last executing test programs:

3.5082517s ago: executing program 1 (id=301):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000a00)={'wlan0\x00'})
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000380), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
symlink(&(0x7f00000003c0)='./file0/../file0/file1\x00', &(0x7f00000017c0)='./file0\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000cc0)=ANY=[], &(0x7f0000000180), 0xa00)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
r2 = ioctl$KVM_GET_STATS_FD_cpu(r1, 0xaece)
vmsplice(r2, &(0x7f0000000a40)=[{&(0x7f00000001c0)="48329d2a0f8c5a7523c44f94e8ba99b8b15771dc80a26422145faf01d265a1445bff349af9b8a6e97ddce72a1be1677daedca69ff6c9cedbb022ca8e02616e5eb3d900aadd74066174fb440d2e8f423e6ceed22474123ce89f8bbc6a7e3298d139c41adfcd62c3fdfd02e3ef386663045622c544593496a48cffac45e60e44919eafda50f55b265ae84d5ec731af93033bd51531e9bc9f476479b1fc7536200782f7ff61d3857881db079416373b0666ef", 0xb1}, {&(0x7f0000000280)="d485a011954e71f35445be95a63fc00bd3c99f6ad92c58fdcfaf883f183af30ff48cd284307cbd207ec13a1c5bfca36b54c8da70a54f1c4b140235d46fdb6762fcc21dce715008fcf8e493cc7ada38281bec4b3e8cf9889b45887ac81a894eae9ac92aeb30deda38025012965a0be855dcdfeb17aaf018d16eff7a17d74f4009", 0x80}, {&(0x7f00000004c0)="8b4b403af341be19e170262916b09c60b4000d715414be21bca0f9667c2f44e8db22f737841c50a49957f02ffb8e3970", 0x30}, {&(0x7f0000000640)="9555b7b98dbfad0ec928d6ab6956d655522e890b823c5abd1d136cadac78866c79b000434105948b716aacea6331ec2d1dfc7d86eecf57245d2c58b80ef5987118fb824c690225774d27fffbe0583f5a1415cb47489dafca2b37d2697843cedbfc77b03437ae569830e3a7e7aab38e2c6e1b548f972c7ce67db9258fb1c18bf37536f088ee19d2ed5d25d4714325db4cfba4638651ec563b52c5e7d47786a4b2239f77466cc6d5f4fccfdf6ff08320b9d4255b18eed567e22fefbd2d35f1fc0df4adaa5cf081b438665dce22dd6d89c63aedd3fdc63038a887326709ec4aec0962218e77312c3200a604c5fc7f8b56f3c274771d", 0xf4}, {&(0x7f0000000740)="3e2475098ab90ba0728c203eb50856f1c9cdaf9ef35b8499e7f567bb59fee9bee1a8c3e17c94e633bd806e10f1893019005c14dd3a885d9b50fa7b126ea1f5de94354edeb34bd72d303b4b8bc0c45bbe2a48d23e95a1ad8155dc972d1a1ea3c63f571b8ac2f9dd5a224a4c7c2e4b9ebf750e846c690d05427a21e385f4c5d65d31e8253fcd429301edf3a0cbe792d30291186675c4d6163b3defea6d11907110d14f31ab4cf21f2d706233df6aec40d3a9bb274a88e50dd416a678e435db130595ffcf987edac9b079b6a4d5e358060f5af2247c90b2656eba2d736ee4784c7d58a3ba26a99283bda6114fef08d2", 0xee}, {&(0x7f0000000840)="0b83f585d85d9af5065b062243ac066b29c2f1113b0b85df8e07fcf2e58af33decbe3f3375e9ea7baa8e70514c6361d91ea98f890a0574b1b964673570d538ffeba3991108e0266eb0c12d29d2f95742160db13eee896b0ca50f39332a41ef44116593c68f6ecf64b5579b30591b4cee26d70baecfd9a116ab9450bbdaccb190682dc6f319cf33ac51d358ff6aa55bdd887a3219e19471bb2b2226c7f95a62cf", 0xa0}, {&(0x7f0000000500)="a3ff2ec01fe97026bab7e9f75fbd701f", 0x10}, {&(0x7f0000000900)="8753387237d713b6e95ef94e2c8ca4327a41852e7a28079c0bfee18e90c3cbb3e8d08d56ad1ce332ab3579a6b6423268f51f950b336c10d4ed8d1418b32d513e59e3f01efc5dfe4a39da7e772b69ce6dcfb84a75d540f528705d66f3576d0b7c0fbe947da172e818a0023a0831e194", 0x6f}, {&(0x7f0000001800)="04ea20ebc84c6c232daaec742572f7df2855ea61d2019bc837edcc6cf794cbaf9e8d612d65a97dc03152ac855bf4ea898f3f395f5605fafd46db0930c9457d2e801c2da99d198013ba1aef4dd230e05b85f30da4864ae4199dc4ca673268c0977d66ed4ea599ad595349aa5bda4d8cb31b61c5e12f84a6b8f166b5bb777de56c373d91c8bcd8ef971d79485b7b2c5efb6a7531ea1576144032fc06c0313bc564ea668c567adaf6407983112669ff55c48e025cc6c6c71119834df89ec80e2e0ab3124a73f34163935bb974f8d63455e9bf61f3c63f126605f389dd8a438c7b48ce5e2f8ccf0f1b880b29c41e88fbde32ec2adfc281c8d22c84b07b3c7adf93b63679b37d85edaea0d1d2870bab45d57bfed9ce79f1d7a75f47a93a9fda932c2453973a63ad50593e835d965ef0b43addfe8d963362714a894426d784e3f5eaf0e495617c0b5c7023bf37ec443c4f240b357d0f123390576cd2f94e6437bdab8aeaf6455a07e82403c32c4dd56da7197afbe59c5e24de9898fced5bb23b01bb3d75498b98db87c6bcc5a3a4a344e2898a7c7170bb09ab1d01fdb140d7c94a91145305a68b0562643a173daad599d25270f83b2166222b6a5e6e40772bf59daca697e601c76c22a49a94b667da323aca5a2cdad944ce5610ff286b5c732696533f5ae51babb036712476120d97facbe0b3ba06354342b86d15d738b56951023d64606752e75e8cc7b3bb157447f062b0200ce49697b0312328478815ba74a1646b873246de4ddf64bc77fbd78bdd33771c424ff438ade72bd7b6afc665ccc06d8552d4cd8b5cd3cfb07d9b93e301f3b47e6e86074995ac5eab2cf11981a001a929f65668d75fa0b38416bf6e73d72e9cd3e0d457175ba2b15bf08f99456a3956b8075d120208a29ec9eba973b6a7258a4a7caea8e19dd5840d98cfd36de9c2100aa7a91b0dd58abfd71cecfe1307aaa6160860aa2cd5ea7c02fee2a5dc3d5a6ad0d7e68ac6ffd085bea8189b52788250c7075dc8314b12da96004971de5718a60197bda2961dbdee2e7870c7d7a08592beb48bd03022c477a3207cd33ed3bf30cb19475daf1d38f9e798e85f1f68a6c6cb66bd2d18ae70a54b01b3b33d561f6d643357588ad913c47fe1bb81ebefca8a23cc7af986f0b4e5584654851a18587c467b72dbc447c97036017ace4f61aaf359af31974e542e005361f8d80dc394a9ebf822038d37444c307db3fdc4c7767da803c4cf5aaf0700fb2d515e48070352ef6a1a380568b5e134b886ee8af9a41655459d907573522be2f0c32d57ac91166edfde2bb33d0ef94445851410bd0ece4687b6bc4e9e2cf691d16b5135d0b235910c4dbbb115faed3f2f4cb8128457d466b57345aea5986982ac03cbd75334bfc61092f5a4b912cfa039a4edb6c1e1a223730879ac423bbfebdfb9489122319ae5c45b16d59387ff8ee1ca516d11253028063bae80db87976727101354bc144d5eb26884993a520b3902698ee677207a993e0c9c26e0e912edea3e2fa8824309e509e725a9bd62d85b6a53ec80e6f80c374cb0b51e7cb5de476fb7e31f529e0f54c00118f6db1ce2bb68d540c97073b4b5cf8ebab4be5a6c93b9936e71652be104db49a21c3a13c378f604dd3c7c7e20953f5f52e5ec938c97e37fecbb4a6629692a1329ed494203a87e83a62f4a601084f4e727c1609bba25355e07b5116737c49cf08e1cef52b00d513fde28636d86156564651653c655decfc991224cdb0fdbc3c8754d504361542b1fb972fddd7e3b75b97393793e2068700d12d678d2eb49cc8e164f360112dbd7ddcc4f3bc948a2466e87ecc00f89fd7187a78fc77bf5070f9102ad5060463f80c3628bd60ddc55bc7b9ad0ac15e90c837447e5fe1e221157e0a2bae3ce178b5eb215cf2e1401be70d918476e3405f8d73e92bf3f16c3257faa60d357769d772fced64bc6196a7511ee19c7668068e36f1c1296e9ddd7e80d271893c783da4e4f3a7e5d3cf04fad7fd5d093d11f6c09cd7c1ff595f9c49b081a239aaf5cca8d11b2ce4d663dc0d99bc1627d1b4a9664a157916ac3f44b08a7f8755f05accb37d93322ce2b8f103a886b4b3d23f04dde5eb088e52bb65df12f9e69cdcb35fb0d65be538bc762305478533ee9a07c26511759776604134c5e1aa06db1a2728265ed851dd0e44619730089dcb47b2c93e44629139c02705a55ef011f9de6ae4fb94a29992ce79be1ab7a543fa745b9e3f2434b9ab6bf95d3ede7b11f53e27cb622b1702b09c6a041951ad08ce4f5a2b9f744a6433801c8fac51987afabce6dc3e7c329aba4e56f3fca612d2a3b5beeddc5884223936013771dde9588541a72ba6a4cfd028ab7637716f4a94df97dda70c48c7fe200a145d55895a57e8df5a97ad75dbafc06eea130114bbe39a0508ea33944f5d120ec759181dab4b73d99fe06ff39e12101dd78aa1b9661ac34ba724084cb47a488fa0d94eb842b888551e76944e33bec05644b4c9c518284556058ccdf8d51799ef2f1cc5a68a141872ba325a5d5be88c1c6149841464262cd4c5c97b8c4f53a2f371c0bb6638ea5cc072c3ae423255176098985c0b9551873643c8c1e82dc4ce507f677a573f0a290eba70d0e12fdbe98933ed148a65b44989102e42730c446a3dcb2ea0e23301fc3e6087e91d411f57f01496a4134a1736fba586b346e6bb87220db774e5b63db7a9ca12e5d88eacef9a13c6834987965346a037e3dde94e301a8d975cef6976331c79466ce77a24f1115a2044531adededc2faa25115f0793c1cb2c7afbbac919016ed05d3081b41983956eba36ff37b1ebe02e1751b4c780adfb560b742aff474b894c090bf49a5e17849ba13c155be5aa4bdf136c0023181fe28e754b7751d33b22be5de915b9ee0dcb3ca671cca1f5cd2c107c6fc66284bb5121c3f39bca1687a189471ebe6c366be47579421aecbc9bd540a9994ac0a7d2d667bb55e2323e4a85f4af1ddd6671348374beff8b2d9420c11f925678963c2abe09debe9130de60b1468d2ac4d942beaf525ea9700e59bf079ecc4bae7adf8ef5b9e5a43533f5a1d0912b55e08979f0e0286f1a39b0b21337f9371a923a08e8f752950e5b7cc48b1202630ae099eaaa2ea6e8f9f837c59d4818cab75bada50d90f681ecce159bc5a85e2667ac0945fac5c7d28dde6e8ec7ff4b28d152cafa1abb173c938f7489590786c2e731ed62f6e56cb556190a8714f28594d0fa24a46264da150b93fe2b3031e944ff0bd0820232f3a3212f0156dc156642ad4637c8b556e34a41bd307b95ad8c141a81d6806c4602db3a1e6f05bdaba9d5fb8906fbd735233dcbfaa331cb12698edd581b16fc97902cc38e279833c753ed74257755a041492b391393a04e632b7cee4f04a2ad74421e32d4be05942a3cc2cc7e77ccb47f5ab88783dcdecc72a5e10e90c5eb782751b58af5bc7a396aa289492aaee9e9685a7fae2462cf6c8418ea56e67bb34cc61bdcfac2a505e4b954856f4f4ad7a5c8cf892c0bf466361521261bc6b3adc9a43519cc040501315c6b950d13333b43a23abd98cb860848eae513a78e42550de14e50c439e2cb2980fb64bc3571f7e09e425c2edc5c27006b6f7d0ef5fb360e92b93d3fda62da4aea66fa93f6af925d2ebdff6dfa4812c5ac7296d4615fbb6e14111a39896f1c5bb3c4ddc8d212847bc24177062965ba8f09b4b5da95e71e7072e65f4317e04d7d9a25d59f00602af97b0ceba4156152bae2153d032e137510dce7cae7db1960cc6edf8b3350d3b003cf3835b9fcfb45a72d714b7138a4d3a139e8acd3744078a40d2c3f2bcf4898b1efd2b797bd23f7003e09b066bfabe36d6e275a0acbb893908c267f62ed22a67156a4da7e3b9105b72b367f4a38820987081779092a55a37dc4d17cd486a632937389d94f0ff9a6e1d277b185969d241b7c0154e7497d994042120fb5e1972b5c50765cbc30fe6ddd3bf3f64546101c2687874c446691e96f192616d8bcaaf8c6f514960b55662872a910cea6ad4caa5814f14bcdcc79101200d553f99f6b7a768550b4a9be02c823e276ac1fb6350979d877a78010b07abd149e95bfff4a59835a97e1e34143208f66df24e16f92626dfd2e3e1aa57c3d781134c2733ae6c8cbf42739782856af1e4872ea1d19d1400606aa72542902a8f151036cc488248c08d467a49786b60b8b1d9c099736e63530521c9645bf4567be541b7de5de154c24b699507dae6c06f6bbf904be679fc01ab364d7af3c31353fe3edf2edc2054678d1b0af0cd5f9122613a5d01d9a722e59f53914defb7a2311946bc0ec2470769c75ebbf795a08da1d692c78f621a4e3f1683d712f5136d32731b15335902db5d4e610a34838ccd7fe904f41ed8c5a649d0c0ed0aa1066a774ee3e1de1d9e8904c92c28a0743d4b1faf7247cd23bf4795bc4e614ee8c893c591f4732d181be15a7bc24a673ec37b0e61c919d9bab2548ec3c97c7cc561b9e1af661732b8101ef911bec8c2852b841e9fab81933d2e654ecdd1e60b2e744a252e3264bcc2fae4d02578da0abb9d381b2b606ddf2bb96a4feef33bacc87d433a5b0e33b19f761dfb03d3db0bba7120059d3912eabf94326291c71813b870f3865d6473c559227939f42f92ed4aa71e862b12f6f2b9295b670618e94134d4ead2f5252d1af6633340e3cbcd0c1f2f28a612b54c2708807edd4b3cfe67b21ed996633d89f5618c8163a9632bbacb066fe0e5da10b9bc7a9a4cdec6f19dd9ddc4aacd00d13c893befde826e55de093c74889ecafb3b47f0df40c5de7b9d384dd15041d06da6e795740d9d2119255dcfa66684d159c88f19dd4ad2f08790d15c5a6da1c336a4a3693fc3df0d2931d328e9e372bb51820682b6a049267aa589172ca42bf4ea1b89f4d6cda3d81b81eb5af7884d99f35f1f139182589ff1dc15c2490a6414bb6dd3d052a0f86d126fc0fa8539a84d5c4aaac69dfccee7b485637e49a119ea6145992c21f2a4045f9a982262d70e8c0544636d22daa39b54d47e7536339661df3f7502eae8ae816261ad958d9cacb5bea08859b63862ad2f290076ab0ee8c993a9085c43c946e143d84e728d4555f4896f6f5e8d2c9af7de1e7ddf5a6d1fc409ecd910e12867e9b6bffd6b0026e42a01abe4ac218e3213bc4596ac6d8ecf5ad8be824e5aa79f80d6103ec5efa8e3085fd0c035d48b9174330f38cb0119829905b3ca6b772cabdc240a1d9edb437195e20e694ab31084cd17ca373da037c7549a6e2090877fcd72c6eee2d537dc1773c20ddad18a921b0526044a7f20887dc1c70c7a006e0d45a2072f9f91d1aad37ded7620275e166975e9d7d179dc34a0bf80155ac9bfafbb96a93ab1e79ce84d9a7e9e74fe7aefc48a0f8d0fe34890097248c83e473d47537ea60f72b790629404410af9df52d9dbe92e2adef0cfe8aadf675e17a655ba0b3db9ea9a207b4947fab4533e3bbfd4915ef5fb4942f9eaa9c8bae291e897825b2ce428c69c65858015b7c3163577e840512aea93e73df54b1245f80e17ec055aff1fdb74be527f431b82e03f002ca5e39de8892e185c53e56cfec15c41987deebc2eff15a7abe7f39253c12d64b756f29d7afee8e148a84443d26c4a5929357edaac2106acc63e01c38fe15fffd04d5e490ffe3cb42578ac8519a9a34fde27b3342a84d4f0e5a45ad7895625574b40fdcc32d88bf9fe736e0a2291e05feb3e2493a7bcffba5c4ef0f1418698106a08d5353c3351de8cc8dd37b608934acb1ec8df0bfb", 0x1000}, {&(0x7f0000000980)="9629fdd267dcd0c996e7445abbd2bbc1f476507115da4b804b46ed58ee256429773607291124b4a323a1c0c31c68e4c29533a9404d7f5f2e63d9f0f98d1eab190776af0d1d50b4c33b1eaf01639dfdcffce75f552cc5001d256aa2b2d87f2184e9ab0ab3cd51c5504eb289", 0x6b}], 0xa, 0x8)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x204600)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000140), 0x2)
ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000000)={""/32, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000e00)=[{}, {}, {}, {}, {}, {}]})
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x5000)=nil, 0x5000, 0xc, 0x12, r2, 0x8000000)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f, 0x0, r1}, &(0x7f0000000c40), &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000c80)=ANY=[@ANYBLOB="04131906c9000200c8000300c801000000000000000001012939649e5699c8000300"], 0x1c)

3.447347199s ago: executing program 3 (id=304):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x8c, 0x12, 0x1, 0x802, 0x0, {0xa, 0x0, 0x80, 0x0, {0x0, 0x4e23, [0x0, 0x0, 0x0, 0xfffffffc], [], 0x0, [0x1]}, 0x0, 0x100000}, [@INET_DIAG_REQ_BYTECODE={0x3f, 0x1, "719d8410c712a01fbb8fbd7d8558c55c05a64dcb4b9988795f72b9fa227fe71aabc6fb1cfb0ec47bbb0ebefa162a824ee35f1eb6f7b282a191444e"}]}, 0x8c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_sock_diag(0x10, 0x3, 0x4) (async)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x8c, 0x12, 0x1, 0x802, 0x0, {0xa, 0x0, 0x80, 0x0, {0x0, 0x4e23, [0x0, 0x0, 0x0, 0xfffffffc], [], 0x0, [0x1]}, 0x0, 0x100000}, [@INET_DIAG_REQ_BYTECODE={0x3f, 0x1, "719d8410c712a01fbb8fbd7d8558c55c05a64dcb4b9988795f72b9fa227fe71aabc6fb1cfb0ec47bbb0ebefa162a824ee35f1eb6f7b282a191444e"}]}, 0x8c}}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)

3.447112298s ago: executing program 1 (id=305):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x99, &(0x7f0000000480)=""/153}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000700)={'veth0\x00', <r4=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000400)={&(0x7f0000000300)={0x1d, r4}, 0x10, &(0x7f00000003c0)={0x0, 0x10}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
preadv(r5, &(0x7f0000001240)=[{&(0x7f0000001300)=""/231, 0xe7}], 0x1, 0xe12, 0x200000c)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000ac0), r5)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000540)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100fdffffff00000000260000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008005100000000000c000000feffffffffffffff0c009000000000000000000007b8e9352847216ef621ce5dcd26ac4150715368c2d8c950431b3eb17b9cb831d54437c77362d29ed6d387f50bd577f047ec13"], 0x54}}, 0x0)

3.378419213s ago: executing program 3 (id=306):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xdf6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$FUSE_BMAP(r1, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96076500001ea89de2b7fb0000e60080b8785d9600010000000000000000000000fe00", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}})

3.378183109s ago: executing program 1 (id=307):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x2000000000001ff, 0x307802)
r1 = dup(r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
r3 = fanotify_init(0x200, 0x0)
fanotify_mark(r3, 0x1, 0x4800003e, r2, 0x0)
acct(&(0x7f00000002c0)='./file1\x00')
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x67)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000005c0)={'veth0_to_bond\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000740)=ANY=[@ANYRES32=r3, @ANYRES16=r4, @ANYRESDEC=r4, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x20000080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r7 = io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0xa1d1, 0x10, 0x0, 0x1})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r1, 0xc040563e, &(0x7f0000000180)={0x1, 0x0, 0x3, 0x0, {0x7, 0x7fff, 0x6, 0x2}})
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000f40), r8)
sendmsg$IPVS_CMD_NEW_SERVICE(r8, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f00000001c0)={0x44, r9, 0x1, 0x70bd67, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@remote}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x11}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x115}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004084}, 0x20008800)
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000580)=""/4095, 0xfff}], 0x1)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x13, 0x1, 0x0, 0x0, 0x0})

3.308415921s ago: executing program 1 (id=309):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x10, &(0x7f00000002c0), 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=r3, @ANYBLOB="00000000000000005c003f80110001006272696467655f736c617665000000"], 0x7c}}, 0x80)
syz_emit_ethernet(0x1ad, &(0x7f0000000380)=ANY=[@ANYBLOB="0180c2000000aaaaaaa2aa178847000000000000000000000000000000000000000000000000651c0a82015f2f0120010000000000000000000000000000000000000000000000000000000000011d07000000000000c20400000004c204000000080201544027798e45411dec777e1d9fc7f85e0356cc22cbff40afac298d8053dc7a19a0c7b6ef4a90d3a3778d04010600010000000c20880b00080002000e24a4a0ac9fb9fb4116750c000800008105e2758f36c774cf1dc1d1161a7ea680d5456f155d7164e457bb7b04f9e919ef47cde8c6f0d775aa97dfd26cacdfa7d222b8b5193730e735dae42ae7220ea7a58ea9732140a7e3691c623b87279d3f86d95b88fe23ad834ba0b99fcacd86e352ce291413838cfde94d463c03148e0800000000000000a8e62a7669ad0d0086dd080004010006080088be000000031808f5f801000000fffffc01080022eb000000032303090b0200000000000009000900190800655800000004f3e64cd59c66e95490c647d22673db1d1681db4350372510cf792254cf42c0f29f99458bc0a4b26bb4af75d967b5b7f4aefe5df0f4cb4329df508fa0240cf8a9b06628accc6d117d8b44ee13b2e5c10dbba80d76ff01a2066c8d51"], &(0x7f0000000340)={0x1, 0x1, [0x6f, 0x7b6, 0x90d, 0x55d]})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@delqdisc={0xac, 0x25, 0x8, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xfff1, 0xa}, {0xfff1, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_FLOW_REFILL_DELAY={0x8, 0x9, 0x7}, @TCA_FQ_RATE_ENABLE={0x8}, @TCA_FQ_ORPHAN_MASK={0x8, 0xa, 0x200000}, @TCA_FQ_TIMER_SLACK={0x8, 0xd, 0x8}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x2, 0x80}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x7}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x1e}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4}, @TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x5}]}}, @qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x67a7, 0x8, 0x3, 0xfffffffe, 0x6, 0xfffffff7, 0x7, 0x6c, 0x5}}}}]}, 0xac}}, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x10)

3.30815134s ago: executing program 3 (id=310):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(seed-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="040e08ff7b0c01c8"], 0xb)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=@newlink={0x4c, 0x10, 0xffffff1f, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x8000}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_TTL={0x5, 0x8, 0x3}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x1}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x80000000}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4048800}, 0xc850)
sched_setscheduler(0xffffffffffffffff, 0x1, &(0x7f0000000000)=0xd095)

3.305526199s ago: executing program 1 (id=311):
r0 = socket(0x2c, 0x803, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @empty, 'geneve0\x00'}}, 0x1e)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000500)={'sit0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x8000, 0x0, 0x0, 0x3, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x29, 0x0, @multicast1, @private=0xa010101}}}})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f2, &(0x7f0000000500)={'syztnl1\x00', 0x0})

3.089210051s ago: executing program 1 (id=313):
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1)
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
gettid()
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$tipc(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000e40)=[{0x0}, {&(0x7f0000000dc0)="8ad4", 0x5dc}], 0x2, 0x0, 0x0, 0x24040804}, 0x8800)
write$FUSE_CREATE_OPEN(r3, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r7)
sendmsg$NL80211_CMD_GET_REG(r7, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14, r8, 0xf09, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8084)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r8, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x80000001}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x24}}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000200000001000000", @ANYRES32=0x1, @ANYRES64=r0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="050052e9040000000000000000000000000000000000150040bddd85"], 0x50)
r9 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r9, &(0x7f00000000c0)={0x2, 0xfffe, @multicast2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0xd9, &(0x7f0000000280)={@local, @multicast, @val={@void}, {@llc_tr={0x11, {@llc={0xfe, 0xaa, "94", "b3ef10c8dfe194c0eef31a51313d38523f50bfc0297d482ddaf9d5e823e55b722dc87a74cd00909e5f0567714a5ecd1aed73561609a7ec0543da6e36c910c7b3d68fb490c58d185792f673a0781816f293523ccb95d27aeb53b12a391f0a1b1f1d9ccab78134e194d672188cc285ceb91fbf732ef05c3df85f3dfbab9e1142d01d86fa9a2a7da275747866b23b40e088491802da2ba54c161923c19b324dc8d32c9fff05458e46f6617684e589531f2c08c7118824104cd0345bc2d4641743d8ad6d1edb"}}}}}, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x50)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x13, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x841, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0xfffffffe}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7c8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2, 0x2, 0x0, r11}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.088841355s ago: executing program 3 (id=315):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000002, 0x1010, 0xffffffffffffffff, 0x8000000)
r2 = socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x38, &(0x7f0000000080)={0x0, 0xadde, 0x10100, 0x0, 0xfffffffd}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xc0000151, 0x1, {0xfffd}})
r5 = syz_io_uring_setup(0x497, &(0x7f0000002180)={0x0, 0x787c, 0x2000, 0x4, 0x130}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_MADVISE={0x19, 0x0, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x17})
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="8520000005000000950000dcc8b2bc3875ddcd5591b3cea9470000000000000000000000a0000000000000000000"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x4e, &(0x7f0000000480)=""/78, 0x41100, 0x26, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000380)=[{0x2, 0x4, 0xa, 0x4}, {0x3, 0x2, 0x1, 0x7}], 0x10, 0x8}, 0x94)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_lsm={0x1d, 0x1e, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x1}, @jmp={0x5, 0x1, 0x9, 0x0, 0x9, 0x1, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fffffff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @jmp={0x5, 0x1, 0xd, 0x1, 0xb, 0xc, 0x8}]}, &(0x7f0000000580)='GPL\x00', 0x5bf0, 0x0, 0x0, 0x41100, 0x45, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000780)=[r1, r1, r1, r1, r1, r1, r1, r1, r1], &(0x7f00000007c0)=[{0x5, 0x1, 0x210, 0x7}, {0x2, 0x5, 0x5, 0xb}], 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xe, 0xa, &(0x7f00000001c0)=@raw=[@call={0x85, 0x0, 0x0, 0x12}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000240)='syzkaller\x00', 0x6, 0x43, &(0x7f0000000440)=""/67, 0x40f00, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x400000c, 0x0, 0x2}, 0x10, 0x0, r8, 0x0, &(0x7f00000008c0)=[r5, r1], 0x0, 0x10, 0x2}, 0x94)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r9)
syz_io_uring_submit(r3, r7, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x31, 0x0, @fd=r2, 0xef45, 0x0, 0x2, 0x4, 0x1, {0x0, r9}})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_READ_FIXED={0x4, 0x43, 0x4000, @fd_index=0x8, 0x7, 0xa, 0x7f, 0x9, 0x1, {0x1, r9}})
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x1f00, 0x39, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x5, 0x20000}, 0x10}, 0x94)
sendmmsg(r0, &(0x7f0000000000), 0x0, 0x28000840)
r10 = socket$netlink(0x10, 0x3, 0x0)
r11 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'lo\x00', <r14=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000009c0)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r14, {0x0, 0xfff2}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@TCA_STAB={0x50, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x12, 0xb2cf, 0x200, 0x1, 0x100, 0xff, 0x4}}, {0xc, 0x2, [0x2, 0x5, 0xfff, 0x800]}}, {{0x1c, 0x1, {0x7, 0x5, 0x47a, 0x0, 0x0, 0x28, 0x2, 0x1}}, {0x6, 0x2, [0x5]}}]}, @TCA_STAB={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x20000850)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r1, &(0x7f0000000000)="dd5f1b8352c3c3b3e69b759eea1b0bdfe66aa207fb95a84fa64053c887ee521e65a50e2f37d4e4815f50a91872f7bb889ca2e84d6682c0fdec74d459fa46a201", &(0x7f0000000040)=@tcp=r11, 0x1}, 0x20)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r15 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r15, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES64=r12, @ANYRES64=r9, @ANYRES16=r7, @ANYRES32=r1], 0x28}}, 0x24044020)

3.088321226s ago: executing program 3 (id=316):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f000000540bffa3000000000000b3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='system.posix_acl_default\x00', 0x0, 0x24, 0x0)
llistxattr(&(0x7f00000000c0)='\x00', &(0x7f0000000580)=""/4096, 0x1000)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000080)={0x3, 0xffffffff, 0x40, 0x800, 0x9, 0xdb})

2.299590246s ago: executing program 0 (id=334):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r0, 0x0, <r1=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r1, 0x0, 0x10000, 0x0, 0x4, 0x12fbab, 0x2976b1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r1, 0x0, 0x10000, 0x0, 0x20002, 0x80195764, 0x29b3bf, 0x8000000})

2.299073891s ago: executing program 0 (id=335):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x80040, 0x0)
close(0xffffffffffffffff) (async)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f00000000c0)=0x6)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000300)=0x1, 0x4) (async)
connect$inet(r1, &(0x7f00000006c0)={0x2, 0x0, @empty}, 0x10) (async)
r2 = syz_open_dev$dmmidi(&(0x7f0000000100), 0x2, 0x40e842)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r2, 0xc0245720, &(0x7f0000000040))
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000900)=0xffffffffffffffff, 0x4) (async)
sendmmsg$inet(r1, &(0x7f0000000100), 0x0, 0x2400c445) (async)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x0, &(0x7f0000000000)=0xd10, 0x4)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x10500, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2.24939508s ago: executing program 0 (id=337):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0) (async)
ptrace$setregset(0x4205, r0, 0x204, 0x0) (async)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11, 0x0, @tid=r0}, &(0x7f0000000000)) (async)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0) (async)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='system.posix_acl_default\x00', &(0x7f00000004c0)={{}, {}, [], {0x4, 0x4}, [], {}, {0x20, 0x5}}, 0x24, 0x2) (async)
rmdir(&(0x7f0000000000)='./file0\x00') (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={r1, r2+10000000}, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000480)={'batadv_slave_0\x00', <r4=>0x0}) (async)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000001000cff500000300ffffffff00000700", @ANYRES32=0x0, @ANYBLOB="000000000140060030001280080001006873720024000280050007000100000008000100", @ANYRES32=r6, @ANYBLOB="08000200", @ANYRES32=r4], 0x50}}, 0x0)

2.177469243s ago: executing program 0 (id=339):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$NLBL_MGMT_C_REMOVEDEF(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000", @ANYRES16, @ANYBLOB="050029bd7000fbdbdf250500000089e3e956cf0158e67b05ecaa52a02fe0ec31689f7365a3ea9822c2ef40cecb467fed5a03d68c6b320b4d8a5a5f9e325aa6c0703b805b2be141849e4643810204"], 0x14}, 0x1, 0x0, 0x0, 0x48005}, 0x4)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x300, 0x0, 0x0, 0xf, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000000900", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

2.099824802s ago: executing program 0 (id=340):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000035c0), r2)
sendmsg$alg(r2, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x340000c1)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
write$vga_arbiter(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='decodes '], 0xd)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYRES8=r2, @ANYRES32=0x0, @ANYBLOB="08001400"], 0x4c}, 0x1, 0x0, 0x0, 0x20000894}, 0x56)

1.719707701s ago: executing program 2 (id=344):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r0=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r0, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r0, 0x0, <r1=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000180)={0x48, 0x7, r1, 0x0, 0x10000, 0x0, 0x4, 0x12fbab, 0x2976b1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r1, 0x0, 0x10000, 0x0, 0x20002, 0x80195764, 0x29b3bf, 0x8000000})

1.719468927s ago: executing program 2 (id=345):
r0 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$selinux_validatetrans(r0, &(0x7f0000000140)={'u:object_r:app_data_file:s0:c512,c768', 0x20, 'system_u:object_r:admin_passwd_exec_t:s0', 0x20, 0x0, 0x20, '/usr/sbin/cups-browsed\x00'}, 0x7b)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x1, 0x0, 0x0, 0x3}]}}, 0x0, 0x26}, 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14}}, 0x68}}, 0x0)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$BLKROGET(r2, 0x125e, &(0x7f0000000100))
sendmsg$NFT_BATCH(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_macvtap\x00'}]}]}]}], {0x14}}, 0x70}, 0x1, 0x0, 0x0, 0x44884}, 0x4000814)

1.713831614s ago: executing program 2 (id=346):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801) (async)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r0=>0x0, @multicast2, @multicast2}, &(0x7f0000000240)=0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@gettfilter={0x54, 0x2e, 0x400, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r0, {0x1, 0xb}, {0x5, 0x5}, {0xd, 0x9}}, [{0x8, 0xb, 0x21c1}, {0x8, 0xb, 0xddb}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0xfffffffd}, {0x8, 0xb, 0x2}, {0x8, 0xb, 0xffff}]}, 0x54}}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async, rerun: 32)
r1 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x4, 0xb4d, 0x2c83, 0x4, 0x1, 0x9, 0x94}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$char_usb(r3, &(0x7f00000001c0)="1e4e470ccd622d3894858fa13dd9c0ca54038c579d801eacd08574d25ef722790c33d4d322e4f90ee401007de8d3515d6463fe86ae5670ead2f9c74f9edf68def0baab68e630ff3f9972d56a82cf65b1fea8e488b709bd31ba13dd2710c670ffb654a932a45ac688a4e483f39842b148eb971e4e0abfb21a95e72643", 0x7c) (async, rerun: 64)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) (rerun: 64)

1.630333033s ago: executing program 2 (id=347):
r0 = socket$inet6(0xa, 0x2, 0x3a) (async)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(0xffffffffffffffff, 0x800442d2, 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) (async, rerun: 32)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async, rerun: 32)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00') (async)
r1 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0) (async, rerun: 32)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) (async, rerun: 32)
setpgid(0x0, r1) (async)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r2, 0xffffffffffffffff, 0x0) (async)
socket$rds(0x15, 0x5, 0x0) (async, rerun: 32)
socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, r3, 0x4}, 0x38)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r4) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)) (async)
ioctl$SIOCSIFHWADDR(r4, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\x00\x00\x00 '}) (async, rerun: 64)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x10000, 0x0) (async, rerun: 64)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0) (async, rerun: 64)
semtimedop(0x0, &(0x7f0000002f80)=[{0x4, 0x800, 0x3000}], 0x1, 0x0) (async, rerun: 64)
semctl$GETNCNT(0x0, 0x0, 0xe, 0x0) (async)
semctl$SETALL(0x0, 0x0, 0x11, 0x0)
semctl$SEM_STAT_ANY(0x0, 0x2, 0x14, 0x0) (async)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x5)
r5 = semget$private(0x0, 0x1, 0xc0)
semtimedop(r5, &(0x7f0000005200)=[{0x3, 0x9, 0x1000}], 0x1, 0x0) (async)
getsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f0000000140)=""/237, &(0x7f0000000040)=0xed)

1.630222473s ago: executing program 2 (id=348):
flock(0xffffffffffffffff, 0x3)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x10001)
read$qrtrtun(r0, &(0x7f00000000c0)=""/113, 0x71)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f0000000040)={0x9, 0x6, 0x2})
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000180)=0x7f)
socket(0x23, 0x80002, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0)

1.329266418s ago: executing program 2 (id=349):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1) (async)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1, 0x101) (async)
r3 = io_uring_setup(0x48e5, &(0x7f0000001080)={0x0, 0x58e7, 0x1000, 0x2, 0x357})
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000001100)=r2, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
ioperm(0x0, 0x3, 0x4) (async)
r4 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
ptrace(0x10, r4) (async)
ptrace$getregset(0x4204, r4, 0x201, &(0x7f0000000440)={0x0, 0x1100}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

1.282155927s ago: executing program 32 (id=349):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1) (async)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x1, 0x101) (async)
r3 = io_uring_setup(0x48e5, &(0x7f0000001080)={0x0, 0x58e7, 0x1000, 0x2, 0x357})
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000001100)=r2, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
ioperm(0x0, 0x3, 0x4) (async)
r4 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
ptrace(0x10, r4) (async)
ptrace$getregset(0x4204, r4, 0x201, &(0x7f0000000440)={0x0, 0x1100}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

1.239540639s ago: executing program 0 (id=351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', <r2=>0x0})
r3 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_JOIN_FILTERS(r3, 0x65, 0x6, &(0x7f00000087c0), &(0x7f0000008800)=0x4)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$int_in(r4, 0x5421, &(0x7f00000000c0)=0x6)
read$char_usb(r4, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newtaction={0x70, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x5c, 0x1, [@m_mirred={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x16, 0xff, 0xffffffffffffffff, 0x7, 0x6}, 0x3, r2}}]}, {0x9, 0xa, "d6a4eea88e"}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x2000a804)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)
r6 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffffffffffe, 0x106, 0x1, @buffer={0x0, 0x47, &(0x7f0000000040)=""/71}, &(0x7f0000000180)="851666ce20db96ab0c7d83e114e7c41762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f1c4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87", 0x0, 0x10, 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="34000200c37860778108103ecb4d2619461cc143", @ANYRES32=0x0, @ANYBLOB="715a0300231a05001400128009000100626f6e640000000004000280"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

0s ago: executing program 3 (id=352):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
openat$cgroup(0xffffffffffffffff, &(0x7f0000000380)='syz1\x00', 0x200002, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000300)={'full', 0x20, 0xc, 0x20, 0x6}, 0x2f)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000012000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

0s ago: executing program 1 (id=353):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x1be505b, 0x0) (async)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffbd) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000040)={<r2=>0x0, 0x1})
r3 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000140)={<r4=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r3, 0xc01064c1, &(0x7f0000000100)={r4}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f00000001c0)={<r5=>0x0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000200)={<r6=>0x0, 0x1}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r1, 0xc01064c2, &(0x7f0000000240)={<r7=>0x0, 0x1, r1})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r1, 0xc01864cd, &(0x7f00000002c0)={&(0x7f0000000280)=[r2, r4, r5, r6, r7], &(0x7f0000000340)=[0x8, 0x1, 0x101, 0x99, 0x0, 0x2, 0x10001, 0x3, 0x1], 0x5})
socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, 0x0) (async)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x0, 0x0, 0xcc7, 0x8, 0x7, 0x8, 0x100, 0x2, 0x1, 0x1db, 0x2, 0x6, 0x101, 0x1, 0x87, 0x3, 0x40000003, 0x2, 0x100002, 0xf27, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})

kernel console output (not intermixed with test programs):

[   43.628193][   T40] audit: type=1400 audit(1753705406.552:61): avc:  denied  { siginh } for  pid=5858 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '[localhost]:6958' (ED25519) to the list of known hosts.
[   45.027537][   T40] audit: type=1400 audit(1753705407.982:62): avc:  denied  { name_bind } for  pid=5871 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   45.058956][   T40] audit: type=1400 audit(1753705408.002:63): avc:  denied  { write } for  pid=5873 comm="sh" path="pipe:[5893]" dev="pipefs" ino=5893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   45.067772][   T40] audit: type=1400 audit(1753705408.012:64): avc:  denied  { execute } for  pid=5873 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   45.075079][   T40] audit: type=1400 audit(1753705408.012:65): avc:  denied  { execute_no_trans } for  pid=5873 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   47.230259][   T40] audit: type=1400 audit(1753705410.182:66): avc:  denied  { mounton } for  pid=5873 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   47.234289][ T5873] cgroup: Unknown subsys name 'net'
[   47.359759][ T5873] cgroup: Unknown subsys name 'cpuset'
[   47.365373][ T5873] cgroup: Unknown subsys name 'rlimit'
[   47.619119][ T5932] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   48.275920][ T5873] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   51.393861][   T40] kauditd_printk_skb: 13 callbacks suppressed
[   51.393875][   T40] audit: type=1400 audit(1753705414.342:80): avc:  denied  { execmem } for  pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   51.637595][   T40] audit: type=1400 audit(1753705414.592:81): avc:  denied  { create } for  pid=5950 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   51.646659][   T40] audit: type=1400 audit(1753705414.592:82): avc:  denied  { read write } for  pid=5950 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   51.655987][   T40] audit: type=1400 audit(1753705414.592:83): avc:  denied  { open } for  pid=5950 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[   51.663861][   T40] audit: type=1400 audit(1753705414.592:84): avc:  denied  { ioctl } for  pid=5950 comm="syz-executor" path="socket:[982]" dev="sockfs" ino=982 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   51.686312][ T5960] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.689977][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   51.690494][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.692985][ T5961] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   51.695539][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.698647][ T5961] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   51.699981][ T5964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   51.700994][ T5964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   51.701498][ T5960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.701996][ T5960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   51.704474][ T5961] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   51.706106][ T5966] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   51.709141][ T5316] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   51.710969][   T40] audit: type=1400 audit(1753705414.652:85): avc:  denied  { read } for  pid=5950 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   51.713486][ T5961] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   51.714074][ T5316] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   51.715744][   T40] audit: type=1400 audit(1753705414.652:86): avc:  denied  { open } for  pid=5950 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   51.717251][ T5966] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   51.717926][ T5961] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   51.718716][ T5961] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   51.719215][ T5316] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   51.719542][ T5316] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   51.720293][   T40] audit: type=1400 audit(1753705414.652:87): avc:  denied  { mounton } for  pid=5950 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   52.014817][   T40] audit: type=1400 audit(1753705414.962:88): avc:  denied  { module_request } for  pid=5951 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   52.051802][ T5951] chnl_net:caif_netlink_parms(): no params data found
[   52.131567][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   52.153102][ T5955] chnl_net:caif_netlink_parms(): no params data found
[   52.279746][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.282862][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.285346][ T5951] bridge_slave_0: entered allmulticast mode
[   52.288272][ T5951] bridge_slave_0: entered promiscuous mode
[   52.295972][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.298450][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.301166][ T5951] bridge_slave_1: entered allmulticast mode
[   52.304256][ T5951] bridge_slave_1: entered promiscuous mode
[   52.457204][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.460749][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.463716][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.466038][ T5950] bridge_slave_0: entered allmulticast mode
[   52.469934][ T5950] bridge_slave_0: entered promiscuous mode
[   52.473245][ T5958] chnl_net:caif_netlink_parms(): no params data found
[   52.511201][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.514287][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.516556][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.519458][ T5950] bridge_slave_1: entered allmulticast mode
[   52.522226][ T5950] bridge_slave_1: entered promiscuous mode
[   52.532513][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.535538][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.538846][ T5955] bridge_slave_0: entered allmulticast mode
[   52.542782][ T5955] bridge_slave_0: entered promiscuous mode
[   52.547384][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.550050][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.552298][ T5955] bridge_slave_1: entered allmulticast mode
[   52.555135][ T5955] bridge_slave_1: entered promiscuous mode
[   52.693111][ T5951] team0: Port device team_slave_0 added
[   52.719647][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.736444][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   52.741631][ T5951] team0: Port device team_slave_1 added
[   52.744891][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.775235][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   52.825607][ T5950] team0: Port device team_slave_0 added
[   52.843702][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.846014][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.849490][ T5958] bridge_slave_0: entered allmulticast mode
[   52.853518][ T5958] bridge_slave_0: entered promiscuous mode
[   52.885351][ T5950] team0: Port device team_slave_1 added
[   52.890063][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.893244][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.896285][ T5958] bridge_slave_1: entered allmulticast mode
[   52.900470][ T5958] bridge_slave_1: entered promiscuous mode
[   52.905391][ T5955] team0: Port device team_slave_0 added
[   52.908949][ T5955] team0: Port device team_slave_1 added
[   52.911621][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0
[   52.913935][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.922535][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.928895][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.931222][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   52.941471][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.053545][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.056236][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.066053][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.087033][ T5958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.103874][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.106010][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.114803][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.119475][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.122311][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.130778][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.140841][ T5958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.144064][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.146971][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.155810][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.209323][ T5951] hsr_slave_0: entered promiscuous mode
[   53.211673][ T5951] hsr_slave_1: entered promiscuous mode
[   53.291552][ T5958] team0: Port device team_slave_0 added
[   53.296767][ T5958] team0: Port device team_slave_1 added
[   53.409750][ T5950] hsr_slave_0: entered promiscuous mode
[   53.411982][ T5950] hsr_slave_1: entered promiscuous mode
[   53.413990][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.416459][ T5950] Cannot create hsr debugfs directory
[   53.442610][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_0
[   53.445576][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.454106][ T5958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   53.492077][ T5955] hsr_slave_0: entered promiscuous mode
[   53.494868][ T5955] hsr_slave_1: entered promiscuous mode
[   53.497847][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.500963][ T5955] Cannot create hsr debugfs directory
[   53.503708][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_1
[   53.505780][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   53.514467][ T5958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   53.653507][ T5958] hsr_slave_0: entered promiscuous mode
[   53.656534][ T5958] hsr_slave_1: entered promiscuous mode
[   53.659360][ T5958] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   53.662373][ T5958] Cannot create hsr debugfs directory
[   53.747247][ T5957] Bluetooth: hci2: command tx timeout
[   53.747252][   T63] Bluetooth: hci0: command tx timeout
[   53.747258][ T5966] Bluetooth: hci1: command tx timeout
[   53.748977][ T5961] Bluetooth: hci3: command tx timeout
[   54.016153][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   54.025173][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   54.040174][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   54.053284][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   54.084613][ T5950] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   54.089923][ T5950] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   54.097169][ T5950] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   54.105533][ T5950] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   54.173917][ T5955] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   54.181182][ T5955] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   54.188795][ T5955] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   54.195021][ T5955] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   54.271791][ T5958] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   54.280745][ T5958] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   54.285685][ T5958] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   54.290739][ T5958] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   54.330114][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.370057][ T5951] 8021q: adding VLAN 0 to HW filter on device team0
[   54.380071][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.398769][ T1200] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.402083][ T1200] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.409891][ T1200] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.412666][ T1200] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.439034][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   54.453429][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.471229][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.473475][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.476657][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.479339][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.503357][ T5958] 8021q: adding VLAN 0 to HW filter on device bond0
[   54.514503][ T5955] 8021q: adding VLAN 0 to HW filter on device team0
[   54.540221][ T1200] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.543352][ T1200] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.571871][ T5958] 8021q: adding VLAN 0 to HW filter on device team0
[   54.578074][ T1200] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.580455][ T1200] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.597082][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.598695][   T40] audit: type=1400 audit(1753705417.552:89): avc:  denied  { sys_module } for  pid=5951 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   54.600153][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.623528][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.626610][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.684553][ T5958] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   54.689606][ T5958] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   54.717356][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.755643][ T5951] veth0_vlan: entered promiscuous mode
[   54.766383][ T5951] veth1_vlan: entered promiscuous mode
[   54.794849][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.802937][ T5951] veth0_macvtap: entered promiscuous mode
[   54.819706][ T5951] veth1_macvtap: entered promiscuous mode
[   54.830729][ T5958] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.849099][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0
[   54.864864][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1
[   54.874115][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0
[   54.878427][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   54.881394][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   54.884365][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   54.887363][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   54.900108][ T5950] veth0_vlan: entered promiscuous mode
[   54.911371][ T5950] veth1_vlan: entered promiscuous mode
[   54.931683][ T5958] veth0_vlan: entered promiscuous mode
[   54.947268][ T5950] veth0_macvtap: entered promiscuous mode
[   54.951188][ T5958] veth1_vlan: entered promiscuous mode
[   54.961224][ T5950] veth1_macvtap: entered promiscuous mode
[   54.993175][ T5955] veth0_vlan: entered promiscuous mode
[   54.998439][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.000980][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.005365][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.017559][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.027382][ T5958] veth0_macvtap: entered promiscuous mode
[   55.030569][ T5955] veth1_vlan: entered promiscuous mode
[   55.040947][ T5950] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.043753][ T5950] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.046542][ T5950] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.049598][ T5950] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.054030][   T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.057654][ T5958] veth1_macvtap: entered promiscuous mode
[   55.057831][   T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.079586][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.097850][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.102334][ T5958] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.105566][ T5958] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.109356][ T5958] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.112602][ T5958] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.113373][ T5951] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   55.128470][ T5955] veth0_macvtap: entered promiscuous mode
[   55.163402][ T5955] veth1_macvtap: entered promiscuous mode
[   55.178869][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.183093][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.215656][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.219149][   T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.221435][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.224509][   T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.233327][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.254953][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.261697][ T6047] tipc: Enabling of bearer <ud#:s> rejected, media not registered
[   55.267823][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.270277][ T5955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.271113][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.273928][ T5955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.273947][ T5955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.273961][ T5955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.278218][ T6047] mmap: syz.3.5 (6047) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   55.381704][ T6057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'.
[   55.399194][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.402566][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.441921][ T6060] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7'.
[   55.446428][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.451600][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.503686][ T6068] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[   55.559327][ T6073] fuse: Bad value for 'fd'
[   55.641484][ T6087] usb usb9: usbfs: process 6087 (syz.3.16) did not claim interface 0 before use
[   55.646094][ T6089] netlink: 100 bytes leftover after parsing attributes in process `syz.0.17'.
[   55.653373][ T6089] xt_hashlimit: size too large, truncated to 1048576
[   55.673654][ T6090] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12'.
[   55.715516][ T6094] 9pnet_virtio: no channels available for device syz
[   55.776323][ T6094] netlink: 12 bytes leftover after parsing attributes in process `syz.3.18'.
[   55.824307][ T6106] syz.2.22 uses obsolete (PF_INET,SOCK_PACKET)
[   55.828917][ T5966] Bluetooth: hci2: command tx timeout
[   55.833981][ T6104] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   55.836948][ T5966] Bluetooth: hci0: command tx timeout
[   55.841249][ T5966] Bluetooth: hci3: command tx timeout
[   55.843160][ T5957] Bluetooth: hci1: command tx timeout
[   55.845929][ T6104] No such timeout policy "syz1"
[   55.971445][ T6115] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0
[   56.095949][ T6120] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4117 sclass=netlink_route_socket pid=6120 comm=syz.3.26
[   56.206141][ T6128] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31'.
[   56.244144][ T6131] x_tables: duplicate underflow at hook 1
[   56.414021][   T40] kauditd_printk_skb: 90 callbacks suppressed
[   56.414036][   T40] audit: type=1400 audit(1753705419.362:180): avc:  denied  { unmount } for  pid=5950 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   56.617020][  T987] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   56.703836][   T40] audit: type=1400 audit(1753705419.652:181): avc:  denied  { write } for  pid=6149 comm="syz.3.39" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   56.779533][  T987] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[   56.782622][  T987] usb 5-1: config 0 interface 0 has no altsetting 0
[   56.790787][  T987] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   56.794433][  T987] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   56.798405][  T987] usb 5-1: Product: syz
[   56.800318][  T987] usb 5-1: Manufacturer: syz
[   56.802166][  T987] usb 5-1: SerialNumber: syz
[   56.808550][  T987] usb 5-1: config 0 descriptor??
[   56.814768][  T987] usb 5-1: selecting invalid altsetting 0
[   56.838783][ T6157] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock
[   56.889791][ T6159] netlink: 12 bytes leftover after parsing attributes in process `syz.3.40'.
[   56.893019][ T6159] capability: warning: `syz.3.40' uses 32-bit capabilities (legacy support in use)
[   56.898795][   T40] audit: type=1400 audit(1753705419.842:182): avc:  denied  { bind } for  pid=6156 comm="syz.3.40" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.914495][   T40] audit: type=1400 audit(1753705419.862:183): avc:  denied  { ioctl } for  pid=6160 comm="syz.1.41" path="socket:[7904]" dev="sockfs" ino=7904 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   56.915201][ T6161] Bluetooth: MGMT ver 1.23
[   56.962048][   T40] audit: type=1400 audit(1753705419.912:184): avc:  denied  { write } for  pid=6163 comm="syz.3.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   56.987716][   T40] audit: type=1400 audit(1753705419.942:185): avc:  denied  { write } for  pid=6160 comm="syz.1.41" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[   57.037413][  T837] usb 5-1: USB disconnect, device number 2
[   57.112286][   T40] audit: type=1400 audit(1753705420.062:186): avc:  denied  { read write } for  pid=6169 comm="syz.1.44" name="vbi4" dev="devtmpfs" ino=1003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   57.119370][   T40] audit: type=1400 audit(1753705420.062:187): avc:  denied  { open } for  pid=6169 comm="syz.1.44" path="/dev/vbi4" dev="devtmpfs" ino=1003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   57.133603][   T40] audit: type=1400 audit(1753705420.072:188): avc:  denied  { create } for  pid=6169 comm="syz.1.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   57.140493][   T40] audit: type=1400 audit(1753705420.072:189): avc:  denied  { getopt } for  pid=6169 comm="syz.1.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   57.149013][ T6172] netlink: 9 bytes leftover after parsing attributes in process `syz.3.45'.
[   57.151751][ T6172] 0·: renamed from hsr0 (while UP)
[   57.155634][ T6172] 0·: entered allmulticast mode
[   57.158615][ T6172] hsr_slave_0: entered allmulticast mode
[   57.160424][ T6172] hsr_slave_1: entered allmulticast mode
[   57.162867][ T6172] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[   57.593990][ T6201] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   57.611648][ T6201] sg_write: process 37 (syz.0.55) changed security contexts after opening file descriptor, this is not allowed.
[   57.696081][ T6214] netlink: 4 bytes leftover after parsing attributes in process `syz.1.60'.
[   57.736272][ T6221] ptm ptm1: ldisc open failed (-12), clearing slot 1
[   57.801054][ T6229] netlink: zone id is out of range
[   57.803400][ T6229] netlink: zone id is out of range
[   57.805160][ T6229] netlink: zone id is out of range
[   57.807563][ T6229] netlink: zone id is out of range
[   57.809371][ T6229] netlink: zone id is out of range
[   57.811071][ T6229] netlink: zone id is out of range
[   57.812826][ T6229] netlink: zone id is out of range
[   57.814469][ T6229] netlink: zone id is out of range
[   57.816063][ T6229] netlink: zone id is out of range
[   57.907129][ T5961] Bluetooth: hci0: command tx timeout
[   57.907146][ T5966] Bluetooth: hci2: command tx timeout
[   57.908879][ T5957] Bluetooth: hci3: command tx timeout
[   57.909069][ T6231] /dev/sr0: Can't open blockdev
[   57.917272][ T5957] Bluetooth: hci1: command tx timeout
[   58.040868][ T6255] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.72'.
[   58.219114][ T6267] veth3: entered promiscuous mode
[   58.370933][ T6283] trusted_key: syz.1.82 sent an empty control message without MSG_MORE.
[   58.404380][ T6290] warning: `syz.1.85' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   58.704734][ T6310] FAULT_INJECTION: forcing a failure.
[   58.704734][ T6310] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   58.711569][ T6310] CPU: 2 UID: 0 PID: 6310 Comm: syz.0.92 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   58.711591][ T6310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.711601][ T6310] Call Trace:
[   58.711606][ T6310]  <TASK>
[   58.711613][ T6310]  dump_stack_lvl+0x16c/0x1f0
[   58.711643][ T6310]  should_fail_ex+0x512/0x640
[   58.711671][ T6310]  _copy_from_user+0x2e/0xd0
[   58.711688][ T6310]  move_addr_to_kernel+0x65/0x170
[   58.711710][ T6310]  __sys_sendto+0x1be/0x520
[   58.711734][ T6310]  ? __pfx___sys_sendto+0x10/0x10
[   58.711779][ T6310]  ? ksys_write+0x1ac/0x250
[   58.711809][ T6310]  ? __pfx_ksys_write+0x10/0x10
[   58.711836][ T6310]  __x64_sys_sendto+0xe0/0x1c0
[   58.711860][ T6310]  ? do_syscall_64+0x91/0x4c0
[   58.711875][ T6310]  ? lockdep_hardirqs_on+0x7c/0x110
[   58.711899][ T6310]  do_syscall_64+0xcd/0x4c0
[   58.711916][ T6310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.711933][ T6310] RIP: 0033:0x7f20a4b8e9a9
[   58.711947][ T6310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.711963][ T6310] RSP: 002b:00007f20a5a6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   58.711979][ T6310] RAX: ffffffffffffffda RBX: 00007f20a4db5fa0 RCX: 00007f20a4b8e9a9
[   58.711990][ T6310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   58.711999][ T6310] RBP: 00007f20a5a6f090 R08: 0000200000000340 R09: 000000000000005a
[   58.712009][ T6310] R10: 0000000000004884 R11: 0000000000000246 R12: 0000000000000001
[   58.712019][ T6310] R13: 0000000000000000 R14: 00007f20a4db5fa0 R15: 00007ffcaa4d8748
[   58.712041][ T6310]  </TASK>
[   58.895889][ T6320] xfs: Unknown parameter 'da
'
[   59.090541][ T6338] FAULT_INJECTION: forcing a failure.
[   59.090541][ T6338] name failslab, interval 1, probability 0, space 0, times 1
[   59.093944][ T6337] netlink: 'syz.0.102': attribute type 1 has an invalid length.
[   59.095186][ T6338] CPU: 2 UID: 0 PID: 6338 Comm: syz.3.101 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   59.095206][ T6338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.095215][ T6338] Call Trace:
[   59.095220][ T6338]  <TASK>
[   59.095226][ T6338]  dump_stack_lvl+0x16c/0x1f0
[   59.095247][ T6338]  should_fail_ex+0x512/0x640
[   59.095264][ T6338]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   59.095284][ T6338]  should_failslab+0xc2/0x120
[   59.095299][ T6338]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   59.095325][ T6338]  ? __alloc_skb+0x2b2/0x380
[   59.095355][ T6338]  __alloc_skb+0x2b2/0x380
[   59.095377][ T6338]  ? __pfx___alloc_skb+0x10/0x10
[   59.095400][ T6338]  ? find_held_lock+0x2b/0x80
[   59.095421][ T6338]  ? is_bpf_text_address+0x8a/0x1a0
[   59.095435][ T6338]  alloc_skb_with_frags+0xe0/0x860
[   59.095446][ T6338]  ? is_bpf_text_address+0x94/0x1a0
[   59.095468][ T6338]  sock_alloc_send_pskb+0x7fb/0x990
[   59.095495][ T6338]  ? __pfx_ref_tracker_alloc+0x10/0x10
[   59.095518][ T6338]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[   59.095541][ T6338]  ? find_held_lock+0x2b/0x80
[   59.095559][ T6338]  ? dev_get_by_index+0x17c/0x380
[   59.095585][ T6338]  packet_sendmsg+0x202a/0x5850
[   59.095621][ T6338]  ? sock_has_perm+0x259/0x2f0
[   59.095645][ T6338]  ? __pfx_sock_has_perm+0x10/0x10
[   59.095672][ T6338]  ? __pfx_packet_sendmsg+0x10/0x10
[   59.095705][ T6338]  __sys_sendto+0x4a3/0x520
[   59.095727][ T6338]  ? __pfx___sys_sendto+0x10/0x10
[   59.095767][ T6338]  ? ksys_write+0x1ac/0x250
[   59.095791][ T6338]  ? __pfx_ksys_write+0x10/0x10
[   59.095819][ T6338]  __x64_sys_sendto+0xe0/0x1c0
[   59.095840][ T6338]  ? do_syscall_64+0x91/0x4c0
[   59.095854][ T6338]  ? lockdep_hardirqs_on+0x7c/0x110
[   59.095876][ T6338]  do_syscall_64+0xcd/0x4c0
[   59.095892][ T6338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.095907][ T6338] RIP: 0033:0x7f09e558e9a9
[   59.095919][ T6338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.095934][ T6338] RSP: 002b:00007f09e64da038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   59.095951][ T6338] RAX: ffffffffffffffda RBX: 00007f09e57b5fa0 RCX: 00007f09e558e9a9
[   59.095963][ T6338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   59.095972][ T6338] RBP: 00007f09e64da090 R08: 0000200000000340 R09: 000000000000005a
[   59.095980][ T6338] R10: 0000000000004884 R11: 0000000000000246 R12: 0000000000000001
[   59.095989][ T6338] R13: 0000000000000000 R14: 00007f09e57b5fa0 R15: 00007ffe4bffb6c8
[   59.096009][ T6338]  </TASK>
[   59.207518][ T6339] veth3: entered promiscuous mode
[   59.224988][ T6340] vlan2: entered allmulticast mode
[   59.227735][ T6340] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   59.278514][ T6337] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.372294][ T6354] netlink: 'syz.3.108': attribute type 1 has an invalid length.
[   59.372535][ T6356] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[   59.382362][ T6337] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.401933][ T6355] [U] J"—e:ÀÆ"


[   59.469013][ T6337] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.547094][ T6337] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   59.583450][ T6375] omfs: Invalid superblock (0)
[   59.622680][ T6377] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[   59.634498][ T6337] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.643311][ T6337] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.651386][ T6337] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.658969][ T6337] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.753105][ T6388] loop2: detected capacity change from 0 to 1
[   59.758448][ T5952] Dev loop2: unable to read RDB block 1
[   59.760748][ T5952]  loop2: unable to read partition table
[   59.763137][ T5952] loop2: partition table beyond EOD, truncated
[   59.772301][ T6388] Dev loop2: unable to read RDB block 1
[   59.774186][ T6388]  loop2: unable to read partition table
[   59.776179][ T6388] loop2: partition table beyond EOD, truncated
[   59.778617][ T6388] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   59.818227][ T6391] IPVS: Unknown mcast interface: nicvf0
[   59.878481][ T6398] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   59.878519][ T6400] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[   59.881813][ T6401] capability: warning: `syz.3.127' uses deprecated v2 capabilities in a way that may be insecure
[   59.882804][ T6401] 9pnet_rdma: rdma_create_trans (6401): problem binding to privport: 13
[   59.884019][ T6395] cdrom: dropping to single frame dma
[   59.949234][ T6409] binder_alloc: binder_alloc_mmap_handler: 6406 200000ffd000-200001000000 already mapped failed -16
[   59.982180][ T6407] binder: BINDER_SET_CONTEXT_MGR already set
[   59.984780][ T6407] binder: 6406:6407 ioctl 4018620d 200000000040 returned -16
[   59.987294][ T5957] Bluetooth: hci2: command tx timeout
[   59.997979][ T5957] Bluetooth: hci1: command tx timeout
[   59.998082][ T5966] Bluetooth: hci3: command tx timeout
[   59.999731][ T5957] Bluetooth: hci0: command tx timeout
[   60.070547][ T6421] XFS (nbd0): no-recovery mounts must be read-only.
[   60.106502][ T6425] program syz.0.135 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   60.218864][ T6437] can0: slcan on ptm0.
[   60.245674][ T6443] FAULT_INJECTION: forcing a failure.
[   60.245674][ T6443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.252936][ T6443] CPU: 2 UID: 0 PID: 6443 Comm: syz.2.139 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   60.252959][ T6443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   60.252969][ T6443] Call Trace:
[   60.252975][ T6443]  <TASK>
[   60.252981][ T6443]  dump_stack_lvl+0x16c/0x1f0
[   60.253013][ T6443]  should_fail_ex+0x512/0x640
[   60.253044][ T6443]  _copy_to_user+0x32/0xd0
[   60.253063][ T6443]  simple_read_from_buffer+0xcb/0x170
[   60.253090][ T6443]  proc_fail_nth_read+0x197/0x270
[   60.253116][ T6443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.253142][ T6443]  ? rw_verify_area+0xcf/0x680
[   60.253164][ T6443]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.253188][ T6443]  vfs_read+0x1e1/0xc60
[   60.253215][ T6443]  ? __pfx___mutex_lock+0x10/0x10
[   60.253232][ T6443]  ? __pfx_vfs_read+0x10/0x10
[   60.253263][ T6443]  ? __fget_files+0x20e/0x3c0
[   60.253298][ T6443]  ksys_read+0x12a/0x250
[   60.253323][ T6443]  ? __pfx_ksys_read+0x10/0x10
[   60.253354][ T6443]  do_syscall_64+0xcd/0x4c0
[   60.253371][ T6443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.253387][ T6443] RIP: 0033:0x7fa765b8d3bc
[   60.253400][ T6443] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   60.253415][ T6443] RSP: 002b:00007fa76691f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   60.253432][ T6443] RAX: ffffffffffffffda RBX: 00007fa765db5fa0 RCX: 00007fa765b8d3bc
[   60.253442][ T6443] RDX: 000000000000000f RSI: 00007fa76691f0a0 RDI: 0000000000000004
[   60.253452][ T6443] RBP: 00007fa76691f090 R08: 0000000000000000 R09: 000000000000005a
[   60.253461][ T6443] R10: 0000000000004884 R11: 0000000000000246 R12: 0000000000000001
[   60.253471][ T6443] R13: 0000000000000000 R14: 00007fa765db5fa0 R15: 00007fffb8718d98
[   60.253495][ T6443]  </TASK>
[   60.488506][ T6454] netlink: 'syz.2.141': attribute type 2 has an invalid length.
[   60.490983][ T6454] __nla_validate_parse: 9 callbacks suppressed
[   60.490990][ T6454] netlink: 8 bytes leftover after parsing attributes in process `syz.2.141'.
[   60.498376][ T6454] batadv_slave_0: entered promiscuous mode
[   60.500898][ T6454] geneve1: entered promiscuous mode
[   60.527729][ T6436] can0 (unregistered): slcan off ptm0.
[   60.563676][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[   60.569338][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.143'.
[   60.644366][ T6475] netlink: 'syz.3.145': attribute type 4 has an invalid length.
[   60.849651][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz.2.146'.
[   60.916077][ T6489] genirq: Flags mismatch irq 4. 00200000 (pcl812) vs. 00200080 (ttyS0)
[   60.965653][ T6494] netlink: 12 bytes leftover after parsing attributes in process `syz.3.151'.
[   61.025257][ T6492] kvm: vcpu 0: requested 148514 ns lapic timer period limited to 200000 ns
[   61.029271][ T6492] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[   61.034498][ T6502] netlink: 'syz.0.154': attribute type 9 has an invalid length.
[   61.038687][ T6502] netlink: 'syz.0.154': attribute type 7 has an invalid length.
[   61.042155][ T6502] netlink: 'syz.0.154': attribute type 8 has an invalid length.
[   61.052645][ T6498] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (320)
[   61.056604][ T6498] SELinux: failed to load policy
[   61.213279][ T6510] input: syz0 as /devices/virtual/input/input6
[   61.215335][ T6513] x_tables: duplicate underflow at hook 3
[   61.293890][ T6515] netlink: 88 bytes leftover after parsing attributes in process `syz.3.159'.
[   61.339381][ T6518] fuseblk: Bad value for 'group_id'
[   61.345720][ T6518] fuseblk: Bad value for 'group_id'
[   61.533577][   T40] kauditd_printk_skb: 176 callbacks suppressed
[   61.533589][   T40] audit: type=1400 audit(1753705424.482:366): avc:  denied  { remount } for  pid=6517 comm="syz.2.160" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   61.718777][ T6520] syzkaller1: entered promiscuous mode
[   61.721210][ T6520] syzkaller1: entered allmulticast mode
[   61.801537][   T40] audit: type=1400 audit(1753705424.752:367): avc:  denied  { getopt } for  pid=6537 comm="syz.0.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   61.809019][ T6540] binder: 6538:6540 unknown command 0
[   61.811340][ T6540] binder: 6538:6540 ioctl c0306201 2000000003c0 returned -22
[   61.814816][   T40] audit: type=1400 audit(1753705424.762:368): avc:  denied  { call } for  pid=6538 comm="syz.2.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   61.837865][ T6540] sp0: Synchronizing with TNC
[   61.844167][ T6540] netlink: 12 bytes leftover after parsing attributes in process `syz.2.167'.
[   61.865051][   T40] audit: type=1400 audit(1753705424.812:369): avc:  denied  { setopt } for  pid=6541 comm="syz.0.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   61.936377][ T6544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.169'.
[   61.980421][   T40] audit: type=1400 audit(1753705424.932:370): avc:  denied  { create } for  pid=6546 comm="syz.0.172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   61.988837][ T6550] NILFS (loop0): device size too small
[   61.989016][   T40] audit: type=1400 audit(1753705424.932:371): avc:  denied  { ioctl } for  pid=6546 comm="syz.0.172" path="socket:[13410]" dev="sockfs" ino=13410 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   61.990934][   T40] audit: type=1400 audit(1753705424.942:372): avc:  denied  { read write } for  pid=6551 comm="syz.3.171" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   62.009208][   T40] audit: type=1400 audit(1753705424.942:373): avc:  denied  { open } for  pid=6551 comm="syz.3.171" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   62.017809][   T40] audit: type=1400 audit(1753705424.942:374): avc:  denied  { ioctl } for  pid=6551 comm="syz.3.171" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   62.197471][ T6561] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[   62.211899][ T6568] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   62.222904][   T40] audit: type=1400 audit(1753705425.172:375): avc:  denied  { write } for  pid=6567 comm="syz.0.177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   62.373514][ T6588] libceph: resolve '
[   62.373514][ T6588] -&õÌ×fÍY¹Ç�²a×ïÅ2iˆ
[   62.373514][ T6588] .ÖúÕ?Çý&�*»§&' (ret=-3): failed
[   62.606769][  T987] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   62.643456][ T6598] tmpfs: Bad value for 'mpol'
[   62.756833][  T987] usb 5-1: Using ep0 maxpacket: 8
[   62.760043][  T987] usb 5-1: config 0 interface 0 has no altsetting 0
[   62.762291][  T987] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[   62.765259][  T987] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   62.770234][  T987] usb 5-1: config 0 descriptor??
[   63.187544][  T987] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[   63.241900][ T6606] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (320)
[   63.244558][ T6606] SELinux: failed to load policy
[   63.404177][ T6617] netlink: 236 bytes leftover after parsing attributes in process `syz.1.192'.
[   63.404801][  T987] usb 5-1: USB disconnect, device number 3
[   63.506792][ T6624] IPv6: Can't replace route, no match found
[   63.569161][ T6628] netlink: 16 bytes leftover after parsing attributes in process `syz.1.195'.
[   63.652064][ T6633] netlink: 'syz.1.197': attribute type 1 has an invalid length.
[   63.673191][ T6633] 8021q: adding VLAN 0 to HW filter on device bond1
[   63.691095][ T6633] bond1: (slave ip6erspan0): making interface the new active one
[   63.695391][ T6633] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[   64.037057][  T839] usb 6-1: new low-speed USB device number 2 using dummy_hcd
[   64.168876][  T839] usb 6-1: device descriptor read/64, error -71
[   64.419437][  T839] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[   64.557005][  T839] usb 6-1: device descriptor read/64, error -71
[   64.673608][  T839] usb usb6-port1: attempt power cycle
[   65.038312][  T839] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[   65.038813][ T6666] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   65.044833][ T6666] SELinux: failed to load policy
[   65.059340][  T839] usb 6-1: device descriptor read/8, error -71
[   65.084260][ T5957] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   65.087953][ T5957] CPU: 2 UID: 0 PID: 5957 Comm: kworker/u33:2 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   65.087969][ T5957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   65.087976][ T5957] Workqueue: hci1 hci_rx_work
[   65.088004][ T5957] Call Trace:
[   65.088009][ T5957]  <TASK>
[   65.088014][ T5957]  dump_stack_lvl+0x16c/0x1f0
[   65.088033][ T5957]  sysfs_warn_dup+0x7f/0xa0
[   65.088055][ T5957]  sysfs_create_dir_ns+0x24b/0x2b0
[   65.088070][ T5957]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   65.088085][ T5957]  ? find_held_lock+0x2b/0x80
[   65.088101][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[   65.088114][ T5957]  kobject_add_internal+0x2c4/0x9b0
[   65.088129][ T5957]  kobject_add+0x16e/0x240
[   65.088141][ T5957]  ? __pfx_kobject_add+0x10/0x10
[   65.088153][ T5957]  ? do_raw_spin_unlock+0x172/0x230
[   65.088164][ T5957]  ? kobject_put+0xab/0x5a0
[   65.088178][ T5957]  device_add+0x288/0x1a70
[   65.088191][ T5957]  ? __pfx_dev_set_name+0x10/0x10
[   65.088204][ T5957]  ? __pfx_device_add+0x10/0x10
[   65.088215][ T5957]  ? mgmt_send_event_skb+0x2fb/0x460
[   65.088235][ T5957]  hci_conn_add_sysfs+0x17e/0x230
[   65.088246][ T5957]  le_conn_complete_evt+0x1075/0x1d70
[   65.088265][ T5957]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   65.088279][ T5957]  ? hci_event_packet+0x459/0x11c0
[   65.088298][ T5957]  hci_le_conn_complete_evt+0x23c/0x370
[   65.088316][ T5957]  hci_le_meta_evt+0x357/0x5e0
[   65.088326][ T5957]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   65.088344][ T5957]  hci_event_packet+0x682/0x11c0
[   65.088359][ T5957]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   65.088369][ T5957]  ? __pfx_hci_event_packet+0x10/0x10
[   65.088386][ T5957]  ? kcov_remote_start+0x3c9/0x6d0
[   65.088397][ T5957]  ? lockdep_hardirqs_on+0x7c/0x110
[   65.088416][ T5957]  hci_rx_work+0x2c5/0x16b0
[   65.088433][ T5957]  ? rcu_is_watching+0x12/0xc0
[   65.088449][ T5957]  process_one_work+0x9cc/0x1b70
[   65.088467][ T5957]  ? __pfx_process_one_work+0x10/0x10
[   65.088482][ T5957]  ? assign_work+0x1a0/0x250
[   65.088495][ T5957]  worker_thread+0x6c8/0xf10
[   65.088511][ T5957]  ? __pfx_worker_thread+0x10/0x10
[   65.088523][ T5957]  kthread+0x3c2/0x780
[   65.088534][ T5957]  ? __pfx_kthread+0x10/0x10
[   65.088545][ T5957]  ? rcu_is_watching+0x12/0xc0
[   65.088558][ T5957]  ? __pfx_kthread+0x10/0x10
[   65.088569][ T5957]  ret_from_fork+0x5d4/0x6f0
[   65.088584][ T5957]  ? __pfx_kthread+0x10/0x10
[   65.088594][ T5957]  ret_from_fork_asm+0x1a/0x30
[   65.088611][ T5957]  </TASK>
[   65.088626][ T5957] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   65.168648][ T5957] Bluetooth: hci1: failed to register connection device
[   65.329929][  T839] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[   65.360104][  T839] usb 6-1: device descriptor read/8, error -71
[   65.360284][ T6711] block device autoloading is deprecated and will be removed.
[   65.477020][  T839] usb usb6-port1: unable to enumerate USB device
[   65.524545][ T6745] __nla_validate_parse: 2 callbacks suppressed
[   65.524555][ T6745] netlink: 36 bytes leftover after parsing attributes in process `syz.2.218'.
[   65.552915][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.555889][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.559527][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.562492][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.565322][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.569446][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.575011][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.579284][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.585214][ T6750] netlink: 144 bytes leftover after parsing attributes in process `syz.2.220'.
[   65.633013][ T6752] netlink: 'syz.0.221': attribute type 2 has an invalid length.
[   65.855286][ T6785] xt_NFQUEUE: number of total queues is 0
[   66.132074][ T6820] netlink: 'syz.2.240': attribute type 10 has an invalid length.
[   66.143542][ T6820] team0: Device ipvlan1 failed to register rx_handler
[   66.172441][ T6823] sg_write: data in/out 10438218/1 bytes for SCSI command 0x6b-- guessing data in;
[   66.172441][ T6823]    program syz.0.242 not setting count and/or reply_len properly
[   66.349706][ T6838] IPVS: set_ctl: invalid protocol: 59 172.20.20.170:21
[   66.426860][   T54] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   66.468756][ T5961] Bluetooth: hci2: command tx timeout
[   66.474228][ T6846] net_ratelimit: 203 callbacks suppressed
[   66.474242][ T6846] openvswitch: netlink: IP tunnel dst address not specified
[   66.492560][ T6846] qnx4: no qnx4 filesystem (no root dir).
[   66.587009][   T54] usb 5-1: Using ep0 maxpacket: 32
[   66.589800][   T54] usb 5-1: too many configurations: 169, using maximum allowed: 8
[   66.594043][   T54] usb 5-1: config index 0 descriptor too short (expected 4114, got 18)
[   66.597268][   T54] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 186
[   66.600826][   T54] usb 5-1: can't read configurations, error -22
[   66.728261][   T54] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   66.857773][   T24] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   66.886776][   T54] usb 5-1: Using ep0 maxpacket: 32
[   66.891777][   T54] usb 5-1: too many configurations: 169, using maximum allowed: 8
[   66.897959][   T54] usb 5-1: config index 0 descriptor too short (expected 4114, got 18)
[   66.901581][   T54] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 186
[   66.905399][   T54] usb 5-1: can't read configurations, error -22
[   66.908776][   T54] usb usb5-port1: attempt power cycle
[   67.021950][   T24] usb 7-1: config 1 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.026806][   T24] usb 7-1: config 1 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   67.032501][   T24] usb 7-1: config 1 interface 0 has no altsetting 0
[   67.037669][   T24] usb 7-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.40
[   67.041605][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.045085][   T24] usb 7-1: Product: syz
[   67.047662][   T24] usb 7-1: Manufacturer: syz
[   67.049710][   T24] usb 7-1: SerialNumber: syz
[   67.074404][   T40] kauditd_printk_skb: 42 callbacks suppressed
[   67.074420][   T40] audit: type=1400 audit(1753705430.022:418): avc:  denied  { lock } for  pid=6865 comm="syz.1.256" path="socket:[12997]" dev="sockfs" ino=12997 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   67.088601][ T6866] netlink: 'syz.1.256': attribute type 5 has an invalid length.
[   67.270588][   T54] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   67.288734][   T54] usb 5-1: Using ep0 maxpacket: 32
[   67.291755][   T54] usb 5-1: too many configurations: 169, using maximum allowed: 8
[   67.296517][   T54] usb 5-1: config index 0 descriptor too short (expected 4114, got 18)
[   67.300061][   T54] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 186
[   67.303683][   T54] usb 5-1: can't read configurations, error -22
[   67.335719][ T6870] loop2: detected capacity change from 0 to 1
[   67.340258][ T6870] Dev loop2: unable to read RDB block 1
[   67.342090][ T6870]  loop2: unable to read partition table
[   67.343933][ T6870] loop2: partition table beyond EOD, truncated
[   67.346144][ T6870] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   67.388605][ T6874] process 'syz.3.259' launched './file0' with NULL argv: empty string added
[   67.393881][   T40] audit: type=1400 audit(1753705430.342:419): avc:  denied  { execute_no_trans } for  pid=6872 comm="syz.3.259" path="/81/file0" dev="tmpfs" ino=441 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   67.419118][   T40] audit: type=1400 audit(1753705430.372:420): avc:  denied  { create } for  pid=6875 comm="syz.1.261" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   67.436917][   T54] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   67.451529][ T6878] gretap1: entered allmulticast mode
[   67.454852][ T6878] bridge0: port 3(gretap1) entered blocking state
[   67.457131][ T6878] bridge0: port 3(gretap1) entered disabled state
[   67.460289][ T6878] gretap1: entered promiscuous mode
[   67.462571][ T6878] bridge0: port 3(gretap1) entered blocking state
[   67.464784][ T6878] bridge0: port 3(gretap1) entered forwarding state
[   67.467725][   T54] usb 5-1: Using ep0 maxpacket: 32
[   67.470798][   T54] usb 5-1: too many configurations: 169, using maximum allowed: 8
[   67.477397][   T54] usb 5-1: config index 0 descriptor too short (expected 4114, got 18)
[   67.479602][   T40] audit: type=1400 audit(1753705430.432:421): avc:  denied  { create } for  pid=6875 comm="syz.1.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   67.480344][   T54] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 186
[   67.487620][ T6879] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   67.487644][ T6879] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   67.487877][ T6879] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[   67.487894][ T6879] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[   67.492653][   T40] audit: type=1400 audit(1753705430.432:422): avc:  denied  { write } for  pid=6875 comm="syz.1.261" path="socket:[13817]" dev="sockfs" ino=13817 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   67.494879][   T54] usb 5-1: can't read configurations, error -22
[   67.500855][   T40] audit: type=1400 audit(1753705430.432:423): avc:  denied  { mounton } for  pid=6875 comm="syz.1.261" path="/59/file0" dev="tmpfs" ino=335 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   67.512323][   T24] usbhid 7-1:1.0: can't add hid device: -71
[   67.513433][   T40] audit: type=1400 audit(1753705430.442:424): avc:  denied  { accept } for  pid=6875 comm="syz.1.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   67.522707][   T54] usb usb5-port1: unable to enumerate USB device
[   67.528511][   T40] audit: type=1400 audit(1753705430.482:425): avc:  denied  { ioctl } for  pid=6880 comm="syz.3.263" path="socket:[11236]" dev="sockfs" ino=11236 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   67.532051][   T24] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[   67.546070][   T24] usb 7-1: USB disconnect, device number 2
[   67.591363][   T40] audit: type=1400 audit(1753705430.542:426): avc:  denied  { unlink } for  pid=5950 comm="syz-executor" name="file0" dev="tmpfs" ino=335 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   67.601700][   T40] audit: type=1400 audit(1753705430.552:427): avc:  denied  { create } for  pid=6885 comm="syz.3.264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   67.685892][ T6897] Zero length message leads to an empty skb
[   68.127854][ T6904] syz.2.270: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   68.135355][ T6904] CPU: 3 UID: 0 PID: 6904 Comm: syz.2.270 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   68.135377][ T6904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.135387][ T6904] Call Trace:
[   68.135394][ T6904]  <TASK>
[   68.135400][ T6904]  dump_stack_lvl+0x16c/0x1f0
[   68.135452][ T6904]  warn_alloc+0x248/0x3a0
[   68.135480][ T6904]  ? __pfx_warn_alloc+0x10/0x10
[   68.135513][ T6904]  ? __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135534][ T6904]  ? __vmalloc_node_noprof+0xad/0xf0
[   68.135560][ T6904]  __vmalloc_node_range_noprof+0x101b/0x14b0
[   68.135586][ T6904]  ? __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135609][ T6904]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   68.135628][ T6904]  ? __alloc_pages_noprof+0xb/0x1b0
[   68.135650][ T6904]  ? ___kmalloc_large_node+0x84/0x1e0
[   68.135676][ T6904]  __kvmalloc_node_noprof+0x30a/0x620
[   68.135698][ T6904]  ? __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135718][ T6904]  ? __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135749][ T6904]  ? __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135765][ T6904]  __v4l2_ctrl_modify_dimensions+0x1be/0x630
[   68.135790][ T6904]  vivid_update_format_cap+0x12de/0x25a0
[   68.135814][ T6904]  ? __asan_memset+0x23/0x50
[   68.135838][ T6904]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   68.135860][ T6904]  ? vivid_get_format+0x124/0x180
[   68.135882][ T6904]  vivid_s_fmt_vid_cap+0x19dc/0x3290
[   68.135916][ T6904]  ? __pfx_vivid_s_fmt_vid_cap+0x10/0x10
[   68.135935][ T6904]  fmt_sp2mp_func+0xb1/0x3e0
[   68.135955][ T6904]  ? __pfx_fmt_sp2mp_func+0x10/0x10
[   68.135994][ T6904]  ? v4l_sanitize_format+0x18d/0x430
[   68.136024][ T6904]  vidioc_s_fmt_vid_cap+0xa0/0xe0
[   68.136047][ T6904]  vivid_s_fmt_cap+0x76/0xc0
[   68.136062][ T6904]  v4l_s_fmt+0x433/0xf30
[   68.136088][ T6904]  __video_do_ioctl+0xb40/0xfc0
[   68.136114][ T6904]  ? __might_fault+0xe3/0x190
[   68.136138][ T6904]  ? __pfx___video_do_ioctl+0x10/0x10
[   68.136178][ T6904]  video_usercopy+0x4d0/0x1720
[   68.136195][ T6904]  ? __pfx___video_do_ioctl+0x10/0x10
[   68.136219][ T6904]  ? selinux_kernel_read_file+0xd0/0x130
[   68.136248][ T6904]  ? __pfx_video_usercopy+0x10/0x10
[   68.136280][ T6904]  v4l2_ioctl+0x1ba/0x250
[   68.136304][ T6904]  ? __pfx_v4l2_ioctl+0x10/0x10
[   68.136330][ T6904]  __x64_sys_ioctl+0x18e/0x210
[   68.136355][ T6904]  do_syscall_64+0xcd/0x4c0
[   68.136374][ T6904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.136391][ T6904] RIP: 0033:0x7fa765b8e9a9
[   68.136406][ T6904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.136420][ T6904] RSP: 002b:00007fa7639f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.136458][ T6904] RAX: ffffffffffffffda RBX: 00007fa765db6080 RCX: 00007fa765b8e9a9
[   68.136469][ T6904] RDX: 0000200000000cc0 RSI: 00000000c0d05605 RDI: 0000000000000005
[   68.136479][ T6904] RBP: 00007fa765c10d69 R08: 0000000000000000 R09: 0000000000000000
[   68.136487][ T6904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.136496][ T6904] R13: 0000000000000000 R14: 00007fa765db6080 R15: 00007fffb8718d98
[   68.136520][ T6904]  </TASK>
[   68.136572][ T6904] Mem-Info:
[   68.255563][ T6904] active_anon:9174 inactive_anon:0 isolated_anon:0
[   68.255563][ T6904]  active_file:5582 inactive_file:50824 isolated_file:0
[   68.255563][ T6904]  unevictable:1768 dirty:1743 writeback:0
[   68.255563][ T6904]  slab_reclaimable:11555 slab_unreclaimable:70993
[   68.255563][ T6904]  mapped:24635 shmem:2396 pagetables:1176
[   68.255563][ T6904]  sec_pagetables:305 bounce:0
[   68.255563][ T6904]  kernel_misc_reclaimable:0
[   68.255563][ T6904]  free:451835 free_pcp:17092 free_cma:0
[   68.274357][ T6904] Node 0 active_anon:36696kB inactive_anon:0kB active_file:22328kB inactive_file:203088kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98532kB dirty:6972kB writeback:0kB shmem:6048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13008kB pagetables:4496kB sec_pagetables:1220kB all_unreclaimable? no Balloon:0kB
[   68.286054][ T6904] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:208kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   68.296902][ T6904] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   68.307144][ T6904] lowmem_reserve[]: 0 1234 1234 1234 1234
[   68.308952][ T6904] Node 0 DMA32 free:186824kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36696kB inactive_anon:0kB active_file:22328kB inactive_file:203088kB unevictable:3536kB writepending:6972kB present:2080628kB managed:1264288kB mlocked:0kB bounce:0kB free_pcp:47868kB local_pcp:11300kB free_cma:0kB
[   68.318607][ T6904] lowmem_reserve[]: 0 0 0 0 0
[   68.320156][ T6904] Node 1 Normal free:1604004kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:20468kB local_pcp:3948kB free_cma:0kB
[   68.329991][ T6904] lowmem_reserve[]: 0 0 0 0 0
[   68.331594][ T6904] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   68.335506][ T6904] Node 0 DMA32: 458*4kB (ME) 798*8kB (UME) 667*16kB (UM) 274*32kB (ME) 189*64kB (M) 69*128kB (UME) 35*256kB (UM) 25*512kB (UME) 21*1024kB (UM) 16*2048kB (UM) 15*4096kB (UM) = 186056kB
[   68.341193][ T6904] Node 1 Normal: 3*4kB (UME) 15*8kB (UME) 18*16kB (UE) 10*32kB (UE) 19*64kB (UME) 6*128kB (UME) 3*256kB (UE) 6*512kB (UME) 2*1024kB (UE) 1*2048kB (M) 389*4096kB (M) = 1604004kB
[   68.346737][ T6904] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   68.350136][ T6904] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   68.352873][ T6904] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   68.355754][ T6904] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   68.358984][ T6904] 58798 total pagecache pages
[   68.360707][ T6904] 0 pages in swap cache
[   68.362037][ T6904] Free swap  = 124996kB
[   68.363388][ T6904] Total swap = 124996kB
[   68.364764][ T6904] 1048443 pages RAM
[   68.366219][ T6904] 0 pages HighMem/MovableOnly
[   68.368003][ T6904] 283042 pages reserved
[   68.369567][ T6904] 0 pages cma reserved
[   68.418887][ T6908] Invalid ELF header type: 2 != 1
[   68.422594][ T6908] Invalid ELF header type: 2 != 1
[   68.425064][ T6908] Invalid ELF header type: 2 != 1
[   68.428169][ T6908] Invalid ELF header type: 2 != 1
[   68.430079][ T6908] Invalid ELF header type: 3 != 1
[   68.432107][ T6908] Invalid architecture in ELF header: 6
[   68.434546][ T6908] Invalid ELF header type: 3 != 1
[   68.436503][ T6908] Invalid ELF header type: 3 != 1
[   68.438385][ T6908] Invalid ELF header type: 3 != 1
[   68.440600][ T6908] Invalid ELF header type: 31193 != 1
[   68.442575][ T6908] Invalid ELF header type: 2 != 1
[   68.495899][ T6910] ceph: Path missing in source
[   68.818734][ T6936] program syz.2.279 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   69.144038][ T6961] xt_hashlimit: size too large, truncated to 1048576
[   69.318280][ T6972] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1107 sclass=netlink_tcpdiag_socket pid=6972 comm=syz.0.289
[   69.384671][ T6976] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (320)
[   69.391367][ T6976] SELinux: failed to load policy
[   69.814940][ T7005] netlink: 'syz.1.299': attribute type 14 has an invalid length.
[   69.997167][ T7030] sch_fq: defrate 0 ignored.
[   70.032970][ T7035] netlink: 'syz.1.309': attribute type 63 has an invalid length.
[   70.253542][ T7050] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2832 sclass=netlink_route_socket pid=7050 comm=syz.0.314
[   70.296165][ T7053] IPv6: NLM_F_CREATE should be specified when creating new route
[   70.300365][ T7053] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   70.303367][ T7053] IPv6: NLM_F_CREATE should be set when creating new route
[   70.306354][ T7053] IPv6: NLM_F_CREATE should be set when creating new route
[   70.310950][ T7053] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   70.603296][ T7066] random: crng reseeded on system resumption
[   70.682851][ T7070] SELinux: ebitmap start bit (1048576) is beyond the end of the bitmap (320)
[   70.685787][ T7070] SELinux: failed to load policy
[   70.888924][ T6039] IPVS: starting estimator thread 0...
[   70.898500][ T7083] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.900714][ T7088] loop2: detected capacity change from 0 to 1
[   70.903956][ T5952] Dev loop2: unable to read RDB block 1
[   70.905941][ T5952]  loop2: unable to read partition table
[   70.907333][ T7083] bond0: (slave rose0): Enslaving as an active interface with an up link
[   70.910374][ T5952] loop2: partition table beyond EOD, truncated
[   70.913777][ T7088] Dev loop2: unable to read RDB block 1
[   70.915678][ T7088]  loop2: unable to read partition table
[   70.918223][ T7088] loop2: partition table beyond EOD, truncated
[   70.924859][ T7088] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   70.936087][ T5366] Dev loop2: unable to read RDB block 1
[   70.940269][ T5366]  loop2: unable to read partition table
[   70.942874][ T5366] loop2: partition table beyond EOD, truncated
[   70.986900][ T7085] IPVS: using max 45 ests per chain, 108000 per kthread
[   71.001087][ T7098] binder: 7097:7098 ioctl c0306201 200000000180 returned -22
[   71.001448][ T7095] __nla_validate_parse: 65 callbacks suppressed
[   71.001463][ T7095] netlink: 24 bytes leftover after parsing attributes in process `syz.0.331'.
[   71.011066][ T7095] netlink: 24 bytes leftover after parsing attributes in process `syz.0.331'.
[   71.119864][ T7114] netlink: 12 bytes leftover after parsing attributes in process `syz.2.336'.
[   71.147946][ T7125] vxfs: WRONG superblock magic 00000000 at 1
[   71.151585][ T7125] vxfs: WRONG superblock magic 00000000 at 8
[   71.154543][ T7125] vxfs: can't find superblock.
[   71.174453][ T7129] loop2: detected capacity change from 0 to 1
[   71.176826][ T7127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.179742][ T7127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.183072][ T7127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.185816][ T7127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.189384][ T7129] Dev loop2: unable to read RDB block 1
[   71.191371][ T7129]  loop2: unable to read partition table
[   71.193302][ T7129] loop2: partition table beyond EOD, truncated
[   71.195315][ T7129] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[   71.278743][ T7138] netlink: 44 bytes leftover after parsing attributes in process `syz.0.340'.
[   71.523399][ T7148] 9pnet: p9_errstr2errno: server reported unknown error œª°@˜’œª°@
[   72.086559][   T40] kauditd_printk_skb: 40 callbacks suppressed
[   72.086575][   T40] audit: type=1400 audit(1753705435.032:468): avc:  denied  { execute } for  pid=7167 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   72.098654][   T40] audit: type=1400 audit(1753705435.042:469): avc:  denied  { execute_no_trans } for  pid=7167 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[   72.216063][ T5957] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   72.222422][ T5957] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   72.227030][ T5957] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   72.232533][ T5957] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   72.236334][ T5957] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   72.331621][ T7170] chnl_net:caif_netlink_parms(): no params data found
[   72.337127][  T837] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   72.398327][ T7170] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.401556][ T7170] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.404698][ T7170] bridge_slave_0: entered allmulticast mode
[   72.409046][ T7170] bridge_slave_0: entered promiscuous mode
[   72.416003][ T7170] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.419811][ T7170] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.422949][ T7170] bridge_slave_1: entered allmulticast mode
[   72.426646][ T7170] bridge_slave_1: entered promiscuous mode
[   72.476110][ T7170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.483442][ T7170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.488242][  T837] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   72.491126][  T837] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   72.494415][  T837] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   72.497799][  T837] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   72.501415][  T837] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   72.507594][  T837] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   72.510582][  T837] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   72.513207][  T837] usb 5-1: Product: syz
[   72.514527][  T837] usb 5-1: Manufacturer: syz
[   72.522293][  T837] cdc_wdm 5-1:1.0: skipping garbage
[   72.524085][  T837] cdc_wdm 5-1:1.0: skipping garbage
[   72.530012][  T837] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   72.531985][  T837] cdc_wdm 5-1:1.0: Unknown control protocol
[   72.533884][ T7170] team0: Port device team_slave_0 added
[   72.538734][ T7170] team0: Port device team_slave_1 added
[   72.579627][ T7170] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.581974][ T7170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.593251][ T7170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.599453][ T7170] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.602382][ T7170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.612580][ T7170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.683498][ T7170] hsr_slave_0: entered promiscuous mode
[   72.685939][ T7170] hsr_slave_1: entered promiscuous mode
[   72.723534][   T40] audit: type=1400 audit(1753705435.672:470): avc:  denied  { read write } for  pid=7168 comm="syz.0.351" name="cdc-wdm0" dev="devtmpfs" ino=2907 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   72.733346][   T40] audit: type=1400 audit(1753705435.672:471): avc:  denied  { open } for  pid=7168 comm="syz.0.351" path="/dev/cdc-wdm0" dev="devtmpfs" ino=2907 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[   72.852784][ T7169] team0 (unregistering): Port device team_slave_0 removed
[   72.861239][ T7169] team0 (unregistering): Port device team_slave_1 removed
[   72.948123][    C2] ata1: illegal qc_active transition (00000000->00000200)
[   72.966514][   T54] usb 5-1: USB disconnect, device number 8
[   73.007536][ T7170] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   73.013210][ T7170] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   73.017431][ T7170] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   73.022508][ T7170] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   73.081962][ T7170] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.099065][ T7170] 8021q: adding VLAN 0 to HW filter on device team0
[   73.105588][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.107861][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.116309][  T221] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.119306][  T221] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.243780][ T7170] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.270005][ T1114] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[   73.281123][ T1114] ata1.00: configured for UDMA/100
[   73.432952][ T7200] ------------[ cut here ]------------
[   73.434006][ T7170] veth0_vlan: entered promiscuous mode
[   73.435205][ T7200] WARNING: CPU: 1 PID: 7200 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.441389][ T7170] veth1_vlan: entered promiscuous mode
[   73.443675][ T7200] Modules linked in:
[   73.450557][ T7200] CPU: 1 UID: 0 PID: 7200 Comm: syz.1.353 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   73.454451][ T7200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[   73.460601][ T7200] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.463355][ T7200] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 9d 46 7d 0e 00 75 0b c6 05 94 46 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[   73.471720][ T7200] RSP: 0018:ffffc90005b9f4f8 EFLAGS: 00010246
[   73.475212][ T7200] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   73.478980][ T7200] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0
[   73.482208][ T7200] RBP: 0000000400000000 R08: 0000000000000005 R09: 0000000000000000
[   73.484142][ T7170] veth0_macvtap: entered promiscuous mode
[   73.485771][ T7200] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000016
[   73.490932][ T7200] R13: 1ffff92000b73eb4 R14: 0000000400000000 R15: 0000000000000016
[   73.491880][ T7170] veth1_macvtap: entered promiscuous mode
[   73.494072][ T7200] FS:  00007fc2aaf156c0(0000) GS:ffff8880d6820000(0000) knlGS:0000000000000000
[   73.499574][ T7200] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.502294][ T7200] CR2: 000020000000f000 CR3: 000000004819f000 CR4: 0000000000352ef0
[   73.506230][ T7200] Call Trace:
[   73.507921][ T7200]  <TASK>
[   73.508885][ T7170] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.509178][ T7200]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   73.514374][ T7200]  ? rcu_is_watching+0x12/0xc0
[   73.516313][ T7200]  ? trace_kmem_cache_alloc+0x28/0xc0
[   73.518644][ T7200]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[   73.520413][ T7200]  ? hashtab_init+0x1b1/0x290
[   73.521909][ T7200]  __alloc_pages_noprof+0xb/0x1b0
[   73.523719][ T7200]  ___kmalloc_large_node+0x84/0x1e0
[   73.525306][ T7200]  ? hashtab_init+0x1b1/0x290
[   73.526832][ T7200]  __kmalloc_large_node_noprof+0x1c/0x70
[   73.528625][ T7200]  ? __pfx_ebitmap_read+0x10/0x10
[   73.530261][ T7200]  __kmalloc_noprof.cold+0xc/0x61
[   73.531938][ T7200]  hashtab_init+0x1b1/0x290
[   73.533811][ T7200]  ? __asan_memcpy+0x3c/0x60
[   73.535693][ T7200]  policydb_read+0x7b4/0x3220
[   73.537628][ T7200]  ? __pfx_policydb_read+0x10/0x10
[   73.539698][ T7200]  security_load_policy+0x15c/0x12c0
[   73.541685][ T7200]  ? irqentry_exit+0x3b/0x90
[   73.543481][ T7200]  ? __pfx_security_load_policy+0x10/0x10
[   73.545767][ T7200]  ? _copy_from_user+0x93/0xd0
[   73.547849][ T7200]  sel_write_load+0x332/0x1bd0
[   73.549822][ T7200]  ? __lock_acquire+0xb8a/0x1c90
[   73.551980][ T7200]  ? __pfx_sel_write_load+0x10/0x10
[   73.554254][ T7200]  ? __pfx_sel_write_load+0x10/0x10
[   73.556428][ T7200]  vfs_write+0x2a0/0x1150
[   73.558341][ T7200]  ? __pfx___mutex_lock+0x10/0x10
[   73.560454][ T7200]  ? __pfx_vfs_write+0x10/0x10
[   73.562021][ T7200]  ? __fget_files+0x20e/0x3c0
[   73.563723][ T7200]  ksys_write+0x12a/0x250
[   73.565528][ T7200]  ? __pfx_ksys_write+0x10/0x10
[   73.567683][ T7200]  do_syscall_64+0xcd/0x4c0
[   73.569549][ T7200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.571977][ T7200] RIP: 0033:0x7fc2aa18e9a9
[   73.573843][ T7200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.581609][ T7200] RSP: 002b:00007fc2aaf15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   73.584927][ T7200] RAX: ffffffffffffffda RBX: 00007fc2aa3b6080 RCX: 00007fc2aa18e9a9
[   73.587877][ T7200] RDX: 000000000000ffbd RSI: 0000200000000000 RDI: 0000000000000003
[   73.591048][ T7200] RBP: 00007fc2aa210d69 R08: 0000000000000000 R09: 0000000000000000
[   73.594198][ T7200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.597439][ T7200] R13: 0000000000000001 R14: 00007fc2aa3b6080 R15: 00007ffeba870e98
[   73.600654][ T7200]  </TASK>
[   73.601767][ T7200] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   73.604431][ T7200] CPU: 1 UID: 0 PID: 7200 Comm: syz.1.353 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[   73.607633][ T7200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.611130][ T7200] Call Trace:
[   73.612160][ T7200]  <TASK>
[   73.613148][ T7200]  dump_stack_lvl+0x3d/0x1f0
[   73.614732][ T7200]  panic+0x71c/0x800
[   73.615968][ T7200]  ? __pfx_panic+0x10/0x10
[   73.617385][ T7200]  ? show_trace_log_lvl+0x29b/0x3e0
[   73.619019][ T7200]  ? check_panic_on_warn+0x1f/0xb0
[   73.620741][ T7200]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.622767][ T7200]  check_panic_on_warn+0xab/0xb0
[   73.624506][ T7200]  __warn+0xf6/0x3c0
[   73.625778][ T7200]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.627717][ T7200]  report_bug+0x3c3/0x580
[   73.629094][ T7200]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.631035][ T7200]  handle_bug+0x184/0x210
[   73.632420][ T7200]  exc_invalid_op+0x17/0x50
[   73.633897][ T7200]  asm_exc_invalid_op+0x1a/0x20
[   73.635520][ T7200] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[   73.637579][ T7200] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 9d 46 7d 0e 00 75 0b c6 05 94 46 7d 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[   73.643828][ T7200] RSP: 0018:ffffc90005b9f4f8 EFLAGS: 00010246
[   73.645801][ T7200] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   73.648236][ T7200] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0
[   73.650742][ T7200] RBP: 0000000400000000 R08: 0000000000000005 R09: 0000000000000000
[   73.653161][ T7200] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000016
[   73.655729][ T7200] R13: 1ffff92000b73eb4 R14: 0000000400000000 R15: 0000000000000016
[   73.658186][ T7200]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   73.660197][ T7200]  ? rcu_is_watching+0x12/0xc0
[   73.661701][ T7200]  ? trace_kmem_cache_alloc+0x28/0xc0
[   73.663553][ T7200]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[   73.665844][ T7200]  ? hashtab_init+0x1b1/0x290
[   73.667352][ T7200]  __alloc_pages_noprof+0xb/0x1b0
[   73.668977][ T7200]  ___kmalloc_large_node+0x84/0x1e0
[   73.670649][ T7200]  ? hashtab_init+0x1b1/0x290
[   73.672131][ T7200]  __kmalloc_large_node_noprof+0x1c/0x70
[   73.673944][ T7200]  ? __pfx_ebitmap_read+0x10/0x10
[   73.675533][ T7200]  __kmalloc_noprof.cold+0xc/0x61
[   73.677113][ T7200]  hashtab_init+0x1b1/0x290
[   73.678549][ T7200]  ? __asan_memcpy+0x3c/0x60
[   73.680011][ T7200]  policydb_read+0x7b4/0x3220
[   73.681517][ T7200]  ? __pfx_policydb_read+0x10/0x10
[   73.683248][ T7200]  security_load_policy+0x15c/0x12c0
[   73.685131][ T7200]  ? irqentry_exit+0x3b/0x90
[   73.686598][ T7200]  ? __pfx_security_load_policy+0x10/0x10
[   73.688386][ T7200]  ? _copy_from_user+0x93/0xd0
[   73.689886][ T7200]  sel_write_load+0x332/0x1bd0
[   73.691452][ T7200]  ? __lock_acquire+0xb8a/0x1c90
[   73.693037][ T7200]  ? __pfx_sel_write_load+0x10/0x10
[   73.694701][ T7200]  ? __pfx_sel_write_load+0x10/0x10
[   73.696336][ T7200]  vfs_write+0x2a0/0x1150
[   73.698066][ T7200]  ? __pfx___mutex_lock+0x10/0x10
[   73.700266][ T7200]  ? __pfx_vfs_write+0x10/0x10
[   73.702320][ T7200]  ? __fget_files+0x20e/0x3c0
[   73.704357][ T7200]  ksys_write+0x12a/0x250
[   73.706176][ T7200]  ? __pfx_ksys_write+0x10/0x10
[   73.708253][ T7200]  do_syscall_64+0xcd/0x4c0
[   73.710222][ T7200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.712707][ T7200] RIP: 0033:0x7fc2aa18e9a9
[   73.714643][ T7200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.721421][ T7200] RSP: 002b:00007fc2aaf15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   73.724789][ T7200] RAX: ffffffffffffffda RBX: 00007fc2aa3b6080 RCX: 00007fc2aa18e9a9
[   73.727498][ T7200] RDX: 000000000000ffbd RSI: 0000200000000000 RDI: 0000000000000003
[   73.730001][ T7200] RBP: 00007fc2aa210d69 R08: 0000000000000000 R09: 0000000000000000
[   73.732791][ T7200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.735418][ T7200] R13: 0000000000000001 R14: 00007fc2aa3b6080 R15: 00007ffeba870e98
[   73.738259][ T7200]  </TASK>
[   73.740352][ T7200] Kernel Offset: disabled
[   73.742111][ T7200] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:23:56  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000c886b RBX=0000000000000000 RCX=ffffffff8b869c99 RDX=0000000000000000
RSI=ffffffff8de30032 RDI=ffffffff8c157420 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08
R8 =0000000000000001 R9 =ffffed100d486645 R10=ffff88806a43322b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a94250 R15=0000000000000000
RIP=ffffffff8b8687ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6720000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=0000000048e1b000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003172 656c6c616b7a7973
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000010000000000 1200000000000000 02ff000700000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000007890 0086000000000004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c173a27822eb47c7 a788310b09c31039 681d02756e008c6f 032b000000003fee
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0427891129442900 b8c173a27822eb47 c7a788310b09c310 39681d02756e008c
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f032b000000003f ee00000000000000 0000000000000078 9000860000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000000 0012000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002ff0007000000 0000000035bac618 0000fc003a980100 97ec600000005400
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90006880000 RBX=ffff888106190000 RCX=ffffffff819ca8d7 RDX=1ffff11020c3225a
RSI=ffffffff86a710af RDI=0000000000000016 RBP=0000000000000080 RSP=ffffc900006a0eb8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffffff90a93f60 R13=dffffc0000000000 R14=ffff8881061912d0 R15=0000000000000000
RIP=ffffffff86a710d7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc2aaf156c0 ffffffff 00c00000
GS =0000 ffff8880d6820000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000020000000f000 CR3=000000004819f000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000ffffc000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc2aa211ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000032647261632f 6972642f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000011475142400c 4a51470c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000b 0000000000000000 0000000000000000 0000000000000328
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff914ed4cc RBX=ffffffff90c548e0 RCX=dffffc0000000000 RDX=1ffffffff218a91c
RSI=0000000000000000 RDI=ffffffff90c548d4 RBP=ffffffff90c548d4 RSP=ffffc90003d87910
R8 =ffffffff914ed4fc R9 =0000000000000000 R10=0000000000000000 R11=0000000000013a0e
R12=ffffffff90c548f0 R13=ffffffff823a0e47 R14=ffffffff90c548d4 R15=ffffffff90c548d4
RIP=ffffffff816acd40 RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555f628500 ffffffff 00c00000
GS =0000 ffff8880d6920000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055555f6435c8 CR3=000000005200a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=000000008000000f DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000001000003 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe4bffa960 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d42
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d4f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d49
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611d5d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611de3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f09e5611ec1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000140
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffffc90006883818 RCX=ffffffff86a7ccf9 RDX=1ffff11020b68153
RSI=ffffffff86a7cd06 RDI=ffff888105b40aaa RBP=0000000000000001 RSP=ffffc90003b96e90
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=00000000ab1001cc R13=dffffc0000000000 R14=ffff888106190000 R15=ffff888105b40a80
RIP=ffffffff86a7cd9b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3161024300 ffffffff 00c00000
GS =0000 ffff8880d6a20000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055555a61f808 CR3=0000000033fe5000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0161000000010000 0008000400080010 00080000000c0200 0000000000080008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0014010000000000 000800080007000c 00080000000c0000 0134000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0160000000200000 0003000000100008 0000000000000004 000c001a00100000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff9a000000000300 000000000008ffff ff8a000003e60000 0008000400000008
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000000140000 00280000003c0000 0050000000740000 008c000000ac0000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0007000000000000 0000000000000000 0060000000000858 3b00000000180000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00200000000e0014 000c000000080004 0020000e00000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffee00000000 0300000000000009 0000000c0000000a 00040008000f0010
ZMM25=5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1 5171c9a15171c9a1
ZMM26=0ba667430ba66743 0ba667430ba66743 0ba667430ba66743 0ba667430ba66743 0ba667430ba66743 0ba667430ba66743 0ba667430ba66743 0ba667430ba66743
ZMM27=04fad20904fad209 04fad20904fad209 04fad20904fad209 04fad20904fad209 04fad20904fad209 04fad20904fad209 04fad20904fad209 04fad20904fad209
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=9d0400009d040000 9d0400009d040000 9d0400009d040000 9d0400009d040000 9d0400009d040000 9d0400009d040000 9d0400009d040000 9d0400009d040000