last executing test programs:

3m26.80713282s ago: executing program 0 (id=39):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x567, 0x0, 0xe00000000000000, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@ipv4_newnexthop={0x24, 0x68, 0x521, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ID={0x8, 0x1, 0x2}]}, 0x24}}, 0x0)

3m26.806428446s ago: executing program 0 (id=40):
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000001040), 0x800, 0x0)
read$FUSE(r0, &(0x7f0000001500)={0x2020}, 0x2020)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305839, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e21, 0x9, @empty, 0x100009}}, 0xffff85e0, 0xc4e, 0x10403, 0x4, 0x32}, 0x9c)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1230023, &(0x7f0000000080)={[{@nr_inodes={'nr_inodes', 0x3d, [0x38]}}, {@inode32}]})

3m26.736475747s ago: executing program 0 (id=41):
r0 = semget$private(0x0, 0x4000000009, 0x208)
semop(r0, &(0x7f00000002c0)=[{0x1, 0x8698, 0x1000}], 0x1)
semctl$SETALL(r0, 0x0, 0x11, 0x0)
semctl$IPC_RMID(r0, 0x2000000, 0x0)

3m26.667303307s ago: executing program 0 (id=42):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x110, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0xfe, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29"]}]}, 0x110}], 0x1}, 0x0)

3m26.667007079s ago: executing program 0 (id=43):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) (async)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000080)={0x8})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x4000) (async)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x4000)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m26.39743996s ago: executing program 0 (id=44):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)

3m11.42002594s ago: executing program 32 (id=44):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)

2m52.786404836s ago: executing program 3 (id=509):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x9fcb}}, './file0\x00'})
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(r0, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001480)={&(0x7f00000000c0)={0x138c, r1, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@WGDEVICE_A_PEERS={0x1378, 0x8, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x9, @rand_addr=' \x01\x00', 0xfffffe00}}]}, {0x90, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x4, @loopback, 0x4}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x6}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e24, @empty}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}, {0x834, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xa}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ALLOWEDIPS={0x310, 0x9, 0x0, 0x1, [{0xd0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x15}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}]}, {0xe8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x3c}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x2a}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x2}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}, {0x4}, {0xdc, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x38}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x41}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x23}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x15}}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "ff5e8461c3582a545210b910928a646ae8fa698c16b41a7ba257d48b1fc5320b"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "0eb4c5ac2b2f540d2bb28e2e587d3aa35c8791ebde8777911935e750e117d7f3"}, @WGPEER_A_ALLOWEDIPS={0x478, 0x9, 0x0, 0x1, [{0xd0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x62}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1d}}, {0x5, 0x3, 0x2}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x28}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x1f}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @broadcast}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5}}]}, {0xe8, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x1}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x7}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}]}, {0x22c, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @private=0xa010101}}, @WGPEER_A_ALLOWEDIPS={0xac, 0x9, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x1}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x7fffffff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x5}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x7, @mcast1, 0x2}}, @WGPEER_A_ALLOWEDIPS={0x108, 0x9, 0x0, 0x1, [{0x4}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}}, {0x5, 0x3, 0x3}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xc}]}, {0x1ec, 0x0, 0x0, 0x1, [@WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e23, 0x3, @private0, 0x3}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "ce859c566564448781b72c9ae3ac60d53c582f2152b05c3e16ffc1dcf1af3ce1"}, @WGPEER_A_ALLOWEDIPS={0x160, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5, 0x3, 0x3}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x1000}, @WGPEER_A_FLAGS={0x8, 0x3, 0x2}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5125f21bf2fb69847f6cc764a1ff0898c7c8eeb413a3130b0719f2029b364deb"}]}, {0x1a8, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x130, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast2}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x36}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}}, {0x5, 0x3, 0x3}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x3ff}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @multicast2}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9}]}, {0x4cc, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x4b4, 0x9, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x37}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}]}, {0x94, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x15}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x3}}]}, {0x70, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x3}}]}, {0x58, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}]}, {0x10c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x10}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}]}, {0x34, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e21, @loopback}}]}]}]}, 0x138c}, 0x1, 0x0, 0x0, 0x4}, 0x44800)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001800)={r0, 0x0, 0xf8, 0xc6, &(0x7f0000001500)="a8063e578b45e705ec7c9ad93cdc7879bbd3f637919212fecfbb9b6f8b44809624a92c127daede3f70bce04c85a42560b540f7fb8c49b33be1761a144af68ed36efd221234c5d7618720e39f8a802dfc485b3d3cc47519a549d3b78c3bd373a2d0e54c9d497e342247e4d43f510af0cec601662cfeee786298e6876d3d48c85475a95031bc73c95bee6b04d8b39cb48feb554d28d260782ad63ef6084a7772f3ce69d9d3e2b4104ff53d0ac196535a03abf3eae4453fd4799c7d13b60adb8f270b1fbd1288bf93ad7920775dad83f605e33465e5bc56533e3b228d197c9ca0ef475b51a0b93a581c96afbceb6e2092ab9fd65669c88ad802", &(0x7f0000001600)=""/198, 0x40, 0x0, 0x23, 0x91, &(0x7f0000001700)="fbb5620f71d3fb19a151360c1addeaef3dadcb38cea0f5147461f59fc4d2584838c563", &(0x7f0000001740)="c1262217af4a764fb182d4e0fe99163a45ea5112d000361ab0121d965517636938f092a18a0819d958b2c5a84ef69bfcf010f694e5621c554638e6c40ed1f8ec72d2cdccdbc97109d13b5a394ffc5a57c5caf986cb92f1a41154ddf69081d1e163586f42c04ce40c3cf9f327c06706b400163b408af2fd4c1f81e0fff1537b19ce07826475a04a2b7fa7a5b91abb59018e", 0x0, 0x0, 0x2}, 0x50)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000001880)=<r2=>0x0)
ptrace$getregset(0x4204, r2, 0x4, &(0x7f0000001940)={&(0x7f00000018c0)=""/78, 0x4e})
write(r0, &(0x7f0000001980)="9673ab0e17d40bb35c20b28f7d9af82f9bab583b1e0be9688b28a825820cb51d9992a8e39cdccc40ebc9610db4fb8f04930bf242a4cd71fadf42a16199606897319fee15164c7f6800ba77ddc65ac5645d4d50018585f333380f417287aa700c7dc8c77bf4a18657e93e0c1327370540be576e4962a7e1b983979b7d99320f5830e4f7acad3a7335d52cec6e0ea135138dd7caf8c2dd8d945bfd164e6300729d1c4fea3979c0b83ba34b6e1fe780d2e89f9d9e913171f7ecf5ae4ffd162f49061e71bfca884887ea53", 0xc9)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001b80)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001b40)={&(0x7f0000001ac0)={0x64, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg2\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1000}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008000}, 0x20008844)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001c80)={r0, 0x58, &(0x7f0000001c00)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000001d80)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001cc0)=@ipv6_newaddrlabel={0x60, 0x48, 0x200, 0x70bd2c, 0x25dfdbfe, {0xa, 0x0, 0x20, 0x0, r4, 0x67}, [@IFAL_ADDRESS={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x2c}}, @IFAL_ADDRESS={0x14, 0x1, @private0}, @IFAL_LABEL={0x8, 0x2, 0x4}, @IFAL_ADDRESS={0x14, 0x1, @remote}]}, 0x60}, 0x1, 0x0, 0x0, 0x60040015}, 0x800)
socket$inet6(0xa, 0x0, 0x6)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001dc0)={r3, 0xfff, 0x18}, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001e00), r0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000001e40)={{0x1, 0x1, 0x18, <r6=>r0, {0x7}}, './file0/file0\x00'})
ioctl$KVM_NMI(r6, 0xae9a)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=@bloom_filter={0x1e, 0xaf28, 0x1c00000, 0x10, 0x1020b, r5, 0xfffffff7, '\x00', 0x0, r0, 0x5, 0x2, 0x4, 0x9, @void, @value, @value=r0}, 0x50)
io_uring_register$IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f0000005340)=[{0x8, 0x0, 0x0, &(0x7f0000005280)=[{&(0x7f0000001f00)=""/4096, 0x1000}, {&(0x7f0000002f00)=""/4096, 0x1000}, {&(0x7f0000003f00)=""/60, 0x3c}, {&(0x7f0000003f40)=""/209, 0xd1}, {&(0x7f0000004040)=""/199, 0xc7}, {&(0x7f0000004140)=""/123, 0x7b}, {&(0x7f00000041c0)=""/4096, 0x1000}, {&(0x7f00000051c0)=""/156, 0x9c}], &(0x7f0000005300)=[0x8, 0x1, 0x5, 0xb92, 0x7]}], 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000005380)={'wlan0\x00'})
ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f00000053c0)=0x7)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000005400)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
sendmsg$nl_route(r8, &(0x7f0000005500)={&(0x7f0000005440)={0x10, 0x0, 0x0, 0x84004}, 0xc, &(0x7f00000054c0)={&(0x7f0000005480)=@bridge_getvlan={0x20, 0x72, 0x1, 0x70bd28, 0x25dfdbfe, {0x7, 0x0, 0x0, r4}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040010}, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000005540)=@base={0x1f, 0xfff, 0x3, 0x3ff, 0x0, r6, 0xffffffff, '\x00', r4, 0xffffffffffffffff, 0x0, 0x2, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000058c0)={0x40, <r10=>0x0}, 0x8)
r11 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000005900)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x37a, '\x00', r4, r0, 0x0, 0x5, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000005a00)={0x21, 0x23, &(0x7f00000055c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x300000}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_fd={0x18, 0x6, 0x1, 0x0, r9}, @exit, @jmp={0x5, 0x1, 0x1, 0x4, 0x5, 0xfffffffffffffffe, 0x10}, @map_val={0x18, 0x6, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x1ff}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1b, 0x0, 0x0, 0x0, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000005700)='syzkaller\x00', 0x9, 0xd2, &(0x7f0000005740)=""/210, 0x41100, 0x40, '\x00', r4, @fallback=0x10, 0xffffffffffffffff, 0x8, &(0x7f0000005840)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000005880)={0x3, 0x0, 0x4, 0xce0b}, 0x10, r10, r0, 0x3, &(0x7f0000005980)=[r11, r0, r6, r7], &(0x7f00000059c0)=[{0x3, 0x5, 0x3, 0x3}, {0x3, 0x3, 0xd, 0x3}, {0x5, 0x4, 0xd, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000005ac0))
fcntl$getown(r9, 0x9)
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000005b00)={0x2, 0x0, 0x6, 0x9, 0x7, 0x1})
ioctl$sock_inet_SIOCGIFPFLAGS(r8, 0x8935, &(0x7f0000005b40)={'veth1_macvtap\x00'})

2m52.737139847s ago: executing program 3 (id=510):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x20, 0x52, 0x1, 0x10000, 0x0, {0x1c}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x7}]}, 0x20}}, 0x0)

2m51.825929961s ago: executing program 3 (id=520):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12015002000000082505a8a44000010203010902240001010aa00f0904090501022000040f0e09058202080003000300000000000000"], &(0x7f0000000180)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x1, 0x5, 0x80, 0x40, 0xad}, 0x3d, &(0x7f00000000c0)={0x5, 0xf, 0x3d, 0x5, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x2, 0x86, 0x4, 0x3, 0x8}, @wireless={0xb, 0x10, 0x1, 0x4, 0x10, 0x4, 0xd, 0x101, 0x7}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "03d0a8b51759ce86970fe9f9c9fcd97c"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x80, 0x6, 0xd, 0x401, 0x3}]}, 0x2})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1b, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xc, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f000000c7c0)={0x0, 0x0, &(0x7f000000c780)={&(0x7f00000009c0)=@newtaction={0xe68, 0x32, 0x1, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x3, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{}, [{}, {0x0, 0x5}, {0x0, 0x4}, {0x200000}, {}, {}, {}, {0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xa2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x800000}, {0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd, 0x9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0xffffffff, 0x0, 0x0, 0x40}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x2000}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x8}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
r2 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f80)=ANY=[@ANYBLOB="b70200000b000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f7a80d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001e8c76bbe7ff988a28ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4522bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b9fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabfd50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd1389a0963de85dd2b189774450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f326df86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c39b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa525235da0000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc32a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f8293cf83bceaf6c9eda1f83166aa1e2093d626870510e6cd176d501fe01e4a752fc30134073188e3f826f695e4e14fca6596943467c7df154493023f77c107b3db20ea75b493b4b38dc43986d94748cbfab954edae20982b6d212a44f4b40387876bc9eb73900"/3112], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000580)="b9ff0b076859268cb89e14f088a847", 0x0, 0xf00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0xfd85}, 0x0)
ioctl$VIDIOC_ENUM_FMT(r2, 0xc0585611, &(0x7f00000000c0)={0x0, 0xb, 0x0, "3e58f67896b2f2098200902177392faff604cb7ef87e7610bc39ef64257f5d33"})
read(r2, &(0x7f0000000000), 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

2m50.636980154s ago: executing program 3 (id=542):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xf, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000100000000000085000000bb0000009500400000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
syz_pidfd_open(r0, 0x0)

2m50.635900691s ago: executing program 3 (id=544):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000040))
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x1ab083, 0x0) (async)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x1ab083, 0x0)
socket(0x10, 0x803, 0x0) (async)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0xfffffffffffffc1c, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xc}, {0xfff1, 0xffff}, {0x0, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x6}}}]}, 0x38}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = eventfd(0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
accept4(r9, 0x0, 0x0, 0x0) (async)
r10 = accept4(r9, 0x0, 0x0, 0x0)
sendmmsg$unix(r10, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000012c0)='R', 0x1}, {&(0x7f0000000640)="94", 0x1}], 0x2}}], 0x1, 0x0)
ioctl$KVM_IRQFD(r7, 0x4020ae76, &(0x7f00000000c0)={r8, 0x14, 0x1})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x58, 0x2c, 0xd27, 0x40000, 0xffffffff, {0x0, 0x0, 0x0, r5, {0xfff3, 0x7}, {}, {0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x9, 0x7, 0x81}, {{}, {0x4, 0x1, 0x1, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000805}, 0x20008004)
r11 = socket$nl_sock_diag(0x10, 0x3, 0x4)
getsockopt$netlink(r11, 0x10e, 0x8, &(0x7f0000000440)=""/4096, &(0x7f0000001440)=0x1000) (async)
getsockopt$netlink(r11, 0x10e, 0x8, &(0x7f0000000440)=""/4096, &(0x7f0000001440)=0x1000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r12=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000180)}, 0x20)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
r13 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r13, 0x40086602, &(0x7f00000001c0)=0x20)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r13, 0xedaa7000) (async)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r13, 0xedaa7000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000015c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x8, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x1, 0x1}, {0x6, 0x5}]}, @typedef={0xd, 0x0, 0x0, 0x8, 0x2}, @struct={0x2, 0x4, 0x0, 0x4, 0x1, 0x6, [{0x3, 0x1, 0x7}, {0x9, 0x4}, {0xc, 0x1, 0xfffffff7}, {0x1, 0x3, 0x8}]}]}, {0x0, [0x61, 0x0, 0x83, 0x5f, 0x5f, 0x0]}}, &(0x7f0000001680)=""/138, 0x84, 0x8a, 0x1, 0x7, 0x0, @void, @value}, 0x28) (async)
r14 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000015c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0x8, [@func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x1, 0x1}, {0x6, 0x5}]}, @typedef={0xd, 0x0, 0x0, 0x8, 0x2}, @struct={0x2, 0x4, 0x0, 0x4, 0x1, 0x6, [{0x3, 0x1, 0x7}, {0x9, 0x4}, {0xc, 0x1, 0xfffffff7}, {0x1, 0x3, 0x8}]}]}, {0x0, [0x61, 0x0, 0x83, 0x5f, 0x5f, 0x0]}}, &(0x7f0000001680)=""/138, 0x84, 0x8a, 0x1, 0x7, 0x0, @void, @value}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a00)={0xffffffffffffffff, 0xe0, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001740)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f0000001780)=[0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r15=>0x0, 0x10, &(0x7f0000001800)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001840), &(0x7f0000001880), 0x8, 0xf0, 0x8, 0x8, &(0x7f00000018c0)}}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000001a40)={{0x1, 0x1, 0x18, r8, {0xb}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000001a40)={{0x1, 0x1, 0x18, <r16=>r8, {0xb}}, './file0\x00'})
r17 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001a80)={0x3, 0x4, 0x4, 0xa, 0x0, r8, 0x7, '\x00', r5, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b80)={0xf, 0x27, &(0x7f0000001c40)=ANY=[@ANYBLOB="1800000000010000000000000800000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018120000", @ANYRES32=r12, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000008500000006000000950000000000000087770600f0ffffffb7080000000000007b8af8ff00000000b7080000010400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r13, @ANYBLOB="00000000000043f0b9ba700000b70500000800009d9631c37768cb47e37dfecea12a0085000000a50000bc67b1543abb1f2613fde40000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x26, &(0x7f0000000280)=""/38, 0x40f00, 0x9, '\x00', 0x0, @cgroup_device, r14, 0x8, &(0x7f00000003c0)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000000400)={0x0, 0xb, 0x0, 0x6012}, 0x10, r15, 0xffffffffffffffff, 0x4, &(0x7f0000001b00)=[0xffffffffffffffff, r1, r16, 0xffffffffffffffff, r17], &(0x7f0000001b40)=[{0x5, 0x5, 0xe, 0x5}, {0x3, 0x4, 0x5, 0x7}, {0x1, 0x2, 0x10}, {0x2, 0x5, 0x2, 0x8}], 0x10, 0x0, @void, @value}, 0x94)

2m50.39556827s ago: executing program 3 (id=548):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000060}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

2m35.19504879s ago: executing program 33 (id=548):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000060}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

5.425124551s ago: executing program 1 (id=2413):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r4)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x24004884}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32=r5, @ANYBLOB="020000002b"], 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x178, 0x0, 0x1, 0xfffffffd, 0x25dfdbfb, {}, [@WGDEVICE_A_PEERS={0x150, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x1, @loopback, 0x3}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x54, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x294, @mcast2, 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x178}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x101, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}}}}]}, 0x78}}, 0x0)
shmat(0x0, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="fd00000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000), 0xfffffecc)
splice(r6, 0x0, r8, 0x0, 0x4ffe2, 0x0)

4.510514956s ago: executing program 1 (id=2423):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, 0x0}, 0x220)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, 0x0)

4.244542266s ago: executing program 1 (id=2427):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000180)=0x3, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x8, 0x6, 0x9, 0x20, 0xffffffffffffffff, 0x2, '\x00', 0x0, r1, 0x5, 0x4, 0x4, 0xd, @void, @value, @void, @value}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000200000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000ffffff80850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

4.094453709s ago: executing program 1 (id=2430):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc7000000"], 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

3.132176381s ago: executing program 4 (id=2435):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, 0x0}, 0x220)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, 0x0)

2.345120543s ago: executing program 5 (id=2442):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', <r2=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={<r3=>0x0, @broadcast, @multicast2}, &(0x7f0000000240)=0xc)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'gre0\x00', &(0x7f0000000280)={'syztnl1\x00', <r4=>0x0, 0x7800, 0x700, 0x1, 0x97, {{0xa, 0x4, 0x1, 0x29, 0x28, 0x66, 0x0, 0x2, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x1f}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@ra={0x94, 0x4, 0x1}, @rr={0x7, 0xf, 0xb5, [@initdev={0xac, 0x1e, 0x1, 0x0}, @local, @multicast2]}]}}}}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0xf, r1, 0x28543634fae43ad, 0x0, 0x1, {}, [@HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r4}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r4}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x3}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'wg2\x00'}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r4}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'veth1_to_team\x00'}]}, @HEADER={0x0, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x0, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS]}]}, 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x20000040)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_DEL_DAEMON(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x302030}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x200, 0x70bd2c, 0x31428efd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x24}}, 0x404000c)

2.20880588s ago: executing program 4 (id=2444):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r4)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x24004884}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32=r5, @ANYBLOB="020000002b"], 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x178, 0x0, 0x1, 0xfffffffd, 0x25dfdbfb, {}, [@WGDEVICE_A_PEERS={0x150, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x1, @loopback, 0x3}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x54, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x294, @mcast2, 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x178}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x101, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}}}}]}, 0x78}}, 0x0)
shmat(0x0, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/19, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="fd00000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000), 0xfffffecc)
splice(r6, 0x0, r8, 0x0, 0x4ffe2, 0x0)

1.893994135s ago: executing program 5 (id=2447):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f6f0d6790c708004500342c00000000021190780000009c000000"], 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 59)

1.735360947s ago: executing program 2 (id=2448):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d083910000000000000a1180015000600142603600e1209002100fe000401a80016000400144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

1.505106821s ago: executing program 5 (id=2449):
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x3c, 0x0, 0x100, 0x20, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x14}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x8133}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040810}, 0x0)
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000003c0)={0x4, 0x0, [{0x100000, 0xa6, &(0x7f0000000240)=""/166}, {0xeeee0000, 0x24, &(0x7f00000000c0)=""/36}, {0xeeee0000, 0x3c, &(0x7f0000000100)=""/60}, {0xd000, 0x22, &(0x7f0000000180)=""/31}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000500)={'tunl0\x00'})
dup(r2)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)={0x28, 0x0, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'veth1_to_team\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x880)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x5411, &(0x7f0000000100))

1.304716473s ago: executing program 4 (id=2450):
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)={0x3c, 0x0, 0x100, 0x20, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x14}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x8133}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040810}, 0x0)
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000003c0)={0x4, 0x0, [{0x100000, 0xa6, &(0x7f0000000240)=""/166}, {0xeeee0000, 0x24, &(0x7f00000000c0)=""/36}, {0xeeee0000, 0x3c, &(0x7f0000000100)=""/60}, {0xd000, 0x22, &(0x7f0000000180)=""/31}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000500)={'tunl0\x00'})
dup(r2)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)={0x28, 0x0, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'veth1_to_team\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x880)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x800452d3, &(0x7f0000000100)) (fail_nth: 4)

1.181827193s ago: executing program 5 (id=2451):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x24004884}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32=r4, @ANYBLOB="020000002b"], 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x178, 0x0, 0x1, 0xfffffffd, 0x25dfdbfb, {}, [@WGDEVICE_A_PEERS={0x150, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x1, @loopback, 0x3}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x54, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x294, @mcast2, 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x178}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x101, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}}}}]}, 0x78}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
pipe(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="fd00000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r6, &(0x7f0000000000), 0xfffffecc)
splice(r5, 0x0, r7, 0x0, 0x4ffe2, 0x0)

1.075218749s ago: executing program 4 (id=2452):
r0 = io_uring_setup(0x2b34, &(0x7f0000000080)={0x0, 0x17a3, 0x800, 0x1, 0x337})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000100)=[0x7fff, 0x520e], 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x6, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) (async)
r1 = socket(0x10, 0x3, 0x0) (async)
r2 = openat$ptp1(0xffffffffffffff9c, &(0x7f00000009c0), 0x101000, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r2, 0x3d13, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r3, 0x40103d0b, &(0x7f00000001c0)={0xff, 0x2}) (async)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="b40000001900010000000000000000001d0109004d0011806f9886ff8308eb1d7c1bbdbe3160578f5aa421ea2a089f6ab00ada4e5605b2e72655b3cc4c48e6405c0cf5329cb7f1821ec7ecca1d3ffb2d7144f29af11fe6557f8a74d923d12c43bc0000004d0012"], 0xb4}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

993.509324ms ago: executing program 1 (id=2453):
sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=ANY=[@ANYBLOB="6d1c2671da33eb4e9e7580f3e3133ee17746bf242447f029d48036d59ecb2d91b02347a429018734052f6ae8b8e8b1a04f773c860009d6f7108116cf530095ffa1678b2e0c0f7a9b4e216ce3a481850c57dbf9f2541a7280d8fd99f5cf35c74bf76ebd7882f42bd5484b71b9eab9", @ANYRES16=0x0, @ANYBLOB="020120000000000000003400000008000300", @ANYRES32=0x0, @ANYBLOB="0c00990009000000140000000a00060008021100000100000600fd0033810000"], 0x3c}, 0x1, 0x0, 0x0, 0x4040810}, 0x0)
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000003c0)={0x4, 0x0, [{0x100000, 0xa6, &(0x7f0000000240)=""/166}, {0x5000, 0x24, &(0x7f0000000000)=""/36}, {0xeeee0000, 0x3c, &(0x7f0000000100)=""/60}, {0xffff1000, 0x1f, &(0x7f0000000180)=""/31}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sendmsg$NL80211_CMD_SET_NOACK_MAP(r0, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB="44000018", @ANYRES16=0x0, @ANYBLOB="100028bd7000fbdbdf25570000000600950004000000060095000400000006009500018000000600950005000000060095008000000006009500ec000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000040}, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xfcf, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xcbc, 0xffffffffffffffff, 0x0, 0x100, 0xffffffffffffffff, 0x7, 0x100000000000000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x4)
close(r8)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800020008000200060006000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000500)={'tunl0\x00'})
r9 = dup(r6)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x27fec9dc473d57c2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_DELOBJ={0x20, 0x14, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x48}, 0x1, 0x0, 0x0, 0x40081}, 0x4000805)
listen(r9, 0x200)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1cfbba37000000000000060000001400000076067468315f746f5f7465616d000000"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x880)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$KDDELIO(r4, 0x4b35, 0x7cbd1bb2)
ioctl$FS_IOC_GETFSLABEL(r1, 0x800452d3, &(0x7f00000006c0))

993.237681ms ago: executing program 4 (id=2454):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880), 0x0, &(0x7f00000009c0)=[{0x30, 0x3a, 0xe1, "0cc7c0cad01810962e26cedee61e5f2f8f4c398f27e760925bc6d94cebe5"}, {0xe8, 0x116, 0x45d, "b6aaac6ce77c9c9605bf9be9e778d1e02932f95c350847f079ea4700183a2f3d19cb330c9b3afed6f0f12be4d7118eb887af176a8cd4e43677e94ad1ac1e12d4683edc9bd755d851876a4dfeb2fcd0b67c389a5b99a0e639a067ec89340304a1dcbc72a5ebb5d06b3057d05cfd191ae38d3a89717a1903a68c65ea57a18b81b9923c59cec484879551fa91ba7c82a174544e14bf8b27b0f1057158c767279da460da1010ee1b3cfaa4b6738d81d11125b620ac51c1d4bf09724fc7bffa6bfb1753cac390a34085d379bfb683ed06f18f854d3cf8e87d60b5"}, {0x100, 0x10c, 0x8, "bebc767523c60bdfa77f28e23db25741b3e5139874aebdf1ec077e0b5f6ffb30d1c24f5a5348beee5ce9d659fcc3fcae46ccd3b8edb6257e06f09641ffd3305b74a30615b7874e1d03549f84f43cf61a849c78bc624dd1b49c0a4273fb415c04ff37fc3f1cb1d087d34ea8ac386e340e0935804cf882c110ce6420cccfb636e5b6afc76bb6b83b1577bd778021fcc1f9d71aee583349c53a3607cb6f205b2492b5588f3ecb322d87e12ac73837e74b7ef41cec3646ad3e1fe41b15e4bfd0bb0350d2dac4b41d92e8bd58a8524dfe2c81dece90becffaf2ed878a35f7ecb81daa9608247bfa4ab49bab4f3ac794520d59"}, {0xe8, 0x1, 0x1, "b8e480b6c4d03f40f6b0dd07825d186d105d91e09529bad7440fc0bc33e8432269118d249fb12fd566fba6a4fe8d397793526bc7e198fa26226bf09b6087d535a9b1bc13f67777775a9113a47964ff312b065fbab79ecc92b0ced68258672d9a83c652d3221479b42bc4f6f175b9142e65094d482d4151701124d69aec27b480677884ee18e17af1b21de2fe415cf9b5ddf2adf8e92f41ebb70f5b2fa283168ff7a7be3bc8f4067255ec2f243bf11e0d185a27a80a3bfd422d7375431c78598d48da0ca025271acc71c588ce178b1d9617e59a3c0955"}], 0x300}, 0x84)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$isdn(0x22, 0x3, 0x1)
close(r2)
syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x0, 0x800, 0x1, 0x121}, &(0x7f0000000380)=<r3=>0x0, &(0x7f00000002c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x33})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

794.849234ms ago: executing program 2 (id=2455):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_hsr\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c00000010000305000000000000ffff00002400", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b0001006d616373656300001c000280050007000000000005000a0000000000050009000000000008000500", @ANYRES32=r1], 0x5c}}, 0x0)

731.996498ms ago: executing program 4 (id=2456):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x121001)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000440)={0x53, 0xfffffffe, 0x6, 0x0, @scatter={0x7, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000008c0)=""/84, 0x6b}, {&(0x7f0000000940)=""/209, 0xd1}, {&(0x7f0000000a40)=""/65, 0x41}, {&(0x7f0000000ac0)=""/39, 0x27}, {&(0x7f0000000b00)=""/6, 0x6}, {&(0x7f0000000b40)=""/235, 0xeb}, {&(0x7f0000000c40)=""/67, 0x43}]}, &(0x7f0000000380)="851666ce20db", 0x0, 0xfffffffb, 0x39, 0x0, 0x0})
write$char_usb(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x7e, {0x7e, 0x8, "61238f901f2203f583600fae1d38fa7dfbbb483e740a37ae1dbc579bdf77897b03f0fc4f64674e96cacf349cf641c483e33be83931441ccd95be7b0351c6ef52c60ef62015ccb4a03f58938f8bc9e11b9b61832acbe03253807efefb9f94e980e0904b6de2bb6e1c74619692dba9869878a007377be9bd68850e7d23"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40e}}, &(0x7f0000000200)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000240)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x0, 0x2, 0x2, "fe9a84a3", "93e82e6a"}}, &(0x7f0000000280)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xd0, 0x2, 0x8, 0xfc, 0x8, 0x6, 0xd}}}, &(0x7f00000007c0)={0x84, &(0x7f0000000300)={0x20, 0x16, 0xe1, "7cdde2cca7d7167b1d0618fa93487b68979f7a214b12bfcab88346b91a5c215605383789d7dfe0600b69682dbba770e46df4d8b4de66aedda1947eff4406f54ed3de51e40fcf8c7f6b603ba6b12d056463d76ac87734c255e18949e611405cff7bf059f119974cb12cc5ae0ae06b0f3c0bd2b90a963d2a05d94250595306f1157f524444f35b6d2c6973d64a1df4543047f29c5b2e125ed3d2741f1e3d8fe5f65e6d1aed9bccea6a5e2cf982f148f839d5e9482edec5d6c743c16b2100065b086700835ff4841f66348352f40fe7deec4e28afdf9f1eb70ed4de5dee1edb75ed1e"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0xc}, &(0x7f0000000440)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x2, 0x2}}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0xa0, 0x20}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0x7}, &(0x7f0000000580)={0x40, 0xb, 0x2, "8c4b"}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x3}, &(0x7f0000000600)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x41}}, &(0x7f0000000640)={0x40, 0x17, 0x6, @broadcast}, &(0x7f0000000680)={0x40, 0x19, 0x2, "3e8e"}, &(0x7f00000006c0)={0x40, 0x1a, 0x2, 0x9}, &(0x7f0000000700)={0x40, 0x1c, 0x1, 0x9}, &(0x7f0000000740)={0x40, 0x1e, 0x1, 0x10}, &(0x7f0000000780)={0x40, 0x21, 0x1, 0x4}})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {0x7, 0x0, 0x7}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004840}, 0x1080)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000000c0)=@ipv4_getnexthop={0x20, 0x6a, 0x100, 0x70bd25, 0x25dfdbfc, {}, [@NHA_ID={0x8}]}, 0x20}}, 0x4008854)
close(r4)

544.730346ms ago: executing program 2 (id=2457):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0xff0f0000, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)

474.557047ms ago: executing program 1 (id=2458):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r4)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x24004884}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32=r5, @ANYBLOB="020000002b"], 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x178, 0x0, 0x1, 0xfffffffd, 0x25dfdbfb, {}, [@WGDEVICE_A_PEERS={0x150, 0x8, 0x0, 0x1, [{0x6c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x1, @loopback, 0x3}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x54, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e22, 0x294, @mcast2, 0x1}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x7}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x4}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x178}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x80000001, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x4, 0x8, 0x101, 0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}}}}]}, 0x78}}, 0x0)
shmat(0x0, &(0x7f0000ffe000/0x1000)=nil, 0x4000)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
close(r8)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_misc(r7, &(0x7f0000000000), 0xfffffecc)
splice(r6, 0x0, r8, 0x0, 0x4ffe2, 0x0)

395.161552ms ago: executing program 2 (id=2459):
write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0xea60}, 0x15, 0x6, 0xffff7fff}, 0x18)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040055}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x100000000000000)

259.2078ms ago: executing program 5 (id=2460):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0xbe, &(0x7f0000000140)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @dev, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e256b28c59881681fb52"}, {0x0, 0x9, "020007651442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x0, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010)

154.779211ms ago: executing program 5 (id=2461):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc7000000"], 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000304fcffffff3f00000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad8800000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2], 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

103.895452ms ago: executing program 2 (id=2462):
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000030000103a00fe8000000000004b0000000000000002ff020000000000000000000000000001"], 0x0)

0s ago: executing program 2 (id=2463):
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x46, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6000000000103a00fe8000000000004b0000000000000002ff020000000000000000000000000001"], 0x0) (fail_nth: 4)

kernel console output (not intermixed with test programs):

_sanitizer_cov_trace_switch+0x54/0x90
[  209.647172][T12520]  ? policy_nodemask+0xea/0x4e0
[  209.649155][T12520]  alloc_pages_mpol_noprof+0x2c8/0x620
[  209.651341][T12520]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  209.653727][T12520]  ? __kmalloc_node_noprof+0x23d/0x510
[  209.655940][T12520]  ? rcu_is_watching+0x12/0xc0
[  209.657921][T12520]  ? __pfx_mark_lock+0x10/0x10
[  209.659866][T12520]  get_free_pages_noprof+0xc/0x40
[  209.661931][T12520]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  209.664372][T12520]  mmu_topup_memory_caches+0x59/0xd0
[  209.666555][T12520]  kvm_mmu_load+0xda/0x21f0
[  209.668447][T12520]  ? mark_held_locks+0x9f/0xe0
[  209.670428][T12520]  ? kvm_apic_has_interrupt+0xb6/0x190
[  209.672645][T12520]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  209.675081][T12520]  ? kvm_guest_time_update+0x780/0xeb0
[  209.677342][T12520]  ? clear_pending_if_disabled+0xa9/0x210
[  209.679809][T12520]  ? __pfx_kvm_mmu_load+0x10/0x10
[  209.681992][T12520]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  209.684437][T12520]  ? kvm_check_and_inject_events+0x725/0x12e0
[  209.686929][T12520]  ? kvm_setup_guest_pvclock+0x721/0x730
[  209.689239][T12520]  vcpu_run+0x33a4/0x4f50
[  209.691027][T12520]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  209.693346][T12520]  ? __pfx_vcpu_run+0x10/0x10
[  209.695309][T12520]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  209.697618][T12520]  ? rcu_is_watching+0x12/0xc0
[  209.699590][T12520]  ? trace_lock_acquire+0x14e/0x1f0
[  209.701731][T12520]  ? __local_bh_enable_ip+0xa4/0x120
[  209.703899][T12520]  ? lockdep_hardirqs_on+0x7c/0x110
[  209.706049][T12520]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  209.708421][T12520]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  209.710760][T12520]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  209.713097][T12520]  kvm_vcpu_ioctl+0x6ce/0x1520
[  209.715100][T12520]  ? do_vfs_ioctl+0x513/0x1990
[  209.717106][T12520]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  209.719247][T12520]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  209.721925][T12520]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  209.724650][T12520]  ? __pfx_lock_release+0x10/0x10
[  209.726722][T12520]  ? selinux_file_ioctl+0x180/0x270
[  209.728868][T12520]  ? selinux_file_ioctl+0xb4/0x270
[  209.731015][T12520]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  209.733173][T12520]  __x64_sys_ioctl+0x190/0x200
[  209.735126][T12520]  do_syscall_64+0xcd/0x250
[  209.736974][T12520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.739334][T12520] RIP: 0033:0x7fe80f385d29
[  209.741163][T12520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.748798][T12520] RSP: 002b:00007fe810167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  209.752215][T12520] RAX: ffffffffffffffda RBX: 00007fe80f575fa0 RCX: 00007fe80f385d29
[  209.755437][T12520] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  209.758202][T12530] netlink: 'syz.4.2097': attribute type 27 has an invalid length.
[  209.758573][T12520] RBP: 00007fe810167090 R08: 0000000000000000 R09: 0000000000000000
[  209.764195][T12520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  209.767346][T12520] R13: 0000000000000000 R14: 00007fe80f575fa0 R15: 00007ffc53d31398
[  209.770551][T12520]  </TASK>
[  209.784596][T12530] infiniband s
z1: set down
[  209.879520][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  209.881498][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  209.907160][T12530] infiniband s
z1: set active
[  209.908733][T12530] infiniband s
z1: set active
[  209.926779][T12530] 8021q: adding VLAN 0 to HW filter on device team0
[  209.933978][T12530] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  209.938499][   T25] »»»»»» speed is unknown, defaulting to 1000
[  209.940368][ T6895] »»»»»» speed is unknown, defaulting to 1000
[  209.941184][T12536] vcan0: Master is either lo or non-ether device
[  209.945254][   T25] »»»»»» speed is unknown, defaulting to 1000
[  210.231193][T12544] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2101'.
[  210.234850][T12544] netlink: 'syz.5.2101': attribute type 25 has an invalid length.
[  210.603659][T12551] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12551 comm=syz.4.2104
[  210.612190][T12551] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  210.615723][T12551] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  210.619271][T12551] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  210.622847][T12551] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  210.737447][T12557] netlink: 'syz.1.2108': attribute type 27 has an invalid length.
[  210.795773][T12557] bond0: left promiscuous mode
[  211.094975][T12557] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.101819][T12557] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.105184][T12557] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.108613][T12557] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  211.188388][T12557] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  211.191984][T12557] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  211.195313][T12557] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  211.198670][T12557] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  211.257130][T12560] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.282589][T12560] 8021q: adding VLAN 0 to HW filter on device team0
[  211.291835][T12560] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  211.663595][T12580] xt_hashlimit: max too large, truncated to 1048576
[  211.911770][  T834] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  211.993204][T12588] __nla_validate_parse: 2 callbacks suppressed
[  211.993221][T12588] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2117'.
[  212.000127][T12588] netlink: 'syz.2.2117': attribute type 25 has an invalid length.
[  212.051983][  T834] usb 6-1: device descriptor read/64, error -71
[  212.301918][  T834] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  212.431750][  T834] usb 6-1: device descriptor read/64, error -71
[  212.457633][T12590] netlink: 'syz.4.2118': attribute type 27 has an invalid length.
[  212.463892][T12590] infiniband s
z1: set down
[  212.530260][T12590] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.534052][T12590] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.537134][T12590] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.539654][T12590] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  212.542774][  T834] usb usb6-port1: attempt power cycle
[  212.555786][  T832] »»»»»» speed is unknown, defaulting to 1000
[  212.558293][  T832] »»»»»» speed is unknown, defaulting to 1000
[  212.562687][T12591] infiniband s
z1: set active
[  212.564227][T12591] infiniband s
z1: set active
[  212.580726][T12591] 8021q: adding VLAN 0 to HW filter on device team0
[  212.586991][T12591] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  212.592934][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  212.595554][   T35] »»»»»» speed is unknown, defaulting to 1000
[  212.597878][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  212.807106][T12598] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12598 comm=syz.5.2119
[  212.814519][T12598] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2119'.
[  212.881765][  T834] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  212.909170][  T834] usb 6-1: device descriptor read/8, error -71
[  213.141924][  T834] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  213.164783][  T834] usb 6-1: device descriptor read/8, error -71
[  213.253378][ T5296] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  213.277439][  T834] usb usb6-port1: unable to enumerate USB device
[  213.729054][T12627] netlink: 'syz.2.2129': attribute type 27 has an invalid length.
[  213.921122][   T39] kauditd_printk_skb: 436 callbacks suppressed
[  213.921138][   T39] audit: type=1400 audit(1737054292.311:4226): avc:  denied  { create } for  pid=12629 comm="syz.5.2130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  213.937258][   T39] audit: type=1400 audit(1737054292.311:4227): avc:  denied  { ioctl } for  pid=12629 comm="syz.5.2130" path="socket:[42728]" dev="sockfs" ino=42728 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  213.967617][T12627] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  213.980248][T12627] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.012751][T12631] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2130'.
[  214.025700][T12631] netlink: 'syz.5.2130': attribute type 25 has an invalid length.
[  214.070772][T12627] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.082359][T12627] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.085977][T12627] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.089596][T12627] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  214.140099][T12627] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  214.143481][T12627] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  214.146284][T12627] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  214.148816][T12627] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  214.176291][T12627] ip6gre2: left allmulticast mode
[  214.221885][   T30] lo speed is unknown, defaulting to 1000
[  214.229345][T12628] 8021q: adding VLAN 0 to HW filter on device bond0
[  214.232768][T12628] 8021q: adding VLAN 0 to HW filter on device team0
[  214.239966][T12628] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  214.251938][   T30] lo speed is unknown, defaulting to 1000
[  214.358766][   T39] audit: type=1400 audit(1737054292.751:4228): avc:  denied  { create } for  pid=12633 comm="syz.2.2131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  214.360521][T12634] netlink: 'syz.2.2131': attribute type 4 has an invalid length.
[  214.375034][   T39] audit: type=1400 audit(1737054292.771:4229): avc:  denied  { write } for  pid=12633 comm="syz.2.2131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  214.381322][   T39] audit: type=1400 audit(1737054292.771:4230): avc:  denied  { prog_load } for  pid=12633 comm="syz.2.2131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  214.389346][   T39] audit: type=1400 audit(1737054292.771:4231): avc:  denied  { bpf } for  pid=12633 comm="syz.2.2131" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.396971][   T39] audit: type=1400 audit(1737054292.771:4232): avc:  denied  { perfmon } for  pid=12633 comm="syz.2.2131" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.403766][   T39] audit: type=1400 audit(1737054292.771:4233): avc:  denied  { perfmon } for  pid=12633 comm="syz.2.2131" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.409927][   T39] audit: type=1400 audit(1737054292.771:4234): avc:  denied  { perfmon } for  pid=12633 comm="syz.2.2131" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.416891][   T39] audit: type=1400 audit(1737054292.771:4235): avc:  denied  { perfmon } for  pid=12633 comm="syz.2.2131" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.757734][T12648] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12648 comm=syz.4.2135
[  214.762474][T12648] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2135'.
[  214.859160][T12650] netlink: 'syz.1.2139': attribute type 27 has an invalid length.
[  214.866998][ T5935] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  214.874307][ T5935] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  214.877893][ T5935] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  214.881094][ T5935] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  214.884316][ T5935] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  214.886548][ T5935] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  215.005893][T12650] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.008480][T12650] 8021q: adding VLAN 0 to HW filter on device team0
[  215.019202][T12650] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  215.045679][T12652] lo speed is unknown, defaulting to 1000
[  215.047802][T12652] »»»»»» speed is unknown, defaulting to 1000
[  215.372433][T12652] chnl_net:caif_netlink_parms(): no params data found
[  215.462615][T12652] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.465568][T12652] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.468562][T12652] bridge_slave_0: entered allmulticast mode
[  215.472028][T12652] bridge_slave_0: entered promiscuous mode
[  215.494672][T12652] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.497837][T12652] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.501044][T12652] bridge_slave_1: entered allmulticast mode
[  215.504078][T12652] bridge_slave_1: entered promiscuous mode
[  215.542306][T12652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.549031][T12652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  215.585272][T12652] team0: Port device team_slave_0 added
[  215.591070][T12652] team0: Port device team_slave_1 added
[  215.632327][T12671] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2141'.
[  215.632359][T12652] batman_adv: batadv0: Adding interface: batadv_slave_0
[  215.638412][T12652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.646921][T12652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  215.654842][T12652] batman_adv: batadv0: Adding interface: batadv_slave_1
[  215.656904][T12652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  215.670280][T12652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.731439][T12652] hsr_slave_0: entered promiscuous mode
[  215.753041][T12652] hsr_slave_1: entered promiscuous mode
[  215.759539][T12652] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  215.761970][T12652] Cannot create hsr debugfs directory
[  215.993939][T12652] netdevsim netdevsim2 netdevsim2 (unregistering): left allmulticast mode
[  216.171089][T12683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2145'.
[  216.174153][T12683] netlink: 'syz.1.2145': attribute type 25 has an invalid length.
[  216.255474][T12686] netlink: 'syz.4.2147': attribute type 27 has an invalid length.
[  216.260249][T12686] infiniband s
z1: set down
[  216.311526][  T834] »»»»»» speed is unknown, defaulting to 1000
[  216.329714][  T834] »»»»»» speed is unknown, defaulting to 1000
[  216.330457][T12686] infiniband s
z1: set active
[  216.333684][T12686] infiniband s
z1: set active
[  216.348039][T12686] 8021q: adding VLAN 0 to HW filter on device team0
[  216.352408][T12686] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  216.357024][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  216.359234][  T832] »»»»»» speed is unknown, defaulting to 1000
[  216.361079][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  216.362011][ T6895] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  216.491808][ T6895] usb 10-1: device descriptor read/64, error -71
[  216.528143][T12690] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12690 comm=syz.4.2148
[  216.532570][T12690] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2148'.
[  216.732163][ T6895] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  216.871760][ T6895] usb 10-1: device descriptor read/64, error -71
[  216.931859][ T5935] Bluetooth: hci2: command tx timeout
[  216.992175][ T6895] usb usb10-port1: attempt power cycle
[  217.351735][ T6895] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  217.385099][ T6895] usb 10-1: device descriptor read/8, error -71
[  217.534065][T12699] FAULT_INJECTION: forcing a failure.
[  217.534065][T12699] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  217.537892][T12699] CPU: 0 UID: 0 PID: 12699 Comm: syz.4.2152 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  217.541022][T12699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.544115][T12699] Call Trace:
[  217.545082][T12699]  <TASK>
[  217.545986][T12699]  dump_stack_lvl+0x16c/0x1f0
[  217.547369][T12699]  should_fail_ex+0x497/0x5b0
[  217.548737][T12699]  ? fs_reclaim_acquire+0xae/0x150
[  217.550199][T12699]  should_fail_alloc_page+0xe7/0x130
[  217.551728][T12699]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  217.553518][T12699]  ? __memcg_kmem_charge_page+0x1b0/0x2b0
[  217.555212][T12699]  __alloc_pages_noprof+0x190/0x25b0
[  217.556773][T12699]  ? kasan_save_stack+0x33/0x60
[  217.558181][T12699]  ? __kmalloc_node_noprof+0x21f/0x510
[  217.559752][T12699]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  217.561314][T12699]  ? __kvm_mmu_topup_memory_cache+0x451/0x600
[  217.563056][T12699]  ? mmu_topup_memory_caches+0x59/0xd0
[  217.564633][T12699]  ? kvm_mmu_load+0xda/0x21f0
[  217.566003][T12699]  ? vcpu_run+0x33a4/0x4f50
[  217.567317][T12699]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  217.568952][T12699]  ? kvm_vcpu_ioctl+0x6ce/0x1520
[  217.570376][T12699]  ? __x64_sys_ioctl+0x190/0x200
[  217.571818][T12699]  ? do_syscall_64+0xcd/0x250
[  217.573276][T12699]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.575043][T12699]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  217.576702][T12699]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  217.578410][T12699]  ? policy_nodemask+0xea/0x4e0
[  217.579836][T12699]  alloc_pages_mpol_noprof+0x2c8/0x620
[  217.581418][T12699]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  217.583161][T12699]  ? __kmalloc_node_noprof+0x23d/0x510
[  217.584727][T12699]  ? rcu_is_watching+0x12/0xc0
[  217.586129][T12699]  ? __pfx_mark_lock+0x10/0x10
[  217.587509][T12699]  get_free_pages_noprof+0xc/0x40
[  217.588968][T12699]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  217.590662][T12699]  mmu_topup_memory_caches+0x59/0xd0
[  217.592207][T12699]  kvm_mmu_load+0xda/0x21f0
[  217.593534][T12699]  ? mark_held_locks+0x9f/0xe0
[  217.594929][T12699]  ? kvm_apic_has_interrupt+0xb6/0x190
[  217.596523][T12699]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  217.598242][T12699]  ? kvm_guest_time_update+0x780/0xeb0
[  217.599837][T12699]  ? clear_pending_if_disabled+0xa9/0x210
[  217.601636][T12699]  ? __pfx_kvm_mmu_load+0x10/0x10
[  217.603094][T12699]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  217.604808][T12699]  ? kvm_check_and_inject_events+0x725/0x12e0
[  217.606570][T12699]  ? kvm_setup_guest_pvclock+0x721/0x730
[  217.608192][T12699]  vcpu_run+0x33a4/0x4f50
[  217.609468][T12699]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  217.611087][T12699]  ? __pfx_vcpu_run+0x10/0x10
[  217.612598][T12699]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  217.614432][T12699]  ? rcu_is_watching+0x12/0xc0
[  217.615885][T12699]  ? trace_lock_acquire+0x14e/0x1f0
[  217.617533][T12699]  ? __local_bh_enable_ip+0xa4/0x120
[  217.619239][T12699]  ? lockdep_hardirqs_on+0x7c/0x110
[  217.620892][T12699]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  217.622569][T12699]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  217.624211][T12699]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  217.625868][T12699]  kvm_vcpu_ioctl+0x6ce/0x1520
[  217.627259][T12699]  ? do_vfs_ioctl+0x513/0x1990
[  217.628663][T12699]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  217.630174][T12699]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  217.632044][T12699]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  217.632139][ T6895] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  217.634003][T12699]  ? __pfx_lock_release+0x10/0x10
[  217.638356][T12699]  ? selinux_file_ioctl+0x180/0x270
[  217.639873][T12699]  ? selinux_file_ioctl+0xb4/0x270
[  217.641354][T12699]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  217.642865][T12699]  __x64_sys_ioctl+0x190/0x200
[  217.644263][T12699]  do_syscall_64+0xcd/0x250
[  217.645883][T12699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.647591][T12699] RIP: 0033:0x7f7038185d29
[  217.648886][T12699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.654368][T12699] RSP: 002b:00007f7038f3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  217.656786][T12699] RAX: ffffffffffffffda RBX: 00007f7038375fa0 RCX: 00007f7038185d29
[  217.659047][T12699] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  217.661354][T12699] RBP: 00007f7038f3b090 R08: 0000000000000000 R09: 0000000000000000
[  217.663635][T12699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  217.665897][T12699] R13: 0000000000000000 R14: 00007f7038375fa0 R15: 00007ffe8c3e62d8
[  217.668126][T12699]  </TASK>
[  217.681175][ T6895] usb 10-1: device descriptor read/8, error -71
[  217.791973][ T6895] usb usb10-port1: unable to enumerate USB device
[  217.993099][T12707] netlink: 'syz.4.2155': attribute type 27 has an invalid length.
[  218.000554][T12707] infiniband s
z1: set down
[  218.068632][T12709] infiniband s
z1: set active
[  218.070376][T12709] infiniband s
z1: set active
[  218.085632][T12709] 8021q: adding VLAN 0 to HW filter on device team0
[  218.090584][T12709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  218.096251][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  218.098223][   T30] »»»»»» speed is unknown, defaulting to 1000
[  218.100330][ T5970] »»»»»» speed is unknown, defaulting to 1000
[  218.104097][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  218.301980][T12712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2156'.
[  218.305594][T12712] netlink: 'syz.4.2156': attribute type 25 has an invalid length.
[  218.720246][T12717] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12717 comm=syz.1.2158
[  218.724433][T12717] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2158'.
[  218.819775][T12652] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  218.835050][T12652] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  218.844030][T12652] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  218.855690][T12652] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  219.000191][T12652] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.020711][T12652] 8021q: adding VLAN 0 to HW filter on device team0
[  219.022184][ T5935] Bluetooth: hci2: command tx timeout
[  219.030379][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.033053][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.047513][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.050069][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.081751][   T39] kauditd_printk_skb: 316 callbacks suppressed
[  219.081762][   T39] audit: type=1400 audit(1737054297.471:4552): avc:  denied  { read write } for  pid=6647 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.090458][   T39] audit: type=1400 audit(1737054297.481:4553): avc:  denied  { read write open } for  pid=6647 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.100547][   T39] audit: type=1400 audit(1737054297.481:4554): avc:  denied  { ioctl } for  pid=6647 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.161164][   T39] audit: type=1400 audit(1737054297.551:4555): avc:  denied  { create } for  pid=12718 comm="syz.4.2159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  219.167041][   T39] audit: type=1400 audit(1737054297.551:4556): avc:  denied  { read write } for  pid=8279 comm="syz-executor" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.173878][   T39] audit: type=1400 audit(1737054297.551:4557): avc:  denied  { read write open } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.180789][   T39] audit: type=1400 audit(1737054297.551:4558): avc:  denied  { ioctl } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  219.187994][   T39] audit: type=1400 audit(1737054297.561:4559): avc:  denied  { setopt } for  pid=12718 comm="syz.4.2159" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  219.193728][   T39] audit: type=1400 audit(1737054297.561:4560): avc:  denied  { setopt } for  pid=12718 comm="syz.4.2159" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  219.199680][   T39] audit: type=1400 audit(1737054297.561:4561): avc:  denied  { bind } for  pid=12718 comm="syz.4.2159" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  219.504008][T12733] netlink: 'syz.4.2163': attribute type 27 has an invalid length.
[  219.516248][T12733] infiniband s
z1: set down
[  219.575355][  T834] »»»»»» speed is unknown, defaulting to 1000
[  219.576144][T12734] infiniband s
z1: set active
[  219.579242][T12734] infiniband s
z1: set active
[  219.602761][T12734] 8021q: adding VLAN 0 to HW filter on device team0
[  219.607492][T12734] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  219.613800][  T834] »»»»»» speed is unknown, defaulting to 1000
[  219.634123][   T56] »»»»»» speed is unknown, defaulting to 1000
[  219.636691][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  220.195913][T12652] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.257680][T12652] veth0_vlan: entered promiscuous mode
[  220.273845][T12652] veth1_vlan: entered promiscuous mode
[  220.315574][T12652] veth0_macvtap: entered promiscuous mode
[  220.323906][T12652] veth1_macvtap: entered promiscuous mode
[  220.341818][ T2203] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[  220.344665][T12652] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.349961][T12756] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12756 comm=syz.5.2171
[  220.354792][T12756] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2171'.
[  220.357694][T12652] batman_adv: batadv0: Interface activated: batadv_slave_1
[  220.367395][T12652] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.370712][T12652] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.373851][T12652] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.376658][T12652] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.455281][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.463761][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.481708][ T2203] usb 9-1: device descriptor read/64, error -71
[  220.488565][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.491511][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.674880][T12758] FAULT_INJECTION: forcing a failure.
[  220.674880][T12758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.679049][T12758] CPU: 3 UID: 0 PID: 12758 Comm: syz.2.2136 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  220.682577][T12758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.686138][T12758] Call Trace:
[  220.687230][T12758]  <TASK>
[  220.688151][T12758]  dump_stack_lvl+0x16c/0x1f0
[  220.689799][T12758]  should_fail_ex+0x497/0x5b0
[  220.691746][T12758]  _copy_from_user+0x2e/0xd0
[  220.693607][T12758]  copy_msghdr_from_user+0x99/0x160
[  220.695538][T12758]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  220.697879][T12758]  ___sys_sendmsg+0xff/0x1e0
[  220.699775][T12758]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.701443][T12758]  ? __pfx_lock_release+0x10/0x10
[  220.702943][T12758]  ? trace_lock_acquire+0x14e/0x1f0
[  220.704492][T12758]  ? __fget_files+0x206/0x3a0
[  220.705851][T12758]  __sys_sendmsg+0x16e/0x220
[  220.707280][T12758]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.708878][T12758]  do_syscall_64+0xcd/0x250
[  220.710329][T12758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.712267][T12758] RIP: 0033:0x7fe3ce985d29
[  220.714028][T12758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.721710][T12758] RSP: 002b:00007fe3cf712038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.724692][T12758] RAX: ffffffffffffffda RBX: 00007fe3ceb75fa0 RCX: 00007fe3ce985d29
[  220.727159][T12758] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000004
[  220.729578][T12758] RBP: 00007fe3cf712090 R08: 0000000000000000 R09: 0000000000000000
[  220.731778][ T2203] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[  220.732110][T12758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.732123][T12758] R13: 0000000000000000 R14: 00007fe3ceb75fa0 R15: 00007ffda75c2a28
[  220.732148][T12758]  </TASK>
[  220.867668][T12760] netlink: 'syz.2.2172': attribute type 27 has an invalid length.
[  220.882161][ T2203] usb 9-1: device descriptor read/64, error -71
[  220.901629][T12760] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.904077][T12760] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.973848][T12760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  220.985090][T12760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.991867][ T2203] usb usb9-port1: attempt power cycle
[  221.030500][T12760] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.034704][T12760] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.037585][T12760] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.040440][T12760] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.085851][T12761] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.089153][T12761] 8021q: adding VLAN 0 to HW filter on device team0
[  221.096493][T12761] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  221.101779][ T5935] Bluetooth: hci2: command tx timeout
[  221.338040][T12771] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2174'.
[  221.341546][T12771] netlink: 'syz.2.2174': attribute type 25 has an invalid length.
[  221.351720][ T2203] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[  221.365329][T12771] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  221.368190][T12771] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  221.370912][T12771] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  221.373661][T12771] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  221.384753][ T2203] usb 9-1: device descriptor read/8, error -71
[  221.631824][ T2203] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[  221.655563][ T2203] usb 9-1: device descriptor read/8, error -71
[  221.765691][ T2203] usb usb9-port1: unable to enumerate USB device
[  222.219893][T12788] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2183'.
[  222.275358][T12789] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12789 comm=syz.2.2182
[  222.279559][T12789] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2182'.
[  222.320418][T12792] netlink: 'syz.1.2184': attribute type 27 has an invalid length.
[  222.379344][T12792] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.381852][T12792] 8021q: adding VLAN 0 to HW filter on device team0
[  222.386449][T12792] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  222.979175][T12806] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2190'.
[  222.982178][T12806] netlink: 'syz.5.2190': attribute type 25 has an invalid length.
[  223.181956][ T5935] Bluetooth: hci2: command tx timeout
[  223.414715][T12814] netlink: 'syz.4.2193': attribute type 27 has an invalid length.
[  223.425862][T12814] infiniband s
z1: set down
[  223.510463][T12480] »»»»»» speed is unknown, defaulting to 1000
[  223.518252][T12480] »»»»»» speed is unknown, defaulting to 1000
[  223.540283][T12814] infiniband s
z1: set active
[  223.542597][T12814] infiniband s
z1: set active
[  223.567019][T12814] 8021q: adding VLAN 0 to HW filter on device team0
[  223.579666][T12814] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  223.589717][T12480] »»»»»» speed is unknown, defaulting to 1000
[  223.592047][T12480] »»»»»» speed is unknown, defaulting to 1000
[  223.593811][    T9] »»»»»» speed is unknown, defaulting to 1000
[  223.923889][T12832] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12832 comm=syz.5.2199
[  223.928094][T12832] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2199'.
[  224.128436][   T39] kauditd_printk_skb: 487 callbacks suppressed
[  224.128447][   T39] audit: type=1400 audit(1737054302.521:5049): avc:  denied  { create } for  pid=12839 comm="syz.1.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  224.147536][   T39] audit: type=1400 audit(1737054302.521:5050): avc:  denied  { write } for  pid=12839 comm="syz.1.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  224.164602][   T39] audit: type=1400 audit(1737054302.561:5051): avc:  denied  { read write } for  pid=5939 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.186085][   T39] audit: type=1400 audit(1737054302.561:5052): avc:  denied  { read write open } for  pid=5939 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.194800][   T39] audit: type=1400 audit(1737054302.561:5053): avc:  denied  { ioctl } for  pid=5939 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.228010][   T39] audit: type=1400 audit(1737054302.621:5054): avc:  denied  { read write } for  pid=5939 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.236231][   T39] audit: type=1400 audit(1737054302.621:5055): avc:  denied  { read write open } for  pid=5939 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.245405][   T39] audit: type=1400 audit(1737054302.621:5056): avc:  denied  { ioctl } for  pid=5939 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  224.278077][   T39] audit: type=1400 audit(1737054302.671:5057): avc:  denied  { read } for  pid=12843 comm="syz.1.2204" name="cec0" dev="devtmpfs" ino=973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  224.286037][   T39] audit: type=1400 audit(1737054302.671:5058): avc:  denied  { read open } for  pid=12843 comm="syz.1.2204" path="/dev/cec0" dev="devtmpfs" ino=973 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  224.483555][T12847] xt_hashlimit: max too large, truncated to 1048576
[  224.610582][T12849] netlink: 'syz.4.2206': attribute type 27 has an invalid length.
[  224.619899][T12849] infiniband s
z1: set down
[  224.677774][ T6895] »»»»»» speed is unknown, defaulting to 1000
[  224.678285][T12850] infiniband s
z1: set active
[  224.681349][T12850] infiniband s
z1: set active
[  224.696119][T12850] 8021q: adding VLAN 0 to HW filter on device team0
[  224.699703][T12850] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  224.705239][ T6895] »»»»»» speed is unknown, defaulting to 1000
[  224.707430][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  224.709357][ T5970] »»»»»» speed is unknown, defaulting to 1000
[  224.974452][T12861] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2209'.
[  224.977514][T12861] netlink: 'syz.5.2209': attribute type 25 has an invalid length.
[  225.608874][T12872] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12872 comm=syz.1.2215
[  225.614761][T12872] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2215'.
[  225.807859][T12875] tipc: Can't bind to reserved service type 0
[  225.836607][T12875] Bluetooth: (null): Invalid header checksum
[  225.899040][T12877] netlink: 'syz.4.2217': attribute type 27 has an invalid length.
[  225.907070][T12877] infiniband s
z1: set down
[  225.962021][  T834] »»»»»» speed is unknown, defaulting to 1000
[  225.963928][  T834] »»»»»» speed is unknown, defaulting to 1000
[  225.983251][T12877] infiniband s
z1: set active
[  225.984768][T12877] infiniband s
z1: set active
[  225.995220][T12877] 8021q: adding VLAN 0 to HW filter on device team0
[  225.998812][T12877] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  226.003901][  T832] »»»»»» speed is unknown, defaulting to 1000
[  226.006659][    T9] »»»»»» speed is unknown, defaulting to 1000
[  226.009247][    T9] »»»»»» speed is unknown, defaulting to 1000
[  226.372758][T12889] raw_sendmsg: syz.4.2222 forgot to set AF_INET. Fix it!
[  226.846675][   T66] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  226.852108][ T5938] Bluetooth: hci1: command 0x0406 tx timeout
[  226.854095][ T5938] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  226.857367][ T5938] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  226.861536][ T5938] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  226.865583][ T5938] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  226.868589][ T5938] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  227.056431][T12898] lo speed is unknown, defaulting to 1000
[  227.058452][T12904] netlink: 'syz.5.2227': attribute type 27 has an invalid length.
[  227.059007][T12898] »»»»»» speed is unknown, defaulting to 1000
[  227.188579][T12904] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.190972][T12904] 8021q: adding VLAN 0 to HW filter on device team0
[  227.208857][T12904] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  227.500494][T12898] chnl_net:caif_netlink_parms(): no params data found
[  227.600273][T12919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12919 comm=syz.2.2231
[  227.604686][T12919] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2231'.
[  227.663336][T12898] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.665420][T12898] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.667484][T12898] bridge_slave_0: entered allmulticast mode
[  227.673455][T12898] bridge_slave_0: entered promiscuous mode
[  227.689624][T12898] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.696246][T12898] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.698287][T12898] bridge_slave_1: entered allmulticast mode
[  227.700448][T12898] bridge_slave_1: entered promiscuous mode
[  227.738192][T12898] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.754766][T12898] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.812695][T12898] team0: Port device team_slave_0 added
[  227.818599][T12898] team0: Port device team_slave_1 added
[  227.855039][T12898] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.857053][T12898] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.866493][T12898] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.875451][T12898] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.877995][T12898] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.889300][T12898] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.930254][T12932] FAULT_INJECTION: forcing a failure.
[  227.930254][T12932] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  227.935648][T12932] CPU: 3 UID: 0 PID: 12932 Comm: syz.5.2235 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  227.939851][T12932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  227.944191][T12932] Call Trace:
[  227.945556][T12932]  <TASK>
[  227.946776][T12932]  dump_stack_lvl+0x16c/0x1f0
[  227.948733][T12932]  should_fail_ex+0x497/0x5b0
[  227.950635][T12932]  ? fs_reclaim_acquire+0xae/0x150
[  227.952775][T12932]  should_fail_alloc_page+0xe7/0x130
[  227.954964][T12932]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  227.957493][T12932]  ? __memcg_kmem_charge_page+0x1b0/0x2b0
[  227.959791][T12932]  __alloc_pages_noprof+0x190/0x25b0
[  227.961868][T12932]  ? kasan_save_stack+0x33/0x60
[  227.963864][T12932]  ? __kmalloc_node_noprof+0x21f/0x510
[  227.966062][T12932]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  227.968255][T12932]  ? __kvm_mmu_topup_memory_cache+0x451/0x600
[  227.970732][T12932]  ? mmu_topup_memory_caches+0x59/0xd0
[  227.972912][T12932]  ? kvm_mmu_load+0xda/0x21f0
[  227.974806][T12932]  ? vcpu_run+0x33a4/0x4f50
[  227.976672][T12932]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  227.979034][T12932]  ? kvm_vcpu_ioctl+0x6ce/0x1520
[  227.981085][T12932]  ? __x64_sys_ioctl+0x190/0x200
[  227.983096][T12932]  ? do_syscall_64+0xcd/0x250
[  227.985049][T12932]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.987583][T12932]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  227.989903][T12932]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  227.992334][T12932]  ? policy_nodemask+0xea/0x4e0
[  227.994335][T12932]  alloc_pages_mpol_noprof+0x2c8/0x620
[  227.996597][T12932]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  227.999020][T12932]  ? __kmalloc_node_noprof+0x23d/0x510
[  228.001188][T12932]  ? rcu_is_watching+0x12/0xc0
[  228.002009][ T6895] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  228.003084][T12932]  ? __pfx_mark_lock+0x10/0x10
[  228.007763][T12932]  get_free_pages_noprof+0xc/0x40
[  228.009773][T12932]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  228.012121][T12932]  mmu_topup_memory_caches+0x59/0xd0
[  228.014223][T12932]  kvm_mmu_load+0xda/0x21f0
[  228.016124][T12932]  ? mark_held_locks+0x9f/0xe0
[  228.018065][T12932]  ? kvm_apic_has_interrupt+0xb6/0x190
[  228.020142][T12932]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  228.021897][T12932]  ? kvm_guest_time_update+0x780/0xeb0
[  228.023512][T12932]  ? clear_pending_if_disabled+0xa9/0x210
[  228.025178][T12932]  ? __pfx_kvm_mmu_load+0x10/0x10
[  228.026660][T12932]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  228.028349][T12932]  ? kvm_check_and_inject_events+0x725/0x12e0
[  228.030098][T12932]  ? kvm_setup_guest_pvclock+0x721/0x730
[  228.031726][T12932]  vcpu_run+0x33a4/0x4f50
[  228.032985][T12932]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  228.034531][T12932]  ? __pfx_vcpu_run+0x10/0x10
[  228.035916][T12932]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  228.037463][T12932]  ? rcu_is_watching+0x12/0xc0
[  228.038877][T12932]  ? trace_lock_acquire+0x14e/0x1f0
[  228.040333][T12932]  ? __local_bh_enable_ip+0xa4/0x120
[  228.041852][T12932]  ? lockdep_hardirqs_on+0x7c/0x110
[  228.043317][T12932]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  228.044941][T12932]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  228.046609][T12932]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  228.048198][T12932]  kvm_vcpu_ioctl+0x6ce/0x1520
[  228.049519][T12932]  ? do_vfs_ioctl+0x513/0x1990
[  228.050911][T12932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  228.052356][T12932]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  228.054218][T12932]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  228.056284][T12932]  ? __pfx_lock_release+0x10/0x10
[  228.058000][T12932]  ? selinux_file_ioctl+0x180/0x270
[  228.060078][T12932]  ? selinux_file_ioctl+0xb4/0x270
[  228.061657][T12932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  228.063107][T12932]  __x64_sys_ioctl+0x190/0x200
[  228.064531][T12932]  do_syscall_64+0xcd/0x250
[  228.065954][T12932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.068062][T12932] RIP: 0033:0x7fe80f385d29
[  228.069703][T12932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.076330][T12932] RSP: 002b:00007fe810167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  228.078658][T12932] RAX: ffffffffffffffda RBX: 00007fe80f575fa0 RCX: 00007fe80f385d29
[  228.080874][T12932] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  228.083115][T12932] RBP: 00007fe810167090 R08: 0000000000000000 R09: 0000000000000000
[  228.085349][T12932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  228.087630][T12932] R13: 0000000000000000 R14: 00007fe80f575fa0 R15: 00007ffc53d31398
[  228.089997][T12932]  </TASK>
[  228.102869][T12898] hsr_slave_0: entered promiscuous mode
[  228.106135][T12898] hsr_slave_1: entered promiscuous mode
[  228.109962][T12898] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  228.113360][T12898] Cannot create hsr debugfs directory
[  228.132041][ T6895] usb 9-1: device descriptor read/64, error -71
[  228.291190][T12935] netlink: 'syz.5.2236': attribute type 27 has an invalid length.
[  228.350784][T12935] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.353650][T12935] 8021q: adding VLAN 0 to HW filter on device team0
[  228.356966][T12935] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  228.382417][ T6895] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  228.513110][ T6895] usb 9-1: device descriptor read/64, error -71
[  228.621916][ T6895] usb usb9-port1: attempt power cycle
[  228.622232][T12898] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  228.631408][T12898] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  228.641225][T12898] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  228.651279][T12898] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  228.800627][T12898] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.830551][T12898] 8021q: adding VLAN 0 to HW filter on device team0
[  228.843601][ T1189] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.845729][ T1189] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.856325][ T1189] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.858378][ T1189] bridge0: port 2(bridge_slave_1) entered forwarding state
[  228.942297][ T5935] Bluetooth: hci3: command tx timeout
[  228.982130][ T6895] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  229.005735][ T6895] usb 9-1: device descriptor read/8, error -71
[  229.088640][T12952] FAULT_INJECTION: forcing a failure.
[  229.088640][T12952] name failslab, interval 1, probability 0, space 0, times 0
[  229.092315][T12952] CPU: 0 UID: 0 PID: 12952 Comm: syz.5.2242 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  229.095381][T12952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  229.098486][T12952] Call Trace:
[  229.099466][T12952]  <TASK>
[  229.100329][T12952]  dump_stack_lvl+0x16c/0x1f0
[  229.101723][T12952]  should_fail_ex+0x497/0x5b0
[  229.103077][T12952]  ? fs_reclaim_acquire+0xae/0x150
[  229.104536][T12952]  should_failslab+0xc2/0x120
[  229.105921][T12952]  __kmalloc_noprof+0xcb/0x510
[  229.107304][T12952]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  229.108955][T12952]  tomoyo_realpath_from_path+0xb9/0x720
[  229.110560][T12952]  ? tomoyo_path_number_perm+0x235/0x590
[  229.112183][T12952]  ? tomoyo_path_number_perm+0x235/0x590
[  229.113802][T12952]  tomoyo_path_number_perm+0x248/0x590
[  229.115389][T12952]  ? tomoyo_path_number_perm+0x235/0x590
[  229.117013][T12952]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  229.118734][T12952]  ? __pfx_lock_release+0x10/0x10
[  229.120192][T12952]  ? trace_lock_acquire+0x14e/0x1f0
[  229.121689][T12952]  ? lock_acquire+0x2f/0xb0
[  229.123006][T12952]  ? __fget_files+0x40/0x3a0
[  229.124344][T12952]  ? __fget_files+0x206/0x3a0
[  229.125722][T12952]  security_file_ioctl+0x9b/0x240
[  229.127219][T12952]  __x64_sys_ioctl+0xb7/0x200
[  229.128597][T12952]  do_syscall_64+0xcd/0x250
[  229.129927][T12952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.131630][T12952] RIP: 0033:0x7fe80f385d29
[  229.132936][T12952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.133314][   T39] kauditd_printk_skb: 480 callbacks suppressed
[  229.133329][   T39] audit: type=1400 audit(1737054307.531:5539): avc:  denied  { ioctl } for  pid=12924 comm="syz.4.2233" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.138408][T12952] RSP: 002b:00007fe810167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  229.151138][T12952] RAX: ffffffffffffffda RBX: 00007fe80f575fa0 RCX: 00007fe80f385d29
[  229.153423][T12952] RDX: 0000000020000100 RSI: 00000000800452d3 RDI: 000000000000000b
[  229.155703][T12952] RBP: 00007fe810167090 R08: 0000000000000000 R09: 0000000000000000
[  229.158172][T12952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.160462][T12952] R13: 0000000000000000 R14: 00007fe80f575fa0 R15: 00007ffc53d31398
[  229.162731][T12952]  </TASK>
[  229.166150][T12952] ERROR: Out of memory at tomoyo_realpath_from_path.
[  229.171003][   T39] audit: type=1400 audit(1737054307.561:5540): avc:  denied  { ioctl } for  pid=12951 comm="syz.5.2242" path="socket:[45875]" dev="sockfs" ino=45875 ioctlcmd=0x52d3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  229.194172][   T39] audit: type=1400 audit(1737054307.591:5541): avc:  denied  { ioctl } for  pid=12924 comm="syz.4.2233" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.261858][ T6895] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[  229.283629][   T39] audit: type=1400 audit(1737054307.681:5542): avc:  denied  { ioctl } for  pid=12924 comm="syz.4.2233" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.283650][ T6895] usb 9-1: device descriptor read/8, error -71
[  229.292591][   T39] audit: type=1400 audit(1737054307.691:5543): avc:  denied  { ioctl } for  pid=12924 comm="syz.4.2233" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  229.300052][   T39] audit: type=1400 audit(1737054307.691:5544): avc:  denied  { sys_module } for  pid=12898 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  229.306774][   T39] audit: type=1400 audit(1737054307.691:5545): avc:  denied  { module_request } for  pid=12898 comm="syz-executor" kmod="nicvf0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  229.343787][   T39] audit: type=1400 audit(1737054307.741:5546): avc:  denied  { read write } for  pid=8279 comm="syz-executor" name="loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  229.352246][   T39] audit: type=1400 audit(1737054307.741:5547): avc:  denied  { read write open } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  229.361534][   T39] audit: type=1400 audit(1737054307.741:5548): avc:  denied  { ioctl } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  229.406574][ T6895] usb usb9-port1: unable to enumerate USB device
[  229.590261][T12962] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=12962 comm=syz.5.2244
[  229.596016][T12962] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2244'.
[  229.744278][T12965] program syz.2.2245 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  230.033385][T12970] netlink: 'syz.2.2246': attribute type 27 has an invalid length.
[  230.113828][T12970] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.117152][T12970] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.119988][T12970] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.123137][T12970] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  230.141830][T12971] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.144463][T12971] 8021q: adding VLAN 0 to HW filter on device team0
[  230.149026][T12971] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  230.209344][T12898] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.291308][T12898] veth0_vlan: entered promiscuous mode
[  230.326299][T12898] veth1_vlan: entered promiscuous mode
[  230.423224][T12898] veth0_macvtap: entered promiscuous mode
[  230.433623][T12898] veth1_macvtap: entered promiscuous mode
[  230.436031][T12975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2248'.
[  230.475970][T12898] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.487598][T12898] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.498163][T12898] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.500786][T12898] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.503386][T12898] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.505820][T12898] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.564960][T12977] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  230.573065][T12977] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  230.621836][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.624178][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.629378][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.637391][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.802261][T12984] xt_hashlimit: max too large, truncated to 1048576
[  230.816735][T12984] Cannot find set identified by id 0 to match
[  230.981171][T12991] netlink: 'syz.5.2254': attribute type 27 has an invalid length.
[  231.017060][ T5935] Bluetooth: hci3: command tx timeout
[  231.051242][T12995] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2224'.
[  231.080012][T12991] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.082022][T12995] netlink: 'syz.1.2224': attribute type 25 has an invalid length.
[  231.106461][T12991] 8021q: adding VLAN 0 to HW filter on device team0
[  231.110344][T12991] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  231.120940][T12995] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  231.124517][T12995] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  231.128003][T12995] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  231.131417][T12995] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  231.331130][T13003] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13003 comm=syz.5.2257
[  231.336491][T13003] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2257'.
[  231.550864][T13009] lo speed is unknown, defaulting to 1000
[  231.553317][T13009] »»»»»» speed is unknown, defaulting to 1000
[  231.560464][T13010] qnx6: unable to set blocksize
[  231.573499][T13010] devtmpfs: Cannot retroactively limit inodes
[  231.611774][   T56] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  231.752092][   T56] usb 9-1: device descriptor read/64, error -71
[  232.008184][T13021] FAULT_INJECTION: forcing a failure.
[  232.008184][T13021] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  232.011804][   T56] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  232.013407][T13021] CPU: 2 UID: 0 PID: 13021 Comm: syz.1.2265 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  232.019965][T13021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  232.023968][T13021] Call Trace:
[  232.025241][T13021]  <TASK>
[  232.026390][T13021]  dump_stack_lvl+0x16c/0x1f0
[  232.028222][T13021]  should_fail_ex+0x497/0x5b0
[  232.030035][T13021]  _copy_from_user+0x2e/0xd0
[  232.031591][T13021]  copy_msghdr_from_user+0x99/0x160
[  232.033657][T13021]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  232.035526][T13021]  ___sys_sendmsg+0xff/0x1e0
[  232.036876][T13021]  ? __pfx____sys_sendmsg+0x10/0x10
[  232.038435][T13021]  ? __pfx_lock_release+0x10/0x10
[  232.039894][T13021]  ? trace_lock_acquire+0x14e/0x1f0
[  232.041385][T13021]  ? __fget_files+0x206/0x3a0
[  232.042798][T13021]  __sys_sendmsg+0x16e/0x220
[  232.044149][T13021]  ? __pfx___sys_sendmsg+0x10/0x10
[  232.045655][T13021]  do_syscall_64+0xcd/0x250
[  232.046968][T13021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.048227][T13023] netlink: 'syz.2.2266': attribute type 27 has an invalid length.
[  232.048689][T13021] RIP: 0033:0x7f26fb185d29
[  232.053087][T13021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.059039][T13021] RSP: 002b:00007f26fbfa3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  232.061459][T13021] RAX: ffffffffffffffda RBX: 00007f26fb375fa0 RCX: 00007f26fb185d29
[  232.063821][T13021] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000003
[  232.066080][T13021] RBP: 00007f26fbfa3090 R08: 0000000000000000 R09: 0000000000000000
[  232.068356][T13021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.070586][T13021] R13: 0000000000000000 R14: 00007f26fb375fa0 R15: 00007ffe5c7a2ca8
[  232.073407][T13021]  </TASK>
[  232.139396][T13023] 8021q: adding VLAN 0 to HW filter on device bond0
[  232.142706][T13023] 8021q: adding VLAN 0 to HW filter on device team0
[  232.145710][   T56] usb 9-1: device descriptor read/64, error -71
[  232.148156][T13023] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  232.252044][   T56] usb usb9-port1: attempt power cycle
[  232.601713][   T56] usb 9-1: new high-speed USB device number 38 using dummy_hcd
[  232.603713][T13043] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2272'.
[  232.606788][T13043] netlink: 'syz.1.2272': attribute type 25 has an invalid length.
[  232.624139][   T56] usb 9-1: device descriptor read/8, error -71
[  232.849440][T13049] mkiss: ax0: crc mode is auto.
[  232.861788][   T56] usb 9-1: new high-speed USB device number 39 using dummy_hcd
[  232.894281][   T56] usb 9-1: device descriptor read/8, error -71
[  233.003687][   T56] usb usb9-port1: unable to enumerate USB device
[  233.092025][ T5935] Bluetooth: hci3: command tx timeout
[  233.109990][T13053] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13053 comm=syz.2.2277
[  233.115396][T13053] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2277'.
[  233.172529][T13056] netlink: 'syz.5.2278': attribute type 27 has an invalid length.
[  233.265049][T13056] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.267557][T13056] 8021q: adding VLAN 0 to HW filter on device team0
[  233.274842][T13056] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  234.383603][   T39] kauditd_printk_skb: 582 callbacks suppressed
[  234.383617][   T39] audit: type=1400 audit(1737054312.781:6131): avc:  denied  { read write } for  pid=6647 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  234.395695][   T39] audit: type=1400 audit(1737054312.781:6132): avc:  denied  { read write open } for  pid=6647 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  234.406441][   T39] audit: type=1400 audit(1737054312.781:6133): avc:  denied  { ioctl } for  pid=6647 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  234.417575][   T39] audit: type=1400 audit(1737054312.791:6134): avc:  denied  { read } for  pid=5328 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  234.425235][   T39] audit: type=1400 audit(1737054312.791:6135): avc:  denied  { search } for  pid=5328 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  234.433711][   T39] audit: type=1400 audit(1737054312.811:6136): avc:  denied  { append } for  pid=5328 comm="syslogd" name="messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  234.442990][   T39] audit: type=1400 audit(1737054312.811:6137): avc:  denied  { append open } for  pid=5328 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  234.451746][   T39] audit: type=1400 audit(1737054312.811:6138): avc:  denied  { getattr } for  pid=5328 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  234.470261][   T39] audit: type=1400 audit(1737054312.861:6139): avc:  denied  { create } for  pid=13077 comm="syz.4.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  234.478865][   T39] audit: type=1400 audit(1737054312.871:6140): avc:  denied  { map_create } for  pid=13077 comm="syz.4.2287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  234.505656][T13078] infiniband s
z1: set active
[  234.522002][T13078] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  234.528205][T12480] »»»»»» speed is unknown, defaulting to 1000
[  234.638576][T13082] random: crng reseeded on system resumption
[  234.675933][T13083] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2288'.
[  234.678786][T13083] netlink: 'syz.5.2288': attribute type 25 has an invalid length.
[  234.992949][T13082] overlay: Unknown parameter 'measure'
[  235.171780][ T5935] Bluetooth: hci3: command tx timeout
[  235.578270][T13098] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13098 comm=syz.5.2294
[  235.582756][T13098] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2294'.
[  235.815258][T13103] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2296'.
[  235.991749][ T6895] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[  236.019549][T13108] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  236.143650][ T6895] usb 9-1: no configurations
[  236.145108][ T6895] usb 9-1: can't read configurations, error -22
[  236.243196][T13114] binder: 13113:13114 unknown command 0
[  236.244780][T13114] binder: 13113:13114 ioctl c0306201 200001c0 returned -22
[  236.265074][T13116] FAULT_INJECTION: forcing a failure.
[  236.265074][T13116] name failslab, interval 1, probability 0, space 0, times 0
[  236.268592][T13116] CPU: 0 UID: 0 PID: 13116 Comm: syz.1.2300 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  236.271686][T13116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  236.271782][ T6895] usb 9-1: new high-speed USB device number 41 using dummy_hcd
[  236.274734][T13116] Call Trace:
[  236.274742][T13116]  <TASK>
[  236.274747][T13116]  dump_stack_lvl+0x16c/0x1f0
[  236.274765][T13116]  should_fail_ex+0x497/0x5b0
[  236.274781][T13116]  ? fs_reclaim_acquire+0xae/0x150
[  236.283760][T13116]  should_failslab+0xc2/0x120
[  236.285309][T13116]  __kmalloc_noprof+0xcb/0x510
[  236.286699][T13116]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  236.288340][T13116]  tomoyo_realpath_from_path+0xb9/0x720
[  236.289934][T13116]  ? tomoyo_path_number_perm+0x235/0x590
[  236.291551][T13116]  ? tomoyo_path_number_perm+0x235/0x590
[  236.293178][T13116]  tomoyo_path_number_perm+0x248/0x590
[  236.294753][T13116]  ? tomoyo_path_number_perm+0x235/0x590
[  236.296386][T13116]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  236.298145][T13116]  ? __pfx_lock_release+0x10/0x10
[  236.299601][T13116]  ? trace_lock_acquire+0x14e/0x1f0
[  236.301120][T13116]  ? lock_acquire+0x2f/0xb0
[  236.302431][T13116]  ? __fget_files+0x40/0x3a0
[  236.303773][T13116]  ? __fget_files+0x206/0x3a0
[  236.305137][T13116]  security_file_ioctl+0x9b/0x240
[  236.306599][T13116]  __x64_sys_ioctl+0xb7/0x200
[  236.307956][T13116]  do_syscall_64+0xcd/0x250
[  236.309273][T13116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.310951][T13116] RIP: 0033:0x7f26fb185d29
[  236.312248][T13116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.317866][T13116] RSP: 002b:00007f26fbfa3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  236.320246][T13116] RAX: ffffffffffffffda RBX: 00007f26fb375fa0 RCX: 00007f26fb185d29
[  236.322480][T13116] RDX: 0000000020000280 RSI: 000000000000890b RDI: 0000000000000004
[  236.324744][T13116] RBP: 00007f26fbfa3090 R08: 0000000000000000 R09: 0000000000000000
[  236.327004][T13116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.329265][T13116] R13: 0000000000000000 R14: 00007f26fb375fa0 R15: 00007ffe5c7a2ca8
[  236.331542][T13116]  </TASK>
[  236.333131][T13116] ERROR: Out of memory at tomoyo_realpath_from_path.
[  236.424614][T13121] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2302'.
[  236.427343][T13121] netlink: 'syz.2.2302': attribute type 25 has an invalid length.
[  236.438870][ T6895] usb 9-1: no configurations
[  236.440232][ T6895] usb 9-1: can't read configurations, error -22
[  236.447259][ T6895] usb usb9-port1: attempt power cycle
[  236.621127][T13127] lo speed is unknown, defaulting to 1000
[  236.623898][T13127] »»»»»» speed is unknown, defaulting to 1000
[  236.781958][ T6895] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[  236.816895][ T6895] usb 9-1: no configurations
[  236.818298][ T6895] usb 9-1: can't read configurations, error -22
[  236.952067][ T6895] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[  236.975607][ T6895] usb 9-1: no configurations
[  236.977212][ T6895] usb 9-1: can't read configurations, error -22
[  236.982055][ T6895] usb usb9-port1: unable to enumerate USB device
[  237.343961][T13134] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  237.374498][T13133] FAULT_INJECTION: forcing a failure.
[  237.374498][T13133] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  237.382150][T13133] CPU: 3 UID: 0 PID: 13133 Comm: syz.2.2307 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  237.385221][T13133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.388250][T13133] Call Trace:
[  237.389331][T13133]  <TASK>
[  237.390185][T13133]  dump_stack_lvl+0x16c/0x1f0
[  237.391546][T13133]  should_fail_ex+0x497/0x5b0
[  237.393038][T13133]  ? fs_reclaim_acquire+0xae/0x150
[  237.394432][T13133]  should_fail_alloc_page+0xe7/0x130
[  237.395978][T13133]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  237.397769][T13133]  ? __memcg_kmem_charge_page+0x1b0/0x2b0
[  237.399516][T13133]  __alloc_pages_noprof+0x190/0x25b0
[  237.401174][T13133]  ? kasan_save_stack+0x33/0x60
[  237.402608][T13133]  ? __kmalloc_node_noprof+0x21f/0x510
[  237.404230][T13133]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  237.405815][T13133]  ? __kvm_mmu_topup_memory_cache+0x451/0x600
[  237.407692][T13133]  ? mmu_topup_memory_caches+0x59/0xd0
[  237.409522][T13133]  ? kvm_mmu_load+0xda/0x21f0
[  237.411310][T13133]  ? vcpu_run+0x33a4/0x4f50
[  237.413145][T13133]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  237.415390][T13133]  ? kvm_vcpu_ioctl+0x6ce/0x1520
[  237.417215][T13133]  ? __x64_sys_ioctl+0x190/0x200
[  237.419065][T13133]  ? do_syscall_64+0xcd/0x250
[  237.421034][T13133]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.423573][T13133]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  237.425967][T13133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  237.428420][T13133]  ? policy_nodemask+0xea/0x4e0
[  237.430442][T13133]  alloc_pages_mpol_noprof+0x2c8/0x620
[  237.432723][T13133]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  237.435183][T13133]  ? __kmalloc_node_noprof+0x23d/0x510
[  237.437306][T13133]  ? rcu_is_watching+0x12/0xc0
[  237.438758][T13133]  ? __pfx_mark_lock+0x10/0x10
[  237.440186][T13133]  get_free_pages_noprof+0xc/0x40
[  237.441683][T13133]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  237.443414][T13133]  mmu_topup_memory_caches+0x59/0xd0
[  237.445012][T13133]  kvm_mmu_load+0xda/0x21f0
[  237.446354][T13133]  ? mark_held_locks+0x9f/0xe0
[  237.447756][T13133]  ? kvm_apic_has_interrupt+0xb6/0x190
[  237.449567][T13133]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  237.451419][T13133]  ? kvm_guest_time_update+0x780/0xeb0
[  237.453030][T13133]  ? clear_pending_if_disabled+0xa9/0x210
[  237.454733][T13133]  ? __pfx_kvm_mmu_load+0x10/0x10
[  237.456264][T13133]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  237.457993][T13133]  ? kvm_check_and_inject_events+0x725/0x12e0
[  237.459943][T13133]  ? kvm_setup_guest_pvclock+0x721/0x730
[  237.461759][T13133]  vcpu_run+0x33a4/0x4f50
[  237.463122][T13133]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  237.464933][T13133]  ? __pfx_vcpu_run+0x10/0x10
[  237.466836][T13133]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  237.469092][T13133]  ? rcu_is_watching+0x12/0xc0
[  237.471037][T13133]  ? trace_lock_acquire+0x14e/0x1f0
[  237.472832][T13133]  ? __local_bh_enable_ip+0xa4/0x120
[  237.474488][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  237.476169][T13133]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  237.478319][T13133]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  237.480131][T13133]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  237.481793][T13133]  kvm_vcpu_ioctl+0x6ce/0x1520
[  237.483191][T13133]  ? do_vfs_ioctl+0x513/0x1990
[  237.484619][T13133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  237.486161][T13133]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  237.488159][T13133]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  237.490863][T13133]  ? __pfx_lock_release+0x10/0x10
[  237.492959][T13133]  ? selinux_file_ioctl+0x180/0x270
[  237.495008][T13133]  ? selinux_file_ioctl+0xb4/0x270
[  237.497118][T13133]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  237.499266][T13133]  __x64_sys_ioctl+0x190/0x200
[  237.501259][T13133]  do_syscall_64+0xcd/0x250
[  237.503144][T13133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.505488][T13133] RIP: 0033:0x7fe3ce985d29
[  237.507298][T13133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.514201][T13133] RSP: 002b:00007fe3cf712038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  237.517538][T13133] RAX: ffffffffffffffda RBX: 00007fe3ceb75fa0 RCX: 00007fe3ce985d29
[  237.520749][T13133] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  237.524000][T13133] RBP: 00007fe3cf712090 R08: 0000000000000000 R09: 0000000000000000
[  237.527198][T13133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  237.530399][T13133] R13: 0000000000000000 R14: 00007fe3ceb75fa0 R15: 00007ffda75c2a28
[  237.533671][T13133]  </TASK>
[  237.699200][T13144] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2311'.
[  237.707975][T13145] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2311'.
[  237.866323][T13153] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13153 comm=syz.2.2313
[  237.871088][T13153] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2313'.
[  237.880138][T13151] FAULT_INJECTION: forcing a failure.
[  237.880138][T13151] name failslab, interval 1, probability 0, space 0, times 0
[  237.884294][T13151] CPU: 2 UID: 0 PID: 13151 Comm: syz.1.2314 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  237.887412][T13151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  237.890472][T13151] Call Trace:
[  237.891453][T13151]  <TASK>
[  237.892343][T13151]  dump_stack_lvl+0x16c/0x1f0
[  237.893752][T13151]  should_fail_ex+0x497/0x5b0
[  237.895129][T13151]  ? fs_reclaim_acquire+0xae/0x150
[  237.896611][T13151]  should_failslab+0xc2/0x120
[  237.898023][T13151]  __kmalloc_noprof+0xcb/0x510
[  237.899893][T13151]  ? rcu_is_watching+0x12/0xc0
[  237.901788][T13151]  tomoyo_encode2+0x100/0x3e0
[  237.903619][T13151]  tomoyo_encode+0x29/0x50
[  237.905437][T13151]  tomoyo_realpath_from_path+0x19d/0x720
[  237.907610][T13151]  ? tomoyo_path_number_perm+0x235/0x590
[  237.909783][T13151]  tomoyo_path_number_perm+0x248/0x590
[  237.911889][T13151]  ? tomoyo_path_number_perm+0x235/0x590
[  237.914036][T13151]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  237.916391][T13151]  ? __pfx_lock_release+0x10/0x10
[  237.918347][T13151]  ? trace_lock_acquire+0x14e/0x1f0
[  237.920363][T13151]  ? lock_acquire+0x2f/0xb0
[  237.922138][T13151]  ? __fget_files+0x40/0x3a0
[  237.923937][T13151]  ? __fget_files+0x206/0x3a0
[  237.925793][T13151]  security_file_ioctl+0x9b/0x240
[  237.927735][T13151]  __x64_sys_ioctl+0xb7/0x200
[  237.929599][T13151]  do_syscall_64+0xcd/0x250
[  237.931365][T13151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.933637][T13151] RIP: 0033:0x7f26fb185d29
[  237.935395][T13151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.942686][T13151] RSP: 002b:00007f26fbfa3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  237.945870][T13151] RAX: ffffffffffffffda RBX: 00007f26fb375fa0 RCX: 00007f26fb185d29
[  237.948928][T13151] RDX: 0000000020000100 RSI: 00000000800452d3 RDI: 000000000000000b
[  237.952015][T13151] RBP: 00007f26fbfa3090 R08: 0000000000000000 R09: 0000000000000000
[  237.955084][T13151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  237.958107][T13151] R13: 0000000000000000 R14: 00007f26fb375fa0 R15: 00007ffe5c7a2ca8
[  237.961147][T13151]  </TASK>
[  237.963037][T13151] ERROR: Out of memory at tomoyo_realpath_from_path.
[  238.163892][T13158] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2315'.
[  238.166594][T13158] netlink: 'syz.5.2315': attribute type 25 has an invalid length.
[  238.240246][T13160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2316'.
[  238.243240][T13160] netlink: 'syz.1.2316': attribute type 30 has an invalid length.
[  238.245551][T13160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2316'.
[  239.046683][T13170] infiniband s
z1: set active
[  239.049614][T13170] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.049764][ T5972] »»»»»» speed is unknown, defaulting to 1000
[  239.267103][T13184] xt_hashlimit: max too large, truncated to 1048576
[  239.325114][T13187] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13187 comm=syz.5.2325
[  239.392526][   T39] kauditd_printk_skb: 491 callbacks suppressed
[  239.392537][   T39] audit: type=1400 audit(1737054317.791:6632): avc:  denied  { ioctl } for  pid=13189 comm="syz.4.2326" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.406683][   T39] audit: type=1400 audit(1737054317.791:6633): avc:  denied  { ioctl } for  pid=13189 comm="syz.4.2326" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.417300][   T39] audit: type=1400 audit(1737054317.801:6634): avc:  denied  { ioctl } for  pid=13189 comm="syz.4.2326" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.426536][   T39] audit: type=1400 audit(1737054317.811:6635): avc:  denied  { ioctl } for  pid=13189 comm="syz.4.2326" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.462032][   T39] audit: type=1400 audit(1737054317.861:6636): avc:  denied  { read write } for  pid=12898 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  239.472365][   T39] audit: type=1400 audit(1737054317.871:6637): avc:  denied  { read write open } for  pid=12898 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  239.479451][   T39] audit: type=1400 audit(1737054317.871:6638): avc:  denied  { ioctl } for  pid=12898 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  239.511752][   T39] audit: type=1400 audit(1737054317.901:6639): avc:  denied  { ioctl } for  pid=13189 comm="syz.4.2326" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  239.543535][   T39] audit: type=1400 audit(1737054317.941:6640): avc:  denied  { create } for  pid=13191 comm="syz.1.2327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  239.551812][   T39] audit: type=1400 audit(1737054317.941:6641): avc:  denied  { getopt } for  pid=13191 comm="syz.1.2327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  239.631822][    T9] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[  239.756206][T13197] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  239.783093][    T9] usb 9-1: no configurations
[  239.784573][    T9] usb 9-1: can't read configurations, error -22
[  239.804835][T13199] __nla_validate_parse: 3 callbacks suppressed
[  239.804853][T13199] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2329'.
[  239.810988][T13199] netlink: 'syz.2.2329': attribute type 25 has an invalid length.
[  239.843233][T13201] FAULT_INJECTION: forcing a failure.
[  239.843233][T13201] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  239.847049][T13201] CPU: 0 UID: 0 PID: 13201 Comm: syz.1.2331 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  239.850163][T13201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  239.853311][T13201] Call Trace:
[  239.854408][T13201]  <TASK>
[  239.855335][T13201]  dump_stack_lvl+0x16c/0x1f0
[  239.856749][T13201]  should_fail_ex+0x497/0x5b0
[  239.858177][T13201]  _copy_from_iter+0x2a1/0x1560
[  239.859624][T13201]  ? __pfx__copy_from_iter+0x10/0x10
[  239.861180][T13201]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  239.862931][T13201]  ? tun_build_skb.constprop.0+0x1b8/0x1120
[  239.864655][T13201]  ? __pfx_lock_release+0x10/0x10
[  239.866112][T13201]  ? trace_lock_acquire+0x14e/0x1f0
[  239.867620][T13201]  ? __pfx_lock_release+0x10/0x10
[  239.869093][T13201]  copy_page_from_iter+0xa5/0x120
[  239.870554][T13201]  tun_build_skb.constprop.0+0x294/0x1120
[  239.872209][T13201]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  239.873980][T13201]  ? __pfx___lock_acquire+0x10/0x10
[  239.875914][T13201]  ? register_lock_class+0xb1/0x1240
[  239.877876][T13201]  ? __lock_acquire+0xcc5/0x3c40
[  239.879712][T13201]  tun_get_user+0x870/0x3e50
[  239.881453][T13201]  ? find_held_lock+0x2d/0x110
[  239.883226][T13201]  ? __pfx_tun_get_user+0x10/0x10
[  239.885095][T13201]  ? find_held_lock+0x2d/0x110
[  239.886886][T13201]  ? __pfx_lock_release+0x10/0x10
[  239.888831][T13201]  tun_chr_write_iter+0xdc/0x210
[  239.890703][T13201]  vfs_write+0x5ae/0x1150
[  239.891998][T13201]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  239.893685][T13201]  ? __pfx_vfs_write+0x10/0x10
[  239.895096][T13201]  ? __fget_files+0x40/0x3a0
[  239.896484][T13201]  ksys_write+0x12b/0x250
[  239.897754][T13201]  ? __pfx_ksys_write+0x10/0x10
[  239.899170][T13201]  do_syscall_64+0xcd/0x250
[  239.900511][T13201]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.902143][T13201] RIP: 0033:0x7f26fb1847df
[  239.903453][T13201] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  239.908961][T13201] RSP: 002b:00007f26fbfa3000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  239.911352][T13201] RAX: ffffffffffffffda RBX: 00007f26fb375fa0 RCX: 00007f26fb1847df
[  239.913622][T13201] RDX: 0000000000000046 RSI: 0000000020000a40 RDI: 00000000000000c8
[  239.915922][T13201] RBP: 00007f26fbfa3090 R08: 0000000000000000 R09: 0000000000000000
[  239.918195][T13201] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  239.920484][T13201] R13: 0000000000000000 R14: 00007f26fb375fa0 R15: 00007ffe5c7a2ca8
[  239.922769][T13201]  </TASK>
[  239.981859][    T9] usb 9-1: new high-speed USB device number 45 using dummy_hcd
[  240.134235][    T9] usb 9-1: no configurations
[  240.136145][    T9] usb 9-1: can't read configurations, error -22
[  240.141498][    T9] usb usb9-port1: attempt power cycle
[  240.481810][    T9] usb 9-1: new high-speed USB device number 46 using dummy_hcd
[  240.505890][    T9] usb 9-1: no configurations
[  240.507276][    T9] usb 9-1: can't read configurations, error -22
[  240.641744][    T9] usb 9-1: new high-speed USB device number 47 using dummy_hcd
[  240.666391][    T9] usb 9-1: no configurations
[  240.667792][    T9] usb 9-1: can't read configurations, error -22
[  240.669685][    T9] usb usb9-port1: unable to enumerate USB device
[  240.984203][T13223] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  241.134366][T13231] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13231 comm=syz.5.2341
[  241.139811][T13231] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2341'.
[  241.349267][T13237] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2343'.
[  241.353013][T13237] netlink: 'syz.1.2343': attribute type 25 has an invalid length.
[  242.369072][T13250] netlink: 'syz.1.2350': attribute type 27 has an invalid length.
[  242.458285][T13250] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.460512][T13250] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.540432][T13250] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.547423][T13250] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.584789][T13250] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.587499][T13250] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.590115][T13250] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.592803][T13250] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.624381][T13250] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.627056][T13250] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.629600][T13250] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.632525][T13250] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  242.656587][T13251] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.660058][T13251] 8021q: adding VLAN 0 to HW filter on device team0
[  242.664875][T13251] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  242.750053][ T5935] Bluetooth: hci0: ACL packet for unknown connection handle 201
[  242.863902][T13262] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13262 comm=syz.1.2353
[  242.868830][T13262] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2353'.
[  242.971315][T13266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2355'.
[  242.974075][T13266] netlink: 'syz.4.2355': attribute type 25 has an invalid length.
[  243.992133][ T6895] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  244.073459][T13285] netlink: 'syz.4.2362': attribute type 27 has an invalid length.
[  244.080807][T13285] infiniband s
z1: set down
[  244.135039][  T834] »»»»»» speed is unknown, defaulting to 1000
[  244.138848][T13286] infiniband s
z1: set active
[  244.140480][T13286] infiniband s
z1: set active
[  244.148636][ T6895] usb 6-1: no configurations
[  244.149927][ T6895] usb 6-1: can't read configurations, error -22
[  244.151011][T13286] 8021q: adding VLAN 0 to HW filter on device team0
[  244.158392][T13286] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  244.163472][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  244.165729][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  244.167686][   T56] »»»»»» speed is unknown, defaulting to 1000
[  244.169639][ T2203] »»»»»» speed is unknown, defaulting to 1000
[  244.281771][ T6895] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  244.405659][   T39] kauditd_printk_skb: 487 callbacks suppressed
[  244.405669][   T39] audit: type=1400 audit(1737054322.801:7129): avc:  denied  { read write open } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  244.424443][   T39] audit: type=1400 audit(1737054322.821:7130): avc:  denied  { ioctl } for  pid=8279 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=663 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  244.445307][   T39] audit: type=1400 audit(1737054322.841:7131): avc:  denied  { ioctl } for  pid=13275 comm="syz.1.2359" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  244.445630][ T6895] usb 6-1: no configurations
[  244.453941][   T39] audit: type=1400 audit(1737054322.861:7132): avc:  denied  { ioctl } for  pid=13275 comm="syz.1.2359" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  244.455116][ T6895] usb 6-1: can't read configurations, error -22
[  244.461612][   T39] audit: type=1400 audit(1737054322.861:7133): avc:  denied  { read write } for  pid=13290 comm="syz.2.2364" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  244.472967][ T6895] usb usb6-port1: attempt power cycle
[  244.474356][   T39] audit: type=1400 audit(1737054322.861:7134): avc:  denied  { read write open } for  pid=13290 comm="syz.2.2364" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  244.482603][   T39] audit: type=1400 audit(1737054322.861:7135): avc:  denied  { map } for  pid=13290 comm="syz.2.2364" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  244.489501][   T39] audit: type=1400 audit(1737054322.861:7136): avc:  denied  { read write } for  pid=13290 comm="syz.2.2364" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  244.496667][   T39] audit: type=1400 audit(1737054322.871:7137): avc:  denied  { ioctl } for  pid=13275 comm="syz.1.2359" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  244.504114][   T39] audit: type=1400 audit(1737054322.871:7138): avc:  denied  { ioctl } for  pid=13275 comm="syz.1.2359" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  244.833289][ T6895] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  244.856908][ T6895] usb 6-1: no configurations
[  244.858341][ T6895] usb 6-1: can't read configurations, error -22
[  244.991784][ T6895] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  245.016307][ T6895] usb 6-1: no configurations
[  245.017986][ T6895] usb 6-1: can't read configurations, error -22
[  245.020109][ T6895] usb usb6-port1: unable to enumerate USB device
[  245.254115][T13300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13300 comm=syz.4.2367
[  245.259028][T13300] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2367'.
[  245.430313][T13303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2368'.
[  245.433027][T13303] netlink: 'syz.2.2368': attribute type 25 has an invalid length.
[  245.758114][T13309] netlink: 'syz.5.2371': attribute type 27 has an invalid length.
[  245.807992][T13309] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.811019][T13309] 8021q: adding VLAN 0 to HW filter on device team0
[  245.814980][T13309] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  245.926523][T13311] FAULT_INJECTION: forcing a failure.
[  245.926523][T13311] name failslab, interval 1, probability 0, space 0, times 0
[  245.930270][T13311] CPU: 3 UID: 0 PID: 13311 Comm: syz.5.2372 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  245.934062][T13311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  245.937324][T13311] Call Trace:
[  245.938289][T13311]  <TASK>
[  245.939147][T13311]  dump_stack_lvl+0x16c/0x1f0
[  245.940579][T13311]  should_fail_ex+0x497/0x5b0
[  245.942196][T13311]  ? fs_reclaim_acquire+0xae/0x150
[  245.944170][T13311]  should_failslab+0xc2/0x120
[  245.946117][T13311]  __kmalloc_noprof+0xcb/0x510
[  245.948111][T13311]  ? rcu_is_watching+0x12/0xc0
[  245.950067][T13311]  tomoyo_encode2+0x100/0x3e0
[  245.951506][T13311]  tomoyo_encode+0x29/0x50
[  245.952881][T13311]  tomoyo_realpath_from_path+0x19d/0x720
[  245.954532][T13311]  ? tomoyo_path_number_perm+0x235/0x590
[  245.956189][T13311]  tomoyo_path_number_perm+0x248/0x590
[  245.957755][T13311]  ? tomoyo_path_number_perm+0x235/0x590
[  245.959374][T13311]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  245.961166][T13311]  ? __pfx_lock_release+0x10/0x10
[  245.963190][T13311]  ? trace_lock_acquire+0x14e/0x1f0
[  245.965314][T13311]  ? lock_acquire+0x2f/0xb0
[  245.967134][T13311]  ? __fget_files+0x40/0x3a0
[  245.969005][T13311]  ? __fget_files+0x206/0x3a0
[  245.970886][T13311]  security_file_ioctl+0x9b/0x240
[  245.972580][T13311]  __x64_sys_ioctl+0xb7/0x200
[  245.973961][T13311]  do_syscall_64+0xcd/0x250
[  245.975629][T13311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.977741][T13311] RIP: 0033:0x7fe80f385d29
[  245.979058][T13311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.985810][T13311] RSP: 002b:00007fe810167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  245.989068][T13311] RAX: ffffffffffffffda RBX: 00007fe80f575fa0 RCX: 00007fe80f385d29
[  245.992152][T13311] RDX: 0000000020000280 RSI: 000000000000890b RDI: 0000000000000004
[  245.995239][T13311] RBP: 00007fe810167090 R08: 0000000000000000 R09: 0000000000000000
[  245.998360][T13311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.001447][T13311] R13: 0000000000000000 R14: 00007fe80f575fa0 R15: 00007ffc53d31398
[  246.003844][T13311]  </TASK>
[  246.005295][T13311] ERROR: Out of memory at tomoyo_realpath_from_path.
[  246.405398][T13328] netlink: 'syz.5.2380': attribute type 27 has an invalid length.
[  246.473669][T13328] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.476144][T13328] 8021q: adding VLAN 0 to HW filter on device team0
[  246.479450][T13328] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  246.484960][T13330] FAULT_INJECTION: forcing a failure.
[  246.484960][T13330] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  246.488871][T13330] CPU: 3 UID: 0 PID: 13330 Comm: syz.4.2381 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  246.491990][T13330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  246.495101][T13330] Call Trace:
[  246.496092][T13330]  <TASK>
[  246.496963][T13330]  dump_stack_lvl+0x16c/0x1f0
[  246.498340][T13330]  should_fail_ex+0x497/0x5b0
[  246.499732][T13330]  ? fs_reclaim_acquire+0xae/0x150
[  246.501555][T13330]  should_fail_alloc_page+0xe7/0x130
[  246.503271][T13330]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  246.504939][T13330]  ? __memcg_kmem_charge_page+0x1b0/0x2b0
[  246.506591][T13330]  __alloc_pages_noprof+0x190/0x25b0
[  246.508145][T13330]  ? kasan_save_stack+0x33/0x60
[  246.509571][T13330]  ? __kmalloc_node_noprof+0x21f/0x510
[  246.511169][T13330]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  246.512801][T13330]  ? __kvm_mmu_topup_memory_cache+0x451/0x600
[  246.514582][T13330]  ? mmu_topup_memory_caches+0x59/0xd0
[  246.516188][T13330]  ? kvm_mmu_load+0xda/0x21f0
[  246.517571][T13330]  ? vcpu_run+0x33a4/0x4f50
[  246.518914][T13330]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  246.520588][T13330]  ? kvm_vcpu_ioctl+0x6ce/0x1520
[  246.522036][T13330]  ? __x64_sys_ioctl+0x190/0x200
[  246.523484][T13330]  ? do_syscall_64+0xcd/0x250
[  246.524874][T13330]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.526652][T13330]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  246.528330][T13330]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  246.530052][T13330]  ? policy_nodemask+0xea/0x4e0
[  246.531473][T13330]  alloc_pages_mpol_noprof+0x2c8/0x620
[  246.533107][T13330]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  246.534871][T13330]  ? __kmalloc_node_noprof+0x23d/0x510
[  246.536504][T13330]  ? rcu_is_watching+0x12/0xc0
[  246.537918][T13330]  ? __pfx_mark_lock+0x10/0x10
[  246.539332][T13330]  get_free_pages_noprof+0xc/0x40
[  246.540818][T13330]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  246.542545][T13330]  mmu_topup_memory_caches+0x59/0xd0
[  246.544447][T13330]  kvm_mmu_load+0xda/0x21f0
[  246.545836][T13330]  ? mark_held_locks+0x9f/0xe0
[  246.547234][T13330]  ? kvm_apic_has_interrupt+0xb6/0x190
[  246.548842][T13330]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  246.550551][T13330]  ? kvm_guest_time_update+0x780/0xeb0
[  246.552194][T13330]  ? clear_pending_if_disabled+0xa9/0x210
[  246.553993][T13330]  ? __pfx_kvm_mmu_load+0x10/0x10
[  246.556048][T13330]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  246.557892][T13330]  ? kvm_check_and_inject_events+0x725/0x12e0
[  246.559661][T13330]  ? kvm_setup_guest_pvclock+0x721/0x730
[  246.561322][T13330]  vcpu_run+0x33a4/0x4f50
[  246.562746][T13330]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  246.564855][T13330]  ? __pfx_vcpu_run+0x10/0x10
[  246.566838][T13330]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  246.569013][T13330]  ? rcu_is_watching+0x12/0xc0
[  246.570414][T13330]  ? trace_lock_acquire+0x14e/0x1f0
[  246.571993][T13330]  ? __local_bh_enable_ip+0xa4/0x120
[  246.573552][T13330]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.575184][T13330]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  246.576921][T13330]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  246.578638][T13330]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  246.580343][T13330]  kvm_vcpu_ioctl+0x6ce/0x1520
[  246.581919][T13330]  ? do_vfs_ioctl+0x513/0x1990
[  246.583900][T13330]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  246.586188][T13330]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  246.588884][T13330]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  246.591693][T13330]  ? __pfx_lock_release+0x10/0x10
[  246.593796][T13330]  ? selinux_file_ioctl+0x180/0x270
[  246.595874][T13330]  ? selinux_file_ioctl+0xb4/0x270
[  246.598002][T13330]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  246.600164][T13330]  __x64_sys_ioctl+0x190/0x200
[  246.602247][T13330]  do_syscall_64+0xcd/0x250
[  246.604159][T13330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.606625][T13330] RIP: 0033:0x7f7038185d29
[  246.608023][T13330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.613605][T13330] RSP: 002b:00007f7038f3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  246.616032][T13330] RAX: ffffffffffffffda RBX: 00007f7038375fa0 RCX: 00007f7038185d29
[  246.618312][T13330] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  246.620613][T13330] RBP: 00007f7038f3b090 R08: 0000000000000000 R09: 0000000000000000
[  246.622956][T13330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  246.625909][T13330] R13: 0000000000000000 R14: 00007f7038375fa0 R15: 00007ffe8c3e62d8
[  246.628219][T13330]  </TASK>
[  246.862456][T13343] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13343 comm=syz.1.2383
[  246.866590][T13343] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2383'.
[  246.914809][T13344] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2385'.
[  246.917450][T13344] netlink: 'syz.4.2385': attribute type 25 has an invalid length.
[  247.380674][T13354] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2389'.
[  247.492631][T13359] netlink: 'syz.5.2390': attribute type 27 has an invalid length.
[  247.564880][T13359] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.567442][T13359] 8021q: adding VLAN 0 to HW filter on device team0
[  247.573854][T13359] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  247.714709][T13363] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2392'.
[  247.796895][T13367] xt_hashlimit: max too large, truncated to 1048576
[  247.821517][T13366] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2393'.
[  247.856677][T13366] syz.2.2393: attempt to access beyond end of device
[  247.856677][T13366] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[  247.861347][T13366] FAT-fs (nbd2): unable to read boot sector
[  247.901765][ T6895] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  248.056299][ T6895] usb 10-1: no configurations
[  248.057697][ T6895] usb 10-1: can't read configurations, error -22
[  248.192143][ T6895] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  248.215479][T13381] netlink: 'syz.2.2399': attribute type 27 has an invalid length.
[  248.302051][T13381] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.304521][T13381] 8021q: adding VLAN 0 to HW filter on device team0
[  248.307761][T13381] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  248.353204][ T6895] usb 10-1: no configurations
[  248.354877][ T6895] usb 10-1: can't read configurations, error -22
[  248.361887][ T6895] usb usb10-port1: attempt power cycle
[  248.423561][T13388] FAULT_INJECTION: forcing a failure.
[  248.423561][T13388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.428304][T13388] CPU: 0 UID: 0 PID: 13388 Comm: syz.4.2402 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  248.432450][T13388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  248.436084][T13388] Call Trace:
[  248.437265][T13388]  <TASK>
[  248.438162][T13388]  dump_stack_lvl+0x16c/0x1f0
[  248.439732][T13388]  should_fail_ex+0x497/0x5b0
[  248.441555][T13388]  _copy_from_iter+0x2a1/0x1560
[  248.443479][T13388]  ? __pfx__copy_from_iter+0x10/0x10
[  248.445620][T13388]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  248.447925][T13388]  ? tun_build_skb.constprop.0+0x1b8/0x1120
[  248.450201][T13388]  ? __pfx_lock_release+0x10/0x10
[  248.452186][T13388]  ? trace_lock_acquire+0x14e/0x1f0
[  248.453952][T13388]  copy_page_from_iter+0xa5/0x120
[  248.455794][T13388]  tun_build_skb.constprop.0+0x294/0x1120
[  248.458034][T13388]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  248.459961][T13388]  ? __pfx_avc_perm_nonode+0x10/0x10
[  248.461486][T13388]  ? avc_has_perm_noaudit+0x2b1/0x3a0
[  248.463192][T13388]  ? register_lock_class+0xb1/0x1240
[  248.464726][T13388]  ? __lock_acquire+0xcc5/0x3c40
[  248.466175][T13388]  tun_get_user+0x870/0x3e50
[  248.467522][T13388]  ? __pfx_tun_get_user+0x10/0x10
[  248.469001][T13388]  ? find_held_lock+0x2d/0x110
[  248.470396][T13388]  ? __pfx_lock_release+0x10/0x10
[  248.471869][T13388]  tun_chr_write_iter+0xdc/0x210
[  248.473359][T13388]  vfs_write+0x5ae/0x1150
[  248.475057][T13388]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  248.477250][T13388]  ? __pfx_vfs_write+0x10/0x10
[  248.479140][T13388]  ? __fget_files+0x40/0x3a0
[  248.480177][T13389] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13389 comm=syz.2.2401
[  248.480961][T13388]  ksys_write+0x12b/0x250
[  248.485877][T13388]  ? __pfx_ksys_write+0x10/0x10
[  248.487358][T13388]  do_syscall_64+0xcd/0x250
[  248.488585][T13389] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2401'.
[  248.488717][T13388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.493120][T13388] RIP: 0033:0x7f70381847df
[  248.494559][T13388] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  248.501526][T13388] RSP: 002b:00007f7038f3b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  248.504618][T13388] RAX: ffffffffffffffda RBX: 00007f7038375fa0 RCX: 00007f70381847df
[  248.507284][T13388] RDX: 0000000000000046 RSI: 0000000020000a40 RDI: 00000000000000c8
[  248.509975][T13388] RBP: 00007f7038f3b090 R08: 0000000000000000 R09: 0000000000000000
[  248.512935][T13388] R10: 0000000000000046 R11: 0000000000000293 R12: 0000000000000001
[  248.515618][T13388] R13: 0000000000000000 R14: 00007f7038375fa0 R15: 00007ffe8c3e62d8
[  248.517982][T13388]  </TASK>
[  248.701824][ T6895] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  248.719852][T13392] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2403'.
[  248.723541][T13392] netlink: 'syz.4.2403': attribute type 25 has an invalid length.
[  248.731537][ T6895] usb 10-1: no configurations
[  248.733252][ T6895] usb 10-1: can't read configurations, error -22
[  248.861775][ T6895] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  248.885309][ T6895] usb 10-1: no configurations
[  248.886777][ T6895] usb 10-1: can't read configurations, error -22
[  248.890201][ T6895] usb usb10-port1: unable to enumerate USB device
[  249.449727][   T39] kauditd_printk_skb: 501 callbacks suppressed
[  249.449738][   T39] audit: type=1400 audit(1737054327.841:7638): avc:  denied  { create } for  pid=13400 comm="syz.2.2406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  249.458422][   T39] audit: type=1400 audit(1737054327.851:7639): avc:  denied  { setopt } for  pid=13400 comm="syz.2.2406" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  249.466450][T13401] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2406'.
[  249.470095][   T39] audit: type=1400 audit(1737054327.851:7640): avc:  denied  { write } for  pid=13400 comm="syz.2.2406" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  249.479133][   T39] audit: type=1400 audit(1737054327.861:7641): avc:  denied  { create } for  pid=13400 comm="syz.2.2406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  249.487411][   T39] audit: type=1400 audit(1737054327.871:7642): avc:  denied  { write } for  pid=13400 comm="syz.2.2406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  249.499237][   T39] audit: type=1400 audit(1737054327.871:7643): avc:  denied  { setopt } for  pid=13400 comm="syz.2.2406" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  249.507372][   T39] audit: type=1400 audit(1737054327.871:7644): avc:  denied  { bind } for  pid=13400 comm="syz.2.2406" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  249.515460][   T39] audit: type=1400 audit(1737054327.871:7645): avc:  denied  { node_bind } for  pid=13400 comm="syz.2.2406" saddr=fec0:ffff::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  249.523933][   T39] audit: type=1400 audit(1737054327.871:7646): avc:  denied  { create } for  pid=13400 comm="syz.2.2406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  249.531615][   T39] audit: type=1400 audit(1737054327.881:7647): avc:  denied  { create } for  pid=13400 comm="syz.2.2406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  249.761260][T13410] netlink: 'syz.1.2409': attribute type 27 has an invalid length.
[  249.830000][T13410] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.832615][T13410] 8021q: adding VLAN 0 to HW filter on device team0
[  249.842235][T13410] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  249.988906][T13421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13421 comm=syz.1.2413
[  250.167536][T13426] netlink: 'syz.4.2415': attribute type 25 has an invalid length.
[  250.723724][T13438] netlink: 'syz.2.2421': attribute type 27 has an invalid length.
[  250.775124][T13438] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.777604][T13438] 8021q: adding VLAN 0 to HW filter on device team0
[  250.780868][T13438] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  251.490201][T13465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13465 comm=syz.5.2431
[  251.494735][T13465] __nla_validate_parse: 2 callbacks suppressed
[  251.494744][T13465] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2431'.
[  251.541833][    T9] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  251.693265][    T9] usb 6-1: no configurations
[  251.694748][    T9] usb 6-1: can't read configurations, error -22
[  251.821745][    T9] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  251.973558][    T9] usb 6-1: no configurations
[  251.975023][    T9] usb 6-1: can't read configurations, error -22
[  251.981983][    T9] usb usb6-port1: attempt power cycle
[  252.026353][T13469] netlink: 'syz.4.2433': attribute type 27 has an invalid length.
[  252.033112][T13469] infiniband s
z1: set down
[  252.095116][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  252.096949][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  252.099311][T13469] infiniband s
z1: set active
[  252.100826][T13469] infiniband s
z1: set active
[  252.112396][T13469] 8021q: adding VLAN 0 to HW filter on device team0
[  252.115692][T13469] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.123843][  T832] »»»»»» speed is unknown, defaulting to 1000
[  252.126105][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  252.128801][ T5990] »»»»»» speed is unknown, defaulting to 1000
[  252.281895][T13476] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2434'.
[  252.284179][T13476] netlink: 'syz.2.2434': attribute type 25 has an invalid length.
[  252.321748][    T9] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  252.348678][    T9] usb 6-1: no configurations
[  252.350047][    T9] usb 6-1: can't read configurations, error -22
[  252.377293][T13478] (unnamed net_device) (uninitialized): Unable to set down delay as MII monitoring is disabled
[  252.491939][    T9] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  252.515824][    T9] usb 6-1: no configurations
[  252.517205][    T9] usb 6-1: can't read configurations, error -22
[  252.520748][    T9] usb usb6-port1: unable to enumerate USB device
[  253.245082][T13500] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1120 sclass=netlink_route_socket pid=13500 comm=syz.4.2444
[  253.250463][T13500] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2444'.
[  253.272431][T13502] netlink: 'syz.2.2445': attribute type 27 has an invalid length.
[  253.348787][T13502] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.352243][T13502] 8021q: adding VLAN 0 to HW filter on device team0
[  253.357733][T13502] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  253.512767][T13505] FAULT_INJECTION: forcing a failure.
[  253.512767][T13505] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  253.516740][T13505] CPU: 3 UID: 0 PID: 13505 Comm: syz.5.2447 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  253.519814][T13505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  253.522983][T13505] Call Trace:
[  253.523987][T13505]  <TASK>
[  253.524876][T13505]  dump_stack_lvl+0x16c/0x1f0
[  253.526264][T13505]  should_fail_ex+0x497/0x5b0
[  253.527661][T13505]  ? fs_reclaim_acquire+0xae/0x150
[  253.529167][T13505]  should_fail_alloc_page+0xe7/0x130
[  253.530717][T13505]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  253.532520][T13505]  ? __memcg_kmem_charge_page+0x1b0/0x2b0
[  253.534191][T13505]  __alloc_pages_noprof+0x190/0x25b0
[  253.535783][T13505]  ? kasan_save_stack+0x33/0x60
[  253.537202][T13505]  ? __kmalloc_node_noprof+0x21f/0x510
[  253.538837][T13505]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  253.540455][T13505]  ? __kvm_mmu_topup_memory_cache+0x451/0x600
[  253.542216][T13505]  ? mmu_topup_memory_caches+0x59/0xd0
[  253.543808][T13505]  ? kvm_mmu_load+0xda/0x21f0
[  253.545215][T13505]  ? vcpu_run+0x33a4/0x4f50
[  253.546550][T13505]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  253.548217][T13505]  ? kvm_vcpu_ioctl+0x6ce/0x1520
[  253.549665][T13505]  ? __x64_sys_ioctl+0x190/0x200
[  253.551109][T13505]  ? do_syscall_64+0xcd/0x250
[  253.552493][T13505]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.554260][T13505]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  253.555953][T13505]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  253.557668][T13505]  ? policy_nodemask+0xea/0x4e0
[  253.559083][T13505]  alloc_pages_mpol_noprof+0x2c8/0x620
[  253.560671][T13505]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  253.562425][T13505]  ? __kmalloc_node_noprof+0x23d/0x510
[  253.564115][T13505]  ? rcu_is_watching+0x12/0xc0
[  253.565546][T13505]  ? __pfx_mark_lock+0x10/0x10
[  253.566948][T13505]  get_free_pages_noprof+0xc/0x40
[  253.568544][T13505]  __kvm_mmu_topup_memory_cache+0x278/0x600
[  253.570326][T13505]  mmu_topup_memory_caches+0x59/0xd0
[  253.571890][T13505]  kvm_mmu_load+0xda/0x21f0
[  253.573225][T13505]  ? mark_held_locks+0x9f/0xe0
[  253.574640][T13505]  ? kvm_apic_has_interrupt+0xb6/0x190
[  253.576260][T13505]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  253.577975][T13505]  ? kvm_guest_time_update+0x780/0xeb0
[  253.579582][T13505]  ? clear_pending_if_disabled+0xa9/0x210
[  253.581256][T13505]  ? __pfx_kvm_mmu_load+0x10/0x10
[  253.582747][T13505]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  253.584492][T13505]  ? kvm_check_and_inject_events+0x725/0x12e0
[  253.586298][T13505]  ? kvm_setup_guest_pvclock+0x721/0x730
[  253.587951][T13505]  vcpu_run+0x33a4/0x4f50
[  253.589225][T13505]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  253.590679][T13505]  ? __pfx_vcpu_run+0x10/0x10
[  253.592075][T13505]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  253.593817][T13505]  ? rcu_is_watching+0x12/0xc0
[  253.595291][T13505]  ? trace_lock_acquire+0x14e/0x1f0
[  253.596823][T13505]  ? __local_bh_enable_ip+0xa4/0x120
[  253.598364][T13505]  ? lockdep_hardirqs_on+0x7c/0x110
[  253.599885][T13505]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  253.601549][T13505]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  253.603224][T13505]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  253.604870][T13505]  kvm_vcpu_ioctl+0x6ce/0x1520
[  253.606298][T13505]  ? do_vfs_ioctl+0x513/0x1990
[  253.607705][T13505]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  253.609206][T13505]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  253.611085][T13505]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  253.613074][T13505]  ? __pfx_lock_release+0x10/0x10
[  253.614566][T13505]  ? selinux_file_ioctl+0x180/0x270
[  253.615523][T13509] netlink: 'syz.2.2448': attribute type 33 has an invalid length.
[  253.616104][T13505]  ? selinux_file_ioctl+0xb4/0x270
[  253.619070][T13509] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2448'.
[  253.620542][T13505]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  253.624998][T13505]  __x64_sys_ioctl+0x190/0x200
[  253.626442][T13505]  do_syscall_64+0xcd/0x250
[  253.627784][T13505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.629509][T13505] RIP: 0033:0x7fe80f385d29
[  253.630827][T13505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.636651][T13505] RSP: 002b:00007fe810167038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.639048][T13505] RAX: ffffffffffffffda RBX: 00007fe80f575fa0 RCX: 00007fe80f385d29
[  253.641349][T13505] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  253.643664][T13505] RBP: 00007fe810167090 R08: 0000000000000000 R09: 0000000000000000
[  253.645983][T13505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  253.648284][T13505] R13: 0000000000000000 R14: 00007fe80f575fa0 R15: 00007ffc53d31398
[  253.650569][T13505]  </TASK>
[  254.233831][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2451'.
[  254.236491][T13520] netlink: 'syz.5.2451': attribute type 25 has an invalid length.
[  254.373335][T13527] netlink: 'syz.4.2454': attribute type 27 has an invalid length.
[  254.378968][T13527] infiniband s
z1: set down
[  254.438648][  T834] »»»»»» speed is unknown, defaulting to 1000
[  254.440509][  T834] »»»»»» speed is unknown, defaulting to 1000
[  254.457706][   T39] kauditd_printk_skb: 641 callbacks suppressed
[  254.457715][   T39] audit: type=1400 audit(1737054332.851:8285): avc:  denied  { read } for  pid=13526 comm="syz.1.2453" dev="nsfs" ino=4026534038 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  254.469033][   T39] audit: type=1400 audit(1737054332.851:8286): avc:  denied  { map_read map_write } for  pid=13525 comm="syz.4.2454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  254.483204][T13527] infiniband s
z1: set active
[  254.484573][   T39] audit: type=1400 audit(1737054332.871:8287): avc:  denied  { create } for  pid=13525 comm="syz.4.2454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  254.484802][T13527] infiniband s
z1: set active
[  254.498052][   T39] audit: type=1400 audit(1737054332.871:8288): avc:  denied  { read open } for  pid=13526 comm="syz.1.2453" path="net:[4026534038]" dev="nsfs" ino=4026534038 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  254.499245][T13527] 8021q: adding VLAN 0 to HW filter on device team0
[  254.508019][T13527] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  254.513485][  T834] »»»»»» speed is unknown, defaulting to 1000
[  254.515284][ T6015] »»»»»» speed is unknown, defaulting to 1000
[  254.519515][  T834] »»»»»» speed is unknown, defaulting to 1000
[  254.519660][   T39] audit: type=1400 audit(1737054332.871:8289): avc:  denied  { create } for  pid=13525 comm="syz.4.2454" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.533317][   T39] audit: type=1400 audit(1737054332.871:8290): avc:  denied  { create } for  pid=13526 comm="syz.1.2453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  254.551231][   T39] audit: type=1400 audit(1737054332.871:8291): avc:  denied  { map } for  pid=13525 comm="syz.4.2454" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51010 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.560639][   T39] audit: type=1400 audit(1737054332.871:8292): avc:  denied  { read write } for  pid=13525 comm="syz.4.2454" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51010 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.570328][   T39] audit: type=1400 audit(1737054332.871:8293): avc:  denied  { map } for  pid=13525 comm="syz.4.2454" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51010 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.579746][   T39] audit: type=1400 audit(1737054332.871:8294): avc:  denied  { read write } for  pid=13525 comm="syz.4.2454" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=51010 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  254.616591][T13534] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2455'.
[  254.820913][T13538] xt_hashlimit: max too large, truncated to 1048576
[  254.871729][T12480] usb 9-1: new high-speed USB device number 48 using dummy_hcd
[  255.041975][T12480] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  255.044881][T12480] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  255.048337][T12480] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  255.051558][T12480] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  255.055542][T12480] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  255.071747][T12480] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  255.074418][T12480] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  255.077014][T12480] usb 9-1: Product: syz
[  255.078203][T12480] usb 9-1: Manufacturer: syz
[  255.096891][T12480] cdc_wdm 9-1:1.0: skipping garbage
[  255.098434][T12480] cdc_wdm 9-1:1.0: skipping garbage
[  255.103930][T12480] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  255.105694][T12480] cdc_wdm 9-1:1.0: Unknown control protocol
[  255.379733][T13555] FAULT_INJECTION: forcing a failure.
[  255.379733][T13555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  255.384811][T13555] CPU: 0 UID: 0 PID: 13555 Comm: syz.2.2463 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  255.388719][T13555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.392678][T13555] Call Trace:
[  255.393949][T13555]  <TASK>
[  255.395109][T13555]  dump_stack_lvl+0x16c/0x1f0
[  255.396932][T13555]  should_fail_ex+0x497/0x5b0
[  255.398735][T13555]  _copy_to_user+0x32/0xd0
[  255.400408][T13555]  simple_read_from_buffer+0xd0/0x160
[  255.402442][T13555]  proc_fail_nth_read+0x198/0x270
[  255.404333][T13555]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.406485][T13555]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  255.408598][T13555]  vfs_read+0x1df/0xbe0
[  255.410159][T13555]  ? __fget_files+0x1fc/0x3a0
[  255.411953][T13555]  ? __pfx___mutex_lock+0x10/0x10
[  255.413897][T13555]  ? __pfx_vfs_read+0x10/0x10
[  255.415757][T13555]  ? __fget_files+0x206/0x3a0
[  255.417482][T13555]  ksys_read+0x12b/0x250
[  255.419060][T13555]  ? __pfx_ksys_read+0x10/0x10
[  255.420868][T13555]  do_syscall_64+0xcd/0x250
[  255.422562][T13555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.424740][T13555] RIP: 0033:0x7fe3ce98473c
[  255.426124][ T6895] 
[  255.426416][T13555] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  255.427147][ T6895] ======================================================
[  255.434404][T13555] RSP: 002b:00007fe3cf712030 EFLAGS: 00000246
[  255.436429][ T6895] WARNING: possible circular locking dependency detected
[  255.436436][ T6895] 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 Not tainted
SYZFAIL: failed to recv rpc
[  255.436443][ T6895] ------------------------------------------------------
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  255.438721][T13555]  ORIG_RAX: 0000000000000000
[  255.440706][ T6895] kworker/2:5/6895 is trying to acquire lock:
[  255.445189][T13555] RAX: ffffffffffffffda RBX: 00007fe3ceb75fa0 RCX: 00007fe3ce98473c
[  255.447211][ T6895] ffff888107a4f640 (
[  255.449026][T13555] RDX: 000000000000000f RSI: 00007fe3cf7120a0 RDI: 0000000000000004
[  255.450749][ T6895] &q->q_usage_counter(queue)#51
[  255.453790][T13555] RBP: 00007fe3cf712090 R08: 0000000000000000 R09: 0000000000000000
[  255.454907][ T6895] ){++++}-{0:0}, at: blk_mq_alloc_request+0x59b/0x950
[  255.457867][T13555] R10: 0000000000000046 R11: 0000000000000246 R12: 0000000000000001
[  255.459262][ T6895] 
[  255.459262][ T6895] but task is already holding lock:
[  255.459268][ T6895] ffff888107a4fc58
[  255.462261][T13555] R13: 0000000000000000 R14: 00007fe3ceb75fa0 R15: 00007ffda75c2a28
[  255.464195][ T6895]  (&q->limits_lock
[  255.467211][T13555]  </TASK>
[  255.469302][ T6895] ){+.+.}-{4:4}, at: sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  255.477071][ T6895] 
[  255.477071][ T6895] which lock already depends on the new lock.
[  255.477071][ T6895] 
[  255.479936][ T6895] 
[  255.479936][ T6895] the existing dependency chain (in reverse order) is:
[  255.482514][ T6895] 
[  255.482514][ T6895] -> #5 (&q->limits_lock){+.+.}-{4:4}:
[  255.484700][ T6895]        __mutex_lock+0x19b/0xa60
[  255.486091][ T6895]        __nbd_set_size+0x2c0/0x730
[  255.487553][ T6895]        nbd_start_device+0x8fd/0xd70
[  255.489106][ T6895]        nbd_ioctl+0x21a/0xfd0
[  255.490375][ T6895]        blkdev_ioctl+0x276/0x6d0
[  255.491794][ T6895]        __x64_sys_ioctl+0x190/0x200
[  255.493298][ T6895]        do_syscall_64+0xcd/0x250
[  255.494736][ T6895]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.496563][ T6895] 
[  255.496563][ T6895] -> #4 (&q->q_usage_counter(io)#54){++++}-{0:0}:
[  255.498881][ T6895]        blk_mq_submit_bio+0x1fb6/0x24c0
[  255.500407][ T6895]        __submit_bio+0x384/0x540
[  255.501835][ T6895]        submit_bio_noacct_nocheck+0x698/0xd70
[  255.503549][ T6895]        submit_bio_noacct+0x93a/0x1e20
[  255.504210][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  255.504975][  T834] usb 9-1: USB disconnect, device number 48
[  255.505141][ T6895]        block_read_full_folio+0x812/0xa50
[  255.507436][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  255.509075][ T6895]        filemap_read_folio+0xc6/0x2a0
[  255.514606][ T6895]        filemap_get_pages+0x155f/0x1be0
[  255.516209][ T6895]        filemap_read+0x3ca/0xd70
[  255.517525][ T6895]        blkdev_read_iter+0x187/0x480
[  255.519006][ T6895]        vfs_read+0x87f/0xbe0
[  255.520465][ T6895]        ksys_read+0x12b/0x250
[  255.521742][T12480] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  255.521776][ T6895]        do_syscall_64+0xcd/0x250
[  255.525928][ T6895]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.527727][ T6895] 
[  255.527727][ T6895] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}:
[  255.530139][ T6895]        down_read+0x9a/0x330
[  255.531477][ T6895]        filemap_fault+0x62c/0x2820
[  255.533022][ T6895]        __do_fault+0x10a/0x490
[  255.534406][ T6895]        do_pte_missing+0xebd/0x3e00
[  255.535897][ T6895]        __handle_mm_fault+0x103c/0x2a40
[  255.537405][ T6895]        handle_mm_fault+0x3fa/0xaa0
[  255.538879][ T6895]        __get_user_pages+0x8d9/0x3b50
[  255.540369][ T6895]        populate_vma_page_range+0x27f/0x3a0
[  255.542005][ T6895]        __mm_populate+0x1d6/0x380
[  255.543405][ T6895]        do_mlock+0x40a/0x7d0
[  255.544765][ T6895]        __x64_sys_mlock+0x59/0x80
[  255.546252][ T6895]        do_syscall_64+0xcd/0x250
[  255.547732][ T6895]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.549571][ T6895] 
[  255.549571][ T6895] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  255.551704][ T6895]        __might_fault+0x11b/0x190
[  255.553130][ T6895]        _copy_from_user+0x29/0xd0
[  255.554581][ T6895]        __blk_trace_setup+0xa8/0x180
[  255.556105][ T6895]        blk_trace_setup+0x47/0x70
[  255.557505][ T6895]        sg_ioctl+0x65e/0x2750
[  255.558776][ T6895]        __x64_sys_ioctl+0x190/0x200
[  255.560264][ T6895]        do_syscall_64+0xcd/0x250
[  255.561626][ T6895]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.563412][ T6895] 
[  255.563412][ T6895] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  255.565631][ T6895]        __mutex_lock+0x19b/0xa60
[  255.567049][ T6895]        blk_mq_init_sched+0x42b/0x640
[  255.568619][ T6895]        elevator_init_mq+0x2cd/0x420
[  255.570137][ T6895]        add_disk_fwnode+0x113/0x1300
[  255.571663][ T6895]        sd_probe+0xa86/0x1000
[  255.572980][ T6895]        really_probe+0x23e/0xa90
[  255.574431][ T6895]        __driver_probe_device+0x1de/0x440
[  255.576085][ T6895]        driver_probe_device+0x4c/0x1b0
[  255.577681][ T6895]        __device_attach_driver+0x1df/0x310
[  255.579374][ T6895]        bus_for_each_drv+0x157/0x1e0
[  255.580920][ T6895]        __device_attach_async_helper+0x1d3/0x290
[  255.582734][ T6895]        async_run_entry_fn+0x9c/0x530
[  255.584307][ T6895]        process_one_work+0x9c5/0x1ba0
[  255.585867][ T6895]        worker_thread+0x6c8/0xf00
[  255.587318][ T6895]        kthread+0x2c1/0x3a0
[  255.588634][ T6895]        ret_from_fork+0x45/0x80
[  255.590041][ T6895]        ret_from_fork_asm+0x1a/0x30
[  255.591536][ T6895] 
[  255.591536][ T6895] -> #0 (&q->q_usage_counter(queue)#51){++++}-{0:0}:
[  255.593952][ T6895]        __lock_acquire+0x249e/0x3c40
[  255.595456][ T6895]        lock_acquire.part.0+0x11b/0x380
[  255.597023][ T6895]        blk_queue_enter+0x50f/0x640
[  255.598510][ T6895]        blk_mq_alloc_request+0x59b/0x950
[  255.600121][ T6895]        scsi_execute_cmd+0x1da/0xf40
[  255.601676][ T6895]        read_capacity_16+0x213/0xe10
[  255.603163][ T6895]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  255.604935][ T6895]        scsi_rescan_device+0x243/0x340
[  255.606519][ T6895]        ata_scsi_dev_rescan+0x1cb/0x470
[  255.608135][ T6895]        process_one_work+0x9c5/0x1ba0
[  255.609794][ T6895]        worker_thread+0x6c8/0xf00
[  255.611322][ T6895]        kthread+0x2c1/0x3a0
[  255.612686][ T6895]        ret_from_fork+0x45/0x80
[  255.614105][ T6895]        ret_from_fork_asm+0x1a/0x30
[  255.615654][ T6895] 
[  255.615654][ T6895] other info that might help us debug this:
[  255.615654][ T6895] 
[  255.618541][ T6895] Chain exists of:
[  255.618541][ T6895]   &q->q_usage_counter(queue)#51 --> &q->q_usage_counter(io)#54 --> &q->limits_lock
[  255.618541][ T6895] 
[  255.622847][ T6895]  Possible unsafe locking scenario:
[  255.622847][ T6895] 
[  255.624882][ T6895]        CPU0                    CPU1
[  255.626365][ T6895]        ----                    ----
[  255.627845][ T6895]   lock(&q->limits_lock);
[  255.629085][ T6895]                                lock(&q->q_usage_counter(io)#54);
[  255.631246][ T6895]                                lock(&q->limits_lock);
[  255.633159][ T6895]   rlock(&q->q_usage_counter(queue)#51);
[  255.634790][ T6895] 
[  255.634790][ T6895]  *** DEADLOCK ***
[  255.634790][ T6895] 
[  255.637119][ T6895] 5 locks held by kworker/2:5/6895:
[  255.638610][ T6895]  #0: ffff88801b088948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  255.641476][ T6895]  #1: ffffc90003ecfd80 ((work_completion)(&(&ap->scsi_rescan_task)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  255.644993][ T6895]  #2: ffff8880274c4358 (&ap->scsi_scan_mutex){+.+.}-{4:4}, at: ata_scsi_dev_rescan+0x3e/0x470
[  255.647978][ T6895]  #3: ffff88802783c378 (&dev->mutex){....}-{4:4}, at: scsi_rescan_device+0x27/0x340
[  255.650658][ T6895]  #4: ffff888107a4fc58 (&q->limits_lock){+.+.}-{4:4}, at: sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  255.653678][ T6895] 
[  255.653678][ T6895] stack backtrace:
[  255.655374][ T6895] CPU: 2 UID: 0 PID: 6895 Comm: kworker/2:5 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0
[  255.658328][ T6895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  255.661325][ T6895] Workqueue: events ata_scsi_dev_rescan
[  255.662924][ T6895] Call Trace:
[  255.663859][ T6895]  <TASK>
[  255.664672][ T6895]  dump_stack_lvl+0x116/0x1f0
[  255.666045][ T6895]  print_circular_bug+0x419/0x5d0
[  255.667497][ T6895]  check_noncircular+0x31a/0x400
[  255.668937][ T6895]  ? __pfx_check_noncircular+0x10/0x10
[  255.670477][ T6895]  ? lockdep_lock+0xc6/0x200
[  255.671828][ T6895]  ? __pfx_lockdep_lock+0x10/0x10
[  255.673290][ T6895]  __lock_acquire+0x249e/0x3c40
[  255.674705][ T6895]  ? __pfx___lock_acquire+0x10/0x10
[  255.676223][ T6895]  lock_acquire.part.0+0x11b/0x380
[  255.677704][ T6895]  ? blk_mq_alloc_request+0x59b/0x950
[  255.679258][ T6895]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  255.680995][ T6895]  ? rcu_is_watching+0x12/0xc0
[  255.682419][ T6895]  ? trace_lock_acquire+0x14e/0x1f0
[  255.683960][ T6895]  ? blk_mq_alloc_request+0x59b/0x950
[  255.685547][ T6895]  ? lock_acquire+0x2f/0xb0
[  255.686873][ T6895]  ? blk_mq_alloc_request+0x59b/0x950
[  255.688449][ T6895]  blk_queue_enter+0x50f/0x640
[  255.689867][ T6895]  ? blk_mq_alloc_request+0x59b/0x950
[  255.691432][ T6895]  ? __pfx_blk_queue_enter+0x10/0x10
[  255.692980][ T6895]  ? lockdep_lock+0xc6/0x200
[  255.694343][ T6895]  ? add_lock_to_list+0x17d/0x390
[  255.695825][ T6895]  ? lockdep_unlock+0x11a/0x290
[  255.697131][ T6895]  blk_mq_alloc_request+0x59b/0x950
[  255.698656][ T6895]  ? __pfx_blk_mq_alloc_request+0x10/0x10
[  255.700282][ T6895]  ? find_held_lock+0x2d/0x110
[  255.701597][ T6895]  scsi_execute_cmd+0x1da/0xf40
[  255.702891][ T6895]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  255.704410][ T6895]  ? sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  255.706057][ T6895]  read_capacity_16+0x213/0xe10
[  255.707355][ T6895]  ? blk_mq_free_request+0x1e9/0x340
[  255.708867][ T6895]  ? __pfx_read_capacity_16+0x10/0x10
[  255.710296][ T6895]  ? __pfx___mutex_lock+0x10/0x10
[  255.711872][ T6895]  sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  255.713580][ T6895]  ? mark_held_locks+0x9f/0xe0
[  255.715001][ T6895]  ? __pfx_sd_revalidate_disk.isra.0+0x10/0x10
[  255.716784][ T6895]  ? kasan_save_stack+0x33/0x60
[  255.718194][ T6895]  ? kasan_save_track+0x14/0x30
[  255.719605][ T6895]  ? kasan_save_free_info+0x3b/0x60
[  255.721105][ T6895]  ? __kasan_slab_free+0x51/0x70
[  255.722511][ T6895]  ? kfree+0x14f/0x4b0
[  255.723706][ T6895]  ? scsi_attach_vpd+0x4dc/0x580
[  255.725105][ T6895]  ? scsi_rescan_device+0xf5/0x340
[  255.726571][ T6895]  ? ata_scsi_dev_rescan+0x1cb/0x470
[  255.728098][ T6895]  ? process_one_work+0x9c5/0x1ba0
[  255.729577][ T6895]  ? worker_thread+0x6c8/0xf00
[  255.730966][ T6895]  ? kthread+0x2c1/0x3a0
[  255.732266][ T6895]  ? hlock_class+0x4e/0x130
[  255.733660][ T6895]  ? mark_lock+0xb5/0xc60
[  255.734946][ T6895]  ? mark_held_locks+0x9f/0xe0
[  255.736332][ T6895]  ? kasan_quarantine_put+0x10a/0x240
[  255.737867][ T6895]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.739382][ T6895]  ? kfree+0x14f/0x4b0
[  255.740581][ T6895]  ? lockdep_hardirqs_on+0x7c/0x110
[  255.742056][ T6895]  ? scsi_attach_vpd+0x4dc/0x580
[  255.743422][ T6895]  ? scsi_attach_vpd+0x4dc/0x580
[  255.744839][ T6895]  ? __pfx_sd_rescan+0x10/0x10
[  255.746276][ T6895]  scsi_rescan_device+0x243/0x340
[  255.747770][ T6895]  ata_scsi_dev_rescan+0x1cb/0x470
[  255.749254][ T6895]  process_one_work+0x9c5/0x1ba0
[  255.750693][ T6895]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  255.752296][ T6895]  ? __pfx_process_one_work+0x10/0x10
[  255.753826][ T6895]  ? rcu_is_watching+0x12/0xc0
[  255.755240][ T6895]  ? assign_work+0x1a0/0x250
[  255.756599][ T6895]  worker_thread+0x6c8/0xf00
[  255.757941][ T6895]  ? __kthread_parkme+0x148/0x220
[  255.759406][ T6895]  ? __pfx_worker_thread+0x10/0x10
[  255.760926][ T6895]  kthread+0x2c1/0x3a0
[  255.762122][ T6895]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.763661][ T6895]  ? __pfx_kthread+0x10/0x10
[  255.765008][ T6895]  ret_from_fork+0x45/0x80
[  255.766319][ T6895]  ? __pfx_kthread+0x10/0x10
[  255.767696][ T6895]  ret_from_fork_asm+0x1a/0x30
[  255.769182][ T6895]  </TASK>
[  256.369178][   T45] bridge_slave_1: left allmulticast mode
[  256.371486][   T45] bridge_slave_1: left promiscuous mode
[  256.375299][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.385968][   T45] bridge_slave_0: left allmulticast mode
[  256.388138][   T45] bridge_slave_0: left promiscuous mode
[  256.390314][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.675341][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.678356][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.681022][   T45] bond0 (unregistering): Released all slaves
[  257.102591][   T45] hsr_slave_0: left promiscuous mode
[  257.105973][   T45] hsr_slave_1: left promiscuous mode
[  257.110141][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.122393][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.713291][   T45] team0 (unregistering): Port device team_slave_1 removed
[  257.788792][   T45] team0 (unregistering): Port device team_slave_0 removed
[  259.187963][   T45] bridge_slave_1: left allmulticast mode
[  259.190139][   T45] bridge_slave_1: left promiscuous mode
[  259.193711][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.209258][   T45] bridge_slave_0: left allmulticast mode
[  259.211331][   T45] bridge_slave_0: left promiscuous mode
[  259.214919][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.461804][   T39] kauditd_printk_skb: 1309 callbacks suppressed
[  259.461823][   T39] audit: type=1400 audit(1737054337.851:9604): avc:  denied  { read } for  pid=13574 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.473592][   T39] audit: type=1400 audit(1737054337.851:9605): avc:  denied  { read open } for  pid=13574 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.483334][T13574] audit: audit_backlog=65 > audit_backlog_limit=64
[  259.483547][   T39] audit: type=1400 audit(1737054337.851:9606): avc:  denied  { getattr } for  pid=13574 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.485341][T13574] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64
[  259.495484][   T39] audit: type=1400 audit(1737054337.851:9607): avc:  denied  { search } for  pid=13574 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.498211][T13574] audit: backlog limit exceeded
[  259.505253][   T39] audit: type=1400 audit(1737054337.851:9608): avc:  denied  { search } for  pid=13574 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1763 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.508115][T13574] audit: audit_backlog=65 > audit_backlog_limit=64
[  259.513070][   T39] audit: type=1400 audit(1737054337.851:9609): avc:  denied  { search } for  pid=13574 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1767 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  259.560408][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.564172][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.567720][   T45] bond0 (unregistering): Released all slaves
[  260.046336][   T45] hsr_slave_0: left promiscuous mode
[  260.049873][   T45] hsr_slave_1: left promiscuous mode
[  260.054140][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.057696][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.760790][   T45] team0 (unregistering): Port device team_slave_1 removed
[  260.850966][   T45] team0 (unregistering): Port device team_slave_0 removed
[  264.600070][   T39] kauditd_printk_skb: 2600 callbacks suppressed
[  264.600087][   T39] audit: type=1400 audit(1737054342.991:12208): avc:  denied  { search } for  pid=13611 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.611198][   T39] audit: type=1400 audit(1737054342.991:12209): avc:  denied  { search } for  pid=13611 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=1763 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.620205][   T39] audit: type=1400 audit(1737054342.991:12210): avc:  denied  { search } for  pid=13611 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1767 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.630539][   T39] audit: type=1400 audit(1737054342.991:12211): avc:  denied  { search } for  pid=13611 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.638499][   T39] audit: type=1400 audit(1737054343.001:12212): avc:  denied  { read } for  pid=5328 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  264.646768][   T39] audit: type=1400 audit(1737054343.001:12213): avc:  denied  { search } for  pid=5328 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  264.650056][T13612] audit: audit_backlog=65 > audit_backlog_limit=64
[  264.654908][   T39] audit: type=1400 audit(1737054343.001:12214): avc:  denied  { append } for  pid=5328 comm="syslogd" name="messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  264.657404][T13612] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64
[  264.664431][   T39] audit: type=1400 audit(1737054343.001:12215): avc:  denied  { append open } for  pid=5328 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1

VM DIAGNOSIS:
19:05:33  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851c0ed5 RDI=ffffffff9ab11b20 RBP=ffffffff9ab11ae0 RSP=ffffc90004be75b0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000030 R14=ffffffff851c0e70 R15=0000000000000000
RIP=ffffffff851c0eff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fe3cf7126c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7038f18ff0 CR3=0000000049c10000 CR4=00352ef0
DR0=0000000000000008 DR1=00000000000000ff DR2=fffffffffffffffb DR3=3e00000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffffffe Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cf712060 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02a9a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02aa7
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02aa1
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02ab5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02b3b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe3cea02c19
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73697664616d2065 74616c75706f7000 757a253d657a6973 2070253d72747000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 564c534144480540 51444950554a5500 505f0018405f4c56 0555001857515500
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000108
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88806048f5d0 RCX=ffffffff8902e4de RDX=ffff8880233b0000
RSI=0000000000000000 RDI=ffff888031d00cc0 RBP=ffff888031d00da8 RSP=ffffc900035af8e8
R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000002 R11=00000000000a4001
R12=dffffc0000000000 R13=ffff88806048f570 R14=ffff888031d00cc0 R15=ffff88806048f598
RIP=ffffffff89993c00 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00005555588f1500 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000558fb43d3908 CR3=00000000267c6000 CR4=00352ef0
DR0=0000000000002800 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555897ceb2 000055555897ca90
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555890b0ce 000055555890ad20
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 04298004018c1000 06015cca00000807 0100000000000000 00000000000002ff
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200000000000000 4b000000000080fe 003a100000000060 dd8600aaaaaaaaaa
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 aaaaaaaaaaaa6c08 2980033810000680 0401000000080606 01019800080006b0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030204900006a003 02bf80809fffffff ff04900006900300 0488000688030004
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffe508088403 02020008820303fe 0200088003081000 018004019c080052
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c000080008a00302 0200089e03000000 0000000000000000 000001ffffffffff
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8400068403140400 0680032810000880 0428080052080001 00000008060a0157
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0103ffffffff0429 8004018c10000601 5cca000008070100 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=000000000000002b RCX=ffffffff8179d50a RDX=ffff8880517bc880
RSI=0000000000000000 RDI=0000000000000001 RBP=1ffff920007d9db4 RSP=ffffc90003eced90
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=3a474e494e524157
R12=0000000000000001 R13=0000000000000000 R14=ffff888047ac4880 R15=ffffc90003ecee78
RIP=ffffffff8179d50a RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fe810166f98 CR3=00000000258e4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fefffc00 Opmask01=0000000000004211 Opmask02=000000000000ffdf Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9991ee960542fff6 730db2567b425bcb
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9a4c4591f5613445 fe39ef38c3450c19
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2569db2e123ff1ae ba7b15e63ba75255
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b4eeb86bc8b1a87e 202fd8d4f86e7c31
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004100
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf15dc0acf1a7ba0 0000009bcf1cd8f4
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0080010000800100 00800100cf1ef5b0
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000009b00800100 cf1841ba0000009b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 008001000000009b 0000009b00800100
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 99bd0649edcc96d9 aa871981dea53a7b
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4829eded04e0fc21 a88025ae65201fb7
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 726f662027732527 20656c6966207325 2064657461657263 000a73253a47000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 574a430502560002 0540494c43055600 0541405144405746 000a56001f47000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9cb450fd4c 00007f9cb450fd47 00000000000000c1 0000000000000034
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556157cd7f50 0000556157cee8c0 0000000000000021 000000000000302e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 17654b4a5d58545e 421f421b005a2f1a 5d1702043c561e14 064b2f42011a045b
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3b2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303b2433273f39
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000531153732 0000000000000021 0000000000000200
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000531152f32 0000000000000000 0000000000000200
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff888024631100 RCX=ffffffff8162d283 RDX=0000000000000001
RSI=0000000000000008 RDI=ffff88801f2f8ad0 RBP=ffff88801f2f8ad0 RSP=ffffc900049efcc0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000b92
R12=0000000003800000 R13=0000000000000000 R14=0000000000000001 R15=ffff88801b0b8c00
RIP=ffffffff81fcca3d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fe3ceb452d8 CR3=000000003550c000 CR4=00352ef0
DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcfeffd0 Opmask01=0000000000004211 Opmask02=000000000000ffdf Opmask03=0000000000000000
Opmask04=00000000ffffffdf Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc28a514d0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000ff0000 ffff000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff00ff
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f7a4e78e2d87f 2f2f7a4e78e2d84d
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b288ca9bd8d053f 2f2f2f2a793a53f0
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000111 0000000000000000 32706f6f6c2f6b63 6f6c622f6c617574
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f7463656a626f3a 755f6d6574737973 0000000000000021 0000000000000035
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556157d83480 0000556157d83400 0000556157d83500 0000556157d844a0
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3b2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303b2433273f39
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020