff7, 0xb}, &(0x7f0000001c00)=0x9c)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000001c40), &(0x7f0000001c80)=0x4)
r10 = open(&(0x7f0000001cc0)='\x00', 0x200000, 0x0)
ioctl$SIOCSIFHWADDR(r10, 0x8924, &(0x7f0000001d00)={'ipvlan1\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x21}})

5.749818861s ago: executing program 4 (id=1111):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x449)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@delchain={0x24, 0x66, 0xf31, 0xf7fffffb, 0x3, {0x0, 0x0, 0x0, r5, {0x0, 0xfff2}, {0x0, 0xffff}, {0x9, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = fanotify_init(0x200, 0x0)
fanotify_mark(r6, 0x201, 0x40000026, r1, 0x0)
close(r0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
poll(&(0x7f00000002c0)=[{r7, 0x2000}], 0x1, 0x1ff)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x195011, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)
sendmsg$IPSET_CMD_SAVE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4084)

5.190899355s ago: executing program 4 (id=1119):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}, 0x0})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r2, 0xae80, 0xc0000000)
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x98000004, 0x0}, 0x0, 0x0, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')

5.080790979s ago: executing program 4 (id=1123):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
ioctl$CDROMMULTISESSION(r1, 0x5310, &(0x7f0000000200)={@msf={0x3, 0x7f, 0x7}})
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x1000000, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

4.98054855s ago: executing program 33 (id=1123):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
ioctl$CDROMMULTISESSION(r1, 0x5310, &(0x7f0000000200)={@msf={0x3, 0x7f, 0x7}})
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x1000000, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

1.339660237s ago: executing program 0 (id=1189):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x1b, 0xfa00, {0x0, {0xa, 0x9, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0xb970}}}, 0x30)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x60, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 41)

1.131074504s ago: executing program 5 (id=1191):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRES8], 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000002c0)={0x61, 0x18, 0xfa00, {0xfffffffffffffffe, 0x0, 0x13f, 0x4}}, 0xc)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockopt$netrom_NETROM_T2(r4, 0x103, 0x2, 0x0, &(0x7f0000000100))
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSLCKTRMIOS(r5, 0x80047437, &(0x7f00000010c0))
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000500)={&(0x7f0000000240), 0x0, 0x0, 0x0, 0x1, r1}, 0x38)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r6, 0x6, 0x3, 0x0, 0x0)
r7 = socket$inet(0x2, 0x80003, 0x6)
ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000000))
recvmmsg(r0, &(0x7f00000096c0)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x40010003, 0x0)

1.130864622s ago: executing program 5 (id=1192):
r0 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
writev(r2, &(0x7f0000000580)=[{&(0x7f0000000280)='W', 0x1}], 0x1)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0x0, 0x3, 0x2080, 0x6ae0})

1.130579183s ago: executing program 0 (id=1193):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c686f657874656e642c6163638173733d616e792c63616368653d66736361636865"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x6, 0xb, 0x3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1ab8ff00000000bfa100000000000007010000f0ffffffb702000002000000b70300000000000085000000c700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)={0x28, 0x1, 0x4, 0x801, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_MODE={0xa, 0x2, {0x8001}}]}, 0x28}}, 0x20040000)
chdir(&(0x7f00000000c0)='./file0\x00')
socket(0xb, 0x0, 0x752a7e91)
ioctl$DRM_IOCTL_GET_MAP(0xffffffffffffffff, 0xc0286404, &(0x7f0000000180)={&(0x7f0000fff000/0x1000)=nil})
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1901)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080), 0x22282, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f00009ea000/0x4000)=nil, &(0x7f0000079000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f00007fd000/0x3000)=nil, &(0x7f0000287000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000628000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f000097b000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100)="28189a798b77460fa826b733e3af71e65e919803c95f47f9950b37582bc30976c8cff030363c6e6c26fd865860a362c4f0141ca78fee42bbc8e05439e2819b3610bc8b6598a837a8976919354479b0eb0fc8bc12aa6a09a4c834acd8dc07006f82ab3d3c", 0x64, r2}, 0x68)

1.061400483s ago: executing program 5 (id=1194):
creat(&(0x7f00000002c0)='./bus\x00', 0x74)
setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000680)={{}, {}, [], {}, [], {0x10, 0x1}}, 0x24, 0x3)
listxattr(&(0x7f0000000440)='./bus\x00', 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="66b9a00d00000f32dbd567f0879f00a00000670f4fa1ea000000660f388080062e0f01c5baf80c66b8d789868866efbafc0cec0f0666b9800000c00f320f304466b8010000000f23d80f21f86635800000300f23f866350a00000044360f01d1", 0x60}], 0xd82, 0x54, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

801.209531ms ago: executing program 2 (id=1196):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
recvmmsg(r0, &(0x7f0000005f40)=[{{0x0, 0x0, 0x0}, 0x8000fc00}], 0x1, 0x40000021, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xb, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0)

800.843386ms ago: executing program 0 (id=1197):
socket(0x10, 0x3, 0x0)
io_uring_setup(0x7db8, &(0x7f0000000080)={0x0, 0x63c4, 0x2, 0x5, 0x2})
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280)) (async)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') (async)
creat(&(0x7f0000000140)='./file0\x00', 0x8) (async)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="1504000065ffff0010000008003950323030302e75"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) (async)
write$FUSE_INIT(r4, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0x6f, 0x0, 0x0, 0x803}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',posixacl,debug=0x0000000000000006,aname=,nodevmap']) (async)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r5, r1, 0x0, 0x80000000)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000080)=r6}, 0x20) (async)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) (async)
r8 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) (async)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0xfffa, 0xffe0}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_LABEL={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24004000) (async)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r11 = socket$packet(0x11, 0x3, 0x300)
dup(r11)

800.630706ms ago: executing program 5 (id=1198):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xe, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0xff0a)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_open_dev$ptys(0xc, 0x3, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000280)=0x5d0)
openat$cgroup_pressure(r0, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0)
utimensat(0xffffffffffffff9c, 0x0, &(0x7f0000001580)={{0x0, 0x3ffffffe}, {0x0, 0x3ffffffe}}, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
syz_clone(0x5cc35957266fd48c, &(0x7f0000000500)="f3cf503e8d8c2d72db967b299bf6268669b0576b59f1831c5da1e06aa468c59093dc3e51b8d05e100ed23039e78e8c1ec97aa19fca115428df51d99d7f0e90836afccc410b58ab0e792c885f8924a1368aab3df1bd9a8b7e834209507b673c69c2fa076f404b540792a9126ca6e3d75c57ad9c1134a5a7bc447a90e64d02e0487e68eb57c246ae744cdbb3cf7e68a5d5e858786c362ff7c5a3aa54a0e2d30c93263b47ee79a007c6c68c312c13cb25c3e8f7769699d9708a38f8598cc13591a151c109ee1f1e375932648f50fc8ee81faf2cd51eef651a83c72980e0b10890388d553844d1b84d68caab80b926af28ebb2abb69af6ed1455f3abc3cb5c038726bdb941554dfb1c98502740589fa0653d2f4e462351bafe7e9e1bcbbd32a1a98605f2a90088b506bbe9ad2bf959dfcdfa33f5613d98b8466195b76bd46dcf7ae713a70d2483be2f7650a8b2a3677981c97b762cea9e54f022d7ec111dd1ba43b8ff65a429354db12eb49e3bdd1a47c32b19f93ebd992f7d5d7a7f513cd05188aa1edf64ace891b75dabe0d92c92953163d5ee9b321a79e799202b2b8a1deee7c41da9cc815c2c2008ddb18a194e84bdc45e0fc12e3cdba97a7bf28eb1d020a2da5f9f9ac5ea035f13bff05546889c00f4e241d33fc101ac05014df98e8fde0e00054fe08189b7c47d00f4ed94376103c978f1bd392847131ae4a9801cab0d96fb3ba8c7d3e842e82cb91ab8ac4609f58953ed12de2e64b0c52ee0ac3fa8f74b02fda03e76a3e7f3c8ac89c9ca7bf6a6bc7e71169e3f9774b55ea6ba873191f0509ab6b5e3fbc275bd4c588377ac7e17378b7e765ba7d18d002554ff6bd409987498cbb4ba76cbc7cbb85316ad13f740ad6856d1fd1ab9690fd09508e046e0d85608584bf78ef8408c30abb839cb5d705125c07e2ebe3dba96af857d583a22199c5fa130a78bc68861c6a88bb5afbe2572705a9b891ce8aaa34ae70206808aee80bf657f027991e23b238e5e3595a77cfa87fbb0ce6b91bfa38d4fd7a34869e47e5dce9895856f76f8e0b41c78f635b3f6587dbc16b1807d68285595d06744f42a04c0e036d92f0ed9a716d594e7d1d17ff3b23f60ad59cc202413a679e1d7aa474b5cdb32fd65bde229bd30a9cd9016fa2fd2be2ddbbe6bbaf12c6a7ad30c2e3312b6b6e8568c003f60df5fe1375a7da2fb5151acd1101768690f23df7a33a5d4f0ccd3c457c469dd2766ac9f0b3947c7c3dfef0575754a66e68411484ebc7e469f115759b3207453bdfb8e62bf13db0b4b6996e3afd45ad5439b802509464583f832e402ededb40a3e6129e5d2bcec95128b8ccefc7ce95f4dd7c55c6ff37624d81484d0d7ce165f4185c41c4d43b50879fd231932f7ee5dba75ca2f861d529bd9eca8996022ef6b84667b6a397accb96cf801b30f6d0896240c3e3a66defad0a025ff1942d2885b19b36ee35524095239c6ee1c12cc35c7a5b48aab311e8d7829630c6d8b117a592e15e2cc8d891f9b9c33aa6abe30234bc087dc911b490f5448e5a03b6cafdfc0a2dbd7d5a725cfefde2f6aa7e4e8e0fb0befce55b94ac3253aeeb93dd18221bb6ae970bcf8c203ab0128078997bed4a55496563b4467015592ed683ef6efb04f8c3ef479fcb8b6b096f028d5d3fa7783bff4af6375c2014c91a52492a62dc7122ca4217dd0026f8e8bd37beeda5f3ecdfdef6a318561c646039ac347a2b36385d953afa0df7aa9129f8940dde6f44a650afd259abd60c5f4b11172831e0973ae968df76e775b571a66d71ab89ef002bfb68c52162b5a9da08d7997cece3fafc1eef88b506a2b3baf1b01ed75d3421bb9ef6e43a5c8b7b8c968adf5b6ce172b6a5d4d3184332cce5ce3bb23b0fadbe91da297fa60295b21b5210ca9a24a734c9b42f63bd2e999062606c8630864c144af27e6d001da670506c90e3d444ffbbd75e3dcc04d486b8924d294bada61e5299b9d4193b808549e35a867e6e9b255ef7d73e5ad506b17262f3151592330235a2b22986d278bb26e9e0723f16736b25959ba1971515fc614ae1da2bd8dfbb651a68d5f49f56e9cd634e54f3d5915400cddd9363632f46450ccbb78e5292e26c4abd395d2f640f0d202c6c0fd949be282ad251ed831e627f6a8a4866b47c7ba8999b8dcd27b67a9405a08548b25f70019e7927279e728b6e66b9c0962f71ca6040c31e16faf297fb00c86ea174cb75907380632234b1fc6dad1fb5f9c537943e25bf17aa0cc5d1fd468bd05aa8e34615653561c63b4cd225dd4c48e153fc657b1870221f00b730f981f68d851be22173028044cef223ba15622194cb8c71085c263296d88f16bd6e3b388de0146ecdc3e58b1800e214127ef3b6953d1a419d6a1af054f76c99a7b6b6e14d18cc5d20fe3fc06fa6e144c5ba24ccd71cad55016ae6548886f2a9c23ec4f9dd7df8f101d72bb8ffd1c41b87147d85decd9d517eae661742f727b9af6bae3ba23b7dc19de7551eac70eceaef6a168f3ee96d08e126542a1d4824ef4e773884ec91812748eccb53dd95aa27dd737cc2e8342668536ce16d7fca3fe49effde9065f5005aa7f2cde60e0824e2ad2914f95c7c8fe4001bf12352ccde1ace4bb8ce26ee2bb5cecf279e8e9e91728b5393b3fd7be497e37210de0a9338f0e6ac3ea4e5c5de47e7618a07f8e725a37aebeb420554d25013ed01f9647f1b8daf36abed00e0b86df3bf020b15bf2bb1e3a33c76eab8efb21d5f9e1f0ace0387c62dc104713f51c176672e3a540226062a0a1713777daf08616bf0be2d7fc487c52616b5b0bb519d10d8b914209d5b8952647bee357b2417539b810fd23b5259657a7f03f43d58c2a06685a472180de92c125ec341347e7ff730998e957ef9a811c94a88be456cc83e86c1f5c1226e1150995912b0c5614c8c6345a1587cfc83f530c1c1c6bdc58a69114a74d0d2e986399bcb862eb897f2b6e2bff7332d7c23ffdd5580f935b63e1c3aee4310e5eb308a28d5f134eb5a975e586aa55ba6450c1680f418fcbfdb649981fb37f59915b46f5d65ff3b153798b83824981ef3e9bd9e7ba459e38a2047e0877d752ba93117eb5c5661e6c6284c2e0877a4d3920875bcac197e19a51274fdaf3a2f0cd1839c35d782950fd5460ae5ada37a19f5d52bc73c9ed7405964c956ffbc00a4a8836fd08b73ec357d2fa37e9d2747bb813d2c69f9471b5ffcafb418f79d9cf9ce49e9f1db3916a900b44f64c8592104310e8ee62cbb66daabeea1b59fe2f3abdc1d919f6e26f1092586b3cf52369621a56baa6e3314db5a8cb3cc304015832690a9c66313a81c45731c9873a862c6909f541f4428df288d7c088c98e1d7c76dc19c7a35ea0bf16c7810085b8e065c846a564ea76460650b9b35c529a7c2bdb292c602a37429bc383b05de228f9343dc5d13182ec18aff6af2357da4b43dfdcbf44b6fdf9b761e22a033e696e6b36500c6737e2063e1bad031f9b3ff53941a8d40027be71bc3a7fcb83695004142ee2c88b61b8fb7e8509fa30e36f181dc486fdfd41d1338c696d0377f083442eafe06097ad373cd8d6d50b498bd42b54914489c399b1028fb42310f1851a7bc241477b2be0c075179481177043c1592996da23392d0055d4af5cadcc1f4dbcfb7067b298b26030b6ed52e88ea0e88e578fc46dcf708bb46fc38fbe7e84d2e94cbf3b8a1c4c11a0e94b7ee80d565fdee2776badde816bfaaae73aaa589e1b8ab409b18a2300c6166839a96db61b81a24d89f1ad9c71e7d2e2666262e094715c300e56e8804029f06c9cb04b52799c36341650a9a129d81300bffc04debbba7407fb42c848c4e16c24b6d51401c67d6643c346e368ca18a6b5234cbb62d2a4e2829954f68aaa9da4f767903a2fd42ab81456beaec541ab501a3105628b8c2965ee7db8375077cc55b6d6eb5c4112ca6afe734e19029c2c3fb3af288f9e5a0a89f0baafb1eb47647399704e753841600e1eb20e60b4ee3d389e6892d5771e9e9b90ca353776f6a1ca4249b4f2fa628f487c05baf0e896ba176f794525e2c589bb03d247d83f960f1f2624c25ababf134bc21c5c2029bb6ac53154db8a2c03a3e571f3bb7b95cde437b11891f89573f819baeec772643cf7a98679cb01d9f311a50cb0a3476743551820970e2e9fa39972b463786185e771647231f4e214dab423629e1f46ea966c65068896bd8ca749d8f17ed85b8feb22822c3a7d5715877e5ecc0c0aec4752405eac05ddff17b56d210d5ec28157b4e1df40bbeb419811fd24ed521b90e0472ec4ff11e028b966d86c45cb3cfced4e7083b79901ef9baa8135a14f80b550e5a36a5a60b3472bde4f43cb988fb0d9aab921ad193bd2de8845743d017a9ac26de9bbbda762c3b9e637bc6016c8337948292d34b04c2ce27da6bdf85d65529e1fd292ed44858eb0b6f0de4d475c0a72f1989ed34935b4dfd43ad58c0a978700e930815ab36b4ccdee5dcc7b4b16f5a99623b8e70dc65d17e22ff38921a06024c46dad97d96159a2c1826834d11d73b8f2f7c4dbb0568cb2718de532efed94ae96875baff119013874b9969bcd4bfdc75691164d4033ef5ba832fde2a209fc5c56028bbbd5a834739729cce8bdb9a65e2f2523c50f67bd9389119d30644742c180a54e7cf0063eba3447313a3dfbbdb9b85a2e83fc15bfe374dadf68879385c0cfbb953a8dad03b51811c4f8e832e97f698c588ea61b161ad0c0d2dd208f195a764fb0883e536ba609415acafbaf40dc6ebd04edc309ee50e24c2639184e18aa459ee0041f0d8d3eace8a531467668efca5f854216d324e9ba3fe199fcf94752d664310f21be6df53fe359889b6a4c753e22cee9ec89e36b6c89ed97b1838deb4a6065029c00c0c0a62aacf8431189f7dedbdc27dcfe441f2c7d853b7ca95d09c8121de89e0a114cc5bd50018e0f1750185bb8b08a7b4605db592a895649e1cbab8e422fde39c86254c1ececaa146d385400880487d78228843c357c8b0521eab34846bbd33d06612dfcc500a8c6cc2932e4178070d21b196e58a9d05983e653261e61b71abaa2672d4dcb5e41e32371e352e7d0b8e4c38a3477ddd102d47a3cc0c8395d6ba633cb87f1ce309fa1e6ce3c558f6b747fec7ca32d2eace68b8f870a32bd15ceebc354284e91f176153c671ac95679060ea838bfe28af4b2fcc74e9235bae5f65efe0238fe0b7a28add23e4f0b5d4a4bf49df63bb4205a03352db95ffae0764cb042caa228ea045fe4fdd6157894164ec8e33d666423095e96afa8c971c920ac6baffa100acacd97871b4fa166e5671e53eae6869b4a5a991510008199b56c1bd7493462a8d476a04bf277ee647550f53c50aa92474a0d8d0b3932a601986266e17943aaec71069affbe13e17724f61160f078ef132eb5ee3d7462b18d930999720b90d204f3771b574b3de43d6ba1ea09164a992b306d673d407a746f0ebd78ed575ab4005f9b8aa932aa61e38d48c4283abddc24223377e26266738ad28072b33a20c4d5686ca8fcd60b23b003e32609c4c04984db72279b7c31daeac361010c78cec20bdb2b0942074841bb80519eb79aa737967e1c0943119b7764e7a3803a012416c9610252788e4274f57cb323dc0790260b956980c7857a084fb3e0f3d0546a3af1a3c7c6dfd9f2b3d37607258c492ac9e024e5c5e58b4e224f83a2f5ff42b5be504086fa2e373cd754661150b5fcf7d53e408e1f1602180e82297460aa01a6c03027edb0f7088626ff00"/4093, 0xffd, &(0x7f00000001c0), &(0x7f00000015c0), &(0x7f00000002c0)="be693d1e85df77e7e9fd8e4ac0fc22f7cb276c4adbb26cda8a198e28b66a0c8517da827ceba1ab93e6f2a79e6186cb8a67b9a225cbf9440c954a8b0a43528ecca8796ea6c1f08ff76a6643efd074cef4fc86fa66f8fca96dba5e0a80bbc7ea94f8382755dd47a2d73cf913472e0735d700c0913c7bccf010449ed127f5d18a33")
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom1\x00', 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r6, 0x400000000000)
keyctl$clear(0x7, r5)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000018c0)={{0x14}, [@NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELSET={0x13c, 0xb, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_POLICY={0x8}, @NFTA_SET_USERDATA={0xd2, 0xd, 0x1, 0x0, "b359ebdc89d7885a60bacb601bbeff9202b158f3db9cfcade626d51032326401662b33b508da934ae4b991d61ead4c0b732512190b9f3dca81fc7e9e36736defa2e2315ba28db121af4773f999677c5453a7602a8d71efdb9b67d5a61e1445e68feff6ee8f6c4ca86cc751b062974af852fa76cf999bcbe7cbadb022d614c0dc73231f3e242716160687edbd3d4c8fe1816b8d7f2c5ba31bd37403e04755f53693e02a686af152d96439d1c17e145f4425143617f1cd4542a3064ec98ba18dfe9e33ca82e3ec2dd4f24a80fd15d4"}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @hash={{0x9}, @void}}]}, @NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_CHAIN_USERDATA={0x45, 0xc, "02adc8477a1d262f453aa2da40b068fb56324ec45b7d4084ac8555bc8cfe1ddd37791ceff130b6ce9e38448e0ab4e065abc1f2ef5f3db89739a52241ff654d3896"}]}], {0x14}}, 0x1e0}, 0x1, 0x0, 0x0, 0x40}, 0x8000)
r9 = dup3(r4, r3, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire={0x40046305, 0x300}], 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001600)={&(0x7f0000001540)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000020000000000000200000002000000240000000000"], 0x0, 0x32, 0x0, 0x0, 0xfffffffe}, 0x28)
r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0x200080, 0x0)
r11 = openat$cgroup(r7, &(0x7f0000000480)='syz0\x00', 0x200002, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r10, 0xc028660f, &(0x7f0000001500)={0x0, r11, 0x100000001, 0x1000, 0x3})
r12 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r12, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000002c0)="3504000030000511d25a80648c63940d1124fc60040035400c0002000a00002037153e373f04018006041000450055d64a12f76710989a119052acaa1100da3e813fa6ba1eb693d93f699e37af0d43f908fa7d995a8feb85d6a4e1b691276cd9561767306b74b4098e9e71fa51bde29f19b06fb9b3ba96da0e93d5a402dc7fe462a6cc4718c94c1747fff68092705b44bb48dd2db4f3127aab13b4af05549571a6c0e03db227b65d459fa5c1232d7b62f12b65354b7e70d32998da02ae0dc28942f682d97191d0b68697bac278c34b2972ca8ed35b61ee6831c78af85c6711cd687694ce3835a98387fcdb8616524ea04449dbedb3250fb366740d6b96307e1d2f0d85dd592ca2d8c2730ad1d16eb4d87cbb48d2f7c4eb7a490aee0493ffe3b72b508c9a8eb2ec9ed353d79ed29ffed1e48bf370bfb8af11085997d38210601155ec361cd6f3577da98c0a528a4d24ce75fbe297cb75f4b36719edd354ee6312c5527de7ea1a4233b9b0bba0ba2deac12f0257c64ceca8a0a62db179c7d9df7749da38624aab1865024e56a1b2a41e1c7e3a29c01adb31f1865bf6f44aa1e0fd6d827fbae1d57b5ff0026b580c890df83592aceb316fcd6ca200d007b786f9ae", 0x1c0}, {&(0x7f0000000a40)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319129c48853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673c", 0x275}], 0x2}, 0x4)
getdents64(r1, &(0x7f00000000c0)=""/55, 0x37)

737.487549ms ago: executing program 5 (id=1200):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$lock(r2, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x200, 0x2}) (async)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
fcntl$lock(r2, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x5}) (async)
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x0, 0x3}) (async)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x13}]}}}, {0x1c, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0x17}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)

737.344182ms ago: executing program 2 (id=1201):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYBLOB="0000000000000000b702000014000000b70200000000000085"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0xfffd, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

737.006875ms ago: executing program 5 (id=1202):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x1f, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

736.916154ms ago: executing program 2 (id=1203):
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x800, 0x10, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
mount$9p_xen(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x20, &(0x7f0000000240)={'trans=xen,', {[{@privport}, {@uname={'uname', 0x3d, '\\]'}}, {@version_L}, {@nodevmap}, {@msize={'msize', 0x3d, 0x8000000000000001}}], [{@obj_user={'obj_user', 0x3d, 'GPL\x00'}}, {@flag='posixacl'}, {@fowner_eq}, {@context={'context', 0x3d, 'unconfined_u'}}, {@measure}, {@fowner_eq={'fowner', 0x3d, r0}}, {@subj_type}, {@context={'context', 0x3d, 'unconfined_u'}}, {@subj_user={'subj_user', 0x3d, '\x00'}}]}})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xb0}, [@ldst={0x4}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xb5, &(0x7f000000cf3d)=""/181, 0x0, 0x10, '\x00', 0x0, @sock_ops}, 0x94)

689.216606ms ago: executing program 0 (id=1204):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r3, 0x8983, &(0x7f0000000000)={0x6, 'ip6erspan0\x00', {0x1}, 0x8})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000080)={0x0, 'macsec0\x00', {0x7}, 0x6})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fda000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, &(0x7f0000000100)="2e3eaf0f01c2ba4000b80000ef0f6f85002836640f204266b9800000c00f326635008000000f300f20d86635200000000f22d8f3c3325bcd660f38824300", 0x3e}], 0x1, 0x5, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000024d564b000000000b"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

671.404743ms ago: executing program 2 (id=1205):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x1000300, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

671.155728ms ago: executing program 2 (id=1207):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000040))
syz_80211_inject_frame(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67db3e6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b19abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f0000000000f8e10238d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x8, 0x0, 0xee, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001a00)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="b9ff0307683a268cb8f8ffff888e", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = syz_open_dev$vim2m(&(0x7f0000000440), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000140)={0x0, 0x34324142, 0x2, @discrete={0x1, 0x401}})

517.7823ms ago: executing program 0 (id=1208):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2e, 0x1, 0x300, 0x0, "", [@nested={0x101, 0x2000, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64=0x8}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1, 0x0, 0x0, 0xfffffffd}, 0x0)

517.531935ms ago: executing program 3 (id=1209):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
write$binfmt_format(0xffffffffffffffff, &(0x7f0000000000)='1\x00', 0x2)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYRESOCT=r1], 0x44}}, 0x0)
shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ffc000/0x1000)=nil)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r2)
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
ptrace$setregset(0x4205, r5, 0x204, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, r4, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6=r6}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bond0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@ipv4_newroute={0x38, 0x18, 0x100, 0x70bd26, 0x25dfdbfc, {0x2, 0x20, 0x0, 0x9, 0xfd, 0x0, 0xfd, 0x2, 0x100}, [@RTA_METRICS={0x14, 0x8, 0x0, 0x1, "a4edc1a6e141c4971c7c6c28e5c9f851"}, @RTA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x38}, 0x1, 0x0, 0x0, 0x8841}, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f00000004c0)=0x5, 0x4)

517.4554ms ago: executing program 0 (id=1210):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='vegas\x00', 0x6)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000b00)="89000000120081ae08060cdc030000017f03e3f7000300006ee2ffca1b1f00ff0f00000000000050375ed08a56331dbf9ed78105001ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00010004080c00bdad01409bbc7a46e39a54cbbda812176679df069163ce955fed0009d78f0a947ee2b49e33538afaeb2713f450ebd010a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0x7}, 0x0)

440.95541ms ago: executing program 3 (id=1211):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000040)="4dc07f94", 0x4)
mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6002, &(0x7f0000000040)=0xa, 0x7, 0x0)
set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xffffffffffffff18, &(0x7f0000000100)=[{&(0x7f0000000000)="2f0000001c0005c5ffffff000d000000020000000b000000ec0091c913000180f0ffffeb", 0x1dd}], 0x1}, 0x0)
r5 = socket(0x10, 0x80002, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c00071bab0925000900070007ab08000c000000f0007e93210001c000000000000000000000000000039915fa2c1ec28670e9889bb94b46fe0000000a0002", 0xff82)
sendmmsg$alg(r5, &(0x7f0000000140)=[{0x3, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100), 0xc}], 0x492492492492856, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x2})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x11, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x1, 0x803, 0x0)
r9 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0xa0001)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffc, 0x25, 0x1, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000080)="520984bd777b00000080f15cc0165c1cd716a0ebabd80a02f1d4a100"/37, 0xfffffffffffffffd, 0x1, 0x0, 0x1, 0x0})
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r10], 0x54}}, 0x0)
r11 = socket$netlink(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001000250800370000000000000a000000", @ANYRES32=r12, @ANYRES32], 0x20}}, 0x0)
getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xa)

260.527611ms ago: executing program 3 (id=1212):
r0 = dup(0xffffffffffffffff)
close_range(0xffffffffffffffff, r0, 0x2) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000240)='mmap_lock_acquire_returned\x00', r1}, 0x18)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r3=>0x0], &(0x7f0000000340)=[<r4=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r4, r3], 0x2, 0x80800, 0x0, <r5=>0xffffffffffffffff}) (async)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
ioctl$DRM_IOCTL_MODE_GETENCODER(r5, 0xc01464a6, &(0x7f0000000180)={r6}) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r8 = socket(0x400000000010, 0x3, 0x0) (async)
r9 = syz_open_dev$evdev(&(0x7f00000007c0), 0x2, 0x2800)
ioctl$EVIOCGABS20(r9, 0x80184520, 0x0) (async)
r10 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000) (async)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000013c0)=@newtfilter={0x954, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r11, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0x928, 0x2, [@TCA_U32_SEL={0x64, 0x5, {0xe, 0x9, 0x5, 0x5, 0x7de, 0x74, 0xe, 0xdc, [{0x80000001, 0x2, 0x9, 0x1ff}, {0x3ee, 0x1, 0x4}, {0x2, 0xf12, 0x7f, 0xa}, {0x7ff, 0x2, 0x1, 0x8000}, {0x3, 0x1, 0x3, 0x3e}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xffe0}}, @TCA_U32_POLICE={0x8b8, 0x6, [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x2, 0x7ff, 0x1, 0x0, {0x6, 0x1, 0x1ff, 0x9, 0xa0, 0x5}, {0x7, 0x2, 0x9, 0x6, 0x6, 0x5}, 0x3, 0x8, 0x528d}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x3, 0x8000, 0x4, 0x2, 0x9, 0x3, 0x2, 0x7fff, 0x3ff, 0x6, 0x80, 0x6, 0x1000, 0x5, 0xfffffff7, 0xbae, 0x7, 0x8, 0x9, 0x9, 0x2, 0x3, 0xfffffff6, 0x6e44, 0x0, 0x80, 0xfffffff0, 0x3, 0x694c, 0x4, 0x8, 0x966, 0x8, 0xe4, 0x6, 0x400, 0x9273, 0x7, 0x9, 0x3, 0x7ff, 0x3, 0xffffff8f, 0x7, 0x81, 0xfd, 0x1ff, 0x3ff, 0x250, 0x8, 0x9906, 0x2, 0xd, 0x7, 0x800, 0x4, 0x8, 0xd1, 0x3, 0x7, 0xa0a, 0xe, 0x2, 0x400, 0xca9, 0x4, 0x101, 0x9, 0x6, 0x8, 0xfffffff8, 0x7, 0x401, 0x5522, 0x81, 0x3, 0x7, 0x8, 0x2, 0xa, 0x4, 0xd, 0x5, 0x17cc, 0x5, 0x1, 0xfffffd3e, 0x484f, 0x7f, 0x10000, 0x200, 0x6, 0x2bc1, 0x9, 0x100, 0x101, 0x4, 0x7, 0x4, 0x9, 0x6, 0xc66, 0xb7f2, 0x1, 0x9, 0x1ff, 0x4, 0x0, 0x40, 0x2000000, 0x10000, 0x1, 0x5, 0x1, 0x5, 0xde, 0x1, 0x3, 0x1, 0x5, 0x5e4d, 0x7, 0x4, 0x0, 0xffffff90, 0x5, 0x5, 0x2, 0x8, 0x2, 0xe, 0x8, 0xe, 0x0, 0x3, 0x80, 0x401, 0x6, 0x8, 0x4, 0xc0, 0x8, 0x7, 0xfffffffe, 0x81, 0x8, 0x9ffbf60a, 0x8700, 0x8, 0x401, 0x2, 0xfffffffd, 0x81, 0xcf67, 0x9, 0x6, 0x5, 0x9680, 0x2, 0x0, 0x4, 0x4, 0x7fff, 0x9, 0x7f, 0x3ff, 0x285, 0x6adb8836, 0x95a, 0xff, 0x0, 0x5, 0x1142858c, 0x400, 0x0, 0x0, 0x0, 0x10000, 0x1, 0x51, 0x1, 0xfffffffc, 0x8, 0x4, 0x80, 0x9, 0x7fff, 0x7, 0x1, 0x4, 0x70000, 0xb, 0x10001, 0x13, 0x7, 0xb2830d7, 0x7fffffff, 0x2, 0x40000, 0x6, 0x2, 0x9, 0x100, 0x6, 0x9, 0x5, 0x14000000, 0x29a4a452, 0x3, 0xfffffff7, 0xfffff95a, 0x3, 0x1000, 0x6, 0x5, 0x6, 0x3, 0xa, 0x3, 0x10, 0xc, 0x1, 0x6, 0x4, 0x2, 0x28bd, 0x6, 0x5, 0x0, 0x6, 0x2, 0x6, 0x9, 0x2, 0x80, 0xc, 0x6, 0x2, 0x5, 0x17, 0x5, 0xa, 0x3001, 0x0, 0x5, 0x0, 0x7fffffff, 0x4, 0x1, 0x9, 0x7, 0x3, 0x1, 0x5]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1}, @TCA_POLICE_AVRATE={0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0xbd9e, 0x20000000, 0xfffff3e9, 0x2ae, 0x8, {0x5, 0x0, 0xfff9, 0x7e6c, 0x5946, 0x7}, {0x4, 0x1, 0x9, 0x8, 0x9, 0x35}, 0x9, 0x7, 0xd}}, @TCA_POLICE_RESULT={0x8, 0x5, 0x8001}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x2, 0x0, 0x3, 0x4, 0x7, 0x0, 0x3ff, 0x1, 0x4, 0xd, 0x7, 0x7, 0x6, 0x81, 0xd86, 0x8000, 0x5, 0x14a51caf, 0xffffffff, 0x10000, 0x10000, 0x7fff, 0x0, 0x5, 0x0, 0x9, 0x4, 0x0, 0xffff, 0x10, 0xffffffe3, 0x1ff, 0x6, 0x6478, 0xf, 0x0, 0x5, 0x60, 0xe, 0x9, 0xa43, 0x80000000, 0xd8, 0x1, 0xc, 0x1, 0x41, 0xa, 0x8001, 0x6, 0x6, 0xe, 0x1, 0x101, 0x7, 0xda67, 0x2, 0x42c1, 0x7, 0xe7de, 0x0, 0x4, 0x1000, 0x6, 0x9, 0xfffffff7, 0x7, 0xfca4, 0x1000, 0x4, 0xfffffff8, 0x3, 0x401, 0xd9, 0xc, 0x7fffffff, 0x4, 0x0, 0x9, 0xe, 0x0, 0xd, 0x0, 0x8000, 0x7, 0xfff, 0x9, 0x9, 0x10000, 0x4, 0x3, 0xf, 0x562, 0x1, 0x4, 0x1, 0xceb, 0xb2567f0, 0x9, 0x6, 0xfffffff7, 0x4764, 0xe, 0x6, 0x1, 0x4, 0x14000000, 0x8, 0xb87, 0x3, 0x7, 0x9, 0x6, 0x400000, 0x8, 0x0, 0x9, 0x2, 0x754, 0x1, 0x4, 0x0, 0x1000, 0xd, 0x0, 0x4, 0x6, 0x9, 0x3, 0x9, 0x1, 0x4, 0x0, 0x6, 0x5, 0xee, 0x8e9, 0x6f, 0x1, 0x80, 0x1, 0x8, 0x9, 0x80000001, 0x6, 0x5, 0x8, 0xffffffff, 0x9, 0xe9, 0x9, 0x8f, 0x4, 0xee, 0x100, 0x7fbf, 0x4, 0x5, 0x1, 0x3, 0x5, 0xb03e, 0x0, 0xc, 0x7, 0x1, 0x5, 0x9, 0x9, 0x2, 0x9, 0x10, 0x1, 0x4, 0x3, 0x0, 0x10, 0x8, 0x1ff, 0x3, 0x5, 0x2f3f, 0x2, 0x3ff, 0x6, 0x7fff, 0xfffffffa, 0x4, 0xa, 0x10, 0x3, 0x4, 0x7, 0x0, 0x7ff, 0x0, 0x3310, 0x1, 0x9, 0xd, 0xffff, 0x9, 0x7fff, 0xffffffff, 0x6, 0x8, 0x774, 0x8, 0x7, 0x1, 0x7fff, 0x6, 0x6, 0x5, 0x4, 0x5, 0x2, 0x5, 0x0, 0x5, 0x7, 0x8, 0x1, 0x7fff, 0xd5, 0x3, 0xfffffff8, 0x0, 0x9, 0x10000, 0x4, 0x401, 0x40, 0x86f9, 0x2, 0xc, 0x0, 0x5, 0x1, 0x4, 0x1, 0xd, 0x9, 0x7fffffff, 0xb, 0x1ff, 0xc37, 0x2, 0x8, 0x2, 0x10, 0x0, 0x4, 0xdffffffc, 0x9]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x5}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xffff8001}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x2b}]}]}}]}, 0x954}, 0x1, 0x0, 0x0, 0x24000014}, 0x0) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
r14 = dup(r13)
ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x4000, 0x3, &(0x7f0000ffa000/0x4000)=nil) (async)
r15 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r15, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r16=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r15, 0xc05064a7, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, r16}) (async)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r14, 0xc05064a7, &(0x7f0000000400)={&(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f0000000800)=[{}, {}, {}, {}, {}], &(0x7f0000000280)=[0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x2, 0x3, 0x0, r16}) (async)
execve(&(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[&(0x7f0000000180)='\x88\x9a.\xaa\x8c\b\x99\xe5 \x19\xa6\x1c}g\xf5)P\x86\f\xba\xff\x8fS0\xd0/\xa2\x16\xc1?5\x9f&!\xfe?\xbe\x03\\\x94s\xf5\x1f\xaa\xd9\xfd2\xbc5y\x18#Qu\x85\xee-\xc0\xac\xa8\x93\x0eXds\xf3\xf6\x84\xca\"\xb8\x06\x8bM\xd4\xc5\x8c\xe1\x86\'@\x9f\x8f\xce\x85\xdf\xbb\xa2\x04Z\xbc:;\x00B\x85U\xf6\x9d\x9e_\x9f_\x9dD\t\xa6\xf6\xa9\xb2e\x92\xd0g\xb3\x01\xb77\x8eC}\x1d\x92\xa0\x85)\x0f\x1d\x7f\xd6\xd7\x0f\x8d\xea']})

211.537725ms ago: executing program 3 (id=1213):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x1000000, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) (fail_nth: 5)

106.802885ms ago: executing program 3 (id=1214):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
open(&(0x7f0000000180)='./bus\x00', 0xe80c4, 0x0) (fail_nth: 27)

106.126255ms ago: executing program 2 (id=1215):
r0 = memfd_create(&(0x7f0000001cc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc0sr\x95\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\x00\x01\x00\x00\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r0, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000180)="fa64d89c0a5dd9f364f466b9860300000f32f20f2086660f323e0fc71e7100440f20c0663505000000440f22c066b93002000066b80400000066ba008000000f30", 0x41}], 0x1, 0x42, 0x0, 0x0)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000100)={<r4=>0x0, 0x40, 0x3, [0x3, 0x8, 0x4]}, &(0x7f0000000140)=0xe)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000040)={0x2, 0xd, 0x6, 0x4, r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f00000018c0)=@ipv6_getroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_UID={0x8}, @RTA_MARK={0x8}]}, 0x2c}}, 0x0)
setsockopt$MRT_DEL_MFC(r3, 0x0, 0xcd, &(0x7f0000000080)={@local, @loopback, 0xffffffffffffffff, "349c89d4c4b26376b0aec0579e14035aaf64835e56ef112782b48ba18a6c0e42", 0x6, 0x9, 0x7, 0x787}, 0x3c)

0s ago: executing program 3 (id=1216):
r0 = dup(0xffffffffffffffff)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x200080, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r2, @ANYBLOB="010026bd7000000000003b00000008000300", @ANYRESOCT=r0, @ANYBLOB="08005700ba0200008402330080200900ffffffffffff080211000000505050505050"], 0x2a8}, 0x1, 0x0, 0x0, 0xc0}, 0x4)
r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000500)=ANY=[@ANYRES16=r3, @ANYRESOCT=r5, @ANYBLOB="a3be209b094124467b5b236ab3a4c5fc47ae28b21e9e989cd6a7aacb9600d20ac4da2c14412ab250dda11d565a62666c37565646069ad20de8b04b77ee51fbf21b7d6018fbda8ed3ee2be0b6220064dd955ee1115fda4f90cdf20332ba00bd8a83d26571b75aeab433553515c47f256cc5933f28350a9238e534694ffa03ccb4863dcb4253bd4632a8f60beedc1ccabe7e1d6fe00c85f023de452a6de4f6d829acbbd1f2b6ef6204e643d131a2a4a8b978381232fc6bbd145d940c09b1a59da7317e7cdd30361f94be3ea8", @ANYRES32], 0x24}}, 0x4c014)
r6 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
getpid()
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = dup(r8)
getpeername$packet(r9, &(0x7f0000000000)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r12], 0x4c}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r7, 0x890b, &(0x7f0000000240)={@local, @ipv4={'\x00', '\xff\xff', @empty}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20c200a2, r10})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c0000001800110100000000000000000a000000000000060000000013efea1b04e62735862762550a65e63ea7777dce2e0f505277cadb69d1cb4d79887da839840103a73b323dcd610ca781caa7127b7852a1e49ee00871b566475cdce888783b54e9b47a009a92d65467ca9f17cebba8a62de241dc6b6135e7d11411f261880712090e9ecb7d09088fa9bb9aaac0d2a0f2b055baf378e0dcc6a6ddf133e662ddf98a7ddb8771fdcb2280ab32d0a39dbef0ac17fa1439d462be771a0c2f7f2ac346204514"], 0x1c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$ax25_int(r6, 0x101, 0x1, 0x0, 0x0)
r13 = openat$audio1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r14 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x2200)
ioctl$EVIOCGNAME(r14, 0x80404506, &(0x7f0000000140)=""/132)
ioctl$SNDCTL_DSP_SETFRAGMENT(r13, 0xc004500a, 0x0)

0s ago: executing program 2 (id=1218):
pipe(&(0x7f0000000d00)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2) (async)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x102, 0x1cc) (async)
syz_emit_vhci(&(0x7f0000005540)=@HCI_EVENT_PKT={0x4, @hci_ev_auth_complete={{0x6, 0x3}, {0x0, 0xc9}}}, 0x6) (async, rerun: 64)
write$binfmt_misc(r1, &(0x7f0000000240), 0xfffffecc) (async, rerun: 64)
splice(r0, 0x0, r2, 0x0, 0x714f, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r5=>0x0})
fanotify_mark(r0, 0x200, 0x20, r1, &(0x7f00000000c0)='./file0\x00') (async)
sendto$packet(r4, &(0x7f0000000180)="0b03feff4f00021202004788aa96a13bb1000011000088ca1a00", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @local}, 0x14)

kernel console output (not intermixed with test programs):

41279][   T40] audit: type=1400 audit(1754483785.275:501): avc:  denied  { ioctl } for  pid=8474 comm="syz.2.818" path="/255/file0/file0" dev="fuse" ino=0 ioctlcmd=0x5408 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  101.011329][ T8485] FAULT_INJECTION: forcing a failure.
[  101.011329][ T8485] name failslab, interval 1, probability 0, space 0, times 0
[  101.016164][ T8485] CPU: 0 UID: 0 PID: 8485 Comm: syz.2.821 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  101.016182][ T8485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.016189][ T8485] Call Trace:
[  101.016193][ T8485]  <TASK>
[  101.016198][ T8485]  dump_stack_lvl+0x16c/0x1f0
[  101.016236][ T8485]  should_fail_ex+0x512/0x640
[  101.016250][ T8485]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  101.016269][ T8485]  should_failslab+0xc2/0x120
[  101.016281][ T8485]  __kmalloc_cache_noprof+0x6a/0x3e0
[  101.016298][ T8485]  ? hash_netnet_create+0x7c1/0x1a20
[  101.016316][ T8485]  hash_netnet_create+0x7c1/0x1a20
[  101.016334][ T8485]  ? find_held_lock+0x30/0x80
[  101.016347][ T8485]  ? __pfx_hash_netnet_create+0x10/0x10
[  101.016365][ T8485]  ? __pfx_hash_netnet_create+0x10/0x10
[  101.016382][ T8485]  ? ip_set_create+0x7e4/0x14d0
[  101.016394][ T8485]  ip_set_create+0x7e4/0x14d0
[  101.016410][ T8485]  ? __pfx_ip_set_create+0x10/0x10
[  101.016432][ T8485]  ? find_held_lock+0x2b/0x80
[  101.016448][ T8485]  nfnetlink_rcv_msg+0x9fc/0x1200
[  101.016465][ T8485]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  101.016479][ T8485]  ? __lock_acquire+0x62e/0x1ce0
[  101.016507][ T8485]  ? avc_has_perm_noaudit+0x149/0x3b0
[  101.016527][ T8485]  netlink_rcv_skb+0x155/0x420
[  101.016544][ T8485]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  101.016557][ T8485]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  101.016580][ T8485]  ? ns_capable+0xd7/0x110
[  101.016594][ T8485]  nfnetlink_rcv+0x1b3/0x430
[  101.016606][ T8485]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  101.016617][ T8485]  ? netlink_deliver_tap+0x1ae/0xd30
[  101.016635][ T8485]  netlink_unicast+0x5aa/0x870
[  101.016653][ T8485]  ? __pfx_netlink_unicast+0x10/0x10
[  101.016669][ T8485]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  101.016689][ T8485]  netlink_sendmsg+0x8d1/0xdd0
[  101.016707][ T8485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.016728][ T8485]  ____sys_sendmsg+0xa98/0xc70
[  101.016740][ T8485]  ? copy_msghdr_from_user+0x10a/0x160
[  101.016756][ T8485]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.016773][ T8485]  ___sys_sendmsg+0x134/0x1d0
[  101.016789][ T8485]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.016825][ T8485]  ? __mutex_unlock_slowpath+0x100/0x800
[  101.016851][ T8485]  __sys_sendmsg+0x16d/0x220
[  101.016866][ T8485]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.016890][ T8485]  do_syscall_64+0xcd/0x4c0
[  101.016907][ T8485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.016918][ T8485] RIP: 0033:0x7f649bd8ebe9
[  101.016927][ T8485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.016937][ T8485] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.016947][ T8485] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  101.016953][ T8485] RDX: 00000000000408c6 RSI: 0000200000000040 RDI: 0000000000000003
[  101.016959][ T8485] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  101.016965][ T8485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.016971][ T8485] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  101.016984][ T8485]  </TASK>
[  101.185227][ T8489] syzkaller1: tun_chr_ioctl cmd 1074025677
[  101.187176][ T8489] syzkaller1: Linktype set failed because interface is up
[  101.403376][ T5979] Bluetooth: hci1: command 0x0406 tx timeout
[  101.639598][ T8498] kvm: user requested TSC rate below hardware speed
[  101.812007][ T8506] netlink: zone id is out of range
[  101.815173][ T8506] FAULT_INJECTION: forcing a failure.
[  101.815173][ T8506] name failslab, interval 1, probability 0, space 0, times 0
[  101.818650][ T8506] CPU: 0 UID: 0 PID: 8506 Comm: syz.2.830 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  101.818665][ T8506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.818671][ T8506] Call Trace:
[  101.818675][ T8506]  <TASK>
[  101.818679][ T8506]  dump_stack_lvl+0x16c/0x1f0
[  101.818699][ T8506]  should_fail_ex+0x512/0x640
[  101.818709][ T8506]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  101.818727][ T8506]  should_failslab+0xc2/0x120
[  101.818740][ T8506]  __kmalloc_cache_noprof+0x6a/0x3e0
[  101.818756][ T8506]  ? mark_held_locks+0x49/0x80
[  101.818772][ T8506]  ? ovs_ct_limit_cmd_set+0x30a/0xa90
[  101.818786][ T8506]  ovs_ct_limit_cmd_set+0x30a/0xa90
[  101.818799][ T8506]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  101.818812][ T8506]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  101.818824][ T8506]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  101.818839][ T8506]  genl_family_rcv_msg_doit+0x206/0x2f0
[  101.818850][ T8506]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  101.818866][ T8506]  ? bpf_lsm_capable+0x9/0x10
[  101.818881][ T8506]  ? security_capable+0x7e/0x260
[  101.818892][ T8506]  ? ns_capable+0xd7/0x110
[  101.818906][ T8506]  genl_rcv_msg+0x55c/0x800
[  101.818918][ T8506]  ? __pfx_genl_rcv_msg+0x10/0x10
[  101.818929][ T8506]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  101.818945][ T8506]  netlink_rcv_skb+0x155/0x420
[  101.818961][ T8506]  ? __pfx_genl_rcv_msg+0x10/0x10
[  101.818972][ T8506]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  101.818994][ T8506]  ? netlink_deliver_tap+0x1ae/0xd30
[  101.819011][ T8506]  genl_rcv+0x28/0x40
[  101.819019][ T8506]  netlink_unicast+0x5aa/0x870
[  101.819037][ T8506]  ? __pfx_netlink_unicast+0x10/0x10
[  101.819052][ T8506]  ? __asan_memset+0x23/0x50
[  101.819068][ T8506]  ? __build_skb_around+0x278/0x3b0
[  101.819083][ T8506]  netlink_sendmsg+0x8d1/0xdd0
[  101.819101][ T8506]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.819122][ T8506]  ____sys_sendmsg+0xa98/0xc70
[  101.819133][ T8506]  ? copy_msghdr_from_user+0x10a/0x160
[  101.819148][ T8506]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.819165][ T8506]  ___sys_sendmsg+0x134/0x1d0
[  101.819181][ T8506]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.819207][ T8506]  ? __mutex_unlock_slowpath+0x100/0x800
[  101.819228][ T8506]  __sys_sendmsg+0x16d/0x220
[  101.819243][ T8506]  ? __pfx___sys_sendmsg+0x10/0x10
[  101.819270][ T8506]  do_syscall_64+0xcd/0x4c0
[  101.819287][ T8506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.819298][ T8506] RIP: 0033:0x7f649bd8ebe9
[  101.819307][ T8506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.819317][ T8506] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.819327][ T8506] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  101.819333][ T8506] RDX: 0000000000044850 RSI: 0000200000000100 RDI: 0000000000000003
[  101.819339][ T8506] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  101.819344][ T8506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  101.819350][ T8506] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  101.819363][ T8506]  </TASK>
[  101.837890][ T1461] usb 9-1: USB disconnect, device number 3
[  101.851005][   T24] usb 8-1: USB disconnect, device number 4
[  101.868914][   T34] usb 5-1: USB disconnect, device number 12
[  101.892964][ T8512] netlink: zone id is out of range
[  101.936523][ T8514] kvm: kvm [8513]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000006)
[  101.953985][ T8512] netlink: set zone limit has 4 unknown bytes
[  102.077472][   T40] audit: type=1400 audit(1754483787.315:502): avc:  denied  { getopt } for  pid=8531 comm="syz.0.840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  102.121994][ T8538] input: syz1 as /devices/virtual/input/input12
[  102.126674][ T8536] FAULT_INJECTION: forcing a failure.
[  102.126674][ T8536] name failslab, interval 1, probability 0, space 0, times 0
[  102.131786][ T8536] CPU: 0 UID: 0 PID: 8536 Comm: syz.3.842 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  102.131810][ T8536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.131821][ T8536] Call Trace:
[  102.131827][ T8536]  <TASK>
[  102.131834][ T8536]  dump_stack_lvl+0x16c/0x1f0
[  102.131866][ T8536]  should_fail_ex+0x512/0x640
[  102.131883][ T8536]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  102.131903][ T8536]  should_failslab+0xc2/0x120
[  102.131924][ T8536]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  102.131940][ T8536]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  102.131970][ T8536]  ? rcuwait_wake_up+0xdf/0x290
[  102.131995][ T8536]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  102.132025][ T8536]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  102.132058][ T8536]  mmu_topup_memory_caches+0x25/0x170
[  102.132079][ T8536]  kvm_mmu_load+0xd6/0x23c0
[  102.132115][ T8536]  ? vmx_get_rflags+0x100/0x420
[  102.132138][ T8536]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  102.132162][ T8536]  ? __pfx_kvm_mmu_load+0x10/0x10
[  102.132176][ T8536]  ? vmx_enable_irq_window+0xa9/0x190
[  102.132197][ T8536]  ? kvm_check_and_inject_events+0x71c/0x1310
[  102.132225][ T8536]  vcpu_run+0x358c/0x5580
[  102.132250][ T8536]  ? __lock_acquire+0xb97/0x1ce0
[  102.132283][ T8536]  ? __pfx_vcpu_run+0x10/0x10
[  102.132312][ T8536]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  102.132335][ T8536]  ? __local_bh_enable_ip+0xa4/0x120
[  102.132362][ T8536]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  102.132386][ T8536]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  102.132419][ T8536]  kvm_vcpu_ioctl+0x5eb/0x1690
[  102.132446][ T8536]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.132469][ T8536]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  102.132490][ T8536]  ? do_vfs_ioctl+0x128/0x14f0
[  102.132516][ T8536]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  102.132542][ T8536]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  102.132575][ T8536]  ? hook_file_ioctl_common+0x145/0x410
[  102.132608][ T8536]  ? selinux_file_ioctl+0x180/0x270
[  102.132628][ T8536]  ? selinux_file_ioctl+0xb4/0x270
[  102.132650][ T8536]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.132674][ T8536]  __x64_sys_ioctl+0x18e/0x210
[  102.132701][ T8536]  do_syscall_64+0xcd/0x4c0
[  102.132730][ T8536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.132746][ T8536] RIP: 0033:0x7fc952d8ebe9
[  102.132760][ T8536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.132777][ T8536] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.132794][ T8536] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  102.132805][ T8536] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  102.132815][ T8536] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  102.132826][ T8536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.132836][ T8536] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  102.132861][ T8536]  </TASK>
[  102.154785][ T8542] netlink: 28 bytes leftover after parsing attributes in process `syz.4.844'.
[  102.256726][ T8542] netlink: 28 bytes leftover after parsing attributes in process `syz.4.844'.
[  102.257884][   T40] audit: type=1400 audit(1754483787.495:503): avc:  denied  { ioctl } for  pid=8544 comm="syz.0.845" path="/dev/ndctl0" dev="devtmpfs" ino=109 ioctlcmd=0x640a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  102.341542][   T40] audit: type=1400 audit(1754483787.575:504): avc:  denied  { getopt } for  pid=8552 comm="syz.3.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  102.399332][   T40] audit: type=1400 audit(1754483787.635:505): avc:  denied  { read } for  pid=8564 comm="syz.3.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  102.580743][   T40] audit: type=1400 audit(1754483787.815:506): avc:  denied  { read } for  pid=8577 comm="syz.0.859" name="file0" dev="tmpfs" ino=981 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  102.595052][ T8585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  102.620936][ T8588] kvm: Disabled LAPIC found during irq injection
[  102.710604][ T8603] netlink: 'syz.4.866': attribute type 27 has an invalid length.
[  102.752779][ T8603] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.756182][ T8603] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.770455][ T8603] batman_adv: batadv0: Interface deactivated: dummy0
[  102.792516][ T8608] netlink: 84 bytes leftover after parsing attributes in process `syz.0.868'.
[  102.813016][ T8603] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.822806][ T8603] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.893206][ T8603] bridge1: left promiscuous mode
[  102.910788][ T8605] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.914337][ T8605] 8021q: adding VLAN 0 to HW filter on device team0
[  102.917648][ T8605] batman_adv: batadv0: Interface activated: dummy0
[  102.919692][ T8605] batadv0: mtu less than device minimum
[  102.921952][ T8605] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.925684][ T8605] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.929503][ T8605] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.933189][ T8605] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.936933][ T8605] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  102.950762][ T7628] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.953726][ T7629] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.956555][ T7629] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.959389][ T7636] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.048568][ T8629] tc_dump_action: action bad kind
[  103.131298][ T8639] FAULT_INJECTION: forcing a failure.
[  103.131298][ T8639] name failslab, interval 1, probability 0, space 0, times 0
[  103.136081][ T8639] CPU: 1 UID: 0 PID: 8639 Comm: syz.2.878 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  103.136097][ T8639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.136103][ T8639] Call Trace:
[  103.136108][ T8639]  <TASK>
[  103.136112][ T8639]  dump_stack_lvl+0x16c/0x1f0
[  103.136147][ T8639]  should_fail_ex+0x512/0x640
[  103.136161][ T8639]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  103.136174][ T8639]  should_failslab+0xc2/0x120
[  103.136186][ T8639]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  103.136196][ T8639]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  103.136213][ T8639]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.136231][ T8639]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.136255][ T8639]  mmu_topup_memory_caches+0x25/0x170
[  103.136268][ T8639]  kvm_mmu_load+0xd6/0x23c0
[  103.136278][ T8639]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  103.136289][ T8639]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  103.136303][ T8639]  ? __pfx_kvm_mmu_load+0x10/0x10
[  103.136313][ T8639]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  103.136329][ T8639]  ? kvm_check_and_inject_events+0x71c/0x1310
[  103.136347][ T8639]  vcpu_run+0x358c/0x5580
[  103.136362][ T8639]  ? __lock_acquire+0xb97/0x1ce0
[  103.136382][ T8639]  ? __pfx_vcpu_run+0x10/0x10
[  103.136398][ T8639]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  103.136413][ T8639]  ? __local_bh_enable_ip+0xa4/0x120
[  103.136430][ T8639]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.136444][ T8639]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.136463][ T8639]  kvm_vcpu_ioctl+0x5eb/0x1690
[  103.136478][ T8639]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.136492][ T8639]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.136506][ T8639]  ? do_vfs_ioctl+0x128/0x14f0
[  103.136522][ T8639]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.136538][ T8639]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.136557][ T8639]  ? hook_file_ioctl_common+0x145/0x410
[  103.136577][ T8639]  ? selinux_file_ioctl+0x180/0x270
[  103.136590][ T8639]  ? selinux_file_ioctl+0xb4/0x270
[  103.136604][ T8639]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.136618][ T8639]  __x64_sys_ioctl+0x18e/0x210
[  103.136635][ T8639]  do_syscall_64+0xcd/0x4c0
[  103.136652][ T8639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.136663][ T8639] RIP: 0033:0x7f649bd8ebe9
[  103.136671][ T8639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.136682][ T8639] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.136692][ T8639] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  103.136698][ T8639] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  103.136704][ T8639] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  103.136710][ T8639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.136716][ T8639] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  103.136729][ T8639]  </TASK>
[  103.333635][ T8644] netlink: 16 bytes leftover after parsing attributes in process `syz.4.879'.
[  103.352379][ T8649] afs: Unknown parameter ''
[  103.378381][ T8653] hpfs: Unknown parameter 'card'
[  103.417591][ T8655] netlink: 'syz.2.883': attribute type 5 has an invalid length.
[  103.420851][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.2.883'.
[  103.520603][ T8658] FAULT_INJECTION: forcing a failure.
[  103.520603][ T8658] name failslab, interval 1, probability 0, space 0, times 0
[  103.526682][ T8658] CPU: 1 UID: 0 PID: 8658 Comm: syz.2.884 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  103.526707][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.526718][ T8658] Call Trace:
[  103.526724][ T8658]  <TASK>
[  103.526730][ T8658]  dump_stack_lvl+0x16c/0x1f0
[  103.526758][ T8658]  should_fail_ex+0x512/0x640
[  103.526772][ T8658]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  103.526791][ T8658]  should_failslab+0xc2/0x120
[  103.526810][ T8658]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  103.526824][ T8658]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  103.526846][ T8658]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  103.526869][ T8658]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.526898][ T8658]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.526930][ T8658]  mmu_topup_memory_caches+0x25/0x170
[  103.526949][ T8658]  kvm_mmu_load+0xd6/0x23c0
[  103.526965][ T8658]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  103.526981][ T8658]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  103.527001][ T8658]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  103.527021][ T8658]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  103.527040][ T8658]  ? __pfx_kvm_mmu_load+0x10/0x10
[  103.527055][ T8658]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  103.527078][ T8658]  ? kvm_check_and_inject_events+0x71c/0x1310
[  103.527104][ T8658]  vcpu_run+0x358c/0x5580
[  103.527126][ T8658]  ? __lock_acquire+0xb97/0x1ce0
[  103.527156][ T8658]  ? __pfx_vcpu_run+0x10/0x10
[  103.527181][ T8658]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  103.527202][ T8658]  ? __local_bh_enable_ip+0xa4/0x120
[  103.527231][ T8658]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.527253][ T8658]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.527285][ T8658]  kvm_vcpu_ioctl+0x5eb/0x1690
[  103.527311][ T8658]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.527333][ T8658]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.527355][ T8658]  ? do_vfs_ioctl+0x128/0x14f0
[  103.527381][ T8658]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.527405][ T8658]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.527437][ T8658]  ? hook_file_ioctl_common+0x145/0x410
[  103.527470][ T8658]  ? selinux_file_ioctl+0x180/0x270
[  103.527490][ T8658]  ? selinux_file_ioctl+0xb4/0x270
[  103.527513][ T8658]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.527536][ T8658]  __x64_sys_ioctl+0x18e/0x210
[  103.527562][ T8658]  do_syscall_64+0xcd/0x4c0
[  103.527589][ T8658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.527605][ T8658] RIP: 0033:0x7f649bd8ebe9
[  103.527619][ T8658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.527635][ T8658] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.527652][ T8658] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  103.527662][ T8658] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  103.527672][ T8658] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  103.527681][ T8658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.527691][ T8658] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  103.527714][ T8658]  </TASK>
[  103.671807][ T8661] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.683379][ T8669] FAULT_INJECTION: forcing a failure.
[  103.683379][ T8669] name failslab, interval 1, probability 0, space 0, times 0
[  103.687280][ T8669] CPU: 3 UID: 0 PID: 8669 Comm: syz.4.887 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  103.687296][ T8669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.687303][ T8669] Call Trace:
[  103.687307][ T8669]  <TASK>
[  103.687311][ T8669]  dump_stack_lvl+0x16c/0x1f0
[  103.687331][ T8669]  should_fail_ex+0x512/0x640
[  103.687341][ T8669]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  103.687359][ T8669]  should_failslab+0xc2/0x120
[  103.687372][ T8669]  __kmalloc_cache_noprof+0x6a/0x3e0
[  103.687389][ T8669]  ? media_pipeline_add_pad+0xf3/0x990
[  103.687409][ T8669]  media_pipeline_add_pad+0xf3/0x990
[  103.687427][ T8669]  __media_pipeline_start+0x915/0x2030
[  103.687439][ T8669]  ? __mutex_trylock_common+0xe9/0x250
[  103.687458][ T8669]  ? __pfx___media_pipeline_start+0x10/0x10
[  103.687470][ T8669]  ? rcu_is_watching+0x12/0xc0
[  103.687486][ T8669]  media_pipeline_start+0x49/0x70
[  103.687496][ T8669]  video_device_pipeline_start+0x79/0xa0
[  103.687510][ T8669]  vimc_capture_start_streaming+0x7d/0x130
[  103.687523][ T8669]  ? __pfx_vimc_capture_start_streaming+0x10/0x10
[  103.687535][ T8669]  vb2_start_streaming+0x15f/0x5a0
[  103.687546][ T8669]  ? __bitmap_weight+0xd7/0x110
[  103.687562][ T8669]  vb2_core_streamon+0x2a7/0x450
[  103.687575][ T8669]  vb2_ioctl_streamon+0xf4/0x170
[  103.687586][ T8669]  __video_do_ioctl+0xb40/0xfc0
[  103.687603][ T8669]  ? __might_fault+0xe3/0x190
[  103.687613][ T8669]  ? __pfx___video_do_ioctl+0x10/0x10
[  103.687632][ T8669]  video_usercopy+0x4cd/0x1720
[  103.687648][ T8669]  ? __pfx___video_do_ioctl+0x10/0x10
[  103.687662][ T8669]  ? selinux_kernel_read_file+0x60/0x130
[  103.687677][ T8669]  ? __pfx_video_usercopy+0x10/0x10
[  103.687700][ T8669]  v4l2_ioctl+0x1bd/0x250
[  103.687714][ T8669]  ? __pfx_v4l2_ioctl+0x10/0x10
[  103.687742][ T8669]  __x64_sys_ioctl+0x18e/0x210
[  103.687762][ T8669]  do_syscall_64+0xcd/0x4c0
[  103.687780][ T8669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.687790][ T8669] RIP: 0033:0x7f637e78ebe9
[  103.687799][ T8669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.687809][ T8669] RSP: 002b:00007f637f66d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.687820][ T8669] RAX: ffffffffffffffda RBX: 00007f637e9b5fa0 RCX: 00007f637e78ebe9
[  103.687826][ T8669] RDX: 0000200000000000 RSI: 0000000040045612 RDI: 0000000000000003
[  103.687832][ T8669] RBP: 00007f637f66d090 R08: 0000000000000000 R09: 0000000000000000
[  103.687838][ T8669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.687843][ T8669] R13: 00007f637e9b6038 R14: 00007f637e9b5fa0 R15: 00007ffe569243e8
[  103.687856][ T8669]  </TASK>
[  103.825792][ T8661] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  103.901919][ T8675] FAULT_INJECTION: forcing a failure.
[  103.901919][ T8675] name failslab, interval 1, probability 0, space 0, times 0
[  103.907101][ T8675] CPU: 3 UID: 0 PID: 8675 Comm: syz.4.890 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  103.907117][ T8675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.907124][ T8675] Call Trace:
[  103.907129][ T8675]  <TASK>
[  103.907133][ T8675]  dump_stack_lvl+0x16c/0x1f0
[  103.907153][ T8675]  should_fail_ex+0x512/0x640
[  103.907163][ T8675]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  103.907176][ T8675]  should_failslab+0xc2/0x120
[  103.907189][ T8675]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  103.907199][ T8675]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  103.907223][ T8675]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  103.907238][ T8675]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.907256][ T8675]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  103.907276][ T8675]  mmu_topup_memory_caches+0x25/0x170
[  103.907288][ T8675]  kvm_mmu_load+0xd6/0x23c0
[  103.907298][ T8675]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  103.907310][ T8675]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  103.907322][ T8675]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  103.907338][ T8675]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  103.907350][ T8675]  ? __pfx_kvm_mmu_load+0x10/0x10
[  103.907360][ T8675]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  103.907377][ T8675]  ? kvm_check_and_inject_events+0x71c/0x1310
[  103.907394][ T8675]  vcpu_run+0x358c/0x5580
[  103.907409][ T8675]  ? __lock_acquire+0xb97/0x1ce0
[  103.907429][ T8675]  ? __pfx_vcpu_run+0x10/0x10
[  103.907445][ T8675]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  103.907459][ T8675]  ? __local_bh_enable_ip+0xa4/0x120
[  103.907475][ T8675]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.907490][ T8675]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  103.907509][ T8675]  kvm_vcpu_ioctl+0x5eb/0x1690
[  103.907524][ T8675]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.907538][ T8675]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  103.907552][ T8675]  ? do_vfs_ioctl+0x128/0x14f0
[  103.907569][ T8675]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  103.907585][ T8675]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  103.907604][ T8675]  ? hook_file_ioctl_common+0x145/0x410
[  103.907624][ T8675]  ? selinux_file_ioctl+0x180/0x270
[  103.907637][ T8675]  ? selinux_file_ioctl+0xb4/0x270
[  103.907650][ T8675]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  103.907665][ T8675]  __x64_sys_ioctl+0x18e/0x210
[  103.907682][ T8675]  do_syscall_64+0xcd/0x4c0
[  103.907700][ T8675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.907710][ T8675] RIP: 0033:0x7f637e78ebe9
[  103.907720][ T8675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.907748][ T8675] RSP: 002b:00007f637f66d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  103.907758][ T8675] RAX: ffffffffffffffda RBX: 00007f637e9b5fa0 RCX: 00007f637e78ebe9
[  103.907765][ T8675] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  103.907771][ T8675] RBP: 00007f637f66d090 R08: 0000000000000000 R09: 0000000000000000
[  103.907777][ T8675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.907783][ T8675] R13: 00007f637e9b6038 R14: 00007f637e9b5fa0 R15: 00007ffe569243e8
[  103.907796][ T8675]  </TASK>
[  103.932971][ T8680] netlink: 20 bytes leftover after parsing attributes in process `syz.2.892'.
[  103.937621][ T8661] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.073607][ T8684] netlink: 'syz.4.893': attribute type 1 has an invalid length.
[  104.143126][ T8661] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.149231][ T8689] netlink: 76 bytes leftover after parsing attributes in process `syz.0.895'.
[  104.160640][ T8689] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8689 comm=syz.0.895
[  104.180306][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  104.180318][   T40] audit: type=1400 audit(1754483789.415:513): avc:  denied  { mounton } for  pid=8686 comm="syz.2.894" path="/bus" dev="bpf" ino=28754 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  104.180366][ T8688] overlayfs: missing 'lowerdir'
[  104.190602][ T8691] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.221102][ T8691] veth3: entered promiscuous mode
[  104.226342][ T8691] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  104.227809][ T8693] netlink: 12 bytes leftover after parsing attributes in process `syz.2.896'.
[  104.235076][ T8693] netlink: 1041 bytes leftover after parsing attributes in process `syz.2.896'.
[  104.242512][ T8689] netlink: 16 bytes leftover after parsing attributes in process `syz.0.895'.
[  104.286176][ T7630] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.292877][ T7639] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.301912][ T7639] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.310144][ T7630] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.345483][ T8701] netlink: 'syz.3.900': attribute type 1 has an invalid length.
[  104.347881][ T8701] netlink: 224 bytes leftover after parsing attributes in process `syz.3.900'.
[  104.371321][   T40] audit: type=1400 audit(1754483789.605:514): avc:  denied  { ioctl } for  pid=8705 comm="syz.0.902" path="socket:[28844]" dev="sockfs" ino=28844 ioctlcmd=0xf504 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  104.372086][ T8708] FAULT_INJECTION: forcing a failure.
[  104.372086][ T8708] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.372693][ T8707] ptrace attach of "/syz-executor exec"[5976] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                b\x0aøÿ\x0c  !¿¡      \x07
  øÿÿÿ·     ½      …   Ð   ·       •       ?ºj}6Ù±ŽØ¢âÄž€ ¦ôàä©Dl¢µñÌ\x0ašö˜9: óˆœ$ªVñQ™úÐ\x09<YÖk^Ο6Ç\x0d
\x0cPwÚ€û˜,” ÆlêHJA[v–a¶Ou$\x1b\x07.�  -uY:(  É>dÂ'ÉZ ·„bWðzr‘„QëÜôÎ÷ù``Vþ\x5c4fL\x0aù6\x0az^k`q0ÈŸÀ
[  104.382944][ T8708] CPU: 1 UID: 0 PID: 8708 Comm: syz.3.903 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  104.382960][ T8708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.382966][ T8708] Call Trace:
[  104.382971][ T8708]  <TASK>
[  104.382975][ T8708]  dump_stack_lvl+0x16c/0x1f0
[  104.382996][ T8708]  should_fail_ex+0x512/0x640
[  104.383024][ T8708]  _copy_from_iter+0x29f/0x16f0
[  104.383038][ T8708]  ? __alloc_skb+0x200/0x380
[  104.383053][ T8708]  ? __pfx__copy_from_iter+0x10/0x10
[  104.383077][ T8708]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  104.383099][ T8708]  netlink_sendmsg+0x829/0xdd0
[  104.383117][ T8708]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.383139][ T8708]  ____sys_sendmsg+0xa98/0xc70
[  104.383152][ T8708]  ? copy_msghdr_from_user+0x10a/0x160
[  104.383167][ T8708]  ? __pfx_____sys_sendmsg+0x10/0x10
[  104.383185][ T8708]  ___sys_sendmsg+0x134/0x1d0
[  104.383200][ T8708]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.383227][ T8708]  ? __mutex_unlock_slowpath+0x100/0x800
[  104.383268][ T8708]  __sys_sendmsg+0x16d/0x220
[  104.383284][ T8708]  ? __pfx___sys_sendmsg+0x10/0x10
[  104.383308][ T8708]  do_syscall_64+0xcd/0x4c0
[  104.383325][ T8708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.383336][ T8708] RIP: 0033:0x7fc952d8ebe9
[  104.383345][ T8708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.383355][ T8708] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.383366][ T8708] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  104.383372][ T8708] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  104.383378][ T8708] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  104.383385][ T8708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.383391][ T8708] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  104.383404][ T8708]  </TASK>
[  104.389802][ T8713] i2c i2c-1: Invalid block write size 34
[  104.442118][   T40] audit: type=1400 audit(1754483789.675:515): avc:  denied  { module_load } for  pid=8712 comm="syz.2.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  104.442169][ T8718] Invalid ELF header type: 0 != 1
[  104.471968][ T8715] FAULT_INJECTION: forcing a failure.
[  104.471968][ T8715] name failslab, interval 1, probability 0, space 0, times 0
[  104.489031][ T8715] CPU: 2 UID: 0 PID: 8715 Comm: syz.4.905 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  104.489047][ T8715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.489053][ T8715] Call Trace:
[  104.489057][ T8715]  <TASK>
[  104.489061][ T8715]  dump_stack_lvl+0x16c/0x1f0
[  104.489082][ T8715]  should_fail_ex+0x512/0x640
[  104.489092][ T8715]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  104.489111][ T8715]  should_failslab+0xc2/0x120
[  104.489123][ T8715]  __kmalloc_cache_noprof+0x6a/0x3e0
[  104.489139][ T8715]  ? rcu_is_watching+0x12/0xc0
[  104.489152][ T8715]  ? vhost_task_create+0xe5/0x2e0
[  104.489163][ T8715]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  104.489178][ T8715]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  104.489196][ T8715]  vhost_task_create+0xe5/0x2e0
[  104.489206][ T8715]  ? __pfx_vhost_task_create+0x10/0x10
[  104.489221][ T8715]  ? __pfx_vhost_task_fn+0x10/0x10
[  104.489238][ T8715]  kvm_mmu_post_init_vm+0x1b7/0x380
[  104.489251][ T8715]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  104.489266][ T8715]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  104.489283][ T8715]  kvm_vcpu_ioctl+0x5eb/0x1690
[  104.489298][ T8715]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.489312][ T8715]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  104.489325][ T8715]  ? do_vfs_ioctl+0x128/0x14f0
[  104.489342][ T8715]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  104.489358][ T8715]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  104.489377][ T8715]  ? hook_file_ioctl_common+0x145/0x410
[  104.489397][ T8715]  ? selinux_file_ioctl+0x180/0x270
[  104.489409][ T8715]  ? selinux_file_ioctl+0xb4/0x270
[  104.489423][ T8715]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  104.489437][ T8715]  __x64_sys_ioctl+0x18e/0x210
[  104.489454][ T8715]  do_syscall_64+0xcd/0x4c0
[  104.489471][ T8715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.489481][ T8715] RIP: 0033:0x7f637e78ebe9
[  104.489490][ T8715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.489501][ T8715] RSP: 002b:00007f637f66d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.489511][ T8715] RAX: ffffffffffffffda RBX: 00007f637e9b5fa0 RCX: 00007f637e78ebe9
[  104.489517][ T8715] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  104.489523][ T8715] RBP: 00007f637f66d090 R08: 0000000000000000 R09: 0000000000000000
[  104.489529][ T8715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.489535][ T8715] R13: 00007f637e9b6038 R14: 00007f637e9b5fa0 R15: 00007ffe569243e8
[  104.489547][ T8715]  </TASK>
[  104.501036][   T40] audit: type=1400 audit(1754483789.735:516): avc:  denied  { setopt } for  pid=8723 comm="syz.2.909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  104.534345][ T8732] netlink: 12 bytes leftover after parsing attributes in process `syz.0.912'.
[  104.646594][ T8741] net_ratelimit: 15 callbacks suppressed
[  104.646605][ T8741] veth0: mtu less than device minimum
[  104.671554][ T8747] netlink: 'syz.0.918': attribute type 1 has an invalid length.
[  104.698198][ T8747] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  104.702337][ T7629] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  104.702836][ T8747] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.722882][ T8747] FAULT_INJECTION: forcing a failure.
[  104.722882][ T8747] name failslab, interval 1, probability 0, space 0, times 0
[  104.728273][ T8747] CPU: 3 UID: 0 PID: 8747 Comm: syz.0.918 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  104.728288][ T8747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  104.728295][ T8747] Call Trace:
[  104.728298][ T8747]  <TASK>
[  104.728302][ T8747]  dump_stack_lvl+0x16c/0x1f0
[  104.728324][ T8747]  should_fail_ex+0x512/0x640
[  104.728334][ T8747]  ? __kvmalloc_node_noprof+0x124/0x620
[  104.728346][ T8747]  should_failslab+0xc2/0x120
[  104.728359][ T8747]  __kvmalloc_node_noprof+0x137/0x620
[  104.728369][ T8747]  ? __pfx___nla_validate_parse+0x10/0x10
[  104.728381][ T8747]  ? alloc_netdev_mqs+0xd2/0x1500
[  104.728399][ T8747]  ? __pfx_veth_setup+0x10/0x10
[  104.728413][ T8747]  ? alloc_netdev_mqs+0xd2/0x1500
[  104.728427][ T8747]  alloc_netdev_mqs+0xd2/0x1500
[  104.728443][ T8747]  ? __nla_parse+0x40/0x60
[  104.728456][ T8747]  rtnl_create_link+0xc08/0xf90
[  104.728474][ T8747]  veth_newlink+0x6d2/0xa00
[  104.728490][ T8747]  ? __pfx_veth_newlink+0x10/0x10
[  104.728504][ T8747]  ? ____sys_sendmsg+0xa98/0xc70
[  104.728536][ T8747]  ? validate_linkmsg+0x57c/0xb60
[  104.728553][ T8747]  ? __pfx_validate_linkmsg+0x10/0x10
[  104.728568][ T8747]  ? alloc_netdev_mqs+0xe08/0x1500
[  104.728586][ T8747]  ? rtnl_create_link+0xa4a/0xf90
[  104.728601][ T8747]  ? __pfx_veth_newlink+0x10/0x10
[  104.728617][ T8747]  rtnl_newlink+0xc45/0x2000
[  104.728637][ T8747]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.728651][ T8747]  ? find_held_lock+0x2b/0x80
[  104.728665][ T8747]  ? avc_has_perm_noaudit+0x117/0x3b0
[  104.728683][ T8747]  ? avc_has_perm_noaudit+0x149/0x3b0
[  104.728711][ T8747]  ? find_held_lock+0x2b/0x80
[  104.728723][ T8747]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.728738][ T8747]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.728752][ T8747]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  104.728769][ T8747]  ? __pfx_rtnl_newlink+0x10/0x10
[  104.728785][ T8747]  rtnetlink_rcv_msg+0x95e/0xe90
[  104.728802][ T8747]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.728822][ T8747]  ? ref_tracker_free+0x37c/0x830
[  104.728834][ T8747]  netlink_rcv_skb+0x155/0x420
[  104.728851][ T8747]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.728868][ T8747]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  104.728889][ T8747]  ? netlink_deliver_tap+0x1ae/0xd30
[  104.728907][ T8747]  netlink_unicast+0x5aa/0x870
[  104.728925][ T8747]  ? __pfx_netlink_unicast+0x10/0x10
[  104.728941][ T8747]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  104.728961][ T8747]  netlink_sendmsg+0x8d1/0xdd0
[  104.728979][ T8747]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.729000][ T8747]  ____sys_sendmsg+0xa98/0xc70
[  104.729011][ T8747]  ? copy_msghdr_from_user+0x10a/0x160
[  104.729026][ T8747]  ? __pfx_____sys_sendmsg+0x10/0x10
[  104.729043][ T8747]  ___sys_sendmsg+0x134/0x1d0
[  104.729059][ T8747]  ? __pfx____sys_sendmsg+0x10/0x10
[  104.729086][ T8747]  ? __mutex_unlock_slowpath+0x100/0x800
[  104.729107][ T8747]  __sys_sendmsg+0x16d/0x220
[  104.729122][ T8747]  ? __pfx___sys_sendmsg+0x10/0x10
[  104.729146][ T8747]  do_syscall_64+0xcd/0x4c0
[  104.729163][ T8747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.729173][ T8747] RIP: 0033:0x7fbf4538ebe9
[  104.729182][ T8747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.729193][ T8747] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.729203][ T8747] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  104.729209][ T8747] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  104.729215][ T8747] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  104.729221][ T8747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.729226][ T8747] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  104.729243][ T8747]  </TASK>
[  104.853380][ T1179] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  104.947956][   T40] audit: type=1400 audit(1754483790.185:517): avc:  denied  { relabelfrom } for  pid=8759 comm="syz.4.923" name="" dev="pipefs" ino=27113 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  104.948510][ T8760] SELinux:  Context system_u:object_r:semanage_trans_lock_t:s0 is not valid (left unmapped).
[  104.967609][   T40] audit: type=1400 audit(1754483790.205:518): avc:  denied  { relabelto } for  pid=8759 comm="syz.4.923" name="" dev="pipefs" ino=27113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:semanage_trans_lock_t:s0"
[  105.303956][ T8798] netlink: 8 bytes leftover after parsing attributes in process `syz.4.937'.
[  105.334981][ T8802] loop6: detected capacity change from 0 to 7
[  105.337426][    C0] blk_print_req_error: 25 callbacks suppressed
[  105.337437][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.342265][    C0] buffer_io_error: 25 callbacks suppressed
[  105.342273][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.348624][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.351509][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.354285][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.357517][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.360157][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.362917][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.365778][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.368545][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.371061][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.373777][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.377302][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.380149][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.382643][ T8802] ldm_validate_partition_table(): Disk read failed.
[  105.385115][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.387988][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.390568][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.393380][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.396067][    C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  105.398899][    C2] Buffer I/O error on dev loop6, logical block 0, async page read
[  105.401468][ T8802] Dev loop6: unable to read RDB block 0
[  105.405233][ T8802]  loop6: unable to read partition table
[  105.407094][ T8802] loop6: partition table beyond EOD, truncated
[  105.410543][ T8802] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  105.417455][ T8805] ldm_validate_partition_table(): Disk read failed.
[  105.419882][ T8805] Dev loop6: unable to read RDB block 0
[  105.421935][ T8805]  loop6: unable to read partition table
[  105.424362][ T8805] loop6: partition table beyond EOD, truncated
[  105.523889][ T8809] openvswitch: netlink: IP tunnel dst address not specified
[  105.615848][   T40] audit: type=1400 audit(1754483790.855:519): avc:  denied  { lock } for  pid=8808 comm="syz.4.940" path="socket:[29004]" dev="sockfs" ino=29004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  105.864101][ T8818] input: syz1 as /devices/virtual/input/input14
[  105.881654][   T40] audit: type=1400 audit(1754483791.115:520): avc:  denied  { read append open } for  pid=8817 comm="syz.0.944" path="/204/file0/memory.events.local" dev="9p" ino=35913970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  105.891113][   T40] audit: type=1400 audit(1754483791.115:521): avc:  denied  { lock } for  pid=8817 comm="syz.0.944" path="/204/file0/memory.events.local" dev="9p" ino=35913970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  105.916807][ T8821] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8821 comm=syz.4.945
[  106.046539][   T40] audit: type=1400 audit(1754483791.285:522): avc:  denied  { write } for  pid=8822 comm="syz.4.947" name="file0" dev="9p" ino=35913817 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  106.113617][ T5864] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  106.289242][ T5864] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  106.302997][ T5864] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  106.314470][ T5864] usb 8-1: Product: syz
[  106.316261][ T5864] usb 8-1: Manufacturer: syz
[  106.317966][ T5864] usb 8-1: SerialNumber: syz
[  106.351365][ T8842] netlink: 'syz.4.954': attribute type 25 has an invalid length.
[  106.360435][ T5864] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  106.377262][ T5864] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  106.395874][ T8845] wg2: entered promiscuous mode
[  106.397569][ T8845] wg2: entered allmulticast mode
[  106.401042][ T8846] netlink: 33 bytes leftover after parsing attributes in process `syz.0.953'.
[  106.406564][ T8848] wg2: left promiscuous mode
[  106.408472][ T8848] wg2: left allmulticast mode
[  106.449229][ T8851] netlink: 'syz.4.956': attribute type 1 has an invalid length.
[  106.472678][ T8851] 8021q: adding VLAN 0 to HW filter on device bond2
[  106.495026][ T8857] random: crng reseeded on system resumption
[  106.498603][ T8857] FAULT_INJECTION: forcing a failure.
[  106.498603][ T8857] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  106.504130][ T8857] CPU: 3 UID: 0 PID: 8857 Comm: syz.2.958 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  106.504147][ T8857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.504153][ T8857] Call Trace:
[  106.504158][ T8857]  <TASK>
[  106.504162][ T8857]  dump_stack_lvl+0x16c/0x1f0
[  106.504183][ T8857]  should_fail_ex+0x512/0x640
[  106.504195][ T8857]  should_fail_alloc_page+0xe7/0x130
[  106.504209][ T8857]  prepare_alloc_pages+0x3c2/0x610
[  106.504223][ T8857]  ? rcu_is_watching+0x12/0xc0
[  106.504238][ T8857]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  106.504254][ T8857]  ? stack_trace_save+0x8e/0xc0
[  106.504269][ T8857]  ? __pfx_stack_trace_save+0x10/0x10
[  106.504285][ T8857]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  106.504298][ T8857]  ? kasan_save_stack+0x42/0x60
[  106.504307][ T8857]  ? kasan_save_stack+0x33/0x60
[  106.504319][ T8857]  ? do_dentry_open+0x97f/0x1530
[  106.504329][ T8857]  ? vfs_open+0x82/0x3f0
[  106.504341][ T8857]  ? path_openat+0x1de4/0x2cb0
[  106.504353][ T8857]  ? do_filp_open+0x20b/0x470
[  106.504363][ T8857]  ? do_sys_openat2+0x11b/0x1d0
[  106.504376][ T8857]  ? __x64_sys_openat+0x174/0x210
[  106.504390][ T8857]  ? do_syscall_64+0xcd/0x4c0
[  106.504405][ T8857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.504417][ T8857]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  106.504428][ T8857]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  106.504441][ T8857]  ? policy_nodemask+0xea/0x4e0
[  106.504454][ T8857]  alloc_pages_mpol+0x1fb/0x550
[  106.504466][ T8857]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  106.504483][ T8857]  alloc_pages_noprof+0x131/0x390
[  106.504495][ T8857]  get_zeroed_page_noprof+0x18/0xb0
[  106.504508][ T8857]  get_image_page+0x18/0x190
[  106.504522][ T8857]  alloc_rtree_node+0x3c/0xb0
[  106.504535][ T8857]  memory_bm_create+0x519/0x810
[  106.504553][ T8857]  create_basic_memory_bitmaps+0xbd/0x320
[  106.504569][ T8857]  snapshot_open+0x235/0x2b0
[  106.504584][ T8857]  ? __pfx_snapshot_open+0x10/0x10
[  106.504600][ T8857]  misc_open+0x35a/0x420
[  106.504614][ T8857]  ? __pfx_misc_open+0x10/0x10
[  106.504626][ T8857]  chrdev_open+0x234/0x6a0
[  106.504640][ T8857]  ? __pfx_chrdev_open+0x10/0x10
[  106.504653][ T8857]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  106.504669][ T8857]  do_dentry_open+0x97f/0x1530
[  106.504680][ T8857]  ? __pfx_chrdev_open+0x10/0x10
[  106.504696][ T8857]  vfs_open+0x82/0x3f0
[  106.504711][ T8857]  path_openat+0x1de4/0x2cb0
[  106.504727][ T8857]  ? __pfx_path_openat+0x10/0x10
[  106.504743][ T8857]  do_filp_open+0x20b/0x470
[  106.504755][ T8857]  ? __pfx_do_filp_open+0x10/0x10
[  106.504777][ T8857]  ? alloc_fd+0x471/0x7d0
[  106.504792][ T8857]  do_sys_openat2+0x11b/0x1d0
[  106.504806][ T8857]  ? __pfx_do_sys_openat2+0x10/0x10
[  106.504822][ T8857]  ? __fget_files+0x20e/0x3c0
[  106.504836][ T8857]  __x64_sys_openat+0x174/0x210
[  106.504851][ T8857]  ? __pfx___x64_sys_openat+0x10/0x10
[  106.504865][ T8857]  ? ksys_write+0x1ac/0x250
[  106.504880][ T8857]  do_syscall_64+0xcd/0x4c0
[  106.504906][ T8857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.504916][ T8857] RIP: 0033:0x7f649bd8ebe9
[  106.504925][ T8857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.504936][ T8857] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  106.504946][ T8857] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  106.504953][ T8857] RDX: 0000000000000481 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  106.504959][ T8857] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  106.504965][ T8857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  106.504971][ T8857] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  106.504984][ T8857]  </TASK>
[  106.508587][ T8851] bond2: (slave veth5): Enslaving as an active interface with a down link
[  106.530607][ T8859] loop6: detected capacity change from 0 to 7
[  106.538112][ T8851] 8021q: adding VLAN 0 to HW filter on device batadv1
[  106.540273][ T8859] warn_alloc: 1 callbacks suppressed
[  106.540281][ T8859] syz.2.959: vmalloc error: size 8192, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  106.540533][ T8851] bond2: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open
[  106.541923][ T8859] ,cpuset=/,mems_allowed=0-1
[  106.650734][ T8859] CPU: 3 UID: 0 PID: 8859 Comm: syz.2.959 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  106.650749][ T8859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.650756][ T8859] Call Trace:
[  106.650760][ T8859]  <TASK>
[  106.650765][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  106.650785][ T8859]  warn_alloc+0x248/0x3a0
[  106.650801][ T8859]  ? __pfx_warn_alloc+0x10/0x10
[  106.650821][ T8859]  ? alloc_pages_mpol+0x25a/0x550
[  106.650837][ T8859]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  106.650854][ T8859]  ? trace_kmalloc+0x2b/0xd0
[  106.650878][ T8859]  __vmalloc_node_range_noprof+0x11d4/0x14b0
[  106.650900][ T8859]  ? bdev_disk_changed+0x48d/0x1520
[  106.650916][ T8859]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  106.650937][ T8859]  ? bdev_disk_changed+0x48d/0x1520
[  106.650950][ T8859]  __vmalloc_node_noprof+0xad/0xf0
[  106.650965][ T8859]  ? bdev_disk_changed+0x48d/0x1520
[  106.650978][ T8859]  bdev_disk_changed+0x48d/0x1520
[  106.650990][ T8859]  ? __mutex_unlock_slowpath+0x163/0x800
[  106.651010][ T8859]  ? __pfx_bdev_disk_changed+0x10/0x10
[  106.651026][ T8859]  loop_reread_partitions+0x70/0x140
[  106.651040][ T8859]  loop_configure+0x1222/0x1710
[  106.651064][ T8859]  ? __pfx_loop_configure+0x10/0x10
[  106.651089][ T8859]  lo_ioctl+0x265/0x20b0
[  106.651106][ T8859]  ? __pfx_lo_ioctl+0x10/0x10
[  106.651119][ T8859]  ? __pfx_avc_has_extended_perms+0x10/0x10
[  106.651136][ T8859]  ? kasan_quarantine_put+0x10a/0x240
[  106.651172][ T8859]  ? lockdep_hardirqs_on+0x7c/0x110
[  106.651190][ T8859]  ? blk_get_meta_cap+0x482/0x700
[  106.651209][ T8859]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  106.651226][ T8859]  ? blkdev_common_ioctl+0x1d6/0x2470
[  106.651256][ T8859]  ? __pfx_lo_ioctl+0x10/0x10
[  106.651270][ T8859]  blkdev_ioctl+0x274/0x6d0
[  106.651283][ T8859]  ? __pfx_blkdev_ioctl+0x10/0x10
[  106.651296][ T8859]  ? selinux_file_ioctl+0x180/0x270
[  106.651309][ T8859]  ? selinux_file_ioctl+0xb4/0x270
[  106.651323][ T8859]  ? __pfx_blkdev_ioctl+0x10/0x10
[  106.651337][ T8859]  __x64_sys_ioctl+0x18e/0x210
[  106.651354][ T8859]  do_syscall_64+0xcd/0x4c0
[  106.651372][ T8859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.651383][ T8859] RIP: 0033:0x7f649bd8ebe9
[  106.651392][ T8859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.651402][ T8859] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  106.651413][ T8859] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  106.651423][ T8859] RDX: 0000200000000080 RSI: 0000000000004c0a RDI: 0000000000000003
[  106.651432][ T8859] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  106.651441][ T8859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  106.651450][ T8859] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  106.651466][ T8859]  </TASK>
[  106.651470][ T8859] Mem-Info:
[  106.743841][ T8859] active_anon:11450 inactive_anon:0 isolated_anon:0
[  106.743841][ T8859]  active_file:5188 inactive_file:50863 isolated_file:0
[  106.743841][ T8859]  unevictable:1768 dirty:557 writeback:0
[  106.743841][ T8859]  slab_reclaimable:12270 slab_unreclaimable:71615
[  106.743841][ T8859]  mapped:25189 shmem:2405 pagetables:1166
[  106.743841][ T8859]  sec_pagetables:313 bounce:0
[  106.743841][ T8859]  kernel_misc_reclaimable:0
[  106.743841][ T8859]  free:442288 free_pcp:22570 free_cma:0
[  106.761394][ T8859] Node 0 active_anon:45800kB inactive_anon:0kB active_file:20700kB inactive_file:203200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100656kB dirty:2212kB writeback:0kB shmem:6084kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13680kB pagetables:4468kB sec_pagetables:1252kB all_unreclaimable? no Balloon:0kB
[  106.771795][ T8859] Node 1 active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:252kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100kB dirty:16kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:196kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  106.781266][ T8859] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  106.789940][ T8859] lowmem_reserve[]: 0 1233 1233 1233 1233
[  106.791771][ T8859] Node 0 DMA32 free:164692kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45800kB inactive_anon:0kB active_file:20700kB inactive_file:203200kB unevictable:3536kB writepending:2212kB present:2080628kB managed:1263556kB mlocked:0kB bounce:0kB free_pcp:61816kB local_pcp:3556kB free_cma:0kB
[  106.801460][ T8859] lowmem_reserve[]: 0 0 0 0 0
[  106.802934][ T8859] Node 1 Normal free:1588716kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:252kB unevictable:3536kB writepending:16kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:28492kB local_pcp:5752kB free_cma:0kB
[  106.812625][ T8859] lowmem_reserve[]: 0 0 0 0 0
[  106.814177][ T8859] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (UM) = 15360kB
[  106.818140][ T8859] Node 0 DMA32: 205*4kB (UE) 24*8kB (UE) 234*16kB (UME) 473*32kB (UME) 336*64kB (UME) 86*128kB (ME) 16*256kB (UM) 27*512kB (UME) 8*1024kB (UM) 6*2048kB (UM) 18*4096kB (UM) = 164532kB
[  106.823828][ T8859] Node 1 Normal: 6*4kB (UE) 8*8kB (UE) 16*16kB (UE) 15*32kB (UME) 11*64kB (UME) 10*128kB (UME) 1*256kB (U) 5*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 385*4096kB (UM) = 1588728kB
[  106.829246][ T8859] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  106.832244][ T8859] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  106.835182][ T8859] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  106.838129][ T8859] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  106.841008][ T8859] 58453 total pagecache pages
[  106.842489][ T8859] 0 pages in swap cache
[  106.843886][ T8859] Free swap  = 124996kB
[  106.845191][ T8859] Total swap = 124996kB
[  106.846498][ T8859] 1048443 pages RAM
[  106.847698][ T8859] 0 pages HighMem/MovableOnly
[  106.849230][ T8859] 283241 pages reserved
[  106.850535][ T8859] 0 pages cma reserved
[  106.986060][ T8868] fuse: Bad value for 'rootmode'
[  107.224352][ T8872] netlink: 8 bytes leftover after parsing attributes in process `syz.4.962'.
[  107.231010][ T8872] IPv6: sit1: Disabled Multicast RS
[  107.233202][ T8872] sit1: entered allmulticast mode
[  107.403469][ T5864] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive
[  107.405850][ T5864] ath9k_htc: Failed to initialize the device
[  107.428176][ T5864] usb 8-1: ath9k_htc: USB layer deinitialized
[  107.440237][ T1461] usb 8-1: USB disconnect, device number 5
[  107.446202][ T8881] fuse: Bad value for 'rootmode'
[  107.448290][ T8881] fuse: Bad value for 'user_id'
[  107.449911][ T8881] fuse: Bad value for 'user_id'
[  107.821109][ T8891] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8891 comm=syz.0.969
[  107.827455][ T8891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.969'.
[  108.055011][ T8871] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  108.101419][ T5330] Bluetooth: hci3: ISO packet too small
[  108.661428][ T8931] nbd: device at index 64 is going down
[  108.701690][ T8945] FAULT_INJECTION: forcing a failure.
[  108.701690][ T8945] name failslab, interval 1, probability 0, space 0, times 0
[  108.710323][ T8945] CPU: 3 UID: 0 PID: 8945 Comm: syz.2.984 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  108.710341][ T8945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.710347][ T8945] Call Trace:
[  108.710351][ T8945]  <TASK>
[  108.710356][ T8945]  dump_stack_lvl+0x16c/0x1f0
[  108.710376][ T8945]  should_fail_ex+0x512/0x640
[  108.710387][ T8945]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  108.710405][ T8945]  should_failslab+0xc2/0x120
[  108.710418][ T8945]  __kmalloc_cache_noprof+0x6a/0x3e0
[  108.710434][ T8945]  ? __asan_memset+0x23/0x50
[  108.710449][ T8945]  ? nft_netdev_hook_alloc+0x20c/0x410
[  108.710467][ T8945]  nft_netdev_hook_alloc+0x20c/0x410
[  108.710481][ T8945]  ? __nla_parse+0x40/0x60
[  108.710495][ T8945]  nft_chain_parse_hook+0x7a3/0x12b0
[  108.710507][ T8945]  ? kernel_text_address+0x8d/0x100
[  108.710520][ T8945]  ? __pfx_nft_chain_parse_hook+0x10/0x10
[  108.710535][ T8945]  ? __rhashtable_lookup.isra.0+0x2a1/0x6c0
[  108.710552][ T8945]  nf_tables_addchain.constprop.0+0xbfa/0x1c90
[  108.710572][ T8945]  ? nft_chain_lookup+0x204/0x3e0
[  108.710584][ T8945]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[  108.710602][ T8945]  ? __lock_acquire+0x62e/0x1ce0
[  108.710628][ T8945]  ? nla_strcmp+0xff/0x130
[  108.710641][ T8945]  ? nft_table_lookup.part.0+0x1e3/0x230
[  108.710659][ T8945]  nf_tables_newchain+0x1e0d/0x2a90
[  108.710680][ T8945]  ? __nla_validate_parse+0x600/0x2880
[  108.710694][ T8945]  ? __pfx_nf_tables_newchain+0x10/0x10
[  108.710711][ T8945]  ? __pfx___nla_validate_parse+0x10/0x10
[  108.710729][ T8945]  ? __nla_parse+0x40/0x60
[  108.710742][ T8945]  nfnetlink_rcv_batch+0x18ed/0x2330
[  108.710762][ T8945]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  108.710783][ T8945]  ? avc_has_perm_noaudit+0x149/0x3b0
[  108.710813][ T8945]  ? __nla_parse+0x40/0x60
[  108.710826][ T8945]  nfnetlink_rcv+0x3c1/0x430
[  108.710838][ T8945]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  108.710854][ T8945]  netlink_unicast+0x5aa/0x870
[  108.710872][ T8945]  ? __pfx_netlink_unicast+0x10/0x10
[  108.710889][ T8945]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  108.710909][ T8945]  netlink_sendmsg+0x8d1/0xdd0
[  108.710927][ T8945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  108.710948][ T8945]  ____sys_sendmsg+0xa98/0xc70
[  108.710965][ T8945]  ? copy_msghdr_from_user+0x10a/0x160
[  108.710980][ T8945]  ? __pfx_____sys_sendmsg+0x10/0x10
[  108.710998][ T8945]  ___sys_sendmsg+0x134/0x1d0
[  108.711013][ T8945]  ? __pfx____sys_sendmsg+0x10/0x10
[  108.711040][ T8945]  ? __mutex_unlock_slowpath+0x100/0x800
[  108.711060][ T8945]  __sys_sendmsg+0x16d/0x220
[  108.711076][ T8945]  ? __pfx___sys_sendmsg+0x10/0x10
[  108.711100][ T8945]  do_syscall_64+0xcd/0x4c0
[  108.711117][ T8945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.711128][ T8945] RIP: 0033:0x7f649bd8ebe9
[  108.711137][ T8945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.711147][ T8945] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.711158][ T8945] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  108.711165][ T8945] RDX: 0000000000000000 RSI: 000020000000c2c0 RDI: 0000000000000004
[  108.711171][ T8945] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  108.711177][ T8945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.711182][ T8945] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  108.711195][ T8945]  </TASK>
[  108.736290][ T8840] udevd[8840]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  108.784941][ T8951] netlink: 'syz.0.987': attribute type 1 has an invalid length.
[  108.840263][ T8951] 8021q: adding VLAN 0 to HW filter on device bond2
[  108.852790][ T8959] bond2: (slave geneve2): making interface the new active one
[  108.858005][ T8959] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  108.876898][ T8962] syz_tun: refused to change device tx_queue_len
[  108.881444][ T8951] bond2: entered promiscuous mode
[  108.883119][ T8951] geneve2: entered promiscuous mode
[  108.991471][ T8970] nbd: device at index 64 is going down
[  109.085329][ T8840] udevd[8840]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  109.197032][ T8991] openvswitch: netlink: Geneve opt len 31 is not a multiple of 4.
[  109.228340][ T8996] __nla_validate_parse: 7 callbacks suppressed
[  109.228350][ T8996] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1002'.
[  109.235467][ T8996] unsupported nlmsg_type 40
[  109.284162][ T8998] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.1003' sets config #1
[  109.645189][ T9003] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1004'.
[  109.654582][ T9006] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  109.680183][ T9003] netlink: 20 bytes leftover after parsing attributes in process `À'.
[  109.683938][ T9003] nbd: device at index 64 is going down
[  109.750356][ T8840] udevd[8840]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  109.761278][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  109.761292][   T40] audit: type=1400 audit(1754483794.995:530): avc:  denied  { append } for  pid=9019 comm="syz.4.1011" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  109.905502][ T9032] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1016'.
[  109.976616][ T9036] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1018'.
[  109.980255][ T9036] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1018'.
[  109.983694][ T9036] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1018'.
[  109.990034][ T9036] geneve3: entered promiscuous mode
[  109.991743][ T9036] geneve3: entered allmulticast mode
[  110.074596][ T9044] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1022'.
[  110.119560][ T9047] syz_tun: refused to change device tx_queue_len
[  110.357507][ T9057] syzkaller1: entered promiscuous mode
[  110.359310][ T9057] syzkaller1: entered allmulticast mode
[  110.374398][   T61] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  110.543838][   T61] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  110.547112][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.549970][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.554082][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.557147][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.560081][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.563764][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.566719][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.569571][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.573059][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.576322][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.579268][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.582732][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.585939][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.588783][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.592273][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.596972][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.601518][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.605476][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.608607][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.611447][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.614994][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.618315][   T61] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  110.621189][   T61] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  110.624696][   T61] usb 7-1: config 0 interface 0 has no altsetting 0
[  110.628176][   T61] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  110.631225][   T61] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  110.633849][   T61] usb 7-1: Product: syz
[  110.635159][   T61] usb 7-1: Manufacturer: syz
[  110.636595][   T61] usb 7-1: SerialNumber: syz
[  110.639324][   T61] usb 7-1: config 0 descriptor??
[  110.645827][   T61] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  110.752519][   T40] audit: type=1400 audit(1754483795.985:531): avc:  denied  { setopt } for  pid=9072 comm="syz.4.1035" lport=50249 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  110.849013][   T40] audit: type=1400 audit(1754483796.085:532): avc:  denied  { map } for  pid=9079 comm="syz.4.1038" path="/102/file0/cpuacct.usage_sys" dev="9p" ino=35913969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  110.856920][  T840] usb 7-1: USB disconnect, device number 7
[  110.858350][ T9049] netlink: 'syz.2.1024': attribute type 1 has an invalid length.
[  110.859785][  T840] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  111.054905][ T9082] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1039'.
[  111.443920][ T9103] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1046'.
[  111.476340][ T9102] FAULT_INJECTION: forcing a failure.
[  111.476340][ T9102] name failslab, interval 1, probability 0, space 0, times 0
[  111.480388][ T9102] CPU: 1 UID: 0 PID: 9102 Comm: syz.0.1045 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  111.480403][ T9102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.480409][ T9102] Call Trace:
[  111.480413][ T9102]  <TASK>
[  111.480417][ T9102]  dump_stack_lvl+0x16c/0x1f0
[  111.480451][ T9102]  should_fail_ex+0x512/0x640
[  111.480464][ T9102]  ? fs_reclaim_acquire+0xae/0x150
[  111.480480][ T9102]  ? tomoyo_encode2+0x100/0x3e0
[  111.480494][ T9102]  should_failslab+0xc2/0x120
[  111.480506][ T9102]  __kmalloc_noprof+0xd2/0x510
[  111.480520][ T9102]  tomoyo_encode2+0x100/0x3e0
[  111.480536][ T9102]  tomoyo_encode+0x29/0x50
[  111.480549][ T9102]  tomoyo_realpath_from_path+0x18f/0x6e0
[  111.480565][ T9102]  ? tomoyo_profile+0x47/0x60
[  111.480581][ T9102]  tomoyo_path_number_perm+0x245/0x580
[  111.480592][ T9102]  ? tomoyo_path_number_perm+0x237/0x580
[  111.480605][ T9102]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  111.480617][ T9102]  ? find_held_lock+0x2b/0x80
[  111.480642][ T9102]  ? find_held_lock+0x2b/0x80
[  111.480654][ T9102]  ? hook_file_ioctl_common+0x145/0x410
[  111.480673][ T9102]  ? __fget_files+0x20e/0x3c0
[  111.480688][ T9102]  security_file_ioctl+0x9b/0x240
[  111.480702][ T9102]  __x64_sys_ioctl+0xb7/0x210
[  111.480720][ T9102]  do_syscall_64+0xcd/0x4c0
[  111.480737][ T9102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.480748][ T9102] RIP: 0033:0x7fbf4538ebe9
[  111.480757][ T9102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.480767][ T9102] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  111.480777][ T9102] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  111.480783][ T9102] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  111.480789][ T9102] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  111.480795][ T9102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.480801][ T9102] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  111.480814][ T9102]  </TASK>
[  111.480823][ T9102] ERROR: Out of memory at tomoyo_realpath_from_path.
[  111.650889][ T9120] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9120 comm=syz.2.1052
[  111.777987][ T9132] FAULT_INJECTION: forcing a failure.
[  111.777987][ T9132] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  111.782131][ T9132] CPU: 3 UID: 0 PID: 9132 Comm: syz.0.1058 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  111.782147][ T9132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.782153][ T9132] Call Trace:
[  111.782158][ T9132]  <TASK>
[  111.782162][ T9132]  dump_stack_lvl+0x16c/0x1f0
[  111.782182][ T9132]  should_fail_ex+0x512/0x640
[  111.782195][ T9132]  should_fail_alloc_page+0xe7/0x130
[  111.782209][ T9132]  prepare_alloc_pages+0x3c2/0x610
[  111.782223][ T9132]  ? rcu_is_watching+0x12/0xc0
[  111.782238][ T9132]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  111.782250][ T9132]  ? __lock_acquire+0xb97/0x1ce0
[  111.782272][ T9132]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  111.782283][ T9132]  ? do_raw_spin_lock+0x12c/0x2b0
[  111.782295][ T9132]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  111.782306][ T9132]  ? find_held_lock+0x2b/0x80
[  111.782322][ T9132]  ? __lock_acquire+0xb97/0x1ce0
[  111.782338][ T9132]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  111.782352][ T9132]  ? policy_nodemask+0xea/0x4e0
[  111.782365][ T9132]  alloc_pages_mpol+0x1fb/0x550
[  111.782378][ T9132]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  111.782393][ T9132]  folio_alloc_mpol_noprof+0x36/0x2f0
[  111.782409][ T9132]  shmem_alloc_folio+0x135/0x160
[  111.782425][ T9132]  shmem_alloc_and_add_folio+0x499/0xc20
[  111.782446][ T9132]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  111.782464][ T9132]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  111.782478][ T9132]  shmem_get_folio_gfp+0x67f/0x1600
[  111.782491][ T9132]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  111.782503][ T9132]  ? filemap_map_pages+0xf58/0x1670
[  111.782516][ T9132]  shmem_fault+0x1fe/0xa30
[  111.782527][ T9132]  ? __pfx_shmem_fault+0x10/0x10
[  111.782539][ T9132]  ? __pfx_filemap_map_pages+0x10/0x10
[  111.782554][ T9132]  ? __pfx_filemap_map_pages+0x10/0x10
[  111.782564][ T9132]  __do_fault+0x10d/0x490
[  111.782576][ T9132]  ? __pfx_filemap_map_pages+0x10/0x10
[  111.782586][ T9132]  do_pte_missing+0xf50/0x3ba0
[  111.782603][ T9132]  ? find_held_lock+0x2b/0x80
[  111.782616][ T9132]  ? __handle_mm_fault+0x14fd/0x2a50
[  111.782634][ T9132]  __handle_mm_fault+0x152a/0x2a50
[  111.782654][ T9132]  ? __pfx___handle_mm_fault+0x10/0x10
[  111.782671][ T9132]  ? __pte_offset_map_lock+0x174/0x310
[  111.782684][ T9132]  ? find_held_lock+0x2b/0x80
[  111.782701][ T9132]  ? follow_page_pte.constprop.0+0x5cf/0x1390
[  111.782719][ T9132]  handle_mm_fault+0x589/0xd10
[  111.782738][ T9132]  __get_user_pages+0x551/0x34a0
[  111.782757][ T9132]  ? __pfx___get_user_pages+0x10/0x10
[  111.782775][ T9132]  populate_vma_page_range+0x267/0x3f0
[  111.782791][ T9132]  ? __pfx_populate_vma_page_range+0x10/0x10
[  111.782806][ T9132]  ? __pfx_find_vma_intersection+0x10/0x10
[  111.782820][ T9132]  ? do_mmap+0x69c/0x1210
[  111.782834][ T9132]  __mm_populate+0x1d8/0x380
[  111.782849][ T9132]  ? __pfx___mm_populate+0x10/0x10
[  111.782865][ T9132]  ? up_write+0x1b2/0x520
[  111.782877][ T9132]  vm_mmap_pgoff+0x37f/0x470
[  111.782891][ T9132]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  111.782905][ T9132]  ? __fget_files+0x20e/0x3c0
[  111.782921][ T9132]  ksys_mmap_pgoff+0x7d/0x5c0
[  111.782934][ T9132]  ? __pfx_ksys_write+0x10/0x10
[  111.782946][ T9132]  __x64_sys_mmap+0x125/0x190
[  111.782959][ T9132]  do_syscall_64+0xcd/0x4c0
[  111.782976][ T9132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.782987][ T9132] RIP: 0033:0x7fbf4538ebe9
[  111.782995][ T9132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.783005][ T9132] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  111.783015][ T9132] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  111.783022][ T9132] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  111.783028][ T9132] RBP: 00007fbf46257090 R08: ffffffffffffffff R09: 0000000000000000
[  111.783034][ T9132] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[  111.783040][ T9132] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  111.783053][ T9132]  </TASK>
[  111.876276][ T9144] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  112.031556][ T9165] random: crng reseeded on system resumption
[  112.038162][   T40] audit: type=1400 audit(1754483797.275:533): avc:  denied  { write } for  pid=9164 comm="syz.4.1073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  112.071192][ T9167] netlink: 'syz.4.1074': attribute type 32 has an invalid length.
[  112.082532][ T9167] 8021q: adding VLAN 0 to HW filter on device bond3
[  112.100025][ T9167] 8021q: adding VLAN 0 to HW filter on device bond3
[  112.102436][ T9167] bond3: (slave vcan1): The slave device specified does not support setting the MAC address
[  112.106636][ T9167] bond3: (slave vcan1): Error -95 calling set_mac_address
[  112.147733][ T9172] FAULT_INJECTION: forcing a failure.
[  112.147733][ T9172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.152002][ T9172] CPU: 1 UID: 0 PID: 9172 Comm: syz.2.1075 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  112.152016][ T9172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.152022][ T9172] Call Trace:
[  112.152027][ T9172]  <TASK>
[  112.152031][ T9172]  dump_stack_lvl+0x16c/0x1f0
[  112.152051][ T9172]  should_fail_ex+0x512/0x640
[  112.152063][ T9172]  _copy_from_iter+0x29f/0x16f0
[  112.152078][ T9172]  ? __pfx__copy_from_iter+0x10/0x10
[  112.152089][ T9172]  ? rcu_is_watching+0x12/0xc0
[  112.152103][ T9172]  ? rcu_is_watching+0x12/0xc0
[  112.152116][ T9172]  ? kfree+0x24f/0x4d0
[  112.152131][ T9172]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  112.152151][ T9172]  file_tty_write.constprop.0+0x488/0x9b0
[  112.152171][ T9172]  vfs_write+0x6c4/0x1150
[  112.152183][ T9172]  ? __pfx_tty_write+0x10/0x10
[  112.152200][ T9172]  ? __pfx_vfs_write+0x10/0x10
[  112.152209][ T9172]  ? find_held_lock+0x2b/0x80
[  112.152231][ T9172]  ksys_write+0x12a/0x250
[  112.152241][ T9172]  ? __pfx_ksys_write+0x10/0x10
[  112.152255][ T9172]  do_syscall_64+0xcd/0x4c0
[  112.152273][ T9172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.152283][ T9172] RIP: 0033:0x7f649bd8ebe9
[  112.152292][ T9172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.152303][ T9172] RSP: 002b:00007f649ccd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.152314][ T9172] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8ebe9
[  112.152320][ T9172] RDX: 0000000000001006 RSI: 0000200000001040 RDI: 0000000000000004
[  112.152326][ T9172] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  112.152332][ T9172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.152338][ T9172] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  112.152352][ T9172]  </TASK>
[  112.225164][   T40] audit: type=1400 audit(1754483797.465:534): avc:  denied  { read } for  pid=9175 comm="syz.0.1077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  112.307996][ T9194] FAULT_INJECTION: forcing a failure.
[  112.307996][ T9194] name failslab, interval 1, probability 0, space 0, times 0
[  112.310406][ T9191] can0: slcan on ttynull.
[  112.318677][ T9194] CPU: 0 UID: 0 PID: 9194 Comm: syz.3.1085 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  112.318701][ T9194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.318709][ T9194] Call Trace:
[  112.318713][ T9194]  <TASK>
[  112.318718][ T9194]  dump_stack_lvl+0x16c/0x1f0
[  112.318739][ T9194]  should_fail_ex+0x512/0x640
[  112.318752][ T9194]  should_failslab+0xc2/0x120
[  112.318766][ T9194]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  112.318779][ T9194]  ? __alloc_skb+0x2b2/0x380
[  112.318797][ T9194]  __alloc_skb+0x2b2/0x380
[  112.318811][ T9194]  ? __pfx___alloc_skb+0x10/0x10
[  112.318826][ T9194]  ? find_held_lock+0x10/0x80
[  112.318840][ T9194]  ? atomic_notifier_call_chain+0x9e/0x1c0
[  112.318859][ T9194]  mr6_netlink_event+0xde/0x190
[  112.318877][ T9194]  mroute_clean_tables+0x506/0xb40
[  112.318896][ T9194]  ? __pfx_mroute_clean_tables+0x10/0x10
[  112.318912][ T9194]  ? _copy_from_user+0x59/0xd0
[  112.318934][ T9194]  ? bpf_lsm_capable+0x9/0x10
[  112.318953][ T9194]  ip6_mroute_setsockopt+0x10e6/0x20d0
[  112.318963][ T9194]  ? __lock_acquire+0xb97/0x1ce0
[  112.319024][ T9194]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[  112.319041][ T9194]  ? is_bpf_text_address+0x8a/0x1a0
[  112.319059][ T9194]  ? find_held_lock+0x2b/0x80
[  112.319072][ T9194]  ? __might_fault+0xe3/0x190
[  112.319082][ T9194]  ? __might_fault+0xe3/0x190
[  112.319091][ T9194]  ? __might_fault+0x13b/0x190
[  112.319106][ T9194]  ? copy_from_sockptr_offset.constprop.0+0xe4/0x1a0
[  112.319121][ T9194]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  112.319140][ T9194]  ? do_ipv6_setsockopt+0x7ba/0x4470
[  112.319153][ T9194]  do_ipv6_setsockopt+0x7ba/0x4470
[  112.319169][ T9194]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  112.319184][ T9194]  ? find_held_lock+0x2b/0x80
[  112.319197][ T9194]  ? avc_has_perm_noaudit+0x117/0x3b0
[  112.319216][ T9194]  ? avc_has_perm_noaudit+0x149/0x3b0
[  112.319233][ T9194]  ? avc_has_perm+0x144/0x1f0
[  112.319249][ T9194]  ? __pfx_avc_has_perm+0x10/0x10
[  112.319265][ T9194]  ? get_pid_task+0x106/0x250
[  112.319275][ T9194]  ? proc_fail_nth_write+0x9f/0x220
[  112.319290][ T9194]  ? sock_has_perm+0x259/0x2f0
[  112.319301][ T9194]  ? __pfx_sock_has_perm+0x10/0x10
[  112.319314][ T9194]  ? ipv6_setsockopt+0xcb/0x170
[  112.319327][ T9194]  ipv6_setsockopt+0xcb/0x170
[  112.319342][ T9194]  rawv6_setsockopt+0xc2/0x510
[  112.319354][ T9194]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  112.319367][ T9194]  ? selinux_socket_setsockopt+0x6a/0x80
[  112.319378][ T9194]  ? sock_common_setsockopt+0x2e/0xf0
[  112.319389][ T9194]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  112.319401][ T9194]  do_sock_setsockopt+0xf0/0x1d0
[  112.319413][ T9194]  __sys_setsockopt+0x1a0/0x230
[  112.319429][ T9194]  __x64_sys_setsockopt+0xbd/0x160
[  112.319443][ T9194]  ? do_syscall_64+0x91/0x4c0
[  112.319459][ T9194]  ? lockdep_hardirqs_on+0x7c/0x110
[  112.319484][ T9194]  do_syscall_64+0xcd/0x4c0
[  112.319501][ T9194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.319512][ T9194] RIP: 0033:0x7fc952d8ebe9
[  112.319521][ T9194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.319531][ T9194] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  112.319542][ T9194] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  112.319549][ T9194] RDX: 00000000000000d4 RSI: 0000000000000029 RDI: 0000000000000003
[  112.319555][ T9194] RBP: 00007fc953c0b090 R08: 0000000000000004 R09: 0000000000000000
[  112.319561][ T9194] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  112.319567][ T9194] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  112.319580][ T9194]  </TASK>
[  112.500827][ T9201] mkiss: ax0: crc mode is auto.
[  112.523957][ T9189] can0 (unregistered): slcan off ttynull.
[  112.611466][   T40] audit: type=1400 audit(1754483797.845:535): avc:  denied  { read } for  pid=9210 comm="syz.2.1093" path="socket:[29666]" dev="sockfs" ino=29666 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  112.626872][ T9206] FAULT_INJECTION: forcing a failure.
[  112.626872][ T9206] name failslab, interval 1, probability 0, space 0, times 0
[  112.630990][ T9206] CPU: 2 UID: 0 PID: 9206 Comm: syz.3.1091 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  112.631006][ T9206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.631012][ T9206] Call Trace:
[  112.631016][ T9206]  <TASK>
[  112.631021][ T9206]  dump_stack_lvl+0x16c/0x1f0
[  112.631041][ T9206]  should_fail_ex+0x512/0x640
[  112.631051][ T9206]  ? fs_reclaim_acquire+0xae/0x150
[  112.631066][ T9206]  ? tomoyo_encode2+0x100/0x3e0
[  112.631080][ T9206]  should_failslab+0xc2/0x120
[  112.631093][ T9206]  __kmalloc_noprof+0xd2/0x510
[  112.631104][ T9206]  ? d_absolute_path+0x136/0x1a0
[  112.631122][ T9206]  tomoyo_encode2+0x100/0x3e0
[  112.631151][ T9206]  tomoyo_encode+0x29/0x50
[  112.631164][ T9206]  tomoyo_realpath_from_path+0x18f/0x6e0
[  112.631183][ T9206]  tomoyo_path_number_perm+0x245/0x580
[  112.631194][ T9206]  ? tomoyo_path_number_perm+0x237/0x580
[  112.631206][ T9206]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  112.631219][ T9206]  ? find_held_lock+0x2b/0x80
[  112.631245][ T9206]  ? find_held_lock+0x2b/0x80
[  112.631257][ T9206]  ? hook_file_ioctl_common+0x145/0x410
[  112.631276][ T9206]  ? __fget_files+0x20e/0x3c0
[  112.631291][ T9206]  security_file_ioctl+0x9b/0x240
[  112.631305][ T9206]  __x64_sys_ioctl+0xb7/0x210
[  112.631322][ T9206]  do_syscall_64+0xcd/0x4c0
[  112.631340][ T9206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.631350][ T9206] RIP: 0033:0x7fc952d8ebe9
[  112.631360][ T9206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.631370][ T9206] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  112.631381][ T9206] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  112.631387][ T9206] RDX: 00002000000004c0 RSI: 0000000000005408 RDI: 0000000000000004
[  112.631394][ T9206] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  112.631400][ T9206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.631405][ T9206] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  112.631419][ T9206]  </TASK>
[  112.631458][ T9206] ERROR: Out of memory at tomoyo_realpath_from_path.
[  112.641355][   T40] audit: type=1400 audit(1754483797.875:536): avc:  denied  { setopt } for  pid=9215 comm="syz.2.1095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  112.878889][   T40] audit: type=1400 audit(1754483798.115:537): avc:  denied  { watch_sb watch_reads } for  pid=9234 comm="syz.4.1105" path="/125/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  113.092134][ T9254] binder_alloc: 9253: binder_alloc_buf, no vma
[  113.104371][   T40] audit: type=1400 audit(1754483798.345:538): avc:  denied  { getopt } for  pid=9253 comm="syz.3.1112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  113.205701][ T9263] netlink: 'syz.0.1114': attribute type 2 has an invalid length.
[  113.209316][   T40] audit: type=1401 audit(1754483798.445:539): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0"
[  113.322020][ T9265] FAULT_INJECTION: forcing a failure.
[  113.322020][ T9265] name failslab, interval 1, probability 0, space 0, times 0
[  113.326152][ T9265] CPU: 1 UID: 0 PID: 9265 Comm: syz.3.1116 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  113.326174][ T9265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.326184][ T9265] Call Trace:
[  113.326190][ T9265]  <TASK>
[  113.326195][ T9265]  dump_stack_lvl+0x16c/0x1f0
[  113.326216][ T9265]  should_fail_ex+0x512/0x640
[  113.326229][ T9265]  should_failslab+0xc2/0x120
[  113.326242][ T9265]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  113.326254][ T9265]  ? skb_clone+0x190/0x3f0
[  113.326273][ T9265]  skb_clone+0x190/0x3f0
[  113.326288][ T9265]  netlink_deliver_tap+0xabd/0xd30
[  113.326307][ T9265]  netlink_unicast+0x71f/0x870
[  113.326325][ T9265]  ? __pfx_netlink_unicast+0x10/0x10
[  113.326347][ T9265]  netlink_ack+0x696/0xb80
[  113.326367][ T9265]  netlink_rcv_skb+0x332/0x420
[  113.326383][ T9265]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  113.326397][ T9265]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  113.326419][ T9265]  ? ns_capable+0xd7/0x110
[  113.326434][ T9265]  nfnetlink_rcv+0x1b3/0x430
[  113.326445][ T9265]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  113.326457][ T9265]  ? netlink_deliver_tap+0x1ae/0xd30
[  113.326475][ T9265]  netlink_unicast+0x5aa/0x870
[  113.326493][ T9265]  ? __pfx_netlink_unicast+0x10/0x10
[  113.326509][ T9265]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  113.326529][ T9265]  netlink_sendmsg+0x8d1/0xdd0
[  113.326547][ T9265]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.326568][ T9265]  ____sys_sendmsg+0xa98/0xc70
[  113.326580][ T9265]  ? copy_msghdr_from_user+0x10a/0x160
[  113.326595][ T9265]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.326613][ T9265]  ___sys_sendmsg+0x134/0x1d0
[  113.326629][ T9265]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.326656][ T9265]  ? __mutex_unlock_slowpath+0x100/0x800
[  113.326677][ T9265]  __sys_sendmsg+0x16d/0x220
[  113.326704][ T9265]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.326731][ T9265]  do_syscall_64+0xcd/0x4c0
[  113.326748][ T9265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.326759][ T9265] RIP: 0033:0x7fc952d8ebe9
[  113.326768][ T9265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.326778][ T9265] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.326788][ T9265] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  113.326795][ T9265] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000003
[  113.326801][ T9265] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  113.326807][ T9265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.326813][ T9265] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  113.326827][ T9265]  </TASK>
[  113.559200][ T9271] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[  113.615977][ T9274] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  113.721973][ T9276] netlink: zone id is out of range
[  113.725376][ T9276] netlink: zone id is out of range
[  113.727319][ T9276] netlink: zone id is out of range
[  113.728985][ T9276] netlink: zone id is out of range
[  113.746564][ T9276] netlink: set zone limit has 4 unknown bytes
[  113.959008][ T5979] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  113.962396][ T5979] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  113.965305][ T5979] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  113.968597][ T5979] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  113.971368][ T5979] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  114.065975][ T9300] FAULT_INJECTION: forcing a failure.
[  114.065975][ T9300] name failslab, interval 1, probability 0, space 0, times 0
[  114.070538][ T9300] CPU: 2 UID: 0 PID: 9300 Comm: syz.0.1130 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  114.070553][ T9300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.070560][ T9300] Call Trace:
[  114.070564][ T9300]  <TASK>
[  114.070569][ T9300]  dump_stack_lvl+0x16c/0x1f0
[  114.070589][ T9300]  should_fail_ex+0x512/0x640
[  114.070599][ T9300]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  114.070612][ T9300]  should_failslab+0xc2/0x120
[  114.070625][ T9300]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  114.070635][ T9300]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  114.070652][ T9300]  ? rcuwait_wake_up+0xdf/0x290
[  114.070668][ T9300]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  114.070686][ T9300]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  114.070706][ T9300]  mmu_topup_memory_caches+0x25/0x170
[  114.070718][ T9300]  kvm_mmu_load+0xd6/0x23c0
[  114.070733][ T9300]  ? vmx_get_rflags+0x100/0x420
[  114.070747][ T9300]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  114.070764][ T9300]  ? __pfx_kvm_mmu_load+0x10/0x10
[  114.070772][ T9300]  ? vmx_enable_irq_window+0xa9/0x190
[  114.070784][ T9300]  ? kvm_check_and_inject_events+0x71c/0x1310
[  114.070803][ T9300]  vcpu_run+0x358c/0x5580
[  114.070817][ T9300]  ? __lock_acquire+0xb97/0x1ce0
[  114.070838][ T9300]  ? __pfx_vcpu_run+0x10/0x10
[  114.070854][ T9300]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  114.070868][ T9300]  ? __local_bh_enable_ip+0xa4/0x120
[  114.070884][ T9300]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  114.070904][ T9300]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  114.070923][ T9300]  kvm_vcpu_ioctl+0x5eb/0x1690
[  114.070938][ T9300]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  114.070952][ T9300]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  114.070965][ T9300]  ? do_vfs_ioctl+0x128/0x14f0
[  114.070982][ T9300]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  114.070998][ T9300]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  114.071017][ T9300]  ? hook_file_ioctl_common+0x145/0x410
[  114.071037][ T9300]  ? selinux_file_ioctl+0x180/0x270
[  114.071050][ T9300]  ? selinux_file_ioctl+0xb4/0x270
[  114.071063][ T9300]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  114.071077][ T9300]  __x64_sys_ioctl+0x18e/0x210
[  114.071094][ T9300]  do_syscall_64+0xcd/0x4c0
[  114.071112][ T9300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.071123][ T9300] RIP: 0033:0x7fbf4538ebe9
[  114.071131][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.071141][ T9300] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.071153][ T9300] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  114.071160][ T9300] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  114.071166][ T9300] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  114.071172][ T9300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.071178][ T9300] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  114.071191][ T9300]  </TASK>
[  114.128353][ T9295] chnl_net:caif_netlink_parms(): no params data found
[  114.128751][    C2] vkms_vblank_simulate: vblank timer overrun
[  114.170288][    C2] vkms_vblank_simulate: vblank timer overrun
[  114.247263][ T9295] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.249618][ T9295] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.252023][ T9295] bridge_slave_0: entered allmulticast mode
[  114.254945][ T9295] bridge_slave_0: entered promiscuous mode
[  114.258070][ T9295] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.260348][ T9295] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.262685][ T9295] bridge_slave_1: entered allmulticast mode
[  114.266367][ T9295] bridge_slave_1: entered promiscuous mode
[  114.333113][ T9295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.339155][ T9295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.342304][ T7629] bridge_slave_1: left allmulticast mode
[  114.346199][ T7629] bridge_slave_1: left promiscuous mode
[  114.348094][ T7629] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.353433][ T7629] bridge_slave_0: left allmulticast mode
[  114.355312][ T7629] bridge_slave_0: left promiscuous mode
[  114.357305][ T7629] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.621938][ T7629] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  114.626109][ T7629] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  114.629889][ T7629] bond0 (unregistering): Released all slaves
[  114.698684][ T7629] bond1 (unregistering): (slave veth3): Releasing backup interface
[  114.702431][ T7629] bond1 (unregistering): Released all slaves
[  114.764031][ T7629] bond2 (unregistering): (slave veth5): Releasing active interface
[  114.767550][ T7629] bond2 (unregistering): Released all slaves
[  114.828400][ T7629] bond3 (unregistering): Released all slaves
[  114.850664][ T9338] __nla_validate_parse: 9 callbacks suppressed
[  114.850681][ T9338] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1139'.
[  114.875342][ T9295] team0: Port device team_slave_0 added
[  114.878571][ T9295] team0: Port device team_slave_1 added
[  114.924365][ T9355] kvm: Disabled LAPIC found during irq injection
[  114.931980][ T9357] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1147'.
[  114.936795][ T9357] openvswitch: netlink: Unknown nsh attribute 0
[  114.938820][ T9357] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  114.952346][ T9295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.955127][ T9295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.965075][ T9295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.982128][ T9295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.985621][ T9295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.996869][ T9295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  115.055157][ T9295] hsr_slave_0: entered promiscuous mode
[  115.057517][ T9295] hsr_slave_1: entered promiscuous mode
[  115.059794][ T9295] debugfs: 'hsr0' already exists in 'hsr'
[  115.061565][ T9295] Cannot create hsr debugfs directory
[  115.145102][ T7629] hsr_slave_0: left promiscuous mode
[  115.147443][ T7629] hsr_slave_1: left promiscuous mode
[  115.149510][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.154134][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.156821][ T7629] batman_adv: batadv0: Interface deactivated: dummy0
[  115.159060][ T7629] batman_adv: batadv0: Removing interface: dummy0
[  115.171509][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  115.171520][   T40] audit: type=1400 audit(1754483800.405:548): avc:  denied  { wake_alarm } for  pid=9366 comm="syz.3.1151" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  115.259781][   T40] audit: type=1400 audit(1754483800.495:549): avc:  denied  { name_bind } for  pid=9372 comm="syz.3.1153" src=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  115.261083][ T9373] netlink: 'syz.3.1153': attribute type 1 has an invalid length.
[  115.266537][   T40] audit: type=1400 audit(1754483800.495:550): avc:  denied  { name_connect } for  pid=9372 comm="syz.3.1153" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  115.745426][ T7629] team0 (unregistering): Port device team_slave_1 removed
[  115.801583][ T7629] team0 (unregistering): Port device team_slave_0 removed
[  116.056182][ T5330] Bluetooth: hci1: command tx timeout
[  116.275980][ T9393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  116.354321][ T9395] FAULT_INJECTION: forcing a failure.
[  116.354321][ T9395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.359166][ T9395] CPU: 1 UID: 0 PID: 9395 Comm: syz.2.1158 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  116.359182][ T9395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  116.359190][ T9395] Call Trace:
[  116.359194][ T9395]  <TASK>
[  116.359198][ T9395]  dump_stack_lvl+0x16c/0x1f0
[  116.359220][ T9395]  should_fail_ex+0x512/0x640
[  116.359232][ T9395]  _copy_to_user+0x32/0xd0
[  116.359245][ T9395]  simple_read_from_buffer+0xcb/0x170
[  116.359258][ T9395]  proc_fail_nth_read+0x197/0x240
[  116.359271][ T9395]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.359284][ T9395]  ? rw_verify_area+0xcf/0x6c0
[  116.359300][ T9395]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.359312][ T9395]  vfs_read+0x1e1/0xc60
[  116.359324][ T9395]  ? __pfx___mutex_lock+0x10/0x10
[  116.359341][ T9395]  ? __pfx_vfs_read+0x10/0x10
[  116.359355][ T9395]  ? __fget_files+0x20e/0x3c0
[  116.359370][ T9395]  ksys_read+0x12a/0x250
[  116.359381][ T9395]  ? __pfx_ksys_read+0x10/0x10
[  116.359395][ T9395]  do_syscall_64+0xcd/0x4c0
[  116.359412][ T9395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.359423][ T9395] RIP: 0033:0x7f649bd8d5fc
[  116.359432][ T9395] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.359442][ T9395] RSP: 002b:00007f649ccd6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.359453][ T9395] RAX: ffffffffffffffda RBX: 00007f649bfb5fa0 RCX: 00007f649bd8d5fc
[  116.359459][ T9395] RDX: 000000000000000f RSI: 00007f649ccd60a0 RDI: 0000000000000004
[  116.359465][ T9395] RBP: 00007f649ccd6090 R08: 0000000000000000 R09: 0000000000000000
[  116.359471][ T9395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  116.359477][ T9395] R13: 00007f649bfb6038 R14: 00007f649bfb5fa0 R15: 00007ffcc8f10018
[  116.359490][ T9395]  </TASK>
[  116.367089][ T9295] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  116.427196][ T9295] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  116.433967][ T9295] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  116.447234][ T9295] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  116.500038][ T9295] 8021q: adding VLAN 0 to HW filter on device bond0
[  116.518729][ T9295] 8021q: adding VLAN 0 to HW filter on device team0
[  116.530228][ T7640] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.532514][ T7640] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.539033][ T7639] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.541416][ T7639] bridge0: port 2(bridge_slave_1) entered forwarding state
[  116.568357][   T40] audit: type=1400 audit(1754483801.805:551): avc:  denied  { setcheckreqprot } for  pid=9414 comm="syz.0.1163" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  116.577483][   T40] audit: type=1400 audit(1754483801.805:552): avc:  denied  { append } for  pid=9414 comm="syz.0.1163" name="0:0:0:0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  116.652122][ T7629] IPVS: stop unused estimator thread 0...
[  116.653807][ T9295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.769356][ T9443] fuse: Unknown parameter '0xffffffffffffffff'
[  116.772068][ T9443] binder: 9442:9443 ioctl c0306201 0 returned -14
[  116.772999][ T9295] veth0_vlan: entered promiscuous mode
[  116.780114][ T9295] veth1_vlan: entered promiscuous mode
[  116.794939][ T9295] veth0_macvtap: entered promiscuous mode
[  116.798891][ T9295] veth1_macvtap: entered promiscuous mode
[  116.808163][ T9295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  116.813883][ T9295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  116.814215][ T9445] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1169'.
[  116.819422][ T7628] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  116.822256][ T7628] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  116.828980][ T9445] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.832300][ T7628] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  116.835237][   T40] audit: type=1400 audit(1754483802.075:553): avc:  denied  { map } for  pid=9444 comm="syz.0.1169" path="socket:[32234]" dev="sockfs" ino=32234 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  116.836102][ T7628] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  116.859816][ T9447] overlayfs: failed to resolve './file0': -2
[  116.883784][ T7639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.886248][ T7639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.893638][ T9451] tmpfs: Bad value for 'size'
[  116.902846][ T7629] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  116.907238][ T7629] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  116.926425][   T40] audit: type=1400 audit(1754483802.165:554): avc:  denied  { mounton } for  pid=9295 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  117.026505][ T5330] Bluetooth: hci1: ACL packet too small
[  117.117894][ T9476] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  117.122041][ T9476] FAULT_INJECTION: forcing a failure.
[  117.122041][ T9476] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.127596][ T9476] CPU: 1 UID: 0 PID: 9476 Comm: syz.0.1180 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  117.127632][ T9476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.127640][ T9476] Call Trace:
[  117.127644][ T9476]  <TASK>
[  117.127648][ T9476]  dump_stack_lvl+0x16c/0x1f0
[  117.127670][ T9476]  should_fail_ex+0x512/0x640
[  117.127682][ T9476]  _copy_to_user+0x32/0xd0
[  117.127695][ T9476]  simple_read_from_buffer+0xcb/0x170
[  117.127708][ T9476]  proc_fail_nth_read+0x197/0x240
[  117.127722][ T9476]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.127735][ T9476]  ? rw_verify_area+0xcf/0x6c0
[  117.127751][ T9476]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.127763][ T9476]  vfs_read+0x1e1/0xc60
[  117.127775][ T9476]  ? __pfx___mutex_lock+0x10/0x10
[  117.127798][ T9476]  ? __pfx_vfs_read+0x10/0x10
[  117.127822][ T9476]  ? __fget_files+0x20e/0x3c0
[  117.127840][ T9476]  ksys_read+0x12a/0x250
[  117.127851][ T9476]  ? __pfx_ksys_read+0x10/0x10
[  117.127865][ T9476]  do_syscall_64+0xcd/0x4c0
[  117.127882][ T9476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.127893][ T9476] RIP: 0033:0x7fbf4538d5fc
[  117.127902][ T9476] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  117.127913][ T9476] RSP: 002b:00007fbf46257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.127923][ T9476] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538d5fc
[  117.127930][ T9476] RDX: 000000000000000f RSI: 00007fbf462570a0 RDI: 0000000000000004
[  117.127936][ T9476] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  117.127942][ T9476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.127947][ T9476] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  117.127973][ T9476]  </TASK>
[  117.260755][ T9488] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1185'.
[  117.267558][ T9485] FAULT_INJECTION: forcing a failure.
[  117.267558][ T9485] name failslab, interval 1, probability 0, space 0, times 0
[  117.271551][ T9485] CPU: 0 UID: 0 PID: 9485 Comm: syz.0.1184 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  117.271567][ T9485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.271573][ T9485] Call Trace:
[  117.271577][ T9485]  <TASK>
[  117.271582][ T9485]  dump_stack_lvl+0x16c/0x1f0
[  117.271601][ T9485]  should_fail_ex+0x512/0x640
[  117.271629][ T9485]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  117.271642][ T9485]  should_failslab+0xc2/0x120
[  117.271655][ T9485]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  117.271665][ T9485]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  117.271681][ T9485]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  117.271695][ T9485]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.271714][ T9485]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.271733][ T9485]  mmu_topup_memory_caches+0x25/0x170
[  117.271745][ T9485]  kvm_mmu_load+0xd6/0x23c0
[  117.271756][ T9485]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  117.271768][ T9485]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  117.271783][ T9485]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  117.271799][ T9485]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  117.271811][ T9485]  ? __pfx_kvm_mmu_load+0x10/0x10
[  117.271821][ T9485]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  117.271837][ T9485]  ? kvm_check_and_inject_events+0x71c/0x1310
[  117.271854][ T9485]  vcpu_run+0x358c/0x5580
[  117.271869][ T9485]  ? __lock_acquire+0xb97/0x1ce0
[  117.271889][ T9485]  ? __pfx_vcpu_run+0x10/0x10
[  117.271905][ T9485]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  117.271918][ T9485]  ? __local_bh_enable_ip+0xa4/0x120
[  117.271934][ T9485]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  117.271949][ T9485]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  117.271967][ T9485]  kvm_vcpu_ioctl+0x5eb/0x1690
[  117.271983][ T9485]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.271997][ T9485]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  117.272011][ T9485]  ? do_vfs_ioctl+0x128/0x14f0
[  117.272027][ T9485]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  117.272043][ T9485]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  117.272062][ T9485]  ? hook_file_ioctl_common+0x145/0x410
[  117.272082][ T9485]  ? selinux_file_ioctl+0x180/0x270
[  117.272094][ T9485]  ? selinux_file_ioctl+0xb4/0x270
[  117.272107][ T9485]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.272121][ T9485]  __x64_sys_ioctl+0x18e/0x210
[  117.272138][ T9485]  do_syscall_64+0xcd/0x4c0
[  117.272155][ T9485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.272167][ T9485] RIP: 0033:0x7fbf4538ebe9
[  117.272175][ T9485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.272185][ T9485] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.272195][ T9485] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  117.272202][ T9485] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  117.272207][ T9485] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  117.272213][ T9485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.272219][ T9485] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  117.272232][ T9485]  </TASK>
[  117.301363][ T9491] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  117.455003][ T5330] Bluetooth: hci1: ISO packet too small
[  117.468355][ T9500] FAULT_INJECTION: forcing a failure.
[  117.468355][ T9500] name failslab, interval 1, probability 0, space 0, times 0
[  117.468482][ T9502] openvswitch: netlink: IPv6 tunnel dst address is zero
[  117.472404][ T9500] CPU: 2 UID: 0 PID: 9500 Comm: syz.0.1189 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  117.472419][ T9500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.472426][ T9500] Call Trace:
[  117.472431][ T9500]  <TASK>
[  117.472435][ T9500]  dump_stack_lvl+0x16c/0x1f0
[  117.472455][ T9500]  should_fail_ex+0x512/0x640
[  117.472465][ T9500]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  117.472478][ T9500]  should_failslab+0xc2/0x120
[  117.472491][ T9500]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  117.472501][ T9500]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  117.472517][ T9500]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  117.472531][ T9500]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.472550][ T9500]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.472570][ T9500]  mmu_topup_memory_caches+0x25/0x170
[  117.472582][ T9500]  kvm_mmu_load+0xd6/0x23c0
[  117.472593][ T9500]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  117.472604][ T9500]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  117.472617][ T9500]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  117.472632][ T9500]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  117.472645][ T9500]  ? __pfx_kvm_mmu_load+0x10/0x10
[  117.472655][ T9500]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  117.472672][ T9500]  ? kvm_check_and_inject_events+0x71c/0x1310
[  117.472690][ T9500]  vcpu_run+0x358c/0x5580
[  117.472704][ T9500]  ? __lock_acquire+0xb97/0x1ce0
[  117.472724][ T9500]  ? __pfx_vcpu_run+0x10/0x10
[  117.472741][ T9500]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  117.472755][ T9500]  ? __local_bh_enable_ip+0xa4/0x120
[  117.472771][ T9500]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  117.472786][ T9500]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  117.472804][ T9500]  kvm_vcpu_ioctl+0x5eb/0x1690
[  117.472820][ T9500]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.472834][ T9500]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  117.472847][ T9500]  ? do_vfs_ioctl+0x128/0x14f0
[  117.472863][ T9500]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  117.472879][ T9500]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  117.472904][ T9500]  ? hook_file_ioctl_common+0x145/0x410
[  117.472924][ T9500]  ? selinux_file_ioctl+0x180/0x270
[  117.472936][ T9500]  ? selinux_file_ioctl+0xb4/0x270
[  117.472950][ T9500]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.472964][ T9500]  __x64_sys_ioctl+0x18e/0x210
[  117.472981][ T9500]  do_syscall_64+0xcd/0x4c0
[  117.472999][ T9500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.473009][ T9500] RIP: 0033:0x7fbf4538ebe9
[  117.473018][ T9500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.473032][ T9500] RSP: 002b:00007fbf46257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.473045][ T9500] RAX: ffffffffffffffda RBX: 00007fbf455b5fa0 RCX: 00007fbf4538ebe9
[  117.473052][ T9500] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  117.473058][ T9500] RBP: 00007fbf46257090 R08: 0000000000000000 R09: 0000000000000000
[  117.473064][ T9500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.473070][ T9500] R13: 00007fbf455b6038 R14: 00007fbf455b5fa0 R15: 00007ffccc58b488
[  117.473083][ T9500]  </TASK>
[  117.617566][   T40] audit: type=1400 audit(1754483802.855:555): avc:  denied  { read } for  pid=9505 comm="syz.5.1191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  117.754207][ T9516] FAULT_INJECTION: forcing a failure.
[  117.754207][ T9516] name failslab, interval 1, probability 0, space 0, times 0
[  117.758165][ T9516] CPU: 0 UID: 0 PID: 9516 Comm: syz.3.1195 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  117.758184][ T9516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.758193][ T9516] Call Trace:
[  117.758198][ T9516]  <TASK>
[  117.758204][ T9516]  dump_stack_lvl+0x16c/0x1f0
[  117.758229][ T9516]  should_fail_ex+0x512/0x640
[  117.758244][ T9516]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  117.758260][ T9516]  should_failslab+0xc2/0x120
[  117.758274][ T9516]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  117.758283][ T9516]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  117.758302][ T9516]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.758320][ T9516]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  117.758337][ T9516]  ? __pfx_vmx_vcpu_pi_load+0x10/0x10
[  117.758351][ T9516]  mmu_topup_memory_caches+0x25/0x170
[  117.758363][ T9516]  kvm_mmu_load+0xd6/0x23c0
[  117.758372][ T9516]  ? __phys_addr+0xe8/0x180
[  117.758390][ T9516]  ? __pfx_kvm_mmu_load+0x10/0x10
[  117.758402][ T9516]  ? kvm_arch_vcpu_load+0x1dc/0xbd0
[  117.758414][ T9516]  ? vmx_vcpu_load+0xcd/0x240
[  117.758429][ T9516]  kvm_arch_vcpu_pre_fault_memory+0x4d9/0x5f0
[  117.758441][ T9516]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  117.758456][ T9516]  kvm_vcpu_ioctl+0xcc7/0x1690
[  117.758471][ T9516]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.758485][ T9516]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  117.758499][ T9516]  ? do_vfs_ioctl+0x128/0x14f0
[  117.758515][ T9516]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  117.758536][ T9516]  ? hook_file_ioctl_common+0x145/0x410
[  117.758555][ T9516]  ? selinux_file_ioctl+0x180/0x270
[  117.758568][ T9516]  ? selinux_file_ioctl+0xb4/0x270
[  117.758582][ T9516]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  117.758596][ T9516]  __x64_sys_ioctl+0x18e/0x210
[  117.758613][ T9516]  do_syscall_64+0xcd/0x4c0
[  117.758630][ T9516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.758641][ T9516] RIP: 0033:0x7fc952d8ebe9
[  117.758650][ T9516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.758660][ T9516] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.758670][ T9516] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  117.758676][ T9516] RDX: 0000200000000240 RSI: 00000000c040aed5 RDI: 0000000000000005
[  117.758683][ T9516] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  117.758689][ T9516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  117.758694][ T9516] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  117.758707][ T9516]  </TASK>
[  117.967745][ T9522] netlink: 'syz.3.1199': attribute type 1 has an invalid length.
[  117.977255][ T9523] netlink: 1041 bytes leftover after parsing attributes in process `syz.5.1198'.
[  117.992420][ T9522] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  118.001340][ T9522] 8021q: adding VLAN 0 to HW filter on device bond2
[  118.005157][ T7628] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  118.020273][   T40] audit: type=1400 audit(1754483803.255:556): avc:  denied  { write } for  pid=9526 comm="syz.0.1197" name="ptp0" dev="devtmpfs" ino=729 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  118.029635][   T40] audit: type=1326 audit(1754483803.255:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9526 comm="syz.0.1197" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4538ebe9 code=0x7ffc0000
[  118.044659][ T9522] veth5: entered promiscuous mode
[  118.047831][ T9522] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  118.071342][ T9541] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.112400][ T9551] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  118.124182][ T7629] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  118.124206][ T5330] Bluetooth: hci1: command tx timeout
[  118.221795][ T9555] netlink: 'syz.0.1208': attribute type 1 has an invalid length.
[  118.224355][ T9555] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1208'.
[  118.257822][ T9557] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9557 comm=syz.3.1209
[  118.305032][ T9562] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1211'.
[  118.307944][ T9562] ip6gretap0: entered promiscuous mode
[  118.310169][ T9562] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1211'.
[  118.337860][ T9562] netlink: 'syz.3.1211': attribute type 1 has an invalid length.
[  118.352525][ T9562] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1211'.
[  118.531578][ T9572] FAULT_INJECTION: forcing a failure.
[  118.531578][ T9572] name failslab, interval 1, probability 0, space 0, times 0
[  118.535690][ T9572] CPU: 0 UID: 0 PID: 9572 Comm: syz.3.1213 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  118.535705][ T9572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.535712][ T9572] Call Trace:
[  118.535716][ T9572]  <TASK>
[  118.535720][ T9572]  dump_stack_lvl+0x16c/0x1f0
[  118.535740][ T9572]  should_fail_ex+0x512/0x640
[  118.535752][ T9572]  should_failslab+0xc2/0x120
[  118.535765][ T9572]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  118.535777][ T9572]  ? skb_clone+0x190/0x3f0
[  118.535795][ T9572]  skb_clone+0x190/0x3f0
[  118.535811][ T9572]  netlink_deliver_tap+0xabd/0xd30
[  118.535829][ T9572]  netlink_unicast+0x64c/0x870
[  118.535848][ T9572]  ? __pfx_netlink_unicast+0x10/0x10
[  118.535864][ T9572]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  118.535884][ T9572]  netlink_sendmsg+0x8d1/0xdd0
[  118.535902][ T9572]  ? __pfx_netlink_sendmsg+0x10/0x10
[  118.535924][ T9572]  ____sys_sendmsg+0xa98/0xc70
[  118.535935][ T9572]  ? copy_msghdr_from_user+0x10a/0x160
[  118.535951][ T9572]  ? __pfx_____sys_sendmsg+0x10/0x10
[  118.535968][ T9572]  ___sys_sendmsg+0x134/0x1d0
[  118.535984][ T9572]  ? __pfx____sys_sendmsg+0x10/0x10
[  118.536011][ T9572]  ? __mutex_unlock_slowpath+0x100/0x800
[  118.536032][ T9572]  __sys_sendmsg+0x16d/0x220
[  118.536047][ T9572]  ? __pfx___sys_sendmsg+0x10/0x10
[  118.536076][ T9572]  do_syscall_64+0xcd/0x4c0
[  118.536094][ T9572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.536105][ T9572] RIP: 0033:0x7fc952d8ebe9
[  118.536113][ T9572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.536124][ T9572] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  118.536134][ T9572] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  118.536141][ T9572] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  118.536147][ T9572] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  118.536153][ T9572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.536158][ T9572] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  118.536171][ T9572]  </TASK>
[  118.628746][ T9574] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  118.633814][ T9574] FAULT_INJECTION: forcing a failure.
[  118.633814][ T9574] name failslab, interval 1, probability 0, space 0, times 0
[  118.637688][ T9574] CPU: 3 UID: 0 PID: 9574 Comm: syz.3.1214 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  118.637703][ T9574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.637710][ T9574] Call Trace:
[  118.637715][ T9574]  <TASK>
[  118.637719][ T9574]  dump_stack_lvl+0x16c/0x1f0
[  118.637740][ T9574]  should_fail_ex+0x512/0x640
[  118.637749][ T9574]  ? fs_reclaim_acquire+0xae/0x150
[  118.637765][ T9574]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  118.637779][ T9574]  should_failslab+0xc2/0x120
[  118.637793][ T9574]  __kmalloc_noprof+0xd2/0x510
[  118.637807][ T9574]  tomoyo_realpath_from_path+0xc2/0x6e0
[  118.637825][ T9574]  tomoyo_check_open_permission+0x2ab/0x3c0
[  118.637838][ T9574]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  118.637865][ T9574]  ? do_raw_spin_lock+0x12c/0x2b0
[  118.637881][ T9574]  tomoyo_file_open+0x6b/0x90
[  118.637897][ T9574]  security_file_open+0x84/0x1e0
[  118.637913][ T9574]  do_dentry_open+0x596/0x1530
[  118.637928][ T9574]  vfs_open+0x82/0x3f0
[  118.637943][ T9574]  path_openat+0x1de4/0x2cb0
[  118.637960][ T9574]  ? __pfx_path_openat+0x10/0x10
[  118.637973][ T9574]  ? __lock_acquire+0xb97/0x1ce0
[  118.637990][ T9574]  do_filp_open+0x20b/0x470
[  118.638002][ T9574]  ? __pfx_do_filp_open+0x10/0x10
[  118.638023][ T9574]  ? _raw_spin_unlock+0x28/0x50
[  118.638037][ T9574]  ? alloc_fd+0x471/0x7d0
[  118.638052][ T9574]  do_sys_openat2+0x11b/0x1d0
[  118.638066][ T9574]  ? __pfx_do_sys_openat2+0x10/0x10
[  118.638082][ T9574]  ? __fget_files+0x20e/0x3c0
[  118.638097][ T9574]  __x64_sys_open+0x153/0x1e0
[  118.638115][ T9574]  ? __pfx___x64_sys_open+0x10/0x10
[  118.638132][ T9574]  ? rcu_is_watching+0x12/0xc0
[  118.638147][ T9574]  do_syscall_64+0xcd/0x4c0
[  118.638164][ T9574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.638175][ T9574] RIP: 0033:0x7fc952d8ebe9
[  118.638184][ T9574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.638195][ T9574] RSP: 002b:00007fc953c0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  118.638205][ T9574] RAX: ffffffffffffffda RBX: 00007fc952fb5fa0 RCX: 00007fc952d8ebe9
[  118.638212][ T9574] RDX: 0000000000000000 RSI: 00000000000e80c4 RDI: 0000200000000180
[  118.638218][ T9574] RBP: 00007fc953c0b090 R08: 0000000000000000 R09: 0000000000000000
[  118.638224][ T9574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.638230][ T9574] R13: 00007fc952fb6038 R14: 00007fc952fb5fa0 R15: 00007ffee6846368
[  118.638243][ T9574]  </TASK>
[  118.638247][ T9574] ERROR: Out of memory at tomoyo_realpath_from_path.
[  118.750443][ T9578] netlink: 652 bytes leftover after parsing attributes in process `syz.3.1216'.
[  118.845005][ T9583] 
[  118.845830][ T9583] ======================================================
[  118.848030][ T9583] WARNING: possible circular locking dependency detected
[  118.850196][ T9583] 6.16.0-syzkaller-11845-ga530a36bb548 #0 Not tainted
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  118.852848][ T9583] ------------------------------------------------------
[  118.856145][ T9583] syz.2.1218/9583 is trying to acquire lock:
[  118.858008][ T9583] ffff888057564c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[  118.861223][ T9583] 
[  118.861223][ T9583] but task is already holding lock:
[  118.863682][ T9583] ffff88804c6de868 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  118.866236][ T9583] 
[  118.866236][ T9583] which lock already depends on the new lock.
[  118.866236][ T9583] 
[  118.869416][ T9583] 
[  118.869416][ T9583] the existing dependency chain (in reverse order) is:
[  118.872217][ T9583] 
[  118.872217][ T9583] -> #2 (&pipe->mutex){+.+.}-{4:4}:
[  118.874505][ T9583]        __mutex_lock+0x193/0x10b0
[  118.876142][ T9583]        anon_pipe_write+0x15d/0x1a90
[  118.877831][ T9583]        __kernel_write_iter+0x720/0xa90
[  118.879583][ T9583]        __kernel_write+0xf5/0x140
[  118.881242][ T9583]        autofs_notify_daemon+0x4db/0xd60
[  118.883015][ T9583]        autofs_wait+0x10ca/0x1a70
[  118.884639][ T9583]        autofs_mount_wait+0x132/0x380
[  118.886357][ T9583]        autofs_d_automount+0x390/0x7f0
[  118.888095][ T9583]        __traverse_mounts+0x195/0x790
[  118.889796][ T9583]        step_into+0x5aa/0x2270
[  118.891342][ T9583]        walk_component+0xfc/0x5b0
[  118.892957][ T9583]        path_lookupat+0x142/0x6d0
[  118.894561][ T9583]        filename_lookup+0x224/0x5f0
[  118.896249][ T9583]        user_path_at+0x3a/0x60
[  118.897782][ T9583]        vfs_open_tree+0x2ca/0x910
[  118.899383][ T9583]        __x64_sys_open_tree+0x84/0x130
[  118.901135][ T9583]        do_syscall_64+0xcd/0x4c0
[  118.902717][ T9583]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.904743][ T9583] 
[  118.904743][ T9583] -> #1 (&sbi->pipe_mutex){+.+.}-{4:4}:
[  118.907137][ T9583]        __mutex_lock+0x193/0x10b0
[  118.908739][ T9583]        autofs_notify_daemon+0x4a6/0xd60
[  118.910520][ T9583]        autofs_wait+0x10ca/0x1a70
[  118.912181][ T9583]        autofs_mount_wait+0x132/0x380
[  118.913874][ T9583]        autofs_d_automount+0x390/0x7f0
[  118.915780][ T9583]        __traverse_mounts+0x195/0x790
[  118.917558][ T9583]        step_into+0x5aa/0x2270
[  118.919083][ T9583]        walk_component+0xfc/0x5b0
[  118.920737][ T9583]        path_lookupat+0x142/0x6d0
[  118.922399][ T9583]        filename_lookup+0x224/0x5f0
[  118.924031][ T9583]        kern_path+0x35/0x50
[  118.925484][ T9583]        lookup_bdev+0xd8/0x280
[  118.927010][ T9583]        resume_store+0x1d6/0x460
[  118.928596][ T9583]        kobj_attr_store+0x55/0x80
[  118.930204][ T9583]        sysfs_kf_write+0xf2/0x150
[  118.931862][ T9583]        kernfs_fop_write_iter+0x354/0x510
[  118.933674][ T9583]        iter_file_splice_write+0x91c/0x1150
[  118.935530][ T9583]        direct_splice_actor+0x192/0x6c0
[  118.937295][ T9583]        splice_direct_to_actor+0x345/0xa30
[  118.939130][ T9583]        do_splice_direct+0x174/0x240
[  118.940829][ T9583]        do_sendfile+0xb06/0xe50
[  118.942447][ T9583]        __x64_sys_sendfile64+0x1d8/0x220
[  118.944226][ T9583]        do_syscall_64+0xcd/0x4c0
[  118.945804][ T9583]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.947796][ T9583] 
[  118.947796][ T9583] -> #0 (&of->mutex){+.+.}-{4:4}:
[  118.950030][ T9583]        __lock_acquire+0x12a6/0x1ce0
[  118.951737][ T9583]        lock_acquire+0x179/0x350
[  118.953312][ T9583]        __mutex_lock+0x193/0x10b0
[  118.954908][ T9583]        kernfs_fop_write_iter+0x28f/0x510
[  118.956738][ T9583]        iter_file_splice_write+0x91c/0x1150
[  118.958607][ T9583]        do_splice+0x1475/0x1fc0
[  118.960163][ T9583]        __do_splice+0x32a/0x360
[  118.961879][ T9583]        __x64_sys_splice+0x187/0x250
[  118.963545][ T9583]        do_syscall_64+0xcd/0x4c0
[  118.965139][ T9583]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.967137][ T9583] 
[  118.967137][ T9583] other info that might help us debug this:
[  118.967137][ T9583] 
[  118.970256][ T9583] Chain exists of:
[  118.970256][ T9583]   &of->mutex --> &sbi->pipe_mutex --> &pipe->mutex
[  118.970256][ T9583] 
[  118.974970][ T9583]  Possible unsafe locking scenario:
[  118.974970][ T9583] 
[  118.977284][ T9583]        CPU0                    CPU1
[  118.978944][ T9583]        ----                    ----
[  118.980639][ T9583]   lock(&pipe->mutex);
[  118.981957][ T9583]                                lock(&sbi->pipe_mutex);
[  118.984120][ T9583]                                lock(&pipe->mutex);
[  118.986119][ T9583]   lock(&of->mutex);
[  118.987343][ T9583] 
[  118.987343][ T9583]  *** DEADLOCK ***
[  118.987343][ T9583] 
[  118.989821][ T9583] 2 locks held by syz.2.1218/9583:
[  118.991580][ T9583]  #0: ffff8880342ea428 (sb_writers#8){.+.+}-{0:0}, at: __do_splice+0x32a/0x360
[  118.995208][ T9583]  #1: ffff88804c6de868 (&pipe->mutex){+.+.}-{4:4}, at: pipe_lock+0x64/0x80
[  118.997915][ T9583] 
[  118.997915][ T9583] stack backtrace:
[  118.999748][ T9583] CPU: 3 UID: 0 PID: 9583 Comm: syz.2.1218 Not tainted 6.16.0-syzkaller-11845-ga530a36bb548 #0 PREEMPT(full) 
[  118.999761][ T9583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.999768][ T9583] Call Trace:
[  118.999773][ T9583]  <TASK>
[  118.999777][ T9583]  dump_stack_lvl+0x116/0x1f0
[  118.999794][ T9583]  print_circular_bug+0x275/0x350
[  118.999815][ T9583]  check_noncircular+0x14c/0x170
[  118.999832][ T9583]  __lock_acquire+0x12a6/0x1ce0
[  118.999850][ T9583]  lock_acquire+0x179/0x350
[  118.999866][ T9583]  ? kernfs_fop_write_iter+0x28f/0x510
[  118.999877][ T9583]  ? __pfx___might_resched+0x10/0x10
[  118.999891][ T9583]  ? kernfs_fop_write_iter+0x28f/0x510
[  118.999901][ T9583]  __mutex_lock+0x193/0x10b0
[  118.999917][ T9583]  ? kernfs_fop_write_iter+0x28f/0x510
[  118.999928][ T9583]  ? __asan_memcpy+0x3c/0x60
[  118.999944][ T9583]  ? _copy_from_iter+0x15d/0x16f0
[  118.999956][ T9583]  ? __pfx___mutex_lock+0x10/0x10
[  118.999972][ T9583]  ? __pfx__copy_from_iter+0x10/0x10
[  118.999982][ T9583]  ? rcu_is_watching+0x12/0xc0
[  118.999995][ T9583]  ? trace_kmalloc+0x2b/0xd0
[  119.000007][ T9583]  ? __kmalloc_noprof+0x242/0x510
[  119.000018][ T9583]  ? kernfs_fop_write_iter+0x28f/0x510
[  119.000028][ T9583]  kernfs_fop_write_iter+0x28f/0x510
[  119.000040][ T9583]  iter_file_splice_write+0x91c/0x1150
[  119.000055][ T9583]  ? __pfx_iter_file_splice_write+0x10/0x10
[  119.000070][ T9583]  ? __pfx_iter_file_splice_write+0x10/0x10
[  119.000082][ T9583]  do_splice+0x1475/0x1fc0
[  119.000093][ T9583]  ? __lock_acquire+0x62e/0x1ce0
[  119.000110][ T9583]  ? __pfx_do_splice+0x10/0x10
[  119.000120][ T9583]  ? __pfx_pipe_clear_nowait+0x10/0x10
[  119.000130][ T9583]  ? find_held_lock+0x2b/0x80
[  119.000142][ T9583]  __do_splice+0x32a/0x360
[  119.000154][ T9583]  ? __pfx___do_splice+0x10/0x10
[  119.000164][ T9583]  ? __x64_sys_openat+0x130/0x210
[  119.000180][ T9583]  __x64_sys_splice+0x187/0x250
[  119.000192][ T9583]  do_syscall_64+0xcd/0x4c0
[  119.000208][ T9583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.000219][ T9583] RIP: 0033:0x7f649bd8ebe9
[  119.000228][ T9583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.000238][ T9583] RSP: 002b:00007f649ccb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[  119.000248][ T9583] RAX: ffffffffffffffda RBX: 00007f649bfb6090 RCX: 00007f649bd8ebe9
[  119.000255][ T9583] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003
[  119.000261][ T9583] RBP: 00007f649be11e19 R08: 000000000000714f R09: 0000000000000000
[  119.000267][ T9583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  119.000273][ T9583] R13: 00007f649bfb6128 R14: 00007f649bfb6090 R15: 00007ffcc8f10018
[  119.000282][ T9583]  </TASK>
[  119.189966][ T9559] syz_tun (unregistering): left promiscuous mode
[  119.406370][ T7629] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.409592][ T7629] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.475432][ T7629] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.478613][ T7629] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.516074][ T7629] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.519837][ T7629] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.587000][ T7629] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.590287][ T7629] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.751411][ T7629] bridge_slave_1: left allmulticast mode
[  119.753824][ T7629] bridge_slave_1: left promiscuous mode
[  119.756088][ T7629] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.758993][ T7629] bridge_slave_0: left allmulticast mode
[  119.760812][ T7629] bridge_slave_0: left promiscuous mode
[  119.762672][ T7629] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.798478][ T7629] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  119.802253][ T7629] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  119.820404][ T7629] bond2 (unregistering): (slave geneve2): Releasing active interface
[  119.822923][ T7629] geneve2 (unregistering): left promiscuous mode
[  119.897908][ T7629] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.901673][ T7629] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.906106][ T7629] bond0 (unregistering): Released all slaves
[  119.912299][ T7629] bond1 (unregistering): Released all slaves
[  119.967273][ T7629] bond2 (unregistering): Released all slaves
[  119.973723][ T9541] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.203476][ T5330] Bluetooth: hci1: command tx timeout
[  120.209519][ T7629] hsr_slave_0: left promiscuous mode
[  120.211439][ T7629] hsr_slave_1: left promiscuous mode
[  120.213361][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.215725][ T7629] batadv0: mtu less than device minimum
[  120.217699][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.221085][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.224788][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.228272][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.232110][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.236215][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.239703][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.243115][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.246600][ T7629] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  120.252070][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.255362][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.266250][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.269409][ T7629] batman_adv: batadv0: Interface deactivated: dummy0
[  120.271921][ T7629] batman_adv: batadv0: Removing interface: dummy0
[  120.276831][ T7629] veth1_macvtap: left promiscuous mode
[  120.278937][ T7629] veth0_macvtap: left promiscuous mode
[  120.281037][ T7629] veth1_vlan: left promiscuous mode
[  120.283036][ T7629] veth0_vlan: left promiscuous mode
[  120.469286][ T7629] team0 (unregistering): Port device team_slave_1 removed
[  120.498919][ T7629] team0 (unregistering): Port device team_slave_0 removed
[  121.155909][ T7629] IPVS: stop unused estimator thread 0...
[  121.228273][ T7629] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.232628][ T7629] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.288908][ T7629] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.293211][ T7629] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.357871][ T7629] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.362114][ T7629] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.408810][ T7629] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  121.413104][ T7629] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.421935][ T9541] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.509014][ T7629] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.537675][ T9541] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.575847][ T7629] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.657640][ T7630] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.670448][ T7640] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.674032][ T7640] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.680700][ T7630] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.736916][ T7629] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.806495][ T7629] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.933053][ T7629] bridge_slave_1: left allmulticast mode
[  121.935647][ T7629] bridge_slave_1: left promiscuous mode
[  121.938148][ T7629] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.942268][ T7629] bridge_slave_0: left allmulticast mode
[  121.945021][ T7629] bridge_slave_0: left promiscuous mode
[  121.947520][ T7629] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.960666][ T7629] bridge_slave_1: left allmulticast mode
[  121.963194][ T7629] bridge_slave_1: left promiscuous mode
[  121.965766][ T7629] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.969993][ T7629] bridge_slave_0: left allmulticast mode
[  121.972425][ T7629] bridge_slave_0: left promiscuous mode
[  121.975090][ T7629] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.207692][ T7629] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.211696][ T7629] bond0 (unregistering): Released all slaves
[  122.216952][ T7629] bond1 (unregistering): Released all slaves
[  122.221998][ T7629] bond2 (unregistering): Released all slaves
[  122.289239][ T7629] bond3 (unregistering): Released all slaves
[  122.292982][ T7629] bond4 (unregistering): Released all slaves
[  122.299283][ T7629] bond2 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  122.302146][ T7629] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface
[  122.304792][ T7629] bond2 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - d2:08:2f:e6:b9:19 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  122.426776][ T7629] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.430419][ T7629] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.433714][ T7629] bond0 (unregistering): Released all slaves
[  122.437602][ T7629] bond1 (unregistering): Released all slaves
[  122.443060][ T7629] bond2 (unregistering): (slave veth5): Releasing backup interface
[  122.447350][ T7629] bond2 (unregistering): Released all slaves
[  122.451184][ T7629] bond3 (unregistering): Released all slaves
[  122.536924][ T7629] tipc: Disabling bearer <udp:s>
[  122.538600][ T7629] tipc: Left network mode
[  122.544013][ T7629] tipc: Left network mode
[  122.605289][ T7629] IPVS: stopping backup sync thread 9271 ...
[  122.877574][ T7629] hsr_slave_0: left promiscuous mode
[  122.879707][ T7629] hsr_slave_1: left promiscuous mode
[  122.881654][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.888530][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.891176][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.897990][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.900595][ T7629] batman_adv: batadv0: Interface deactivated: dummy0
[  122.902729][ T7629] batman_adv: batadv0: Removing interface: dummy0
[  122.905766][ T7629] batadv_slave_0: left promiscuous mode
[  122.909920][ T7629] hsr_slave_0: left promiscuous mode
[  122.911967][ T7629] hsr_slave_1: left promiscuous mode
[  122.913961][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.920832][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.923885][ T7629] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.930701][ T7629] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.933399][ T7629] batman_adv: batadv0: Interface deactivated: dummy0
[  122.935528][ T7629] batman_adv: batadv0: Removing interface: dummy0
[  122.940118][ T7629] veth1_macvtap: left promiscuous mode
[  122.941913][ T7629] veth0_macvtap: left promiscuous mode
[  122.943806][ T7629] veth1_vlan: left promiscuous mode
[  122.945706][ T7629] veth0_vlan: left promiscuous mode
[  122.947860][ T7629] veth1_macvtap: left promiscuous mode
[  122.949674][ T7629] veth0_macvtap: left promiscuous mode
[  122.951511][ T7629] veth1_vlan: left promiscuous mode
[  123.130088][ T7629] team0 (unregistering): Port device team_slave_1 removed
[  123.163359][ T7629] team0 (unregistering): Port device team_slave_0 removed
[  123.358662][ T7629] team0 (unregistering): Port device vlan0 removed
[  123.475973][ T7629] team0 (unregistering): Port device team_slave_1 removed
[  123.505104][ T7629] team0 (unregistering): Port device team_slave_0 removed
[  124.267808][ T7629] IPVS: stop unused estimator thread 0...
[  124.270869][ T7629] IPVS: stop unused estimator thread 0...
[  126.026553][ T7639] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.085104][ T7639] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.145197][ T7639] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.226120][ T7639] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.292133][ T7639] bridge_slave_1: left allmulticast mode
[  126.294017][ T7639] bridge_slave_1: left promiscuous mode
[  126.295819][ T7639] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.298764][ T7639] bridge_slave_0: left allmulticast mode
[  126.300568][ T7639] bridge_slave_0: left promiscuous mode
[  126.302351][ T7639] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.487242][ T7639] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.491517][ T7639] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  126.494976][ T7639] bond0 (unregistering): Released all slaves
[  126.708251][ T7639] hsr_slave_0: left promiscuous mode
[  126.710305][ T7639] hsr_slave_1: left promiscuous mode
[  126.712311][ T7639] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  126.714879][ T7639] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.717688][ T7639] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.720131][ T7639] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.724025][ T7639] veth1_macvtap: left promiscuous mode
[  126.725764][ T7639] veth0_macvtap: left promiscuous mode
[  126.727496][ T7639] veth1_vlan: left promiscuous mode
[  126.729152][ T7639] veth0_vlan: left promiscuous mode
[  126.852045][ T7639] team0 (unregistering): Port device team_slave_1 removed
[  126.880376][ T7639] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
12:36:43  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000002 RBX=0000000000000002 RCX=ffffffff81fdd888 RDX=ffff888024014880
RSI=0000000000000002 RDI=0000000000000005 RBP=ffff88802acd0808 RSP=ffffc90003c475f0
R8 =0000000000000005 R9 =0000000000000002 R10=0000000000000002 R11=0000000000010579
R12=0000000000000001 R13=ffffea0001769b00 R14=0000000000000001 R15=0000000000000867
RIP=ffffffff81bb9320 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007fc953c0b6c0 ffffffff 00c00000
GS =0000 ffff8880d66c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fc953ae56c0 CR3=0000000032a6e000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffccc58b996
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffccc58b996 00007ffccc58b99c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf45412fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dc37b893003a0347 e7d61a000581d79e bf1d33568ad05e37 500000000000000f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cb549ae3467abc9b 4001adbd000c0804 0001000c12000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f41327ebfa8a5333 9eb4e27e940a8fd7 0900ed5f95ce6391 06df79661712a8bd
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff7ff20fa210d0eb 50f41327ebfa8a53 339eb4e27e940a8f d70900ed5f95ce63
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9106df79661712a8 bdcb549ae3467abc 9b4001adbd000c08 040001000c1200ec
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a6c7c8aeef321ec0 6cdc37b893003a03 47e7d61a000581d7 9ebf1d33568ad05e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3750000000000000 0fff001f1bcaffe2 6e00000300f7e303 7f01000003dc0c06
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=1ffff920007feeef RCX=ffffffff81f75976 RDX=ffff88802e118000
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffea0000f89640 RSP=ffffc90003ff7768
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=dffffc0000000000 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81bb8ce2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f86d1ae7d60 CR3=000000003265d000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f86d0f876c3 00007f86d0f876c3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdc93bb800 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555592256822 0000555592256730
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055559224df2f 000055559224dd30
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004840005840322 0400058003001aca 880000110000b13b a196aa8847000212
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0128100005800400 1000341000068004 0100000808060c01 698e000001ffffff
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffffffffb0805 a40302d4020005a2 03aaaaaaaaaa01ff fffffffffffffff5
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080598030c020005 9603000200059403 0204000590030000 000a080605880300
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0484000584032204 00058003001aca88 0000110000b13ba1 96aa884700021202
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88806a741e80 RCX=ffffffff81af8e41 RDX=ffff88802b2d2440
RSI=ffffffff81af8e1b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9002282f888
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed100d4e83d1 R14=0000000000000001 R15=0000000000000003
RIP=ffffffff81af8e22 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d68c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f649ccb4f98 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000014 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc8f10526
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc8f10526 00007ffcc8f1052c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649bf874a8 00007f649bf874a0 00007f649bf87498 00007f649bf87470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649caed100 00007f649bf87460 00007f649bf87478 00007f649bf874c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649bf874b8 00007f649bf874b0 00007f649bf874a8 00007f649bf874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85636715 RDI=ffffffff9b104160 RBP=ffffffff9b104120 RSP=ffffc90004577228
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff9b104120 R15=ffffffff856366b0
RIP=ffffffff8563673f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f649ccb56c0 ffffffff 00c00000
GS =0000 ffff8880d69c6000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000010000 CR3=000000005573b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000014 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc8f10526
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc8f10526 00007ffcc8f1052c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649be12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649bf874a8 00007f649bf874a0 00007f649bf87498 00007f649bf87470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649caed100 00007f649bf87460 00007f649bf87478 00007f649bf874c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f649bf874b8 00007f649bf874b0 00007f649bf874a8 00007f649bf874a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000