last executing test programs:

7.409423269s ago: executing program 1 (id=1403):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, 0x0}}], 0x1, 0x20000020)
sendto$inet(r0, &(0x7f0000000040)="b5b5", 0x2, 0x800, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f0000000180)=@gcm_128={{0x304}, "0ca48e98569244de", "8f2900a9a58b813d2a7db5d76e6883d3", "0a90142b", "c49eb246117fbb66"}, 0x28)
mkdir(&(0x7f0000000300)='./bus\x00', 0x88)
llistxattr(&(0x7f0000000580)='./bus\x00', 0x0, 0x2)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) (async)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) (async)
sendmmsg(r0, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, 0x0}}], 0x1, 0x20000020) (async)
sendto$inet(r0, &(0x7f0000000040)="b5b5", 0x2, 0x800, 0x0, 0x0) (async)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0xc, &(0x7f0000000180)=@gcm_128={{0x304}, "0ca48e98569244de", "8f2900a9a58b813d2a7db5d76e6883d3", "0a90142b", "c49eb246117fbb66"}, 0x28) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x88) (async)
llistxattr(&(0x7f0000000580)='./bus\x00', 0x0, 0x2) (async)

7.349841862s ago: executing program 1 (id=1404):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x32ec0, 0x0)
ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000040)={0xffffff89, "7103928758c02543a3945c01af0f3f82d7c744ea31e6ab06f4b57d9cc4c71c22", 0x0, 0x1}) (async)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x4, 0x3000, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r3 = mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, 0x0, 0x1000001, 0x13, r1, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, &(0x7f0000000100)="764ff5b03dc19f069db3aedb2f27baf61bef6d4c503c7c6562beb41208882bf093f72b57154f0c02ce447b486327db9d8906690cb2aa0eb4704db1bed2b209c4ff906b8d987c81ff", 0x0, 0x48) (async)
r4 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffd000/0x3000)=nil, r4, 0x3, 0x10, r0, 0x0) (async)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r4, 0x2000006, 0x13, r0, 0x0) (async)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000) (async)
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_GET_ONE_REG(r5, 0x4010aeab, &(0x7f00000001c0)=@arm64_fp={0x60400000001000a2, &(0x7f0000000180)=0x8}) (async)
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xf) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040011) (async)
ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f0000000380)) (async)
setsockopt$inet_group_source_req(r2, 0x0, 0x2b, &(0x7f00000004c0)={0x7, {{0x2, 0x4e22, @rand_addr=0x64010101}}, {{0x2, 0x4e23, @local}}}, 0x108)
migrate_pages(0x0, 0x8, &(0x7f0000000600)=0x4, &(0x7f0000000640)=0xfffffffffffffffd) (async)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000680)={{&(0x7f0000ff9000/0x4000)=nil, 0x4000}, 0x2}) (async)
write$binfmt_misc(r0, &(0x7f00000006c0)="4fea6b22b64cb3bea41c86e08f95ae4fc8330d8db6be6c3579897e472e5ab4a2d04e46a927f1d83e456a79e8606fbe26ee4807dbdd970d2bfb0b53c780286cb0e94bcd7ca964329e660b27205702f8b34559b293ea6f570d16bc2d569d73fdc6282a33a3fb2f15224132c46c81a92f6e156230a7034b8ec7f170ef55264a7fd7316e1307939689b5e64dad3d3089ead43d406577053c54e8baaa586c62c9982561d86b15afc98720904955721fad2c7df4fb7032019f8735fe289f2124094a6cbcfacf095a681a49dd890507aa544c6d3b60a39a6cfc2bde257ca82547bf6dbbc314ae90de9cf861a699aae73842dada03c1efdb353ae1649928869492ad858902cb5d3f99f25ea33bd0c877c1a488ebb23adae2ac4e83a85bfe7e04e538133021a04dbaf4d4c029557b246167bf085c150f569d649f22358168de1bd36d8bec626a58a73f62cc9022ad77587b247efe181bf4fdfde45adeedc218d39feedfbabd4088183ffaa43df802e9d9fb01c175458d67f3958f6d8ce5abf66f638c7547f9a4427bd1e19d69c0a52da3bdd5aaaae5cad2e51ef60a75a6ff5d84ca6c72462d096fdd11cec4f65aacc62bd19aa23defeb6ee7498d7b550d61b8c37b47b96b446ddba7e8085f7766650658dc656117ded6af0f757170fb5d8eb84866b615523b8bceb33a80271289be6921c8bce28586d225c46822fd1afc229e67a669e599ced060cfaf583181d9c9b998b3a7542f4d095782de9a6cc0cea6f1165a222c3e809736895ccca14e47bc45ac071364ac5cb1177e7c25b0e83af29c8b8858e39b6a421a1d6aca61ef02544d3a2e19d5ebd7973db87ebfe89a4cf7b27b06abd1cee9843eaa4ab0a3fefa73a2a7684d3ea7eecbce3ed6ac2f1dc6764a1733afa491c38c378fe46dceb2f65f9356df21b2648f01802012de0c9874136dadcb2a8693f5b2467b4a50957081ce20b486c320b8a0df9d594c69dcdbb38803649fce61cb67238e6a165fafbc87d1cd396daab5cfcd7415dff377d050e855ba2ca25b3d9286f1de43a5fe2656480acce9d1518b5293a003d3ef8e68e2bce12bccea60e1435ef2e8d58ef0438e645295bd14d3e7da953e02616f378d2fa978eadda1fe13102a1c13b2ebf8e3494ad4ad9b6aa790679f2332a28687aac7cbefe18c6b74ce28c00b41f51b74875682e4dad5ce6232e75c591e4f584c2ffa1789e8e0e7b3a3d7b735d7d7abdc63246a146f74208e968308c466eaf8cd59fffd787888df7c7d5f473b85c21396d68499ead7b1d63c0cb9a1192a9c2e06a3501bd57b67c36b0e14cfe7a9bf82df6f2f45ec6be9d14a299eafeab04460a42f823399a1bfa3657edef828f7dd53f1a6d4dd9c61fe666144a658cf1623f984eb94687d4130c6e3f1af7410efe6c090e090f616f878024d05235d58d6fc39b074cd56a68f97554497b95c027e15a2b485c38e830dfc668d9ed12eccd93262094551ef1c161105ce3f2c4870e6eb6aceaff394b0d0c7430315f1e6d92c88235bf441d8031c145280faccf36dd76c23ad9a33853410aa494efa54fbe6cfaa18198f8479204b813fb4fc01b7bc28cea789ce08c4d0229c883be3f0e10fb7b571189d32ca5c2aca974dcc171b3e4ec2b69a1ba0bb42257f9b4428da115fba01e7c37f107736766009b9d776fcbb37946690f6a5a4680fa9809857e5ac0ca0277f6b7abb26f8687295a3181322ee94faf504a32af6d5400a0de10c6da9c667cd89830f6c4a27b394ad0af20733905ffa90c837e2f4fcd32152784781b1f53002c5cc2855a464c3c4a288e1fbd6a3d4214dcf21f59b765b155b75fc3898f95bca7e7e8f384b92e8accbc75805f4bd37f09111c6cd23bd5683bbbb9d0da05d50d9623a1f97494edd732381969be3c51dd1874ab13c4ba4ecee65ded28d6df740c6fa8c905714b000fb0b2b925847e3bb5e9b5ca7f3d70fde6054268e913fba1e980535b97881afaec49a9c4b0e0df5c1a2ae5561e80677f7957228b56c3b4de1d44a6161e68f9ccf91f4696ce9e65355d5766f1a02f5510b44c33ca034cf1a0a90e1968a0d2f8d49f65d23700e1b84e34c04e390e5cf966d88002c2720d789d88dc84e03a0a36e5d20868a4154a82e897a646008a95722d98ad1bac394205d2c8e00331952b86f63968c608d16695ab4b3e234fb6e41104e950ecb2691e586e735c57d51548e3d35ff7bd954f56190d6afbc25536cd4ad904e0d0f6eb1d50be030747da62f4a64ee1c66ad6b121d9044106a43ca15ae42c7dfc129a4f3f4bac15782fb1708e3db3b4232fd972f8feb0ce27a7f4f1fda22ad6788a9fcc12521151d68e1ad9710ed20e32e9452d60226a68866b4294e285276f2c7b08d32e8397de5fea29639eb228c49156cf5a8d912ba0482e494e71ba04618e0eebe67cfb6fd6eee06f3942340d24af8bf3d58f0f8e9b219af9e4ede512ad1324114511ed23a5564a1155b41f96005d6cd43435f254c8f28e4eebee2c9edf964ae6552b46330713ee47080dfcd82e344a930bf4f58f2931ef6d9bebac718e42fe3463a230981341e5cef2267aa82e33926de497f7a81dc3968a7472acf4743e18746fdbcc85e6032cc929e9487423e580016a141340571f9ab609a2b1d864095ae2e1c074e9209dc93986f7a71066968a2257a96c8db0f26a4f1b37e3ef096b82f352f29ebb68a610ab89bb1c3cf782fe0aff17e5c11a72e2eaed0556670dc9fcba1f333520008c2854c729c06c59a735d4c71f7050b052fafdfe2ded811f127e8f9629f19d8b590123ca9981c9b51437247054a8a1499ca96facaa301a1277186517d130e90eee8d3271ffe8d15c56d7d4f2147e075e8abc5891bd2388fd22d8b397e9041f997f089cb7e5bb15ae262d0984ba60a38a7e058e665d1eb11451fe4ddffda5ae8d329a904094c03be75089ff261be06558617af41bfb8d433830f6147b6d35808492a3c094ab688efcece22dcef2c4543c3c13b75e9c06d1113f81b9537ff6ec206a513fd18098fb412a022c59776bc02743dd701d97fc80714358e330b007dfda18c78f880f1b43d6c700c2496c0009a73afb4768c484111dd879d9184fc5e8d8525d45ef9354383d7890adebf8377636a4b8d9bfab564e686c31750402bb95c8d0147b7c2bd191a43efbe18894eabfc5335e03217cb458423fb3f346d2660a87c7a782e0bb7c4e5cfbcc45c54a4b997f7a211215071747fdc75fbb0375bc5c5738b41ff753e5f82a43f233312904b467b7c8571e61fa1c93bd120376701a47827aed4ec09a6a4360a055d3dcef8c30c0282c8f8e35a76d5f1b61cf11034f85cba272d0a83b919da095053a4a7db20e7302d19faeb14a481547d337591525db681a732bb55b6435055bd28dbe48ff202e1fd7fd1b8e02273e4f6e75de8a1f8f021d12dfa688301ac413b14d8b3858159360a34c0224f38f71ef3b709e15f1e61cd3f41530a148a8069dd9e3fd3b902d08730856f8917bb831886b726e50e16813ffde4fc166cbbcd4e29e992e60907c98231f2fb3600aeb0d37324ee417404365e5eed7ce3da9abeb304aa31b2ca3707d7ab2948837128a0849b5db790a7a4c25a7dee84be56370ff239c26ca73d66caf5236a24dd4d4f50aa8d3885d32c6900d68eb82e0903baf30dad182682f2153d43bda99e900b47cca79056da50dd88b1f5d5aae7f670703b426f063e38f1a9e10780b148ddbb48ec08948ad135e8d5b7d8baf898559d6e86e325157f1b9b8b0496d98e988c41c888703a9a28b53f77c52b8a02881dbb9f987b84e9481beff77e08d013edb23db684bca283caac0b8ecb8473137f76ab3f06c541d0a73526a2e12208b52b1378269e788573d53f417c08759a2e9e7819cbce243b4b4f9ca1108abf17ffbd7cdf73d002dd5df4926307a955fb2a73ecea3e1a20df97bbaf410e77e613d479c425eb774651952f2d1158bd2cac09227ec6f500298e791d3b080a0f0ee718e839223dbed20a8902986199f4cb3ddb2ce2f768933f69a5c1d37e29bd35b7c0cffa4f87deee4ce2864ce29a92b8bbecb45654f117886cedab7e09747f5406f6fa596bf04cb13d1f3d99feb71d6c487f26863c3eed2b2bc89d62802f51335e2bdfb7f767aa57045c7c81bf13b2b36bc5983e3177d38ecd786920794c7a48f483e5e29490904e9775fa7c144bb1a535da96a6cc18c0d50f462aa6ccf3bef89e6eff931a2c9483f9b661fa93dd238954c30ae256c87c5ba161576531435d05f46ce67f9b8cb0c50b9834f09592315cec1168417d8bb50b17b5107a14bd3eb389bb4dc225e25c0ed8e9791bcda2dcb72866df8e4fa55555e49168e82fe1dfeeb21b933a3a4a0d86e1b55f2c51894a0df2e42f55f4ef8be8bb9c700ca02a1c26be38112d91a73b066457e636d8b5871b2333a4a9950d3be2997e945084e9713de2046f267ff576b3e6237d5223cbcefc428ab451907ae28673aac77a00c8ac40d66d5d74d68ce87b64b09bcacb8105dfeb8d34e271eb7458702adf6e97fd56705c0955a486fe1f63e4a7c947a82b414ff2dc795653cfd30055d6aeeb26f55231577db752efb820545fe17b137b83cb78f136c49d01a010b99878d2fc859774fc18ec504cabdf39b7f6c91697ddf76fe8077c89a21f330834ae53b323e8139a0170dac4a6f80148578fe1621c08e042b1c60831f8022ca89ddf7f1f9fbdafc4e46c537957b4ee1edbc8bad1aa6438577a1c5194ac05086e49d23051003cdc48610cb0600ec9c5f26845b02fd313498017503125fc6babc81b9e20062844509b9af09cf8c9950c538d77c8aca6a941161d460482361b7f1f052c045f855d32dab6152bc4d68e4f4ded1076432814f494ea1c035055dc69cc512025841af389b6bda0ba87836a50dac13af677c10929b5125c1060aa959e878b519026d3bb287f4745ed35e5469f81111f9270aca243619bb17e04f391dce44c1cfd44fc42cdb62aa4d0edbc04acf7141615fa9110384bdfc2b02b82c47e6d062f5fe990e3573f646bed5f1d33b081a0aaa8d0c76f99b9cfdc078091beb8d7589db9872e0fc7d8e01fc69b4c2497b0a1544179b27de03919a87735d0203049bf3c201f02eec23e4be602d02f39b6cd7ae10621e7926e38357375f1de9a7ed1091e562a439151fc0ad29df44adfc8baa004173bd4ca2108c300cf2b486fea62371ee0b1dc888830c839d93ebc81290600ba8b30b00fa73fcc9b4481b9c61a3709898082e453301a52232d31e1fc187031a9075c5dcf7aa4daf044641c91a632743fce47fbab7b669717cc36df9f0b516dafcee2499f8a25c2d2f93ec65f2926f4bce60d70754f8438090ef2da807a5748fdb8c70f7d48ada2b7d8b35fa77904683ef584918e67a8a7e91854b280e3e252aef8a692bb24a63240e544b2ed06b0d7765893f6bdc2cb104c945a7049df0d373919cd03b1da3fca17e4639dec3450491a263eff4af1dd5105f8c3e1b059e7408953b7fdfa5eab46c870a5ef6241ea7ccd952a09fa2c70a90f381beae0e2d560eb80723323d403c3130495f7768766992024b7f8848f0574167a27df368ec52bf1ef8a1614df034c19cd8644c5ef72d8310c8c6d8c57084c7cfc534a7eb9837db9b854962dd3486a84482a9d8dc5330e51b030a0ae6b159477e90ef929e433aa3ceb75f03dc199ac9c9903515fbe107e720e543f7c79413aee96d0cd15ad16366aff0f21640939a03c5964cf444dcb786e81d2ba9934054d5c3e5c1eaf823b3e5eb6b78eba447a05b749c2ea50076f33e2d5cb62", 0x1000) (async)
accept$packet(r0, &(0x7f00000016c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001700)=0x14) (async)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r2, &(0x7f0000001840)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x40202}, 0xc, &(0x7f0000001800)={&(0x7f0000001780)={0x44, 0x140f, 0x200, 0x70bd2d, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x9, 0x45, 'issm\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x4805}, 0x10000) (async, rerun: 32)
ioctl$KVM_NMI(r5, 0xae9a) (rerun: 32)
syz_kvm_setup_cpu$x86(r0, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000018c0)=[@text64={0x40, &(0x7f0000001880)="460f017e00460f073e47d9e1460f35470f38cc253a0000000fecba3d0000000fc732410f01f866baa10066b8914966efb9220a00000f32", 0x37}], 0x1, 0x8, &(0x7f0000001900), 0x0) (async)
sendmsg$key(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001940)={0x2, 0xf, 0x6, 0x9, 0x6, 0x0, 0x70bd2b, 0x25dfdbfd, [@sadb_x_sa2={0x2, 0x13, 0x4, 0x0, 0x0, 0x70bd27, 0x3505}, @sadb_sa={0x2, 0x1, 0x4d6, 0x1, 0x2, 0x6e, 0x1, 0x1}]}, 0x30}}, 0x4000) (async, rerun: 32)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001a40), r0) (rerun: 32)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000001b00)={&(0x7f0000001a00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a80)={0x24, r7, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_LOW={0x8, 0x11, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x840}, 0x805)

7.299833094s ago: executing program 1 (id=1405):
pipe2$9p(&(0x7f0000005ec0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
write$P9_RREADLINK(r1, &(0x7f0000005f00)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)
readv(r0, &(0x7f00000060c0), 0x0)

7.298954811s ago: executing program 1 (id=1406):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x3}], 0x18}, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000001580)=""/238, 0xee}], 0x1}, 0x1}], 0x2, 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100002, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = eventfd(0x0)
r6 = eventfd(0x0)
ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000300)={r5, 0x17, 0x2, r6})
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r2, &(0x7f0000000080)='./file0/file0\x00', r2, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
getsockopt$sock_int(r7, 0x1, 0x22, 0x0, &(0x7f00000000c0))
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=r2, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

7.149328536s ago: executing program 1 (id=1409):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
lsetxattr$security_selinux(&(0x7f0000000080)='./bus\x00', &(0x7f0000000100), &(0x7f0000000140)='system_u:object_r:mnt_t:s0\x00', 0x1b, 0x2)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8000, 0xfc)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
setregid(0x0, 0x0)
r1 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setfsuid(r2)
symlinkat(&(0x7f0000000180)='./bus\x00', r0, &(0x7f0000000240)='./bus\x00')

6.900117402s ago: executing program 1 (id=1410):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000ffdbdf251200000008000300", @ANYRES32=r1, @ANYBLOB="0a0006000802110000000000080000000000000005001900"], 0x38}, 0x1, 0x0, 0x0, 0x20048000}, 0x24029000)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_GET_TID_ADDRESS(0x28, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

6.881947374s ago: executing program 32 (id=1410):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000ffdbdf251200000008000300", @ANYRES32=r1, @ANYBLOB="0a0006000802110000000000080000000000000005001900"], 0x38}, 0x1, 0x0, 0x0, 0x20048000}, 0x24029000)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_GET_TID_ADDRESS(0x28, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2.487606412s ago: executing program 0 (id=1466):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x2}]}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000500)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000600)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r4], [0x2b8]})
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r8=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x24, r7, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x24}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000000c0)={'erspan0\x00', &(0x7f00000002c0)={'syztnl2\x00', <r9=>0x0, 0x8, 0x10, 0x2, 0x81, {{0x19, 0x4, 0x3, 0x5, 0x64, 0x67, 0x0, 0xff, 0x2f, 0x0, @empty, @remote, {[@lsrr={0x83, 0x1b, 0x31, [@multicast1, @local, @dev={0xac, 0x14, 0x14, 0x36}, @broadcast, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @rr={0x7, 0xb, 0xe3, [@rand_addr=0x64010101, @multicast2]}, @rr={0x7, 0x27, 0xb5, [@empty, @dev={0xac, 0x14, 0x14, 0x42}, @remote, @dev={0xac, 0x14, 0x14, 0x3f}, @broadcast, @local, @multicast1, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000100)=<r10=>0x0, &(0x7f00000001c0)=0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'rose0\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vxcan1\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000800)={'xfrm0\x00', <r14=>0x0})
r15 = socket(0x11, 0x3, 0x0)
sendto$packet(r15, &(0x7f0000000380)="6fa4bf90aa8a2fa38a8f6c8fa168f069adfc79fefab38d472b35afef1abf5976aa851156780bb0fe", 0x28, 0x0, &(0x7f00000000c0)={0x11, 0x0, r14, 0x1, 0x0, 0x6, @random="0786dbd848f5"}, 0x14)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r0, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0xdc, r5, 0x400, 0x70bd28, 0x534, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x14}, 0x44081)
r16 = socket(0x10, 0x3, 0x0)
sendmmsg(r16, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.380301942s ago: executing program 0 (id=1467):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x13, &(0x7f0000000040), 0x2)

2.379814242s ago: executing program 0 (id=1468):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0)
sendmmsg(r0, &(0x7f0000000080), 0x4000000000001f0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000080)={0x11, @loopback, 0x4012, 0x200000, 'wrr\x00', 0x0, 0x3}, 0x2c)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x14, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000980)={0x6, {{0x2, 0x4e20, @local}}, 0x1, 0x3, [{{0x2, 0x4e23, @loopback}}, {{0x2, 0x4e22, @loopback}}, {{0x2, 0x4e20, @loopback}}]}, 0x210)
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='gadgetfs\x00', 0x0, &(0x7f0000003cc0)='gid=1\x00nk]e')
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x80000)
read$qrtrtun(r3, &(0x7f00000000c0)=""/14, 0xe)
read$FUSE(r2, &(0x7f0000000cc0)={0x2020}, 0x2020)

1.809893972s ago: executing program 3 (id=1484):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) (async)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000280)={@local}) (async)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe) (async, rerun: 64)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) (async, rerun: 64)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f0000000000)={&(0x7f0000000780)={{@local, 0x3420b671}, {@hyper, 0x8}, 0x400, "a04c90cae6b54f3b019327edc3b885d11a0f77046fb2610e6c6f99d46b1ab8925157e4f6185e7493f4975ad65bb3fed16b09c318e7eab851cccf7b5dfa5bccadc4a95c01eaa59e370af4b35c40f98a5c8c0c394a7e43556299c59b6694772f09f97def8b968d35cdb8f5e8d5886649a85feea78911b30cf7f1e4775705a74ed1b25f8199e08a2d42799aeb030f348e319b2dd05610b2d1f23750af8b690dced21970a52add11f05be4c50056a4ceda3e267b51dbb940b213b0dd757e563c1c92327bfb0ad7768ef32c2aa8ed10ae25a850de6a2c05da08782bfa896e43fb60cc24e2a522148fc96fa298907c6123d0d78709f61a3c496910b70ecf0fb5308ee5dbf77b855061f64b6808ab189de600913ac73c70526731c09712736997bf5ec0a13bdbf37870e4804051011bd6abd509927f6ceef79210eef60369859dc982d777c7dcf10e21ffadb7ca4bb944a1ad40922f1ae280a789ad6c72c32eebd448f76acb1eb2c553daea7950ea48ceb9f1d1b16f6d5fc71ebd7185dadce3cbbb5dfb23e7e00c70c937b447ca9cca9a09488248965698b27bdcb2b402c00469c2d59993ca1f9bad3c360104ebffb8d4da8f1773085fe1513fbbd1e99f67680dbb5c185b42391fe79d08966729a564148d6b4f90f5fb8b0e99c9ed277071b36eb152a416c72bf7b5f78a5a48c46f7c454818c3f3b5cc43e5db937b667923e627003657ad63a92322d95fbf1c26d5bfcc225c623db57cf4bb715fab0462eee290c00121dbb1f5d002f9996e6eb23e806c8df72dd10629fc99c4d43d06d627acf44020c64fca62235acca7236e1f1a71479b415bb48ac5edf02d136638a614583eef514e8c22fa0097d0e28b40935f87e770a56207e1d08d652762465913245563874b4328966585be3cb2b109e0b03896c98cc804e700c8f6281a0384c228972667b70c2ba497403e51b3e7a6675f00fef41e61a5cc149ddf039fcfc7a052933003e489946394f66f870d73c7d274f0cf5763bb0602cc4bd2f494fa7adf81ab0c625e1eae118fdb163bdb4388137380e8fde3eed2e61d3baa87eac2abf84fd98a131a323498dfa954d637784066cfc7b5023e5cd2fe3e6263d4ed109d91a52cfce8b48ede38bf536b4a658bd6ac50ff90b668510045defaab0a71c468f821827ccd591c0f76293d8b633476d5965388d0c517a8cf46e49e6cc3dc5e323d2ecfa2d6811c533010154fe6787b6ee3bfb13e3f818b15c8924c67c8907a9db3fdf6464631469de2d549fe49a7a2975b2efb013890dec295845c18cf2aa9b572654e0119a10490e1d80eeaf6d6d2cecf7c6c39d3a74a3c458618e8c7fe20596a964ad546eb882dc47fd9f1b9ed1920b2e8214d21d495f802c25c152cf8924da4b540ab2c5387a3e70e3d140aa8dcc417a91cb554e4a6b404aa4157f3ed90464818dd42bd9677"}, 0x418, 0x353})
close_range(r1, 0xffffffffffffffff, 0x0)

1.809666369s ago: executing program 3 (id=1485):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@datasec={0x2, 0x1, 0x0, 0xf, 0x3, [{0x1, 0x2, 0x2}], "a77818"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], "c9"}]}, {0x0, [0x0, 0x2e]}}, 0x0, 0x44, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0xe0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x66, &(0x7f0000000080)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r0=>0x0, 0x2c, &(0x7f00000004c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000280), &(0x7f00000002c0), 0x8, 0x27, 0x8, 0x8, &(0x7f0000000300)}}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff000800034000000038340300000c0a01010000000000000000070000000900020073797a31000000000900010073797a300000000008030380040300800800034000000002100002800c00028008000180000000000c0004"], 0x3c8}, 0x1, 0x0, 0x0, 0x810}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018d10000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.75960311s ago: executing program 3 (id=1486):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
socket(0x1e, 0x4, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = openat$snapshot(0xffffff9c, &(0x7f0000000080), 0x40040, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000008000000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='qdisc_enqueue\x00', r4, 0x0, 0x7d}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES16=r4, @ANYRES64=r2, @ANYRESOCT=r5], 0x48)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000026c0)=ANY=[@ANYBLOB="0c000000040000000400000007000000000000", @ANYBLOB="00000000000012800000", @ANYRESDEC=r6, @ANYRES32=r3, @ANYBLOB="00000033b605a9d295b77de5249f0d7273d54d000000000000000000000000000000000000000000a9eb34061fd925ac6e1009fc2ea97ffbe4c05732a243a6a98ac3b2d8f52a22c816ebb0c2448097ff49ddf2571a953834d48cd7003b9b07adbf3d6ebf012558ad92e49e268ed0f1a6cc2922fc57d677058e98"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r7}, 0x38)
userfaultfd(0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = dup(0xffffffffffffffff)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001)
syz_open_procfs(0x0, &(0x7f0000000340)='net/hci\x00')
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010001040000000000010000000900010073797a300000000064000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f08000340"], 0xac}, 0x1, 0x0, 0x0, 0x80}, 0x0)
read$FUSE(r8, &(0x7f0000000680)={0x2020}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_REMOVE={0x7, 0x5})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
r10 = add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000003c0), 0x0, r10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

1.508624805s ago: executing program 0 (id=1487):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00) (async)
open(&(0x7f0000000280)='./file1\x00', 0x440, 0x0) (async)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000340)='X\x00', 0x2}], 0x1) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) (async)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x31, &(0x7f0000000200)=0x8, 0x4) (async)
bind$inet6(r3, &(0x7f0000f65000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r3, 0x0, 0x0, 0x20000002, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
getsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, &(0x7f0000000080)) (async)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) (async)
syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0) (async)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x80049367, &(0x7f0000000240)) (async)
ioctl$AUTOFS_IOC_READY(r2, 0x9360, 0x8) (async)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) (async)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
write$binfmt_aout(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad00", @ANYRES8=r6], 0x125)
chdir(&(0x7f0000000080)='./file1\x00') (async)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
rmdir(&(0x7f0000000300)='./control\x00') (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./control\x00', 0x20800, 0x1a1)

1.379671677s ago: executing program 0 (id=1488):
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f0000000000)={0xa, 0x3, 0x9, 0x84000, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$dmmidi(&(0x7f0000000040), 0x8, 0x8200)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={<r2=>r1, 0x831, 0x1000, 0x5})
ioctl$VIDIOC_S_FBUF(r2, 0x4030560b, &(0x7f0000000100)={0x40, 0x8, &(0x7f00000000c0)="3299aa532738c0b07573b1f2e91d06eff5aa72e90f7fdd8905fb6dac9c43db089e6223", {0xf, 0x80000001, 0x20385655, 0x6, 0x585, 0xa9aa, 0x8, 0x9}})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
getsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
ioctl$VIDIOC_G_INPUT(r2, 0x80045626, &(0x7f0000000200))
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xe, 0x10010, r2, 0xb10b0000)
ioctl$USBDEVFS_GET_CAPABILITIES(r2, 0x8004551a, &(0x7f0000000240))
ioctl$EVIOCSREP(r2, 0x40084503, &(0x7f0000000280)=[0x0, 0xffffff00])
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x68, 0x68, 0x5, [@var={0x7, 0x0, 0x0, 0xe, 0x3, 0x2}, @fwd={0x1}, @float={0x8, 0x0, 0x0, 0x10, 0x2}, @enum={0x2, 0x5, 0x0, 0x6, 0x4, [{0x3}, {0x9, 0xd}, {0x5, 0x3}, {0x4, 0xc}, {0x2, 0x1}]}, @ptr={0x5, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x61, 0x0, 0x0]}}, &(0x7f0000000380)=""/129, 0x85, 0x81, 0x0, 0x1000, 0x10000, @value=r2}, 0x28)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000480)={0x0, r3, 0x4, 0x9, 0x33, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2000001, 0x4010, r2, 0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f00000004c0), 0x40001, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r2, 0xc01064c2, &(0x7f0000000500)={<r4=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r2, 0xc01064c2, &(0x7f0000000540)={<r5=>0x0, 0x0, r2})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc03064ca, &(0x7f0000000600)={&(0x7f0000000580)=[r4, r5], &(0x7f00000005c0)=[0x5, 0x7fffffff], 0xa5f8, 0x2})
write$cgroup_subtree(r2, &(0x7f0000000640)={[{0x2b, 'blkio'}, {0x2d, 'net_prio'}, {0x2d, 'net_prio'}, {0x2d, 'net_prio'}, {0x2d, 'cpuset'}, {0x2b, 'memory'}]}, 0x35)
r6 = socket$caif_stream(0x25, 0x1, 0x5)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f00000009c0)={'syztnl1\x00', &(0x7f0000000940)={'ip6_vti0\x00', <r7=>0x0, 0x6, 0x4, 0x9, 0x30e, 0x40, @remote, @loopback, 0x20, 0x40, 0x3, 0x2}})
sendmsg$inet(r6, &(0x7f0000000b80)={&(0x7f0000000680)={0x2, 0x4e23, @rand_addr=0x64010102}, 0x10, &(0x7f0000000900)=[{&(0x7f00000006c0)="43a9ebb0d2f2240572811198f22924a4bd8b5ec584785f2af7d46ea5062769465964dad7dfb0b66455d34e2441c6b5f0e1a4f69e05a92bc2f57c1764a7025ca9b2bff305079f4e4072137a1ef7aee78d097534c83d5f058906d42d7b734f016171e466bfea4c4e3c15128624892db26ec502f4c9b0b232687395c51f81e7373098eed000446ee62107aeb20c1174e19af081d3837678103a4187458f8bb1efa442b27ed1581dcad31d6dff96e8b7220a7f0f62c05d55f3", 0xb7}, {&(0x7f0000000780)="1e574b64176c46c85f9ec65d74c484a2b2d607", 0x13}, {&(0x7f00000007c0)="f5ac46b9eb174e53f2d3ba50c7cd7e487bbfdc99d1db49dfe7c6f9fe802509cff468e34f7cb127d0c47db8f9301a649113d46b3e259ebf12a0534967f4c34b651b545da3578987db873cf0d4888d42f06652838e0dfbf311f25e6f16b1b27371605e097e9b418fea1a3169bb10e9b78f5a073b619db777598ff1e5d8bf285140d860c2b0f6c81f04d93372bafda236d3a185e437d879b980583cc10ea7e6118f672b200565822c0500f5644d3781fb049af914afeec555ae759e016ecfdfb17f8e8756b0f10205b02308a9ebc0f3531ddf5161aa195789090f73add2f2e668502e5ebdc552f1a31c933ade6ddfaddb912f5df0a878245b31d1ab5c4a94da", 0xfe}, {&(0x7f00000008c0)="62c23b21333bf510773215884aa6f0d62171a2194e882f5c6d5b9223", 0x1c}], 0x4, &(0x7f0000000a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @rand_addr=0x64010101, @empty}}}, @ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_retopts={{0x110, 0x0, 0x7, {[@timestamp={0x44, 0x1c, 0x50, 0x0, 0x8, [0x4, 0x5, 0x80000001, 0xff, 0x7, 0x1]}, @rr={0x7, 0xb, 0x53, [@dev={0xac, 0x14, 0x14, 0x13}, @loopback]}, @generic={0x86, 0xb, "818d5d4f3f4378c49e"}, @lsrr={0x83, 0x23, 0xc4, [@broadcast, @remote, @remote, @remote, @remote, @multicast1, @private=0xa010102, @local]}, @cipso={0x86, 0x4e, 0x2, [{0x7, 0x9, "921ba1932326a0"}, {0x6, 0xc, "de32cb0b892cec6307aa"}, {0x0, 0x9, "8a6ae49672aaa5"}, {0x2, 0xe, "fde7441361b685b71c58447f"}, {0x7, 0x10, "6e13526d1941242239d2dba576d6"}, {0x0, 0x3, "9b"}, {0x4, 0x9, "3d442d2ba15b30"}]}, @rr={0x7, 0x7, 0xdf, [@broadcast]}, @lsrr={0x83, 0xf, 0xc7, [@broadcast, @private=0xc5, @broadcast]}, @lsrr={0x83, 0x2b, 0x54, [@broadcast, @loopback, @multicast2, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @loopback, @multicast1, @local, @multicast1]}, @lsrr={0x83, 0xb, 0xd8, [@multicast2, @rand_addr=0x64010102]}, @generic={0x17, 0xe, "c26c60c3023184266f431cac"}]}}}], 0x160}, 0x20008004)
ioctl$KVM_CAP_HALT_POLL(r2, 0x4068aea3, &(0x7f0000000bc0)={0xb6, 0x0, 0x5dd})
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000c40), 0x4000, 0x0)
ioctl$IOCTL_VMCI_SET_NOTIFY(0xffffffffffffffff, 0x7cb, &(0x7f0000000c80)={0x8, 0x9, 0x4})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d00)={&(0x7f0000000cc0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r2, 0xc01c64ad, &(0x7f0000000d80)={r8})
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000dc0))
socket$nl_rdma(0x10, 0x3, 0x14)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_RTOINFO(r9, 0x84, 0x0, &(0x7f0000000e80)={0x0, 0xffffffff, 0xa, 0x74b}, &(0x7f0000000ec0)=0x10)

469.20813ms ago: executing program 0 (id=1492):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000200)=@userptr={0x0, 0x1, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "020037e0"}, 0x0, 0x2, {0x0}})
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000280)=@mmap={0x0, 0x1, 0x4, 0x100004, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}})
ppoll(&(0x7f0000000340)=[{r0, 0x1}], 0x1, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000611230000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)
r3 = getpid()
write$cgroup_pid(r2, &(0x7f0000000280)=r3, 0x12)

466.453077ms ago: executing program 3 (id=1493):
setitimer(0x1, &(0x7f0000000080)={{}, {0x0, 0xea60}}, 0x0)
setitimer(0x1, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xe8c}, 0x2a, 0xfffffffffffffff9)
r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$instantiate(0xc, r0, &(0x7f0000000100)=ANY=[@ANYBLOB="75706461747e206563a428e7ef7466723a6e0000000000"], 0x1a, 0xfffffffffffffffc)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
getitimer(0x1, &(0x7f0000000040))
r1 = socket$packet(0x11, 0x1, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r6, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}]}, 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x20)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}, 0x2}}, 0x26)
getpeername(r8, 0x0, &(0x7f0000000000))
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=r0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r2], 0xb4}}, 0x0)

389.6151ms ago: executing program 4 (id=1494):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe94, 0x30, 0x25, 0x0, 0x0, {}, [{0xe80, 0x1, [@m_pedit={0xe7c, 0x1, 0x0, 0x0, {{0xa}, {0xe50, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x2c, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6}, @TCA_PEDIT_KEY_EX_HTYPE={0x6}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x10}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x0, 0x0, 0x20000000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x8}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe94}}, 0x0) (async)
socket(0x2a, 0x1, 0xfff)

389.226143ms ago: executing program 3 (id=1495):
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe99)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {0x0, 0x3}]}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000270e00"/20, @ANYRES32=0x0, @ANYBLOB="2a130200b7580000140012800b00010067656e65766500000400028008002000070cf0ce"], 0x3c}}, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe99) (async)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{}, {0x0, 0x3}]}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) (async)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000270e00"/20, @ANYRES32=0x0, @ANYBLOB="2a130200b7580000140012800b00010067656e65766500000400028008002000070cf0ce"], 0x3c}}, 0x0) (async)

388.457318ms ago: executing program 2 (id=1496):
pipe2$9p(&(0x7f0000005ec0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40201, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000001000000000000000000000000000000001b0300fff5"])
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000"])
write$P9_RREADLINK(r1, &(0x7f0000005f00)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)
readv(r0, &(0x7f00000060c0)=[{&(0x7f0000006000)=""/158, 0x9e}], 0x1)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000000)={0x1, 0x9, 0xc1c8})
r5 = socket(0x2a, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xa)
sendmsg$nl_route_sched(r6, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x2}, 0x4, r8}}]}, {0x4, 0xa}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0x68}}, 0x0)
getsockname$packet(r5, &(0x7f00000001c0)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r9, {0xffff, 0x2}, {}, {0x10, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x73}]}}]}, 0x44}}, 0x4)
sendmsg$OSF_MSG_ADD(r5, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0x268, 0x0, 0x5, 0x201, 0x0, 0x0, {0x1, 0x0, 0x6}, [{{0x254, 0x1, {{0x1, 0x800}, 0xd, 0x0, 0x27d, 0x1, 0x21, 'syz1\x00', "7d0299808739f13b39f143e6d11e8249a13737d782e4f2fff4c032640b67fc1d", "2f88e45897d80555d434ed7692bef4709b66b839d98fd54b3c1aafe964b6be0d", [{0xff, 0x0, {0x3, 0x6}}, {0x7, 0x1, {0x0, 0x5}}, {0x7ff, 0x7, {0x1, 0x4}}, {0x76c, 0xe, {0x2, 0x6f12}}, {0xff, 0x7, {0x1, 0x7fffffff}}, {0x400, 0xc, {0x2, 0x8}}, {0x7, 0x7, {0x1, 0x6f}}, {0x8, 0x3d73, {0x1, 0x8}}, {}, {0x5, 0x4, {0x0, 0x8001}}, {0x5, 0x8, {0x2, 0xa}}, {0x7bd, 0x1, {0x1, 0x73a63d2f}}, {0x80, 0x5, {0x2, 0x4}}, {0x56ac, 0x7, {0x3, 0x2}}, {0x1, 0x8, {0x2, 0xcc3b}}, {0x7ff, 0x1, {0x3, 0x8}}, {0x401, 0x69a9, {0x2, 0x8}}, {0xe, 0x7ff, {0x2, 0x200}}, {0x2, 0xc, {0x2, 0xff}}, {0x110, 0xf3d, {0x2, 0x4}}, {0x8, 0x7, {0x3, 0xb9}}, {0x46, 0x199c, {0x0, 0x1}}, {0x4, 0x3, {0x1, 0xd748}}, {0x7fff, 0x6, {0x2, 0x4}}, {0x92b, 0xff80, {0x12dbeb56908f392f, 0x81}}, {0x8000, 0x5, {0x3, 0xfffffb9d}}, {0x4, 0xd, {0x2, 0x4}}, {0xa, 0xff17, {0x0, 0x8}}, {0x8, 0x6, {0x3, 0xb}}, {0x400, 0x1000, {0x3, 0x5}}, {0x6, 0x80, {0x0, 0x200}}, {0x81, 0x8001, {0x0, 0x9}}, {0xff, 0x9, {0x2, 0x5}}, {0x9, 0x8, {0x2, 0x8}}, {0x1, 0x2, {0x0, 0x4}}, {0x1, 0x7ff, {0x3, 0x3}}, {0x6, 0xfff7, {0x2, 0x3}}, {0x1ff, 0xec, {0x3, 0x7}}, {0xfff6, 0x3, {0x3, 0x5}}, {0x0, 0x40, {0x3, 0x8}}]}}}]}, 0x268}, 0x1, 0x0, 0x0, 0x40000}, 0x4000840)

388.114188ms ago: executing program 4 (id=1497):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0xf7fc, 0x8000}, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000040)=0xff7ffffd, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'wg2\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000180)="0b031407e0ff640f0200475412f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)
socket$packet(0x11, 0x3, 0x300) (async)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) (async)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0xf7fc, 0x8000}, 0x4) (async)
socket$packet(0x11, 0x3, 0x300) (async)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000040)=0xff7ffffd, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'wg2\x00'}) (async)
sendto$packet(r2, &(0x7f0000000180)="0b031407e0ff640f0200475412f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) (async)

386.985186ms ago: executing program 3 (id=1498):
getpid() (async)
getpid()
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x3) (async)
listen(r0, 0x3)
accept(r0, &(0x7f0000000040)=@qipcrtr, 0x0)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="043e130100c90001c6e174556788aaf3af23a4f922b975c5ac5a51"], 0x16)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
r1 = epoll_create1(0x0)
epoll_pwait(r1, &(0x7f0000000540)=[{}], 0x1, 0x283, &(0x7f00000005c0), 0x8)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_setup(0x30d5, &(0x7f0000000140)={0x0, 0xd47d, 0x0, 0xfffffffd}) (async)
r2 = io_uring_setup(0x30d5, &(0x7f0000000140)={0x0, 0xd47d, 0x0, 0xfffffffd})
openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) (async)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r3, 0x40107446, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x81}]})
close_range(r2, 0xffffffffffffffff, 0x0) (async)
close_range(r2, 0xffffffffffffffff, 0x0)

329.630351ms ago: executing program 4 (id=1499):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1, 0x1})
close_range(r0, r0, 0x2)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0xffffffff}, @hyper, 0xf, 0x0, 0x9, 0x0, 0x23, 0x0, 0x3})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) (async)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1, 0x1}) (async)
close_range(r0, r0, 0x2) (async)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x1, 0xffffffff}, @hyper, 0xf, 0x0, 0x9, 0x0, 0x23, 0x0, 0x3}) (async)

328.545931ms ago: executing program 4 (id=1500):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x14700, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r1, 0x3b87, &(0x7f0000000040)={0x18, 0x1, 0x0, 0x0, 0x0, 0x6})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, 0x0, &(0x7f0000000180))
unshare(0x62040200)
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r3, &(0x7f0000009780)={0x2020}, 0x2020)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000100)={0x10, 0xfffffff5, 0x3}, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[], 0x6c}}, 0x840)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x1, 0x4, 0x4, {0xa, 0x4e22, 0xc, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x19}}, 0x90}}}, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)

246.57497ms ago: executing program 2 (id=1501):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x618, 0x0, 0xffffff80, 0x178, 0x3e0, 0x178, 0x548, 0x22b, 0x258, 0x548, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x398, 0x3e0, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x0, 0x64, [{}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16be}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x51}]}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "e22e50439abb066265e088a63e13552b8b2fec412753ac647d17d2ebca69d17a9722bd2f5be411676d5993fb4cc74168209fb9f43b63bab2a88206d7dd8158d916b865d0f713f772c59ad6e6b572e9a6c498fb6459888a281e8c071a9a7229f9fe02cb8e9ba7637a2591a5367c770c87034734be6eda195ce135517efa85da52"}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x8, 0x401, 0x2f6d6e25, 'syz1\x00', {0x3}}}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@ah={{0x30}, {[0x4d4]}}, @common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678)

246.357299ms ago: executing program 2 (id=1502):
r0 = socket(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x12, 0xf, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r2, &(0x7f0000000240), 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r2}, &(0x7f0000000440), &(0x7f0000000480)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r2, &(0x7f00000005c0), 0x20000000}, 0x20)
sendmmsg$inet(r0, &(0x7f0000001380)=[{{&(0x7f0000000040)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000180)="fd", 0x1}], 0x1}}, {{&(0x7f0000001180)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000004d00)='f', 0x1}], 0x1}}], 0x2, 0x0)
ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000280)=""/173)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r4=>0x0}, &(0x7f0000000080)=0x8)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="f400000000000000c501"])
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x3, 0x1, 0x8, 0x0, r4}, 0x10)

169.819495ms ago: executing program 4 (id=1503):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket(0x200000100000011, 0x3, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200401, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0xfffbffff, 0x2)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
r4 = dup2(r3, r0)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000280)={0x0, 0x2, 0x0, "adbdee06009e4aeabde9eefaff7a78cda902552f08cef4a662dd836c7451f8e5"})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r6 = add_key$user(&(0x7f0000000100), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000400)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afda3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758992b03b81e2e09cf122dc16a5658a3b58626b458ae4773d41b3548f2258a2e11cc22555da4ef9035cbfe8dc1e", 0xc0, r5)
r7 = add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000140)="04", 0x1, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f00000001c0)={r7, r6, r7}, &(0x7f0000000580)=""/259, 0x54, &(0x7f00000002c0)={&(0x7f00000003c0)={'sha256-generic\x00'}})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b00)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x4050)

169.484238ms ago: executing program 4 (id=1504):
timer_create(0x7, 0x0, &(0x7f0000000140))
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x45, 0x0)
r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x317040, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f00000000c0)={0x0, 0xf, 0x0, 0x0, 0x0, "f6a6756c9832488c"})
writev(r2, &(0x7f0000000080)=[{&(0x7f00000003c0)="1876d433b8c266f9be2257e7c12fc9ea10343a19c358547a9357a174911e926c57b51eab3d0a", 0x26}], 0x1)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0xd4b, 0x80000)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r3, 0xc0745645, &(0x7f0000000080)={0xab, [0x3, 0xd, 0x1, 0xfffd, 0x994, 0x1, 0x0, 0x58, 0x7fff, 0x168, 0x800, 0x3ff, 0xd5ee, 0x6, 0xb2eb, 0x2, 0x1ff, 0x5, 0x1, 0x6, 0x9eb0, 0x0, 0x1, 0x7, 0x8, 0x77, 0x7, 0x8, 0xa, 0x10, 0x3, 0x1, 0xf0b, 0x8, 0x8, 0x2, 0x3, 0x7, 0x73f, 0x8, 0x1, 0xff14, 0x6, 0x5, 0x1, 0x1, 0x452, 0xfff5], 0x5})
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r5, 0x40045b17, 0x0)
ioctl$VIDIOC_G_AUDIO(r3, 0x80345621, &(0x7f0000000100))
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000040)={0x0, 0x2, 0x5, 0x1})

89.993697ms ago: executing program 2 (id=1505):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000026c0), 0x30d860)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000040)={{}, {0x18}, 0x0, 0x7})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000001000/0x3000)=nil, 0x3000, 0x16, 0x0, {0x0, r5}}) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140)={0x0, r2}, 0x8) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002680)={0xffffffffffffffff, 0xe0, &(0x7f0000002580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000002340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002380)=[0x0, 0x0], <r6=>0x0, 0x53, &(0x7f00000023c0)=[{}, {}, {}], 0x18, 0x10, &(0x7f00000024c0), &(0x7f0000002500), 0x8, 0x25, 0x8, 0x8, &(0x7f0000002540)}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000002400)={0x7, 0x6, &(0x7f0000002ec0)=ANY=[@ANYBLOB="84010000000000009c110000000000008510000002000000850000007600000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f541cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab576408cb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebebf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6913cee9f8d18469a654a239a84a85debbc02846ac5791278f18c6759e3b513a68284d2efc30587e433431b2896a3bd48020af67e9ac071b2dd6dc3b9efae4ff03558fa619aea909c7f2416e7e7da1c51ccc7e6ac27412f728dc6d80da8adf317ca863ed683897321f8c8bb5a5d953d6783b7a06353ee496bbdff418de3e53234df87756eb99e330253cf5da4aa1a9648a38f07e2d302b4165983db4f7b8972923fffa8c03c288512a3a38fbd7c816a44634f7a03fab30811b7b93257bea4369ba46024dee5e9b0b2c3d3324e9b7c1f99ab9bb3f498b1485373b79ec84a67dad4e37575dab87ce55a9a69ed856a4c4410d1242ac1bd1539094a641cc086c2c53e363beafc74ab4e9ff320373705cbf5644586ffe60d293944fa2d9dc18b55f1af5c42f27747bef1ffd0c1766f062d47d61bf9f64e6ee288fa7fc12d48da526527b9f5c318c93ec447cb8b5eee7aa8a1e85696af3dfef96657c0545c8ebd96528d9c28828e5befd80d684b03b6d153da3e3cbd3bfbf4a9375b8ad04a1d241bcb5d5505cb6cc7a44e2e24bd0b1ca4879caaff59d0ce39dc7f3fea447f4e46967855208e63ec988bd2692afefbed2b001205e4b30ee8fe417defa566a73ace8f01f7181de0ef25f1744896a3c38859e6148c42454949cd64b1a888e7fe9c2d86bb01023b6ddeb67f5eb038af3e460c771518a4126c338b0390d459361e03adf6e6b558b3651a0e33d101b5febfff8279421778d4a914512ca803da18db6fcf89715c2d338f78d8b9220171b41f528f857a7cb79ca990de1208777e13faaa9b9cb9e67797b07d9eb9e909410b50c5d981d9a72aa36498b630519d1530ef00000000000000000000373494cd59e8ba04ec8db8379bd2044c652dff399a9f8bfa4e9c507f049d18837464276830461ee203ba51f6102d262fc9a26bc3638ecce24e65c55da6efaa462f03d0e119c963a8c7a522b59f5a7b44d018cb2648383073d9e032492cae44350bc0a85697f431392eb22cae093e85954af97d6d7b2e6e8f43353062275ad1578a431594243452a2bfb89f91d8eaac038e9e17136e7c698f73faaabb3d00000000000080014573789425c4c32da528d89356aa6d2ae6da082e756c80cf39053431080ea6cbf9997a5a0ddad0b9d12bc3f880476ab32f0feaac5f16e61f7b72b8c9082eec423c6b3eaecfdcc9ec72795e7696421c83b76c2d6bac19bc875d009679778d8ef97d7e05329649d97b0dc54bea9b650873de2d3d702690176e0b23ee5cb5e469a8d1612d611722e6200e3a297d92f8e1de98326c5ef2b89d4e2d47767cd755783e5d865e373338e96ceb8399f296c59b2d70ca27735ecaff62982616d3ac1ab041733bce119d8002a6c8a2b08b32551b2313b1a2ff41b3f04af61c69c85cb2da48215727271bac2ffdeb62d9f5dc4845f1c3f63dc806e615ee8d28d6d7f181e30807afa27f41d0364c746a65a4af7464db68f3c433d88dd625db35fded2c86d75af88efaf20c8b37c644b6c4e773a9589200faa553bc92f952b75ddbfa18ab73979f46947b35914286d2499a0b8c970000000000000000f4fe74e0c26ab52329bd600627b256ca44dd121ffc8dbb6e5f70cbe03efccac70375b30cc927574d254d1b46c607e8b1ca7d1511568c3ef4b6b885f4582bdcef74e5e010627fc8e4fe00000000000000000000869d9640f06b11df2971909b90133983308ea4f033de613763f32d913bcbe9dd082a6fff197a20730269e6cfd31275395833f1c2b8a50a94c30cceae2a11fe9b9b835d0da73891c0b3ce22dea6bf31e7f51808cf72f44b4455b77a778440795e152dc1b7bb0a5636aa4742ce4d331a47de5836539cdf289176527277b70c8162aaf6f9475418b478329f3565450acfaf41ba88c7eab8cabfa97e35081967bb92a264b07e8003d2f15537e72a1e4ca5ec1e2aaaf8236ecdefbaf512c75e636b6b6f518ad20521f909b12e9bc97e408e0dc82f950d12705f35708bc862196abb27e8d7991b5273987f38c4706289ff4f6130cee76465d487a07a74452f87da2029bd3debd9870335d58d3fe1ac80574fa3ea312997ab81bc6f569ffdb10ba3f20a86d95128d13e0c778998d3b3114bfb07bd61e4bff8a5e2ce4aa572c63e09b44ca4a181bcfe4eec3ce843c65c4948169fe639a186acc2b4a96c6b8d4d2e6d53ab97bea01eab953e6e89e3af34d4ada217bc6fda0fb2095c49195d0d6f365ca80a955b9ec81240a84ef672afa369fc8e3d444ba35d0f51a0065a3b982d09dfc6874fc0d8079b185447cb8a695e132d4d613a529d9c77e2a8f7320ecf698e8a2b170fd601dc1a9767a38b10788e92d1356f6a6c1bcfb2d31b46e735db13f1be80bac1b6be04fd98610000000000000000000000000000139af5493f74751c5e2501a4936bc4a0fa516117f4ccadc692003adee0a080eba2f1059660c0ee0e9aec72d4d0fe095632e4f641b0e34c611c5b3e0ba05fa36542d4f237dda323910672a9097d68398fd3539686e4288db0d6bf7cb8a1835f46dfe11865a66ef47e736dada06677a5bca133d6cbc8fe5c4557e51b006bdccd7c5f32ff1d9e8b130f77df09236870fb3de5b87b4f8acc13df534eba329b8667b4dd0c"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
io_uring_enter(r2, 0x2, 0x0, 0x0, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r8, 0x126, 0x0) (async)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003300), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000003340)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r10, &(0x7f0000003440)={0x0, 0x0, &(0x7f0000003400)={&(0x7f0000003380)={0x1c, r11, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r12}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x80)
r13 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
read$FUSE(r13, &(0x7f0000000200)={0x2020}, 0x2020) (async)
mount(&(0x7f0000000300), &(0x7f0000000100)='.\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
pread64(r13, &(0x7f0000002240)=""/237, 0xed, 0x619) (async)
timer_create(0x3, 0x0, &(0x7f0000000200)=<r14=>0x0)
timer_settime(r14, 0x0, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r15=>0xffffffffffffffff, <r16=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r15, 0x1, 0x4c, &(0x7f0000000300)=r7, 0x4) (async)
r17 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r17, 0x0) (async)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r17, 0x40045532, &(0x7f0000000000)=0x4)
write$binfmt_elf64(r16, &(0x7f0000000580)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000040000000000000000000bfef9004af9a20eaf3"], 0x78)

89.702955ms ago: executing program 2 (id=1506):
r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000005640), 0x1, 0x0)
cachestat(r0, &(0x7f00000056c0)={0x10, 0x6}, &(0x7f0000005700), 0x0)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="05000000", @ANYRES16=r1, @ANYBLOB="6d9327bd7000fcdbdf25010000000800010000000000"], 0x1c}}, 0x40) (async)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r4, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b0000140007800800060000000000080005"], 0xac}}, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r7, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}}, 0x0) (async)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x30, r1, 0x108, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x30}}, 0x80)
r8 = socket$nl_route(0x10, 0x3, 0x0) (async)
r9 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r9, &(0x7f000000c000)={0xac, 0x6, 0x0, {0x2, 0xffffffffffffffff, 0x86, 0x0, '/er\x00\x00\b\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00K\x04c\xffI\xa1\xd4\xf1EF\xe6e\x15\x1d;\xf5Z\x1d,\x8b*\x12\xdc\xd5\xfcD\xe9\xfa\xc4qX\x95\xb7\xf1\x00\"QL#\x9c\xf2\xea\x1e\xac[\xed\xf0aZ\x00UW4\xe9\xa90#d|Kd\xba\xba*Oc\xe4v\xc3]\xc0h8~\x1c\xd3:\x91\x92\xf1X\x83a\x9aQ\x88UIu\x18\x037e\xc7;1\xd2\x05\x13\xfc\xe9\x9c%\xb6\xebC\xe9\xee\xae\x87\xba\xe8\xd3\xd2\nky\x83X\xc9c@L\x90.P\x96\x86\x1c\xedGmo\x04\x89U\xc0\xd5\xcfy-\xe6\x01\x04\xcc7\vm\x1f\xed\xdd\xcc:P?9\x8b\x80\x7ff\xa5\xff\xb3>\xda/R\x99$\xf2\x00\x97q-l\x9908{C\xb6a\xd08i\xd3E\xdc\x04J\xd6\xc7Ip@\x0eN\x06\x056\x1a\x0e\xcc(\tQ\xd4v*0asl\x8cyD\x1c\vC\\\x9e%c\xc8\xa8\xaa\x80\x04\x17\x9d>\x9e\xfa\xb48\x13E$aD\n2\x1e\x02\xb0Y\xec\x9f\x9fl\xd2\x8aQW)\xa87\xa5\xd5R\x8d\xf9\xad\x90\x93\x8e\xa2\xae\xc7\xdd4\x1e\xa9\xca\xe1\b6\t\xb8\xa3UO\x02T\xde\xc0.\xd9\aEpF\xf4\xe6\xecj\x9d\xc4Y+Y\x11\x9b\f\xfc'}}, 0xac)
r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r11=>0x0})
open_by_handle_at(r10, &(0x7f0000000080)=@OVL_FILEID_V0={0x32, 0xfb, {0x0, 0xfb, 0x32, 0x4, 0xdf, "096219f334aca8559dda7742e1b10eba", "947fc0ab9d45529755fa5174f3d37a3f5d23bd65dc6cb2349a77647712"}}, 0x80000) (async)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r12, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x27, 0x9, 0x4, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x14)
sendmsg$nl_route_sched(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r11}}, 0x24}}, 0x0)

0s ago: executing program 2 (id=1507):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)={0x14, r1, 0x113, 0x0, 0x25dfdbfc, {0x41}}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x48814)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0xc2200)
r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000180)={0x1, 0x0, 0x3, 0x0, 0xa})
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r2, 0x54a3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
read$usbfs(r5, &(0x7f0000000000)=""/20, 0x14)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000)={'team0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10144}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_vlan\x00'}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x3c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0101002b00000008000300000000000000001a039875b13e9f0aa7165aaf8b265f358195cc381e3f22eeb27217813b717ca95027496ccaeb02c336ccdd3310", @ANYRES32=r9, @ANYBLOB="04002becc0d13400c40000000800267c95b38814a475d11cf3b7006c090000"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

kernel console output (not intermixed with test programs):

 = 2 limit=0
[  104.250289][ T8647] syz.2.763: attempt to access beyond end of device
[  104.250289][ T8647] nbd2: rw=0, sector=18, nr_sectors = 2 limit=0
[  104.253637][ T8647] syz.2.763: attempt to access beyond end of device
[  104.253637][ T8647] nbd2: rw=0, sector=30, nr_sectors = 2 limit=0
[  104.257011][ T8647] syz.2.763: attempt to access beyond end of device
[  104.257011][ T8647] nbd2: rw=0, sector=36, nr_sectors = 2 limit=0
[  104.260295][ T8647] VFS: unable to find oldfs superblock on device nbd2
[  104.271020][ T8647] netlink: 'syz.2.763': attribute type 1 has an invalid length.
[  104.306103][ T8654] netlink: 20 bytes leftover after parsing attributes in process `syz.2.765'.
[  104.377972][ T8654] netlink: 'syz.2.765': attribute type 10 has an invalid length.
[  104.381038][ T8654] netlink: 'syz.2.765': attribute type 10 has an invalid length.
[  104.383152][ T8654] netlink: 2 bytes leftover after parsing attributes in process `syz.2.765'.
[  104.385910][ T8654] team0: entered promiscuous mode
[  104.387915][ T8654] team_slave_0: entered promiscuous mode
[  104.397250][ T8654] team_slave_1: entered promiscuous mode
[  104.398821][ T8654] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  104.401792][ T8654] 8021q: adding VLAN 0 to HW filter on device team0
[  104.403625][ T8654] batman_adv: batadv0: Interface activated: team0
[  104.405336][ T8654] batman_adv: batadv0: Interface deactivated: team0
[  104.407691][ T8654] batman_adv: batadv0: Removing interface: team0
[  104.410192][ T8654] bridge0: port 3(team0) entered blocking state
[  104.411981][ T8654] bridge0: port 3(team0) entered disabled state
[  104.413663][ T8654] team0: entered allmulticast mode
[  104.415002][ T8654] team_slave_0: entered allmulticast mode
[  104.416584][ T8654] team_slave_1: entered allmulticast mode
[  104.418082][ T8654] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  104.420875][ T8654] bridge0: port 3(team0) entered blocking state
[  104.422593][ T8654] bridge0: port 3(team0) entered forwarding state
[  104.430963][ T8669] 9pnet_fd: Insufficient options for proto=fd
[  104.435463][ T8669] overlayfs: conflicting lowerdir path
[  104.515095][ T8681] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  104.517469][ T8681] PKCS7: Only support pkcs7_signedData type
[  104.768576][   T39] audit: type=1400 audit(1734328824.753:602): avc:  denied  { connect } for  pid=8705 comm="syz.3.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  104.776612][   T39] audit: type=1400 audit(1734328824.753:603): avc:  denied  { ioctl } for  pid=8705 comm="syz.3.780" path="socket:[24869]" dev="sockfs" ino=24869 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  105.652355][ T8728] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  105.904448][ T8750] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  105.910108][ T8753] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  105.967777][ T8760] misc userio: Can't change port type on an already running userio instance
[  106.059915][   T39] audit: type=1400 audit(1734328826.043:604): avc:  denied  { write } for  pid=8765 comm="syz.3.797" name="ptp1" dev="devtmpfs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  106.135652][   T39] audit: type=1400 audit(1734328826.113:605): avc:  denied  { watch } for  pid=8767 comm="syz.3.798" path="/189/file0" dev="tmpfs" ino=1040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  106.176446][ T1323] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  106.188496][ T8759] delete_channel: no stack
[  106.232990][ T8775] input: syz0 as /devices/virtual/input/input14
[  106.316498][ T1323] usb 7-1: device descriptor read/64, error -71
[  106.425717][ T8794] openvswitch: netlink: nsh attribute has 65512 unknown bytes.
[  106.428083][ T8794] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  106.537988][ T8798] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  106.543001][ T8799] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  106.696526][ T1323] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  106.827020][ T1323] usb 7-1: device descriptor read/64, error -71
[  106.875048][ T8807] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.883894][ T7743] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.886469][ T7743] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.938658][ T1323] usb usb7-port1: attempt power cycle
[  107.197634][ T8826] ptrace attach of "/syz-executor exec"[8827] was attempted by ""[8826]
[  107.296463][ T1323] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  107.316818][ T1323] usb 7-1: device descriptor read/8, error -71
[  107.317599][ T8831] 9pnet: p9_errstr2errno: server reported unknown error �@í΂Í(ááí«QhQI¸¥ÿNdÒ%óCT‡…53ý…5¬h«
[  107.446778][ T8835] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  107.576512][ T1323] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  107.597034][ T1323] usb 7-1: device descriptor read/8, error -71
[  107.716741][ T1323] usb usb7-port1: unable to enumerate USB device
[  108.696648][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  108.700895][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  108.705587][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  108.709814][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  108.713045][ T5952] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  108.715459][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  108.750387][ T8874] xt_hashlimit: size too large, truncated to 1048576
[  108.778382][ T8870] chnl_net:caif_netlink_parms(): no params data found
[  108.847057][ T8870] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.849064][ T8870] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.850979][ T8870] bridge_slave_0: entered allmulticast mode
[  108.852997][ T8870] bridge_slave_0: entered promiscuous mode
[  108.855530][ T8870] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.857576][ T8870] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.859426][ T8870] bridge_slave_1: entered allmulticast mode
[  108.861469][ T8870] bridge_slave_1: entered promiscuous mode
[  108.890614][ T8870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.895671][ T8870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.924898][ T8870] team0: Port device team_slave_0 added
[  108.932925][ T8870] team0: Port device team_slave_1 added
[  108.956635][ T8870] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.958537][ T8870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.971341][ T8870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.995262][ T8870] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.998338][ T8870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.014332][ T8870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.055636][ T8870] hsr_slave_0: entered promiscuous mode
[  109.065554][ T8870] hsr_slave_1: entered promiscuous mode
[  109.072277][ T8870] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  109.075106][ T8870] Cannot create hsr debugfs directory
[  109.194413][ T8870] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.256188][   T39] kauditd_printk_skb: 7 callbacks suppressed
[  109.256204][   T39] audit: type=1400 audit(1734328829.233:613): avc:  denied  { mount } for  pid=8887 comm="syz.0.828" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  109.271997][ T8870] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.310534][   T39] audit: type=1400 audit(1734328829.293:614): avc:  denied  { unmount } for  pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  109.342880][ T8890] 9p: Unknown Cache mode or invalid value fŠû•šŒÈ
[  109.355074][ T8870] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.453557][ T8870] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.665613][ T8870] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  109.669274][ T8870] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  109.672614][ T8870] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  109.675965][ T8870] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  109.690484][ T8899] set match dimension is over the limit!
[  109.705674][ T8870] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.715945][ T8870] 8021q: adding VLAN 0 to HW filter on device team0
[  109.723115][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.725819][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.732912][ T7741] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.735370][ T7741] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.759614][ T8904] EXT4-fs error: 4 callbacks suppressed
[  109.759624][ T8904] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  109.767499][ T8906] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  109.773479][ T8907] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  109.779361][ T8908] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  109.794096][ T8870] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.818735][ T8870] veth0_vlan: entered promiscuous mode
[  109.822775][ T8870] veth1_vlan: entered promiscuous mode
[  109.834626][ T8870] veth0_macvtap: entered promiscuous mode
[  109.838826][ T8870] veth1_macvtap: entered promiscuous mode
[  109.844456][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.848683][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.851232][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.853937][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.856854][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.859589][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.862714][ T8870] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.867005][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.869715][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.872306][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.875091][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.879813][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.883411][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.887162][ T8870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.890381][ T8870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.894340][ T8870] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.900049][ T8870] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.902333][ T8870] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.904632][ T8870] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.907105][ T8870] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.958072][ T7741] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.960159][ T7741] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.961360][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.963343][ T8910] openvswitch: netlink: Message has 143 unknown bytes.
[  109.964359][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.971420][   T39] audit: type=1400 audit(1734328829.953:615): avc:  denied  { mounton } for  pid=8870 comm="syz-executor" path="/syzkaller.CBKjto/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  109.977785][   T39] audit: type=1400 audit(1734328829.953:616): avc:  denied  { mounton } for  pid=8870 comm="syz-executor" path="/syzkaller.CBKjto/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  110.003331][ T8915] netlink: 'syz.3.835': attribute type 5 has an invalid length.
[  110.094736][   T39] audit: type=1400 audit(1734328830.073:617): avc:  denied  { write } for  pid=8924 comm="syz.1.837" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  110.109747][ T8926] xt_hashlimit: size too large, truncated to 1048576
[  110.144535][ T8929] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  110.246682][  T830] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  110.291581][ T8935] afs: Unknown parameter './bus'
[  110.296904][ T5998] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  110.396484][  T830] usb 8-1: Using ep0 maxpacket: 8
[  110.401653][  T830] usb 8-1: config 0 has no interfaces?
[  110.403690][  T830] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  110.407823][  T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.413380][  T830] usb 8-1: config 0 descriptor??
[  110.457879][ T5998] usb 7-1: config index 0 descriptor too short (expected 30244, got 36)
[  110.460100][ T5998] usb 7-1: config 152 has too many interfaces: 160, using maximum allowed: 32
[  110.462562][ T5998] usb 7-1: config 152 has an invalid descriptor of length 0, skipping remainder of the config
[  110.465206][ T5998] usb 7-1: config 152 has 0 interfaces, different from the descriptor's value: 160
[  110.468711][ T5998] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  110.472754][ T5998] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.753484][ T8949] overlayfs: conflicting lowerdir path
[  110.767791][ T5952] Bluetooth: hci2: command tx timeout
[  110.840244][ T5998] usb 7-1: string descriptor 0 read error: -71
[  110.848031][ T5998] usb 7-1: USB disconnect, device number 10
[  110.861260][   T39] audit: type=1400 audit(1734328830.843:618): avc:  denied  { create } for  pid=8953 comm="syz.0.846" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  110.866876][   T39] audit: type=1400 audit(1734328830.853:619): avc:  denied  { mounton } for  pid=8953 comm="syz.0.846" path="/266/file0" dev="tmpfs" ino=1474 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  110.872264][ T8954] ntfs3(sr0): Primary boot signature is not NTFS.
[  110.875231][ T8954] ntfs3(sr0): try to read out of volume at offset 0xf800
[  110.890467][   T39] audit: type=1400 audit(1734328830.873:620): avc:  denied  { unlink } for  pid=5936 comm="syz-executor" name="file0" dev="tmpfs" ino=1474 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  110.911720][ T8959] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  110.915737][ T8960] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  110.992134][ T8970] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  110.998459][ T8967] bridge0: port 2(bridge_slave_1) entered disabled state
[  111.003202][   T39] audit: type=1400 audit(1734328830.983:621): avc:  denied  { connect } for  pid=8968 comm="syz.0.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  111.006772][ T8972] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  111.010835][   T39] audit: type=1400 audit(1734328830.983:622): avc:  denied  { ioctl } for  pid=8968 comm="syz.0.852" path="socket:[27270]" dev="sockfs" ino=27270 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  111.019095][ T8973] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  111.075962][ T8976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.848'.
[  111.227422][ T8981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.853'.
[  111.230540][ T8981] openvswitch: netlink: Flow actions attr not present in new flow.
[  111.234145][ T8981] netlink: 8 bytes leftover after parsing attributes in process `syz.0.853'.
[  111.237384][ T8981] netlink: 12 bytes leftover after parsing attributes in process `syz.0.853'.
[  111.973360][ T8990] lo speed is unknown, defaulting to 1000
[  111.976330][ T8990] lo speed is unknown, defaulting to 1000
[  111.980148][ T8990] lo speed is unknown, defaulting to 1000
[  112.022465][ T8990] infiniband s
z1: set down
[  112.025083][ T5998] lo speed is unknown, defaulting to 1000
[  112.027070][ T8990] infiniband s
z1: added lo
[  112.048222][ T8990] RDS/IB: s
z1: added
[  112.049796][ T8990] smc: adding ib device s
z1 with port count 1
[  112.051665][ T8990] smc:    ib device s
z1 port 1 has pnetid 
[  112.055028][ T5998] lo speed is unknown, defaulting to 1000
[  112.057813][ T8990] lo speed is unknown, defaulting to 1000
[  112.111381][ T8990] lo speed is unknown, defaulting to 1000
[  112.147488][ T8990] lo speed is unknown, defaulting to 1000
[  112.183966][ T8990] lo speed is unknown, defaulting to 1000
[  112.222836][ T8990] lo speed is unknown, defaulting to 1000
[  112.292213][ T9004] gfs2: not a GFS2 filesystem
[  112.403578][ T9017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.866'.
[  112.409067][ T9018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.866'.
[  112.785429][ T9052] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  112.847008][ T5952] Bluetooth: hci2: command tx timeout
[  112.893643][ T9067] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  112.906277][ T9075] netlink: 'syz.0.888': attribute type 10 has an invalid length.
[  112.911887][ T9067] kvm: pic: non byte read
[  112.915444][ T9067] kvm: pic: non byte read
[  112.917863][ T9067] kvm: pic: non byte read
[  112.920471][ T9067] kvm: pic: non byte read
[  113.021094][  T830] usb 8-1: USB disconnect, device number 15
[  113.048888][ T9093] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=9093 comm=syz.3.895
[  113.064378][ T9096] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=9096 comm=syz.3.895
[  113.067783][ T9094] lo speed is unknown, defaulting to 1000
[  113.222728][ T9100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.898'.
[  113.251730][ T9119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.902'.
[  113.254582][ T9119] netlink: 12 bytes leftover after parsing attributes in process `syz.0.902'.
[  113.536497][   T57] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  113.686476][   T57] usb 5-1: Using ep0 maxpacket: 8
[  113.689446][   T57] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  113.691577][   T57] usb 5-1: config 0 has no interface number 0
[  113.693244][   T57] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  113.696094][   T57] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  113.698749][   T57] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  113.701188][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.704293][   T57] usb 5-1: config 0 descriptor??
[  113.707349][   T57] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  113.911589][ T9165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.916521][ T9165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.932132][ T5997] usb 5-1: USB disconnect, device number 6
[  113.961166][ T9172] ata3.00: invalid multi_count 1 ignored
[  113.998076][ T9172] xt_ecn: cannot match TCP bits for non-tcp packets
[  114.033804][ T9176] netlink: 8 bytes leftover after parsing attributes in process `syz.2.906'.
[  114.086762][ T9181] loop7: detected capacity change from 16384 to 16383
[  114.128974][ T9191] batadv0: entered promiscuous mode
[  114.130940][ T9191] batadv0: left promiscuous mode
[  114.282041][   T39] kauditd_printk_skb: 14 callbacks suppressed
[  114.282057][   T39] audit: type=1400 audit(1734328834.263:637): avc:  denied  { read } for  pid=9206 comm="syz.0.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  114.375052][ T9215] syz.0.918 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  114.379768][ T9220] x_tables: unsorted entry at hook 2
[  114.612084][ T7741] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xd1
[  114.878032][ T9252] EXT4-fs error: 31 callbacks suppressed
[  114.878048][ T9252] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  114.885456][ T9253] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  114.926499][ T5952] Bluetooth: hci2: command tx timeout
[  115.163425][   T39] audit: type=1326 audit(1734328835.143:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9261 comm="syz.2.937" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efef0985d19 code=0x0
[  115.538717][   T39] audit: type=1400 audit(1734328835.523:639): avc:  denied  { accept } for  pid=9274 comm="syz.0.934" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  115.770510][ T9294] binder: 9293:9294 ioctl c0306201 20000580 returned -22
[  115.920605][   T39] audit: type=1400 audit(1734328835.903:640): avc:  denied  { listen } for  pid=9295 comm="syz.0.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  115.922533][ T9298] syz.0.943: attempt to access beyond end of device
[  115.922533][ T9298] loop0: rw=0, sector=6, nr_sectors = 2 limit=0
[  115.930319][ T9298] ADFS-fs (loop0): error: unable to read block 3, try 0
[  115.933989][   T39] audit: type=1400 audit(1734328835.913:641): avc:  denied  { accept } for  pid=9295 comm="syz.0.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  116.019026][   T39] audit: type=1400 audit(1734328836.003:642): avc:  denied  { watch } for  pid=9300 comm="syz.2.944" path="/proc/626" dev="proc" ino=29264 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  116.226986][   T39] audit: type=1400 audit(1734328836.203:643): avc:  denied  { execute } for  pid=9318 comm="syz.3.949" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=30843 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  116.389969][   T39] audit: type=1400 audit(1734328836.373:644): avc:  denied  { relabelfrom } for  pid=9331 comm="syz.1.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  116.394737][   T39] audit: type=1400 audit(1734328836.373:645): avc:  denied  { relabelto } for  pid=9331 comm="syz.1.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  116.394974][ T9332] IPv6: Can't replace route, no match found
[  116.913502][   T39] audit: type=1400 audit(1734328836.893:646): avc:  denied  { listen } for  pid=9356 comm="syz.1.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  116.936031][ T9357] __nla_validate_parse: 4 callbacks suppressed
[  116.936048][ T9357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.968'.
[  117.019310][ T5952] Bluetooth: hci2: command tx timeout
[  117.683617][ T9375] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  117.693605][ T9376] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  117.700229][ T9377] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  117.704595][ T9378] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  117.710448][ T9382] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  117.716055][ T9384] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  117.768560][ T9388] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  117.772526][ T9389] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  117.824880][ T9361] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  117.827981][ T9361] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  117.844582][ T9361] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  117.853357][ T9361] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  117.854986][ T9361] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  117.873611][ T9361] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  117.883646][ T9361] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  117.885225][ T9361] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  117.902724][ T9361] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  117.990761][ T9410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.978'.
[  117.993095][ T9410] netlink: 12 bytes leftover after parsing attributes in process `syz.1.978'.
[  117.995384][ T9410] netlink: 'syz.1.978': attribute type 20 has an invalid length.
[  118.007680][ T9418] usb usb9: usbfs: process 9418 (syz.0.979) did not claim interface 0 before use
[  118.114846][ T9433] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  118.394762][ T9455] netlink: 12 bytes leftover after parsing attributes in process `syz.0.989'.
[  118.403704][ T9455] netlink: 44 bytes leftover after parsing attributes in process `syz.0.989'.
[  118.436040][ T9459] input: syz0 as /devices/virtual/input/input16
[  118.528406][ T9468] FAULT_INJECTION: forcing a failure.
[  118.528406][ T9468] name failslab, interval 1, probability 0, space 0, times 1
[  118.532817][ T9468] CPU: 0 UID: 0 PID: 9468 Comm: syz.1.994 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  118.536562][ T9468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.539696][ T9468] Call Trace:
[  118.540532][ T9468]  <TASK>
[  118.541313][ T9468]  dump_stack_lvl+0x16c/0x1f0
[  118.542557][ T9468]  should_fail_ex+0x497/0x5b0
[  118.543826][ T9468]  ? fs_reclaim_acquire+0xae/0x150
[  118.545216][ T9468]  should_failslab+0xc2/0x120
[  118.546812][ T9468]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  118.548806][ T9468]  ? __pfx_mark_lock+0x10/0x10
[  118.550410][ T9468]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  118.552113][ T9468]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  118.553782][ T9468]  mmu_topup_memory_caches+0x22/0xd0
[  118.555275][ T9468]  kvm_mmu_load+0xda/0x21f0
[  118.556678][ T9468]  ? mark_held_locks+0x9f/0xe0
[  118.558231][ T9468]  ? kvm_apic_has_interrupt+0xb6/0x190
[  118.560003][ T9468]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  118.561608][ T9468]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  118.563397][ T9468]  ? __pfx_kvm_mmu_load+0x10/0x10
[  118.565174][ T9468]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  118.567365][ T9468]  ? kvm_check_and_inject_events+0x725/0x12e0
[  118.569627][ T9468]  vcpu_run+0x33a4/0x4f50
[  118.571188][ T9468]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  118.573119][ T9468]  ? __pfx_vcpu_run+0x10/0x10
[  118.574333][ T9468]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  118.575866][ T9468]  ? rcu_is_watching+0x12/0xc0
[  118.577155][ T9468]  ? trace_lock_acquire+0x14e/0x1f0
[  118.578533][ T9468]  ? __local_bh_enable_ip+0xa4/0x120
[  118.579918][ T9468]  ? lockdep_hardirqs_on+0x7c/0x110
[  118.581267][ T9468]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  118.582650][ T9468]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  118.584138][ T9468]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  118.585652][ T9468]  kvm_vcpu_ioctl+0x6ce/0x1520
[  118.586971][ T9468]  ? do_vfs_ioctl+0x513/0x1990
[  118.588229][ T9468]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.589623][ T9468]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  118.591452][ T9468]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  118.594041][ T9468]  ? __pfx_lock_release+0x10/0x10
[  118.595896][ T9468]  ? selinux_file_ioctl+0x180/0x270
[  118.597798][ T9468]  ? selinux_file_ioctl+0xb4/0x270
[  118.599674][ T9468]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.601517][ T9468]  __x64_sys_ioctl+0x190/0x200
[  118.603301][ T9468]  do_syscall_64+0xcd/0x250
[  118.605019][ T9468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.607134][ T9468] RIP: 0033:0x7fa679f85d19
[  118.608722][ T9468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.613897][ T9468] RSP: 002b:00007fa677df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.616116][ T9468] RAX: ffffffffffffffda RBX: 00007fa67a175fa0 RCX: 00007fa679f85d19
[  118.618164][ T9468] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  118.620448][ T9468] RBP: 00007fa677df6090 R08: 0000000000000000 R09: 0000000000000000
[  118.623120][ T9468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.625884][ T9468] R13: 0000000000000000 R14: 00007fa67a175fa0 R15: 00007ffff8cb75e8
[  118.628823][ T9468]  </TASK>
[  118.759458][ T9483] pim6reg1: entered promiscuous mode
[  118.760853][ T9483] pim6reg1: entered allmulticast mode
[  118.880543][ T9489] xt_NFQUEUE: number of queues (65534) out of range (got 131068)
[  119.027629][ T9510] x_tables: duplicate underflow at hook 2
[  119.057826][ T9503] FAULT_INJECTION: forcing a failure.
[  119.057826][ T9503] name failslab, interval 1, probability 0, space 0, times 0
[  119.061372][ T9503] CPU: 2 UID: 0 PID: 9503 Comm: syz.2.1006 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  119.064183][ T9503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  119.067203][ T9503] Call Trace:
[  119.068451][ T9503]  <TASK>
[  119.069547][ T9503]  dump_stack_lvl+0x16c/0x1f0
[  119.071333][ T9503]  should_fail_ex+0x497/0x5b0
[  119.073156][ T9503]  ? fs_reclaim_acquire+0xae/0x150
[  119.075803][ T9503]  should_failslab+0xc2/0x120
[  119.077569][ T9503]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  119.079540][ T9503]  ? __pfx_mark_lock+0x10/0x10
[  119.081259][ T9503]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  119.083447][ T9503]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  119.085612][ T9503]  mmu_topup_memory_caches+0x22/0xd0
[  119.087579][ T9503]  kvm_mmu_load+0xda/0x21f0
[  119.089203][ T9503]  ? mark_held_locks+0x9f/0xe0
[  119.090920][ T9503]  ? kvm_apic_has_interrupt+0xb6/0x190
[  119.092906][ T9503]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  119.094711][ T9503]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  119.096501][ T9503]  ? __pfx_kvm_mmu_load+0x10/0x10
[  119.098220][ T9503]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  119.100143][ T9503]  ? kvm_check_and_inject_events+0x725/0x12e0
[  119.101743][ T9503]  vcpu_run+0x33a4/0x4f50
[  119.102892][ T9503]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  119.104058][ T5952] Bluetooth: hci0: command 0x0c1a tx timeout
[  119.104391][ T9503]  ? __pfx_vcpu_run+0x10/0x10
[  119.108151][ T9503]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  119.110071][ T9503]  ? rcu_is_watching+0x12/0xc0
[  119.111844][ T9503]  ? trace_lock_acquire+0x14e/0x1f0
[  119.113780][ T9503]  ? __local_bh_enable_ip+0xa4/0x120
[  119.115844][ T9503]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.117527][ T9503]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  119.119328][ T9517] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  119.119438][ T9503]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  119.123057][ T9503]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  119.124546][ T9503]  kvm_vcpu_ioctl+0x6ce/0x1520
[  119.125851][ T9503]  ? do_vfs_ioctl+0x513/0x1990
[  119.127172][ T9503]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  119.128554][ T9503]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  119.130647][ T9503]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  119.133201][ T9503]  ? __pfx_lock_release+0x10/0x10
[  119.135077][ T9503]  ? selinux_file_ioctl+0x180/0x270
[  119.136985][ T9503]  ? selinux_file_ioctl+0xb4/0x270
[  119.138921][ T9503]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  119.140882][ T9503]  __x64_sys_ioctl+0x190/0x200
[  119.142679][ T9503]  do_syscall_64+0xcd/0x250
[  119.144382][ T9503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.146419][ T9503] RIP: 0033:0x7efef0985d19
[  119.147945][ T9503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.154213][ T9503] RSP: 002b:00007efef1818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  119.156798][ T9503] RAX: ffffffffffffffda RBX: 00007efef0b75fa0 RCX: 00007efef0985d19
[  119.159491][ T9503] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  119.162344][ T9503] RBP: 00007efef1818090 R08: 0000000000000000 R09: 0000000000000000
[  119.165209][ T9503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  119.168134][ T9503] R13: 0000000000000000 R14: 00007efef0b75fa0 R15: 00007ffd27f5df88
[  119.171026][ T9503]  </TASK>
[  119.593765][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1018'.
[  119.690916][   T39] kauditd_printk_skb: 11 callbacks suppressed
[  119.690926][   T39] audit: type=1400 audit(1734328839.673:658): avc:  denied  { watch watch_reads } for  pid=9553 comm="syz.1.1019" path="pipe:[30499]" dev="pipefs" ino=30499 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  119.888927][ T5952] Bluetooth: hci2: command 0x0405 tx timeout
[  119.890040][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout
[  119.919656][ T5993] IPVS: starting estimator thread 0...
[  119.949363][   T39] audit: type=1400 audit(1734328839.933:659): avc:  denied  { setopt } for  pid=9574 comm="syz.0.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  119.949921][ T9575] syz.0.1025: attempt to access beyond end of device
[  119.949921][ T9575] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  119.959061][ T9575] MINIX-fs: unable to read superblock
[  119.970316][   T39] audit: type=1400 audit(1734328839.953:660): avc:  denied  { connect } for  pid=9574 comm="syz.0.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  120.006566][ T9573] IPVS: using max 21 ests per chain, 50400 per kthread
[  120.014963][ T9577] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1026'.
[  120.053984][ T9579] trusted_key: encrypted_key: insufficient parameters specified
[  120.422354][ T9585] overlayfs: conflicting options: metacopy=off,verity=on
[  120.576958][ T9595] EXT4-fs error: 6 callbacks suppressed
[  120.576969][ T9595] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  120.589785][ T9596] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  120.736301][ T9599] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1031'.
[  120.736546][ T9592] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1031'.
[  120.805374][ T9602] dvmrp8: entered allmulticast mode
[  120.807861][ T9602] dvmrp8: left allmulticast mode
[  121.166522][ T5939] Bluetooth: hci0: command 0x0c1a tx timeout
[  121.216527][ T5978] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  121.223449][   T39] audit: type=1400 audit(1734328841.203:661): avc:  denied  { create } for  pid=9609 comm="syz.3.1036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  121.366587][ T5978] usb 6-1: Using ep0 maxpacket: 16
[  121.369560][ T5978] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  121.372282][ T5978] usb 6-1: config 0 has no interface number 0
[  121.373893][ T5978] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11
[  121.376973][ T5978] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024
[  121.381913][ T5978] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  121.384295][ T5978] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  121.386465][ T5978] usb 6-1: Product: syz
[  121.387875][ T5978] usb 6-1: SerialNumber: syz
[  121.390507][ T5978] usb 6-1: config 0 descriptor??
[  121.393203][ T5978] cm109 6-1:0.8: invalid payload size 1024, expected 4
[  121.395458][ T5978] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input18
[  121.474332][ T9626] nbd: nbd2 already in use
[  121.507336][ T9629] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  121.511850][ T9630] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  121.609181][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  121.609290][ T5997] usb 6-1: USB disconnect, device number 6
[  121.611145][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  121.618079][ T5997] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  121.764002][ T9647] ebt_limit: overflow, try lower: 570423552/2483027968
[  121.798211][ T9651] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  121.867295][ T9653] binder: 9652:9653 ioctl c0046209 0 returned -22
[  121.871736][ T9655] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  121.875715][ T9656] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  121.933327][ T9661] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  121.942457][ T9661] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  121.966603][ T5952] Bluetooth: hci3: command 0x0c1a tx timeout
[  121.966634][ T5943] Bluetooth: hci2: command 0x0405 tx timeout
[  122.014610][ T9670] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  122.019560][ T9671] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  122.087636][ T5939] Bluetooth: hci2: unexpected event for opcode 0x1407
[  122.099506][ T9682] efs: device does not support 512 byte blocks
[  122.101753][ T9682] device does not support 512 byte blocks
[  122.101753][ T9682] 
[  122.125058][   T39] audit: type=1400 audit(1734328842.103:662): avc:  denied  { mount } for  pid=9686 comm="syz.2.1057" name="/" dev="rpc_pipefs" ino=32553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  122.147438][   T39] audit: type=1400 audit(1734328842.133:663): avc:  denied  { unmount } for  pid=5940 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  122.593844][ T9727] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  122.599353][ T9728] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  122.712555][ T9737] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  122.740569][   T39] audit: type=1400 audit(1734328842.723:664): avc:  denied  { nlmsg_write } for  pid=9742 comm="syz.1.1073" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  122.750904][   T39] audit: type=1400 audit(1734328842.733:665): avc:  denied  { create } for  pid=9748 comm="syz.0.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  122.778443][   T39] audit: type=1400 audit(1734328842.763:666): avc:  denied  { bind } for  pid=9748 comm="syz.0.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  122.800706][ T9744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1073'.
[  122.810012][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1075'.
[  122.861350][   T39] audit: type=1400 audit(1734328842.843:667): avc:  denied  { unmount } for  pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  122.906271][ T9757] can0: slcan on ptm0.
[  122.925306][ T9757] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  122.930651][ T9757] overlayfs: failed to set xattr on upper
[  122.932445][ T9757] overlayfs: ...falling back to redirect_dir=nofollow.
[  122.934369][ T9757] overlayfs: ...falling back to index=off.
[  122.936072][ T9757] overlayfs: ...falling back to uuid=null.
[  122.981650][ T9762] FAULT_INJECTION: forcing a failure.
[  122.981650][ T9762] name failslab, interval 1, probability 0, space 0, times 0
[  122.985078][ T9762] CPU: 1 UID: 0 PID: 9762 Comm: syz.0.1079 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  122.987882][ T9762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.990688][ T9762] Call Trace:
[  122.991589][ T9762]  <TASK>
[  122.992383][ T9762]  dump_stack_lvl+0x16c/0x1f0
[  122.993689][ T9762]  should_fail_ex+0x497/0x5b0
[  122.994990][ T9762]  ? fs_reclaim_acquire+0xae/0x150
[  122.996367][ T9762]  should_failslab+0xc2/0x120
[  122.997645][ T9762]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  122.999084][ T9762]  ? __pfx_mark_lock+0x10/0x10
[  123.000381][ T9762]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  123.002016][ T9762]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  123.003580][ T9762]  mmu_topup_memory_caches+0x22/0xd0
[  123.004997][ T9762]  kvm_mmu_load+0xda/0x21f0
[  123.006200][ T9762]  ? mark_held_locks+0x9f/0xe0
[  123.007478][ T9762]  ? kvm_apic_has_interrupt+0xb6/0x190
[  123.008920][ T9762]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  123.010491][ T9762]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  123.011993][ T9762]  ? __pfx_kvm_mmu_load+0x10/0x10
[  123.013337][ T9762]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  123.015333][ T9762]  ? kvm_check_and_inject_events+0x725/0x12e0
[  123.017556][ T9762]  vcpu_run+0x33a4/0x4f50
[  123.019132][ T9762]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  123.021098][ T9762]  ? __pfx_vcpu_run+0x10/0x10
[  123.022775][ T9762]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  123.024696][ T9762]  ? rcu_is_watching+0x12/0xc0
[  123.026336][ T9762]  ? trace_lock_acquire+0x14e/0x1f0
[  123.028324][ T9762]  ? __local_bh_enable_ip+0xa4/0x120
[  123.030084][ T9762]  ? lockdep_hardirqs_on+0x7c/0x110
[  123.031700][ T9762]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  123.033246][ T9762]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  123.034764][ T9762]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  123.036276][ T9762]  kvm_vcpu_ioctl+0x6ce/0x1520
[  123.037588][ T9762]  ? do_vfs_ioctl+0x513/0x1990
[  123.038891][ T9762]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  123.040297][ T9762]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  123.042011][ T9762]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  123.043942][ T9762]  ? __pfx_lock_release+0x10/0x10
[  123.045743][ T9762]  ? selinux_file_ioctl+0x180/0x270
[  123.047568][ T9762]  ? selinux_file_ioctl+0xb4/0x270
[  123.049308][ T9762]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  123.051075][ T9762]  __x64_sys_ioctl+0x190/0x200
[  123.052402][ T9762]  do_syscall_64+0xcd/0x250
[  123.053612][ T9762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.055186][ T9762] RIP: 0033:0x7fccb6d85d19
[  123.056368][ T9762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.061480][ T9762] RSP: 002b:00007fccb7b24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.063691][ T9762] RAX: ffffffffffffffda RBX: 00007fccb6f75fa0 RCX: 00007fccb6d85d19
[  123.065807][ T9762] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  123.067925][ T9762] RBP: 00007fccb7b24090 R08: 0000000000000000 R09: 0000000000000000
[  123.070007][ T9762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  123.072110][ T9762] R13: 0000000000000000 R14: 00007fccb6f75fa0 R15: 00007ffcda0461c8
[  123.074204][ T9762]  </TASK>
[  123.076222][ T9756] can0 (unregistered): slcan off ptm0.
[  123.124262][ T9773] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1082'.
[  123.127189][ T9773] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1082'.
[  123.129490][ T9773] netlink: 'syz.3.1082': attribute type 3 has an invalid length.
[  123.131642][ T9773] netlink: 'syz.3.1082': attribute type 2 has an invalid length.
[  123.133630][ T9773] netlink: 31 bytes leftover after parsing attributes in process `syz.3.1082'.
[  123.228345][ T9781] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0
[  123.236594][ T5993] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  123.246497][ T5939] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.270664][ T9782] ip6t_srh: unknown srh invflags 7D00
[  123.333328][ T9784] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  123.343271][ T9784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1087'.
[  123.384441][ T9782] syz.3.1085 (9782): drop_caches: 2
[  123.397685][ T5993] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  123.400315][ T5993] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  123.402675][ T5993] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  123.405608][ T5993] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.409722][ T5993] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  123.412328][ T5993] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.428767][ T5993] hub 7-1:1.0: bad descriptor, ignoring hub
[  123.430369][ T5993] hub 7-1:1.0: probe with driver hub failed with error -5
[  123.432404][ T5993] cdc_wdm 7-1:1.0: skipping garbage
[  123.434148][ T5993] cdc_wdm 7-1:1.0: skipping garbage
[  123.439052][ T5993] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  123.441212][ T5993] cdc_wdm 7-1:1.0: Unknown control protocol
[  123.448988][ T9795] overlayfs: conflicting options: userxattr,metacopy=on
[  123.493309][ T9803] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1090'.
[  123.502816][ T9802] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1090'.
[  123.523222][ T9808] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1092'.
[  123.526012][ T9808] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1092'.
[  123.541601][ T9810] FAULT_INJECTION: forcing a failure.
[  123.541601][ T9810] name failslab, interval 1, probability 0, space 0, times 0
[  123.545019][ T9810] CPU: 2 UID: 0 PID: 9810 Comm: syz.1.1093 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  123.547892][ T9810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.550788][ T9810] Call Trace:
[  123.551709][ T9810]  <TASK>
[  123.552513][ T9810]  dump_stack_lvl+0x16c/0x1f0
[  123.553781][ T9810]  should_fail_ex+0x497/0x5b0
[  123.555058][ T9810]  ? fs_reclaim_acquire+0xae/0x150
[  123.556498][ T9810]  should_failslab+0xc2/0x120
[  123.557889][ T9810]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  123.559505][ T9810]  ? __pfx_mark_lock+0x10/0x10
[  123.560807][ T9810]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  123.562429][ T9810]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  123.564000][ T9810]  mmu_topup_memory_caches+0x22/0xd0
[  123.565460][ T9810]  kvm_mmu_load+0xda/0x21f0
[  123.566668][ T9810]  ? mark_held_locks+0x9f/0xe0
[  123.567977][ T9810]  ? kvm_apic_has_interrupt+0xb6/0x190
[  123.569556][ T9810]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  123.571594][ T9810]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  123.573032][ T9810]  ? __pfx_kvm_mmu_load+0x10/0x10
[  123.574419][ T9810]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  123.576370][ T9810]  ? kvm_check_and_inject_events+0x725/0x12e0
[  123.578252][ T9810]  vcpu_run+0x33a4/0x4f50
[  123.579428][ T9810]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  123.580880][ T9810]  ? __pfx_vcpu_run+0x10/0x10
[  123.582133][ T9810]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  123.583640][ T9810]  ? rcu_is_watching+0x12/0xc0
[  123.584930][ T9810]  ? trace_lock_acquire+0x14e/0x1f0
[  123.586316][ T9810]  ? __local_bh_enable_ip+0xa4/0x120
[  123.587767][ T9810]  ? lockdep_hardirqs_on+0x7c/0x110
[  123.589236][ T9810]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  123.590753][ T9810]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  123.592295][ T9810]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  123.593769][ T9810]  kvm_vcpu_ioctl+0x6ce/0x1520
[  123.595052][ T9810]  ? do_vfs_ioctl+0x513/0x1990
[  123.596502][ T9810]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  123.598055][ T9810]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  123.599795][ T9810]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  123.601602][ T9810]  ? __pfx_lock_release+0x10/0x10
[  123.602943][ T9810]  ? selinux_file_ioctl+0x180/0x270
[  123.604339][ T9810]  ? selinux_file_ioctl+0xb4/0x270
[  123.605704][ T9810]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  123.607301][ T9810]  __x64_sys_ioctl+0x190/0x200
[  123.608612][ T9810]  do_syscall_64+0xcd/0x250
[  123.609838][ T9810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.611430][ T9810] RIP: 0033:0x7fa679f85d19
[  123.612635][ T9810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.617751][ T9810] RSP: 002b:00007fa677df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.619990][ T9810] RAX: ffffffffffffffda RBX: 00007fa67a175fa0 RCX: 00007fa679f85d19
[  123.622098][ T9810] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  123.624219][ T9810] RBP: 00007fa677df6090 R08: 0000000000000000 R09: 0000000000000000
[  123.626324][ T9810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  123.628431][ T9810] R13: 0000000000000000 R14: 00007fa67a175fa0 R15: 00007ffff8cb75e8
[  123.630542][ T9810]  </TASK>
[  123.696650][ T5993] usb 7-1: USB disconnect, device number 11
[  123.784281][ T9829] bpf: Bad value for 'gid'
[  123.902048][ T9842] overlayfs: missing 'lowerdir'
[  124.014670][ T9861] lo speed is unknown, defaulting to 1000
[  124.028390][ T9860] FAULT_INJECTION: forcing a failure.
[  124.028390][ T9860] name failslab, interval 1, probability 0, space 0, times 0
[  124.032174][ T9860] CPU: 0 UID: 0 PID: 9860 Comm: syz.1.1107 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  124.035539][ T9860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.038445][ T9860] Call Trace:
[  124.039379][ T9860]  <TASK>
[  124.040165][ T9860]  dump_stack_lvl+0x16c/0x1f0
[  124.041409][ T9860]  should_fail_ex+0x497/0x5b0
[  124.042686][ T9860]  ? fs_reclaim_acquire+0xae/0x150
[  124.044118][ T9860]  should_failslab+0xc2/0x120
[  124.045429][ T9860]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  124.046854][ T9860]  ? __pfx_mark_lock+0x10/0x10
[  124.048153][ T9860]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.049792][ T9860]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.051434][ T9860]  mmu_topup_memory_caches+0x22/0xd0
[  124.052919][ T9860]  kvm_mmu_load+0xda/0x21f0
[  124.054161][ T9860]  ? mark_held_locks+0x9f/0xe0
[  124.055484][ T9860]  ? kvm_apic_has_interrupt+0xb6/0x190
[  124.056646][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout
[  124.056971][ T9860]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  124.060141][ T9860]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  124.061656][ T9860]  ? __pfx_kvm_mmu_load+0x10/0x10
[  124.062957][ T9860]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  124.064540][ T9860]  ? kvm_check_and_inject_events+0x725/0x12e0
[  124.066140][ T9860]  vcpu_run+0x33a4/0x4f50
[  124.066632][ T5993] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  124.067306][ T9860]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  124.070725][ T9860]  ? __pfx_vcpu_run+0x10/0x10
[  124.072023][ T9860]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  124.073531][ T9860]  ? rcu_is_watching+0x12/0xc0
[  124.074836][ T9860]  ? trace_lock_acquire+0x14e/0x1f0
[  124.076232][ T9860]  ? __local_bh_enable_ip+0xa4/0x120
[  124.077671][ T9860]  ? lockdep_hardirqs_on+0x7c/0x110
[  124.079100][ T9860]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  124.080648][ T9860]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  124.082174][ T9860]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  124.083678][ T9860]  kvm_vcpu_ioctl+0x6ce/0x1520
[  124.084962][ T9860]  ? do_vfs_ioctl+0x513/0x1990
[  124.086230][ T9860]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.087636][ T9860]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  124.089387][ T9860]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  124.091223][ T9860]  ? __pfx_lock_release+0x10/0x10
[  124.092578][ T9860]  ? selinux_file_ioctl+0x180/0x270
[  124.093947][ T9860]  ? selinux_file_ioctl+0xb4/0x270
[  124.095308][ T9860]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.096694][ T9860]  __x64_sys_ioctl+0x190/0x200
[  124.097992][ T9860]  do_syscall_64+0xcd/0x250
[  124.099228][ T9860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.100776][ T9860] RIP: 0033:0x7fa679f85d19
[  124.101981][ T9860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.107106][ T9860] RSP: 002b:00007fa677df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.109308][ T9860] RAX: ffffffffffffffda RBX: 00007fa67a175fa0 RCX: 00007fa679f85d19
[  124.111419][ T9860] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  124.113572][ T9860] RBP: 00007fa677df6090 R08: 0000000000000000 R09: 0000000000000000
[  124.115672][ T9860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.118207][ T9860] R13: 0000000000000000 R14: 00007fa67a175fa0 R15: 00007ffff8cb75e8
[  124.120283][ T9860]  </TASK>
[  124.226467][ T5993] usb 7-1: Using ep0 maxpacket: 8
[  124.230274][ T5993] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  124.233694][ T5993] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  124.236029][ T5993] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.238946][ T5993] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.242297][ T5993] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  124.245213][ T5993] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.249309][ T5993] hub 7-1:1.0: bad descriptor, ignoring hub
[  124.251485][ T5993] hub 7-1:1.0: probe with driver hub failed with error -5
[  124.254112][ T5993] cdc_wdm 7-1:1.0: skipping garbage
[  124.255588][ T5993] cdc_wdm 7-1:1.0: skipping garbage
[  124.258291][ T5993] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  124.259925][ T5993] cdc_wdm 7-1:1.0: Unknown control protocol
[  124.382872][ T9872] openvswitch: netlink: VXLAN extension 0 has unexpected len 3 expected 0
[  124.552589][ T9890] netlink: 'syz.3.1117': attribute type 1 has an invalid length.
[  124.555625][ T9890] netlink: 'syz.3.1117': attribute type 4 has an invalid length.
[  124.564933][ T9890] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  124.578554][ T5978] usb 7-1: USB disconnect, device number 12
[  124.620089][ T9898] tmpfs: Bad value for 'mpol'
[  124.625080][ T9901] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  124.638384][ T9892] FAULT_INJECTION: forcing a failure.
[  124.638384][ T9892] name failslab, interval 1, probability 0, space 0, times 0
[  124.641844][ T9892] CPU: 3 UID: 0 PID: 9892 Comm: syz.0.1118 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  124.644672][ T9892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.647568][ T9892] Call Trace:
[  124.648475][ T9892]  <TASK>
[  124.649282][ T9892]  dump_stack_lvl+0x16c/0x1f0
[  124.650583][ T9892]  should_fail_ex+0x497/0x5b0
[  124.651878][ T9892]  ? fs_reclaim_acquire+0xae/0x150
[  124.653267][ T9892]  should_failslab+0xc2/0x120
[  124.654552][ T9892]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  124.656019][ T9892]  ? __pfx_mark_lock+0x10/0x10
[  124.657315][ T9892]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.658982][ T9892]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  124.660593][ T9892]  mmu_topup_memory_caches+0x22/0xd0
[  124.662014][ T9892]  kvm_mmu_load+0xda/0x21f0
[  124.663250][ T9892]  ? mark_held_locks+0x9f/0xe0
[  124.664542][ T9892]  ? kvm_apic_has_interrupt+0xb6/0x190
[  124.666003][ T9892]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  124.667601][ T9892]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  124.669098][ T9892]  ? __pfx_kvm_mmu_load+0x10/0x10
[  124.670463][ T9892]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  124.672062][ T9892]  ? kvm_check_and_inject_events+0x725/0x12e0
[  124.673707][ T9892]  vcpu_run+0x33a4/0x4f50
[  124.674888][ T9892]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  124.676381][ T9892]  ? __pfx_vcpu_run+0x10/0x10
[  124.677660][ T9892]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  124.679227][ T9892]  ? rcu_is_watching+0x12/0xc0
[  124.680708][ T9892]  ? trace_lock_acquire+0x14e/0x1f0
[  124.682088][ T9892]  ? __local_bh_enable_ip+0xa4/0x120
[  124.683489][ T9892]  ? lockdep_hardirqs_on+0x7c/0x110
[  124.684893][ T9892]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  124.686360][ T9892]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  124.687839][ T9892]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  124.689408][ T9892]  kvm_vcpu_ioctl+0x6ce/0x1520
[  124.690680][ T9892]  ? do_vfs_ioctl+0x513/0x1990
[  124.692000][ T9892]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.693386][ T9892]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  124.695179][ T9892]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  124.697011][ T9892]  ? __pfx_lock_release+0x10/0x10
[  124.698378][ T9892]  ? selinux_file_ioctl+0x180/0x270
[  124.699787][ T9892]  ? selinux_file_ioctl+0xb4/0x270
[  124.701152][ T9892]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  124.702553][ T9892]  __x64_sys_ioctl+0x190/0x200
[  124.703872][ T9892]  do_syscall_64+0xcd/0x250
[  124.705094][ T9892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.706766][ T9892] RIP: 0033:0x7fccb6d85d19
[  124.707997][ T9892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.713081][ T9892] RSP: 002b:00007fccb7b24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  124.715272][ T9892] RAX: ffffffffffffffda RBX: 00007fccb6f75fa0 RCX: 00007fccb6d85d19
[  124.717408][ T9892] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  124.719490][ T9892] RBP: 00007fccb7b24090 R08: 0000000000000000 R09: 0000000000000000
[  124.721585][ T9892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  124.723730][ T9892] R13: 0000000000000000 R14: 00007fccb6f75fa0 R15: 00007ffcda0461c8
[  124.725841][ T9892]  </TASK>
[  124.726706][    C3] vkms_vblank_simulate: vblank timer overrun
[  124.734246][   T39] kauditd_printk_skb: 8 callbacks suppressed
[  124.734257][   T39] audit: type=1326 audit(1734328844.713:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9899 comm="syz.1.1121" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa679f85d19 code=0x0
[  124.792662][ T9901] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2758444543 (5516889086 ns) > initial count (4205064 ns). Using initial count to start timer.
[  124.864457][ T9906] dns_resolver: Unsupported content type (24)
[  124.866488][    T8] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  124.899668][ T9909] misc userio: No port type given on /dev/userio
[  124.901841][ T9909] misc userio: No port type given on /dev/userio
[  124.905513][ T9909] misc userio: Begin command sent, but we're already running
[  124.908479][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.911690][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.914983][ T9909] misc userio: Begin command sent, but we're already running
[  124.917050][ T9909] misc userio: Begin command sent, but we're already running
[  124.919150][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.922020][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.924923][ T9909] misc userio: Begin command sent, but we're already running
[  124.927369][ T9909] misc userio: Begin command sent, but we're already running
[  124.929668][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.932486][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.935692][ T9909] misc userio: Begin command sent, but we're already running
[  124.938522][ T9909] misc userio: Begin command sent, but we're already running
[  124.941282][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.944045][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.948160][ T9909] misc userio: Begin command sent, but we're already running
[  124.950937][ T9909] misc userio: Begin command sent, but we're already running
[  124.953587][ T9908] misc userio: Can't change port type on an already running userio instance
[  124.955880][ T9910] misc userio: Begin command sent, but we're already running
[  124.957943][ T9909] misc userio: Begin command sent, but we're already running
[  125.006592][    T8] usb 8-1: device descriptor read/64, error -71
[  125.257072][    T8] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  125.319207][   T39] audit: type=1400 audit(1734328845.303:677): avc:  denied  { write } for  pid=9928 comm="syz.2.1129" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  125.345355][   T39] audit: type=1400 audit(1734328845.323:678): avc:  denied  { write } for  pid=9926 comm="syz.0.1128" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  125.395151][ T9932] FAULT_INJECTION: forcing a failure.
[  125.395151][ T9932] name failslab, interval 1, probability 0, space 0, times 0
[  125.396511][    T8] usb 8-1: device descriptor read/64, error -71
[  125.399504][ T9932] CPU: 1 UID: 0 PID: 9932 Comm: syz.2.1130 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  125.403618][ T9932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.406448][ T9932] Call Trace:
[  125.407362][ T9932]  <TASK>
[  125.408164][ T9932]  dump_stack_lvl+0x16c/0x1f0
[  125.409444][ T9932]  should_fail_ex+0x497/0x5b0
[  125.410722][ T9932]  ? fs_reclaim_acquire+0xae/0x150
[  125.412114][ T9932]  should_failslab+0xc2/0x120
[  125.413379][ T9932]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  125.414840][ T9932]  ? __pfx_mark_lock+0x10/0x10
[  125.416146][ T9932]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.417801][ T9932]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  125.419352][ T9932]  mmu_topup_memory_caches+0x22/0xd0
[  125.420730][ T9932]  kvm_mmu_load+0xda/0x21f0
[  125.421933][ T9932]  ? mark_held_locks+0x9f/0xe0
[  125.423219][ T9932]  ? kvm_apic_has_interrupt+0xb6/0x190
[  125.424645][ T9932]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  125.426182][ T9932]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  125.427655][ T9932]  ? __pfx_kvm_mmu_load+0x10/0x10
[  125.428960][ T9932]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  125.430608][ T9932]  ? kvm_check_and_inject_events+0x725/0x12e0
[  125.432218][ T9932]  vcpu_run+0x33a4/0x4f50
[  125.433352][ T9932]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  125.434809][ T9932]  ? __pfx_vcpu_run+0x10/0x10
[  125.436056][ T9932]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  125.437543][ T9932]  ? rcu_is_watching+0x12/0xc0
[  125.438803][ T9932]  ? trace_lock_acquire+0x14e/0x1f0
[  125.440159][ T9932]  ? __local_bh_enable_ip+0xa4/0x120
[  125.441540][ T9932]  ? lockdep_hardirqs_on+0x7c/0x110
[  125.443068][ T9932]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  125.444566][ T9932]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  125.446077][ T9932]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  125.447518][ T9932]  kvm_vcpu_ioctl+0x6ce/0x1520
[  125.448799][ T9932]  ? do_vfs_ioctl+0x513/0x1990
[  125.450053][ T9932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.451431][ T9932]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  125.453105][ T9932]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  125.454823][ T9932]  ? __pfx_lock_release+0x10/0x10
[  125.456096][ T9932]  ? selinux_file_ioctl+0x180/0x270
[  125.457482][ T9932]  ? selinux_file_ioctl+0xb4/0x270
[  125.458854][ T9932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  125.460236][ T9932]  __x64_sys_ioctl+0x190/0x200
[  125.461497][ T9932]  do_syscall_64+0xcd/0x250
[  125.462689][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.464249][ T9932] RIP: 0033:0x7efef0985d19
[  125.465441][ T9932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.470389][ T9932] RSP: 002b:00007efef1818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.472535][ T9932] RAX: ffffffffffffffda RBX: 00007efef0b75fa0 RCX: 00007efef0985d19
[  125.474634][ T9932] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  125.476735][ T9932] RBP: 00007efef1818090 R08: 0000000000000000 R09: 0000000000000000
[  125.478759][ T9932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  125.480816][ T9932] R13: 0000000000000000 R14: 00007efef0b75fa0 R15: 00007ffd27f5df88
[  125.482851][ T9932]  </TASK>
[  125.506907][    T8] usb usb8-port1: attempt power cycle
[  125.821048][   T39] audit: type=1400 audit(1734328845.803:679): avc:  denied  { map } for  pid=9958 comm="syz.2.1137" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  125.829269][   T39] audit: type=1400 audit(1734328845.803:680): avc:  denied  { setattr } for  pid=9958 comm="syz.2.1137" name="" dev="pipefs" ino=34336 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  125.856071][ T9961] tipc: Invalid UDP bearer configuration
[  125.856091][ T9961] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  125.856494][    T8] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[  125.885754][ T9964] input: syz0 as /devices/virtual/input/input20
[  125.889075][    T8] usb 8-1: device descriptor read/8, error -71
[  125.897484][ T9964] No such timeout policy "syz1"
[  125.976205][ T9969] veth1_macvtap: left promiscuous mode
[  125.978263][ T9969] macsec0: entered promiscuous mode
[  125.979683][ T9969] macsec0: entered allmulticast mode
[  125.984211][ T9969] veth1_macvtap: entered promiscuous mode
[  125.985694][ T9969] veth1_macvtap: entered allmulticast mode
[  125.987339][ T9969] macsec0: left promiscuous mode
[  125.988647][ T9969] macsec0: left allmulticast mode
[  125.989902][ T9969] veth1_macvtap: left allmulticast mode
[  126.085913][ T9976] tmpfs: Unknown parameter 'm'
[  126.126559][    T8] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[  126.126585][ T5939] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  126.132158][ T5939] Bluetooth: hci2: Injecting HCI hardware error event
[  126.134640][ T5939] Bluetooth: hci2: hardware error 0x00
[  126.157512][    T8] usb 8-1: device descriptor read/8, error -71
[  126.181221][ T9979] FAULT_INJECTION: forcing a failure.
[  126.181221][ T9979] name failslab, interval 1, probability 0, space 0, times 0
[  126.185597][ T9979] CPU: 0 UID: 0 PID: 9979 Comm: syz.1.1143 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  126.188310][ T9979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.191001][ T9979] Call Trace:
[  126.191913][ T9979]  <TASK>
[  126.192724][ T9979]  dump_stack_lvl+0x16c/0x1f0
[  126.193928][ T9979]  should_fail_ex+0x497/0x5b0
[  126.195424][ T9979]  ? fs_reclaim_acquire+0xae/0x150
[  126.196739][ T9979]  should_failslab+0xc2/0x120
[  126.198035][ T9979]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  126.199468][ T9979]  ? __pfx_mark_lock+0x10/0x10
[  126.200808][ T9979]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  126.202452][ T9979]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  126.204007][ T9979]  mmu_topup_memory_caches+0x22/0xd0
[  126.205407][ T9979]  kvm_mmu_load+0xda/0x21f0
[  126.206609][ T9979]  ? mark_held_locks+0x9f/0xe0
[  126.207870][ T9979]  ? kvm_apic_has_interrupt+0xb6/0x190
[  126.209295][ T9979]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  126.210801][ T9979]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  126.212276][ T9979]  ? __pfx_kvm_mmu_load+0x10/0x10
[  126.213586][ T9979]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  126.215166][ T9979]  ? kvm_check_and_inject_events+0x725/0x12e0
[  126.216703][ T9979]  vcpu_run+0x33a4/0x4f50
[  126.217867][ T9979]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  126.219270][ T9979]  ? __pfx_vcpu_run+0x10/0x10
[  126.220477][ T9979]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  126.221934][ T9979]  ? rcu_is_watching+0x12/0xc0
[  126.223177][ T9979]  ? trace_lock_acquire+0x14e/0x1f0
[  126.224526][ T9979]  ? __local_bh_enable_ip+0xa4/0x120
[  126.225892][ T9979]  ? lockdep_hardirqs_on+0x7c/0x110
[  126.227286][ T9979]  ? kvm_arch_vcpu_ioctl_run+0x150/0x1740
[  126.228763][ T9979]  ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  126.230228][ T9979]  kvm_arch_vcpu_ioctl_run+0x44a/0x1740
[  126.231762][ T9979]  kvm_vcpu_ioctl+0x6ce/0x1520
[  126.233029][ T9979]  ? do_vfs_ioctl+0x513/0x1990
[  126.234252][ T9979]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  126.235602][ T9979]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  126.237264][ T9979]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  126.239080][ T9979]  ? __pfx_lock_release+0x10/0x10
[  126.240378][ T9979]  ? selinux_file_ioctl+0x180/0x270
[  126.241757][ T9979]  ? selinux_file_ioctl+0xb4/0x270
[  126.243100][ T9979]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  126.244403][ T9979]  __x64_sys_ioctl+0x190/0x200
[  126.245631][ T9979]  do_syscall_64+0xcd/0x250
[  126.246741][ T9979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.248294][ T9979] RIP: 0033:0x7fa679f85d19
[  126.249430][ T9979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.254273][ T9979] RSP: 002b:00007fa677df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  126.256364][ T9979] RAX: ffffffffffffffda RBX: 00007fa67a175fa0 RCX: 00007fa679f85d19
[  126.258348][ T9979] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  126.260365][ T9979] RBP: 00007fa677df6090 R08: 0000000000000000 R09: 0000000000000000
[  126.262361][ T9979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  126.264375][ T9979] R13: 0000000000000000 R14: 00007fa67a175fa0 R15: 00007ffff8cb75e8
[  126.266418][ T9979]  </TASK>
[  126.270594][    T8] usb usb8-port1: unable to enumerate USB device
[  126.409307][ T9986] ERROR: device name not specified.
[  126.413226][   T39] audit: type=1400 audit(1734328846.393:681): avc:  denied  { getopt } for  pid=9985 comm="syz.0.1145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  126.424380][ T9988] lo speed is unknown, defaulting to 1000
[  126.461231][ T9990] EXT4-fs error: 14 callbacks suppressed
[  126.461242][ T9990] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  126.470567][ T9983] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.484516][   T39] audit: type=1400 audit(1734328846.463:682): avc:  denied  { mounton } for  pid=9985 comm="syz.0.1145" path="/proc/1143/task" dev="proc" ino=34366 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  126.896495][ T5938] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  126.916462][ T1331] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  127.036610][    T8] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  127.070104][ T5938] usb 6-1: Using ep0 maxpacket: 32
[  127.076360][ T5938] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  127.079831][ T1331] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.083228][ T1331] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  127.086289][ T1331] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  127.089428][ T1331] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.094116][ T5938] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  127.097188][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  127.099890][ T5938] usb 6-1: Product: syz
[  127.101302][ T5938] usb 6-1: Manufacturer: syz
[  127.102877][ T5938] usb 6-1: SerialNumber: syz
[  127.105098][ T1331] usb 5-1: config 0 descriptor??
[  127.107437][ T5938] usb 6-1: config 0 descriptor??
[  127.109902][T10013] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  127.114233][ T1331] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  127.121425][ T1331] dvb-usb: bulk message failed: -22 (3/0)
[  127.126840][ T1331] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  127.130688][ T1331] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  127.133303][ T1331] usb 5-1: media controller created
[  127.136309][ T1331] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  127.144758][ T1331] dvb-usb: bulk message failed: -22 (6/0)
[  127.147088][ T1331] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  127.150707][ T1331] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input21
[  127.157984][ T1331] dvb-usb: schedule remote query interval to 150 msecs.
[  127.160422][ T1331] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  127.188075][    T8] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  127.190219][    T8] usb 7-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  127.192790][    T8] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  127.195070][    T8] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64
[  127.199855][    T8] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  127.202227][    T8] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  127.204262][    T8] usb 7-1: Product: syz
[  127.205309][    T8] usb 7-1: Manufacturer: syz
[  127.208973][    T8] cdc_wdm 7-1:1.0: skipping garbage
[  127.210316][    T8] cdc_wdm 7-1:1.0: skipping garbage
[  127.211771][    T8] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  127.319224][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  127.321155][ T1331] dvb-usb: error while querying for an remote control event.
[  127.330775][ T6043] usb 6-1: USB disconnect, device number 7
[  127.421427][    T9] usb 7-1: USB disconnect, device number 13
[  127.478775][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  127.480862][ T1331] dvb-usb: error while querying for an remote control event.
[  127.638817][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  127.640494][ T1331] dvb-usb: error while querying for an remote control event.
[  127.797206][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  127.798707][ T1331] dvb-usb: error while querying for an remote control event.
[  127.894693][T10024] lo speed is unknown, defaulting to 1000
[  127.950420][T10026] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  127.954715][T10029] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  127.955322][T10028] __nla_validate_parse: 11 callbacks suppressed
[  127.955332][T10028] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1156'.
[  127.956481][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  127.956529][ T1331] dvb-usb: error while querying for an remote control event.
[  127.961149][T10025] netlink: 'syz.1.1155': attribute type 10 has an invalid length.
[  127.984981][T10025] bond0: (slave netdevsim0): no link monitoring support
[  127.988515][T10025] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  128.116546][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  128.118231][ T1331] dvb-usb: error while querying for an remote control event.
[  128.217085][ T5939] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  128.260835][   T39] audit: type=1400 audit(1734328848.243:683): avc:  denied  { read } for  pid=10038 comm="syz.2.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  128.277035][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  128.278673][ T1331] dvb-usb: error while querying for an remote control event.
[  128.313430][   T39] audit: type=1400 audit(1734328848.293:684): avc:  denied  { mounton } for  pid=10038 comm="syz.2.1158" path="/proc/761/cgroup" dev="proc" ino=37089 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  128.329009][T10046] lo speed is unknown, defaulting to 1000
[  128.371876][T10052] vlan0: entered promiscuous mode
[  128.382121][T10052] vlan0: entered allmulticast mode
[  128.384036][T10052] veth0_vlan: entered allmulticast mode
[  128.387772][T10052] team0: Port device vlan0 added
[  128.447685][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  128.449242][ T1331] dvb-usb: error while querying for an remote control event.
[  128.516536][   T39] audit: type=1400 audit(1734328848.493:685): avc:  denied  { ioctl } for  pid=10055 comm="syz.1.1161" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  128.606598][ T1331] dvb-usb: bulk message failed: -22 (1/0)
[  128.609346][ T1331] dvb-usb: error while querying for an remote control event.
[  128.766563][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  128.768745][ T5938] dvb-usb: error while querying for an remote control event.
[  128.777247][T10067] netlink: 160 bytes leftover after parsing attributes in process `syz.3.1165'.
[  128.869244][T10069] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1166'.
[  128.927365][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  128.929155][T10070] erofs (device loop3): cannot find valid erofs superblock
[  128.929375][ T5938] dvb-usb: error while querying for an remote control event.
[  129.063564][T10081] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  129.069339][T10083] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  129.074493][T10086] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  129.089868][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  129.091729][ T5938] dvb-usb: error while querying for an remote control event.
[  129.248583][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  129.250104][ T5938] dvb-usb: error while querying for an remote control event.
[  129.312386][T10101] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  129.316750][T10102] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  129.321351][T10103] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  129.326153][T10100] 9pnet_fd: Insufficient options for proto=fd
[  129.331162][T10104] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  129.339008][T10100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1175'.
[  129.341849][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1175'.
[  129.382574][T10100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.406649][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  129.408199][ T5938] dvb-usb: error while querying for an remote control event.
[  129.566457][ T5938] dvb-usb: bulk message failed: -22 (1/0)
[  129.568032][ T5938] dvb-usb: error while querying for an remote control event.
[  129.576282][ T5978] usb 5-1: USB disconnect, device number 7
[  129.587901][ T5978] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  129.709522][T10109] binder: Binderfs stats mode cannot be changed during a remount
[  130.074113][T10123] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0
[  130.170438][T10127] overlay: Bad value for 'workdir'
[  130.173724][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  130.173738][   T39] audit: type=1400 audit(1734328850.153:689): avc:  denied  { ioctl } for  pid=10126 comm="syz.0.1181" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0x9365 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  130.440240][T10148] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10148 comm=syz.2.1188
[  130.656112][T10164] vxcan0: entered promiscuous mode
[  130.660289][T10164] ./file0: Can't lookup blockdev
[  130.857921][   T39] audit: type=1400 audit(1734328850.843:690): avc:  denied  { ioctl } for  pid=10179 comm="syz.2.1197" path="socket:[35608]" dev="sockfs" ino=35608 ioctlcmd=0x894b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  131.206824][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  131.272593][T10212] xt_hashlimit: max too large, truncated to 1048576
[  131.275161][T10212] xt_bpf: check failed: parse error
[  131.324800][   T39] audit: type=1400 audit(1734328851.303:691): avc:  denied  { write } for  pid=10220 comm="syz.2.1209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  131.601626][T10237] geneve3: entered promiscuous mode
[  131.603522][T10237] geneve3: entered allmulticast mode
[  131.618585][T10240] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  131.652419][T10242] EXT4-fs error: 4 callbacks suppressed
[  131.652435][T10242] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  131.659970][T10245] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  131.669465][T10241] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1215'.
[  131.671929][T10241] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1215'.
[  131.701879][   T39] audit: type=1400 audit(1734328851.683:692): avc:  denied  { accept } for  pid=10246 comm="syz.0.1225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  131.703786][T10247] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1225'.
[  131.707324][   T39] audit: type=1400 audit(1734328851.683:693): avc:  denied  { read } for  pid=10246 comm="syz.0.1225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  131.933033][T10260] lo speed is unknown, defaulting to 1000
[  132.035735][T10267] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  132.043347][T10267] cramfs: wrong magic
[  132.048971][T10267] bridge2: entered promiscuous mode
[  132.050420][T10267] bridge2: entered allmulticast mode
[  132.212632][   T39] audit: type=1400 audit(1734328852.193:694): avc:  denied  { search } for  pid=10276 comm="syz.1.1228" name="/" dev="configfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  132.225502][T10277] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  132.226460][   T39] audit: type=1400 audit(1734328852.193:695): avc:  denied  { mounton } for  pid=10276 comm="syz.1.1228" path="/" dev="configfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  132.233389][   T39] audit: type=1400 audit(1734328852.203:696): avc:  denied  { read } for  pid=10276 comm="syz.1.1228" name="/" dev="configfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  132.241019][   T39] audit: type=1400 audit(1734328852.203:697): avc:  denied  { open } for  pid=10276 comm="syz.1.1228" path="/" dev="configfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  132.284475][T10282] hpfs: Bad magic ... probably not HPFS
[  132.292385][T10283] hpfs: Bad magic ... probably not HPFS
[  132.339549][T10287] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  132.348230][T10288] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  132.356874][   T39] audit: type=1400 audit(1734328852.333:698): avc:  denied  { map } for  pid=10285 comm="syz.1.1231" path="/dev/swradio2" dev="devtmpfs" ino=1005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.406585][ T6043] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  132.450921][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  132.452782][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  132.482800][T10302] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  132.487680][T10301] binder: 10300:10301 ioctl c00c620f 20000540 returned -22
[  132.556533][ T6043] usb 7-1: Using ep0 maxpacket: 32
[  132.559846][ T6043] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  132.562001][ T6043] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  132.564236][ T6043] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  132.567344][ T6043] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  132.569876][ T6043] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  132.572359][ T6043] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  132.575701][ T6043] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  132.578203][ T6043] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.581193][ T6043] usb 7-1: config 0 descriptor??
[  132.684431][T10322] XFS (nullb0): Invalid superblock magic number
[  132.699346][T10329] dlm: Unknown command passed to DLM device : 8
[  132.699346][T10329] 
[  132.785405][T10275] IPVS: Unknown mcast interface: lo
[  132.788550][ T6043] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 14 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  132.792051][ T6043] usb 7-1: USB disconnect, device number 14
[  132.794601][ T6043] usblp0: removed
[  132.805866][T10340] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1247'.
[  132.812956][T10340] netlink: 516 bytes leftover after parsing attributes in process `syz.3.1247'.
[  132.819521][T10342] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1552 sclass=netlink_route_socket pid=10342 comm=syz.1.1248
[  132.864623][T10347] gretap0: entered promiscuous mode
[  132.866453][T10347] macvtap1: entered promiscuous mode
[  132.867914][T10347] macvtap1: entered allmulticast mode
[  132.869388][T10347] gretap0: entered allmulticast mode
[  132.942523][T10356] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  132.947589][T10357] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  132.950048][T10358] 9pnet_fd: Insufficient options for proto=fd
[  133.226487][ T5978] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  133.315777][T10377] xt_CONNSECMARK: invalid mode: 0
[  133.366516][ T5978] usb 7-1: device descriptor read/64, error -71
[  133.375959][T10383] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:5: iget: checksum invalid
[  133.401771][T10385] __nla_validate_parse: 1 callbacks suppressed
[  133.401782][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.405745][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.408658][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.411521][T10389] xt_hashlimit: size too large, truncated to 1048576
[  133.411949][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.416153][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.419182][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.422262][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.424945][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.427703][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.430100][T10385] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1263'.
[  133.450380][T10394] netlink: 'syz.1.1265': attribute type 1 has an invalid length.
[  133.489432][T10394] bond2: (slave veth3): Enslaving as a backup interface with a down link
[  133.495438][T10394] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10394 comm=syz.1.1265
[  133.501171][T10394] netlink: 'syz.1.1265': attribute type 1 has an invalid length.
[  133.507599][T10394] batadv1: entered promiscuous mode
[  133.509107][T10394] batadv1: entered allmulticast mode
[  133.555838][T10400] netlink: 'syz.1.1265': attribute type 1 has an invalid length.
[  133.601565][T10403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.603972][T10403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.636631][ T5978] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  133.709166][T10407] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  133.766623][ T5978] usb 7-1: device descriptor read/64, error -71
[  133.767493][T10411] lo speed is unknown, defaulting to 1000
[  133.846495][ T5941] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  133.876666][ T5978] usb usb7-port1: attempt power cycle
[  133.994211][T10430] nbd: must specify a device to reconfigure
[  134.011264][ T5941] usb 5-1: Using ep0 maxpacket: 16
[  134.016782][ T5941] usb 5-1: config 2 has an invalid interface number: 5 but max is 1
[  134.019725][ T5941] usb 5-1: config 2 has an invalid interface number: 120 but max is 1
[  134.022821][ T5941] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  134.036452][ T5941] usb 5-1: config 2 has no interface number 0
[  134.038733][ T5941] usb 5-1: config 2 has no interface number 1
[  134.040983][ T5941] usb 5-1: config 2 interface 5 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  134.044757][ T5941] usb 5-1: config 2 interface 5 altsetting 9 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  134.056903][ T5941] usb 5-1: config 2 interface 5 altsetting 9 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  134.060765][ T5941] usb 5-1: config 2 interface 5 altsetting 9 endpoint 0xD has invalid maxpacket 1024, setting to 64
[  134.064432][ T5941] usb 5-1: config 2 interface 5 altsetting 9 has a duplicate endpoint with address 0x1, skipping
[  134.067825][ T5941] usb 5-1: config 2 interface 5 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  134.070627][ T5941] usb 5-1: config 2 interface 5 altsetting 9 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  134.073402][ T5941] usb 5-1: config 2 interface 5 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  134.076165][ T5941] usb 5-1: config 2 interface 5 altsetting 9 has a duplicate endpoint with address 0xB, skipping
[  134.081900][ T5941] usb 5-1: config 2 interface 120 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  134.085390][ T5941] usb 5-1: config 2 interface 5 has no altsetting 0
[  134.087797][ T5941] usb 5-1: config 2 interface 120 has no altsetting 0
[  134.091775][ T5941] usb 5-1: New USB device found, idVendor=05c6, idProduct=9034, bcdDevice=7f.0c
[  134.094144][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.096239][ T5941] usb 5-1: Product: ш
[  134.097531][ T5941] usb 5-1: Manufacturer: 퇺脖뵓闙㸞�乸�໋蟂쯑鳮캶넖䯦彂農᪟栖ᓢਣᶀ蕠馳궩�쎶镚�殨扡�㒟쾚�텠壺
[  134.101526][ T5941] usb 5-1: SerialNumber: syz
[  134.179267][T10435] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10435 comm=syz.1.1278
[  134.182930][T10435] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=10435 comm=syz.1.1278
[  134.236594][ T5978] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  134.257204][ T5978] usb 7-1: device descriptor read/8, error -71
[  134.309952][ T5941] usb 5-1: USB disconnect, device number 8
[  134.506469][ T5978] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  134.529414][ T5978] usb 7-1: device descriptor read/8, error -71
[  134.572063][T10453] macsec0: entered promiscuous mode
[  134.645427][ T5978] usb usb7-port1: unable to enumerate USB device
[  134.892744][T10465] netlink: 'syz.0.1289': attribute type 29 has an invalid length.
[  135.229017][   T39] kauditd_printk_skb: 13 callbacks suppressed
[  135.229033][   T39] audit: type=1400 audit(1734328855.213:712): avc:  denied  { write } for  pid=10480 comm="syz.2.1297" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  135.238506][T10481] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  135.403007][T10491] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  135.446548][ T1331] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  135.457196][T10505] bridge0: port 3(syz_tun) entered disabled state
[  135.465612][T10505] syz_tun (unregistering): left allmulticast mode
[  135.468625][T10505] syz_tun (unregistering): left promiscuous mode
[  135.470347][T10505] bridge0: port 3(syz_tun) entered disabled state
[  135.576463][ T1331] usb 5-1: device descriptor read/64, error -71
[  135.784279][T10530] netlink: 'syz.3.1306': attribute type 39 has an invalid length.
[  135.816608][ T1331] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  135.946515][ T1331] usb 5-1: device descriptor read/64, error -71
[  136.032649][T10543] binder: BINDER_SET_CONTEXT_MGR already set
[  136.034433][T10543] binder: 10541:10543 ioctl 4018620d 20000040 returned -16
[  136.051713][T10543] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  136.058209][ T7741] Bluetooth: hci4: Frame reassembly failed (-84)
[  136.058476][ T1331] usb usb5-port1: attempt power cycle
[  136.060349][ T7741] Bluetooth: hci4: Frame reassembly failed (-84)
[  136.063403][ T7741] Bluetooth: hci4: Frame reassembly failed (-84)
[  136.065193][ T7741] Bluetooth: hci4: Frame reassembly failed (-84)
[  136.161128][T10546] VFS: Lookup of 'file0' in fuse fuse would have caused loop
[  136.396507][ T1331] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  136.417004][ T1331] usb 5-1: device descriptor read/8, error -71
[  136.666553][ T1331] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  136.686993][ T1331] usb 5-1: device descriptor read/8, error -71
[  136.758883][T10565] EXT4-fs error: 10 callbacks suppressed
[  136.758910][T10565] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  136.765041][T10566] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  136.798602][ T1331] usb usb5-port1: unable to enumerate USB device
[  137.063591][T10574] openvswitch: netlink: Unknown nsh attribute 0
[  137.065855][T10574] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  137.158078][T10578] overlayfs: failed to resolve './file0': -2
[  137.470648][   T39] audit: type=1400 audit(1734328857.453:713): avc:  denied  { getopt } for  pid=10601 comm="syz.3.1333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  138.128272][ T5943] Bluetooth: hci4: command 0x1003 tx timeout
[  138.131089][ T5939] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  138.215061][T10632] sctp: [Deprecated]: syz.0.1340 (pid 10632) Use of int in maxseg socket option.
[  138.215061][T10632] Use struct sctp_assoc_value instead
[  138.233524][   T39] audit: type=1400 audit(1734328858.213:714): avc:  denied  { connect } for  pid=10633 comm="syz.2.1343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  138.239020][   T39] audit: type=1400 audit(1734328858.223:715): avc:  denied  { listen } for  pid=10633 comm="syz.2.1343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  138.365933][T10640] Bluetooth: MGMT ver 1.23
[  138.426546][   T57] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  138.586525][   T57] usb 6-1: Using ep0 maxpacket: 16
[  138.589605][   T57] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  138.593088][   T57] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  138.596204][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.602387][   T57] usb 6-1: config 0 descriptor??
[  138.607674][   T57] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input24
[  138.820082][T10658] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  138.825078][T10630] input: syz0 as /devices/virtual/input/input25
[  138.836538][ T5978] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  138.892585][ T5332] bcm5974 6-1:0.0: could not read from device
[  138.897195][ T5332] bcm5974 6-1:0.0: could not read from device
[  138.897706][   T57] usb 6-1: USB disconnect, device number 8
[  138.999798][ T5978] usb 8-1: config 0 has an invalid interface number: 199 but max is 0
[  139.002893][ T5978] usb 8-1: config 0 has no interface number 0
[  139.005072][ T5978] usb 8-1: too many endpoints for config 0 interface 199 altsetting 193: 58, using maximum allowed: 30
[  139.010290][ T5978] usb 8-1: config 0 interface 199 altsetting 193 has 0 endpoint descriptors, different from the interface descriptor's value: 58
[  139.015051][ T5978] usb 8-1: config 0 interface 199 has no altsetting 0
[  139.019471][ T5978] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  139.022697][ T5978] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.025685][ T5978] usb 8-1: Product: syz
[  139.027322][ T5978] usb 8-1: Manufacturer: syz
[  139.029050][ T5978] usb 8-1: SerialNumber: syz
[  139.032445][ T5978] usb 8-1: config 0 descriptor??
[  139.142261][T10661] Cannot find set identified by id 65534 to match
[  139.182147][T10666] IPv6: NLM_F_CREATE should be specified when creating new route
[  139.232804][T10668] __nla_validate_parse: 128 callbacks suppressed
[  139.232841][T10668] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1353'.
[  139.239323][T10669] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  139.326542][ T5978] usb 8-1: USB disconnect, device number 20
[  139.673087][T10698] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:12: iget: checksum invalid
[  139.862559][T10701] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  139.862559][T10701]    program syz.0.1362 not setting count and/or reply_len properly
[  139.979264][T10710] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=20 sclass=netlink_audit_socket pid=10710 comm=syz.3.1363
[  140.165750][T10717] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  140.167963][T10717] overlayfs: failed to set xattr on upper
[  140.169821][T10717] overlayfs: ...falling back to redirect_dir=nofollow.
[  140.171813][T10717] overlayfs: ...falling back to metacopy=off.
[  140.173488][T10717] overlayfs: ...falling back to index=off.
[  140.175139][T10717] overlayfs: ...falling back to uuid=null.
[  140.320754][   T39] audit: type=1326 audit(1734328860.303:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10726 comm="syz.3.1371" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98f0f85d19 code=0x0
[  140.725727][   T39] audit: type=1400 audit(1734328860.703:717): avc:  denied  { bind } for  pid=10760 comm="syz.1.1382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  140.731146][T10761] unknown channel width for channel at 909000KHz?
[  140.731501][T10761] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10761 comm=syz.1.1382
[  140.733375][   T39] audit: type=1400 audit(1734328860.713:718): avc:  denied  { append } for  pid=10760 comm="syz.1.1382" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  140.744353][   T39] audit: type=1400 audit(1734328860.723:719): avc:  denied  { connect } for  pid=10760 comm="syz.1.1382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  140.761298][T10764] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  140.765799][T10763] netlink: 'syz.1.1383': attribute type 16 has an invalid length.
[  140.769005][T10763] netlink: 'syz.1.1383': attribute type 3 has an invalid length.
[  140.771082][T10763] netlink: 'syz.1.1383': attribute type 1 has an invalid length.
[  140.773125][T10763] netlink: 32958 bytes leftover after parsing attributes in process `syz.1.1383'.
[  140.801031][T10768] tmpfs: Invalid uid '0x00000000ffffffff'
[  140.818457][T10772] netlink: 'syz.0.1386': attribute type 10 has an invalid length.
[  140.830611][T10774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1387'.
[  140.835829][T10774] netlink: 732 bytes leftover after parsing attributes in process `syz.1.1387'.
[  140.838297][T10774] netlink: 732 bytes leftover after parsing attributes in process `syz.1.1387'.
[  140.878749][T10772] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.880812][T10772] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.900373][T10780] fuse: Bad value for 'fd'
[  140.952959][T10783] syz.0.1386 (10783): drop_caches: 2
[  140.957423][T10783] netlink: 'syz.0.1386': attribute type 1 has an invalid length.
[  140.981749][T10772] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.002069][T10772] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.086100][T10772] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.090297][T10772] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.092622][T10772] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.095079][T10772] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  141.133276][T10777] team0: Port device batadv0 removed
[  141.135019][T10777] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.138003][T10777] bridge_slave_1: left allmulticast mode
[  141.139521][T10777] bridge_slave_1: left promiscuous mode
[  141.141042][T10777] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.144078][T10777] bond0: (slave bond_slave_0): Releasing backup interface
[  141.147129][T10777] bond0: (slave bond_slave_1): Releasing backup interface
[  141.152425][T10777] team0: Port device team_slave_0 removed
[  141.155091][T10777] team0: Port device team_slave_1 removed
[  141.156794][T10777] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.158992][T10777] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.161627][T10777] bond0: (slave wlan1): Releasing backup interface
[  141.253339][T10806] kvm: user requested TSC rate below hardware speed
[  141.284142][   T39] audit: type=1400 audit(1734328861.263:720): avc:  denied  { map } for  pid=10809 comm="syz.3.1398" path="/dev/video3" dev="devtmpfs" ino=959 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  141.286195][T10810] netlink: 'syz.3.1398': attribute type 10 has an invalid length.
[  141.294918][T10810] netlink: 'syz.3.1398': attribute type 19 has an invalid length.
[  141.298011][T10810] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1398'.
[  141.435645][T10822] lo speed is unknown, defaulting to 1000
[  141.488888][T10830] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  141.492825][T10828] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1402'.
[  141.583424][ T5978] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[  141.668583][T10844] tipc: Started in network mode
[  141.670457][T10844] tipc: Node identity ac1414aa, cluster identity 4711
[  141.674904][T10844] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  141.677679][T10844] tipc: Enabled bearer <udp:s>, priority 10
[  141.736677][ T5978] usb 8-1: Using ep0 maxpacket: 16
[  141.740121][ T5978] usb 8-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.743780][ T5978] usb 8-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.747465][ T5978] usb 8-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  141.752097][ T5978] usb 8-1: config 0 interface 0 has no altsetting 0
[  141.754518][ T5978] usb 8-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  141.757861][ T5978] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.763329][ T5978] usb 8-1: config 0 descriptor??
[  141.808246][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  141.946492][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.020352][ T1134] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.086492][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.124620][ T1134] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.144079][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  142.148842][ T5943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  142.151489][ T5943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  142.156705][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  142.160921][ T5943] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  142.163412][ T5943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  142.173274][ T5978] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0458:5010.0006/input/input26
[  142.199562][ T1134] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.218214][T10846] lo speed is unknown, defaulting to 1000
[  142.226461][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.242461][ T5978] kye 0003:0458:5010.0006: input,hiddev0,hidraw1: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0
[  142.310131][T10850] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  142.315911][T10846] chnl_net:caif_netlink_parms(): no params data found
[  142.332138][ T1134] bond0: (slave netdevsim0): Releasing backup interface
[  142.335384][ T1134] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.366691][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.382202][T10846] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.384188][T10846] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.386088][T10846] bridge_slave_0: entered allmulticast mode
[  142.389547][T10846] bridge_slave_0: entered promiscuous mode
[  142.392218][T10846] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.394084][T10846] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.396469][T10846] bridge_slave_1: entered allmulticast mode
[  142.398981][T10846] bridge_slave_1: entered promiscuous mode
[  142.428929][   T57] usb 8-1: USB disconnect, device number 21
[  142.429390][T10846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.440443][T10846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.473420][T10846] team0: Port device team_slave_0 added
[  142.477683][T10855] tty tty3: ldisc open failed (-12), clearing slot 2
[  142.477850][T10846] team0: Port device team_slave_1 added
[  142.506472][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.523560][T10846] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.525881][T10846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.534733][T10846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.539298][T10846] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.541248][T10846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.550831][T10846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.555162][ T1134] bridge_slave_1: left allmulticast mode
[  142.557013][ T1134] bridge_slave_1: left promiscuous mode
[  142.560425][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.564260][ T1134] bridge_slave_0: left allmulticast mode
[  142.565787][ T1134] bridge_slave_0: left promiscuous mode
[  142.568041][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.646484][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.709997][ T1134] gretap0 (unregistering): left allmulticast mode
[  142.797829][ T5997] tipc: Node number set to 2886997162
[  142.874051][T10870] fuse: Unknown parameter 'fdX0x0000000000000006'
[  142.931032][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.936695][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  142.943855][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.952572][ T1134] bond0 (unregistering): Released all slaves
[  142.957221][ T1134] bond1 (unregistering): Released all slaves
[  142.964046][ T1134] bond2 (unregistering): (slave veth3): Releasing backup interface
[  142.967324][ T5939] Bluetooth: hci3: unexpected event for opcode 0x0809
[  142.967850][ T1134] bond2 (unregistering): Released all slaves
[  142.974605][ T5939] Bluetooth: hci3: unexpected event for opcode 0x0407
[  142.974802][T10864] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  142.981482][T10875] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  142.988248][T10876] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  143.004440][T10879] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  143.071926][T10846] hsr_slave_0: entered promiscuous mode
[  143.074239][T10846] hsr_slave_1: entered promiscuous mode
[  143.076101][T10846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  143.078405][T10846] Cannot create hsr debugfs directory
[  143.119709][T10886] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  143.124150][T10887] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:1: iget: checksum invalid
[  143.206636][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  143.324079][T10846] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  143.331472][T10846] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  143.337344][T10846] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  143.349659][ T1134] hsr_slave_0: left promiscuous mode
[  143.353362][ T1134] hsr_slave_1: left promiscuous mode
[  143.356750][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.359504][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.375727][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.381612][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.408439][ T1134] veth1_macvtap: left promiscuous mode
[  143.408550][ T1134] veth0_macvtap: left promiscuous mode
[  143.408599][ T1134] veth1_vlan: left promiscuous mode
[  143.409970][ T1134] veth0_vlan: left promiscuous mode
[  143.736521][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  144.066534][T10912] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:13: iget: checksum invalid
[  144.072522][T10910] hfs: unable to load iocharset "io#harset"
[  144.218978][ T5939] Bluetooth: hci2: command tx timeout
[  144.296280][ T1134] team0 (unregistering): Port device team_slave_1 removed
[  144.401974][ T1134] team0 (unregistering): Port device team_slave_0 removed
[  144.766568][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  144.991648][T10846] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  145.000068][T10905] dvmrp8: entered allmulticast mode
[  145.015024][T10905] dvmrp8: left allmulticast mode
[  145.041865][   T39] audit: type=1400 audit(1734328865.023:721): avc:  denied  { setattr } for  pid=10914 comm="syz.0.1429" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  145.090140][T10846] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.099057][T10846] 8021q: adding VLAN 0 to HW filter on device team0
[  145.104869][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.106870][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.111337][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.113797][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.145564][T10928] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  145.151131][T10931] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:4: iget: checksum invalid
[  145.176791][T10934] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm dhcpcd: iget: checksum invalid
[  145.207564][   T39] audit: type=1400 audit(1734328865.193:722): avc:  denied  { append } for  pid=10936 comm="syz.0.1432" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  145.243990][T10846] 8021q: adding VLAN 0 to HW filter on device batadv0
[  145.277211][T10846] veth0_vlan: entered promiscuous mode
[  145.282709][T10846] veth1_vlan: entered promiscuous mode
[  145.299101][T10846] veth0_macvtap: entered promiscuous mode
[  145.306000][T10846] veth1_macvtap: entered promiscuous mode
[  145.316801][T10846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.320103][T10846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.322475][T10846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.325072][T10846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.328777][T10846] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.331842][T10846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.334495][T10846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.337163][T10846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.339829][T10846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.342413][T10846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.345119][T10846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.350602][T10846] batman_adv: batadv0: Interface activated: batadv_slave_1
[  145.355580][T10846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.358434][T10846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.361529][T10846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.363896][T10846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.434663][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.436939][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.456166][ T7743] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  145.460964][ T7743] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  145.461594][T10970] xt_hashlimit: max too large, truncated to 1048576
[  145.467503][T10969] xt_hashlimit: max too large, truncated to 1048576
[  145.469545][T10969] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  145.471711][T10970] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  145.479739][   T39] audit: type=1400 audit(1734328865.463:723): avc:  denied  { mounton } for  pid=10846 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  145.500474][T10973] cgroup: Unknown subsys name 'usrquota'
[  145.662521][T10993] FAULT_INJECTION: forcing a failure.
[  145.662521][T10993] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  145.676572][T10993] CPU: 2 UID: 0 PID: 10993 Comm: syz.4.1447 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  145.680436][T10993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  145.684282][T10993] Call Trace:
[  145.685504][T10993]  <TASK>
[  145.686576][T10993]  dump_stack_lvl+0x16c/0x1f0
[  145.688350][T10993]  should_fail_ex+0x497/0x5b0
[  145.690081][T10993]  _copy_to_user+0x32/0xd0
[  145.691747][T10993]  simple_read_from_buffer+0xd0/0x160
[  145.693687][T10993]  proc_fail_nth_read+0x198/0x270
[  145.695511][T10993]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  145.697546][T10993]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  145.699486][T10993]  vfs_read+0x1df/0xbe0
[  145.700924][T10993]  ? __fget_files+0x1fc/0x3a0
[  145.702616][T10993]  ? __pfx___mutex_lock+0x10/0x10
[  145.704392][T10993]  ? __pfx_vfs_read+0x10/0x10
[  145.706080][T10993]  ? __fget_files+0x206/0x3a0
[  145.707829][T10993]  ksys_read+0x12b/0x250
[  145.709330][T10993]  ? __pfx_ksys_read+0x10/0x10
[  145.711045][T10993]  do_syscall_64+0xcd/0x250
[  145.712571][T10993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.714541][T10993] RIP: 0033:0x7f1e6a38472c
[  145.716054][T10993] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  145.722581][T10993] RSP: 002b:00007f1e6b0e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  145.725376][T10993] RAX: ffffffffffffffda RBX: 00007f1e6a575fa0 RCX: 00007f1e6a38472c
[  145.728165][T10993] RDX: 000000000000000f RSI: 00007f1e6b0e60a0 RDI: 0000000000000005
[  145.730863][T10993] RBP: 00007f1e6b0e6090 R08: 0000000000000000 R09: 0000000000000000
[  145.733605][T10993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  145.736340][T10993] R13: 0000000000000000 R14: 00007f1e6a575fa0 R15: 00007ffcae1a54a8
[  145.739042][T10993]  </TASK>
[  146.017319][T11009] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1450'.
[  146.040619][T11014] netlink: 'syz.2.1451': attribute type 4 has an invalid length.
[  146.040764][T11019] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1452'.
[  146.040794][T11018] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1452'.
[  146.040805][T11018] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1452'.
[  146.144907][T11025] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1456'.
[  146.164313][T11031] netdevsim netdevsim3: Direct firmware load for .
[  146.164313][T11031]  failed with error -2
[  146.167710][T11031] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  146.167710][T11031] 
[  146.287111][ T5939] Bluetooth: hci2: command tx timeout
[  146.316513][T11045] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  146.349335][T11047] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1462'.
[  146.353280][T11047] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1462'.
[  146.395885][T11058] pimreg: entered allmulticast mode
[  146.400217][T11058] pimreg: left allmulticast mode
[  146.478389][T11063] gadgetfs: Unknown parameter 'gid'
[  146.699582][T11096] geneve2: entered promiscuous mode
[  146.702764][T11096] geneve2: entered allmulticast mode
[  146.918615][T11110] xt_hashlimit: size too large, truncated to 1048576
[  146.951788][   T39] audit: type=1400 audit(1734328866.933:724): avc:  denied  { map } for  pid=11117 comm="syz.4.1483" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  146.958768][   T39] audit: type=1400 audit(1734328866.943:725): avc:  denied  { execute } for  pid=11117 comm="syz.4.1483" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  147.044158][T11126] netlink: 732 bytes leftover after parsing attributes in process `syz.3.1485'.
[  147.046925][T11126] netlink: 732 bytes leftover after parsing attributes in process `syz.3.1485'.
[  147.896465][    C0] net_ratelimit: 2 callbacks suppressed
[  147.896478][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  148.350482][T11129] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  148.352423][T11129] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  148.356177][T11129] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  148.360076][T11129] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  148.364270][T11129] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  148.392423][T11144] bond0: entered promiscuous mode
[  148.394262][T11144] bond_slave_0: entered promiscuous mode
[  148.396972][T11144] bond_slave_1: entered promiscuous mode
[  148.410488][T11146] netlink: 576 bytes leftover after parsing attributes in process `syz.2.1491'.
[  148.423839][T11153] trusted_key: encrypted_key: master key parameter 'ec¤(çïtfr:n' is invalid
[  148.538084][T11180] lo speed is unknown, defaulting to 1000
[  148.580827][T11182] xt_bpf: check failed: parse error
[  148.616724][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  148.666918][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  148.790105][T11201] EXT4-fs error: 21 callbacks suppressed
[  148.790120][T11201] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:11: iget: checksum invalid
[  148.797671][T11202] EXT4-fs error (device sda1): ext4_lookup:1813: inode #1200: comm kworker/u32:14: iget: checksum invalid
[  148.801568][T11198] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  148.863458][T11204] veth0_vlan: left allmulticast mode
[  148.874807][T11204] veth0_vlan: entered allmulticast mode
[  148.877009][T11204] 
[  148.877727][T11204] ============================================
[  148.879402][T11204] WARNING: possible recursive locking detected
[  148.881083][T11204] 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0 Not tainted
[  148.883439][T11204] --------------------------------------------
[  148.886835][T11204] syz.2.1507/11204 is trying to acquire lock:
[  148.888459][T11204] ffff88804d8b4e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event+0x2c7/0x770
[  148.890977][T11204] 
[  148.890977][T11204] but task is already holding lock:
[  148.892938][T11204] ffff88804d8b4e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave+0x9c/0x20e0
[  148.895484][T11204] 
[  148.895484][T11204] other info that might help us debug this:
[  148.897648][T11204]  Possible unsafe locking scenario:
[  148.897648][T11204] 
[  148.899626][T11204]        CPU0
[  148.900521][T11204]        ----
[  148.901433][T11204]   lock(team->team_lock_key);
[  148.902728][T11204]   lock(team->team_lock_key);
[  148.904026][T11204] 
[  148.904026][T11204]  *** DEADLOCK ***
[  148.904026][T11204] 
[  148.906101][T11204]  May be due to missing lock nesting notation
[  148.906101][T11204] 
[  148.908356][T11204] 2 locks held by syz.2.1507/11204:
[  148.909886][T11204]  #0: ffffffff8fedc048 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5d9/0x1d60
[  148.912339][T11204]  #1: ffff88804d8b4e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave+0x9c/0x20e0
[  148.914899][T11204] 
[  148.914899][T11204] stack backtrace:
[  148.916505][T11204] CPU: 3 UID: 0 PID: 11204 Comm: syz.2.1507 Not tainted 6.13.0-rc2-syzkaller-00382-gdccbe2047a5b #0
[  148.919389][T11204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.922247][T11204] Call Trace:
[  148.923162][T11204]  <TASK>
[  148.923956][T11204]  dump_stack_lvl+0x116/0x1f0
[  148.925164][T11204]  print_deadlock_bug+0x2e3/0x410
[  148.926546][T11204]  __lock_acquire+0x2117/0x3c40
[  148.927871][T11204]  ? __pfx___lock_acquire+0x10/0x10
[  148.929259][T11204]  ? find_held_lock+0x2d/0x110
[  148.930571][T11204]  lock_acquire.part.0+0x11b/0x380
[  148.931984][T11204]  ? team_device_event+0x2c7/0x770
[  148.933335][T11204]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  148.934754][T11204]  ? rcu_is_watching+0x12/0xc0
[  148.936010][T11204]  ? trace_lock_acquire+0x14e/0x1f0
[  148.936521][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  148.937496][T11204]  ? team_device_event+0x2c7/0x770
[  148.937517][T11204]  ? lock_acquire+0x2f/0xb0
[  148.941513][T11204]  ? team_device_event+0x2c7/0x770
[  148.942826][T11204]  __mutex_lock+0x19b/0xa60
[  148.943983][T11204]  ? team_device_event+0x2c7/0x770
[  148.945258][T11204]  ? team_device_event+0x2c7/0x770
[  148.946607][T11204]  ? __pfx___mutex_lock+0x10/0x10
[  148.947927][T11204]  ? team_device_event+0x2c7/0x770
[  148.949200][T11204]  team_device_event+0x2c7/0x770
[  148.950596][T11204]  notifier_call_chain+0xb7/0x410
[  148.951913][T11204]  ? __pfx_team_device_event+0x10/0x10
[  148.953324][T11204]  call_netdevice_notifiers_info+0xbe/0x140
[  148.954791][T11204]  __dev_notify_flags+0x12d/0x2e0
[  148.956060][T11204]  ? __pfx___dev_notify_flags+0x10/0x10
[  148.957520][T11204]  ? __pfx___dev_change_flags+0x10/0x10
[  148.958932][T11204]  ? __nla_put+0x27/0x40
[  148.960022][T11204]  dev_change_flags+0x10c/0x160
[  148.961255][T11204]  vlan_device_event+0xdfc/0x2120
[  148.962549][T11204]  ? __pfx_phonet_device_notify+0x10/0x10
[  148.963995][T11204]  ? __pfx_vlan_device_event+0x10/0x10
[  148.965370][T11204]  ? __pfx_br_device_event+0x10/0x10
[  148.966698][T11204]  ? raw_notifier+0xa4/0x860
[  148.967904][T11204]  ? isotp_notifier+0xa4/0x6d0
[  148.969104][T11204]  ? bcm_notifier+0xa8/0x820
[  148.970312][T11204]  ? cgw_notifier+0xa2/0x390
[  148.971597][T11204]  notifier_call_chain+0xb7/0x410
[  148.972928][T11204]  ? __pfx_vlan_device_event+0x10/0x10
[  148.974293][T11204]  call_netdevice_notifiers_info+0xbe/0x140
[  148.975878][T11204]  dev_open+0x144/0x160
[  148.976988][T11204]  ? __pfx_dev_open+0x10/0x10
[  148.978251][T11204]  ? __kmalloc_noprof+0x23b/0x510
[  148.979561][T11204]  team_add_slave+0xacd/0x20e0
[  148.980780][T11204]  ? __pfx_team_add_slave+0x10/0x10
[  148.982110][T11204]  ? __lock_acquire+0x15a9/0x3c40
[  148.983400][T11204]  ? __pfx_validate_linkmsg+0x10/0x10
[  148.984800][T11204]  ? __pfx_team_add_slave+0x10/0x10
[  148.986198][T11204]  do_set_master+0x1bc/0x230
[  148.987720][T11204]  do_setlink.constprop.0+0xb60/0x3f70
[  148.989205][T11204]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[  148.990852][T11204]  ? lock_acquire.part.0+0x11b/0x380
[  148.992330][T11204]  ? __mutex_trylock_common+0xea/0x250
[  148.993796][T11204]  ? __pfx___mutex_trylock_common+0x10/0x10
[  148.995412][T11204]  ? rtnl_newlink+0x5d9/0x1d60
[  148.996702][T11204]  ? rcu_is_watching+0x12/0xc0
[  148.998037][T11204]  ? trace_contention_end+0xee/0x140
[  148.999511][T11204]  ? __mutex_lock+0x1cc/0xa60
[  149.000884][T11204]  ? rtnl_newlink+0x5d9/0x1d60
[  149.002199][T11204]  ? __pfx___mutex_lock+0x10/0x10
[  149.003586][T11204]  ? __pfx___nla_validate_parse+0x10/0x10
[  149.005121][T11204]  ? cap_capable+0x1cf/0x240
[  149.006391][T11204]  ? full_name_hash+0xbc/0x110
[  149.007689][T11204]  ? netdev_name_node_lookup+0x127/0x180
[  149.009195][T11204]  rtnl_newlink+0x1303/0x1d60
[  149.010463][T11204]  ? __pfx_rtnl_newlink+0x10/0x10
[  149.011857][T11204]  ? __pfx___lock_acquire+0x10/0x10
[  149.013232][T11204]  ? cred_has_capability.isra.0+0x192/0x2f0
[  149.014716][T11204]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  149.016398][T11204]  ? find_held_lock+0x2d/0x110
[  149.017667][T11204]  ? __pfx_rtnl_newlink+0x10/0x10
[  149.019029][T11204]  rtnetlink_rcv_msg+0x95b/0xea0
[  149.020337][T11204]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  149.021851][T11204]  netlink_rcv_skb+0x16b/0x440
[  149.023194][T11204]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  149.024655][T11204]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  149.026095][T11204]  ? netlink_deliver_tap+0x1ae/0xd30
[  149.027574][T11204]  netlink_unicast+0x53c/0x7f0
[  149.028893][T11204]  ? __pfx_netlink_unicast+0x10/0x10
[  149.030306][T11204]  netlink_sendmsg+0x8b8/0xd70
[  149.031626][T11204]  ? __pfx_netlink_sendmsg+0x10/0x10
[  149.033035][T11204]  ____sys_sendmsg+0xaaf/0xc90
[  149.034312][T11204]  ? copy_msghdr_from_user+0x10b/0x160
[  149.035788][T11204]  ? __pfx_____sys_sendmsg+0x10/0x10
[  149.036461][ T5938] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  149.037377][T11204]  ___sys_sendmsg+0x135/0x1e0
[  149.037398][T11204]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.042509][T11204]  ? __pfx_lock_release+0x10/0x10
[  149.043874][T11204]  ? trace_lock_acquire+0x14e/0x1f0
[  149.045275][T11204]  ? __fget_files+0x206/0x3a0
[  149.046556][T11204]  __sys_sendmsg+0x16e/0x220
[  149.047807][T11204]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.049208][T11204]  ? __x64_sys_futex+0x1e1/0x4c0
[  149.050565][T11204]  do_syscall_64+0xcd/0x250
[  149.051794][T11204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.053393][T11204] RIP: 0033:0x7efef0985d19
[  149.054583][T11204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.059722][T11204] RSP: 002b:00007efef1818038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.061992][T11204] RAX: ffffffffffffffda RBX: 00007efef0b75fa0 RCX: 00007efef0985d19
[  149.064143][T11204] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000008
[  149.066286][T11204] RBP: 00007efef0a01a20 R08: 0000000000000000 R09: 0000000000000000
[  149.068469][T11204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.070624][T11204] R13: 0000000000000000 R14: 00007efef0b75fa0 R15: 00007ffd27f5df88
[  149.072782][T11204]  </TASK>
[  149.196534][ T5938] usb 9-1: Using ep0 maxpacket: 8
[  149.200053][ T5938] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  149.202409][ T5938] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.205089][ T5938] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  149.207969][ T5938] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  149.210584][ T5938] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.214054][ T5938] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  149.216550][ T5938] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.422541][ T5938] usb 9-1: usb_control_msg returned -32
[  149.424072][ T5938] usbtmc 9-1:16.0: can't read capabilities
[  149.966642][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  150.367034][ T5943] Bluetooth: hci2: command 0x0419 tx timeout
[  150.367134][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout
[  150.367184][ T5952] Bluetooth: hci0: command 0x0c1a tx timeout
[  151.006458][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  151.709810][ T5997] usb 9-1: USB disconnect, device number 2
[  152.046444][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  152.446555][ T5939] Bluetooth: hci2: command 0x0419 tx timeout
[  153.086493][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  154.126541][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  154.526620][ T5943] Bluetooth: hci2: command 0x0419 tx timeout
[  154.686532][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout
[  155.166508][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  156.206485][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  156.606514][ T5939] Bluetooth: hci2: command 0x0419 tx timeout
[  157.246476][    C0] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  158.286499][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available

VM DIAGNOSIS:
05:18:28  Registers:
info registers vcpu 0

CPU#0
RAX=00000000000eca9c RBX=0000000000000000 RCX=ffffffff8b293679 RDX=ffffed100d4c6fee
RSI=ffffffff8bd1e7e0 RDI=ffffffff817095a9 RBP=fffffbfff1bd2ef8 RSP=ffffffff8de07e20
R8 =0000000000000000 R9 =ffffed100d4c6fed R10=ffff88806a637f6b R11=0000000000000001
R12=0000000000000000 R13=ffffffff8de977c0 R14=ffffffff905f2c50 R15=0000000000000000
RIP=ffffffff8b294a5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007efef17f7d58 CR3=00000000233c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000008 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000080000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcda046560 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000000fbaf4 RBX=0000000000000001 RCX=ffffffff8b293679 RDX=ffffed100d4e6fee
RSI=ffffffff8bd1e7e0 RDI=ffffffff817095a9 RBP=ffffed10039df910 RSP=ffffc90000187e08
R8 =0000000000000000 R9 =ffffed100d4e6fed R10=ffff88806a737f6b R11=0000000000000001
R12=0000000000000001 R13=ffff88801cefc880 R14=ffffffff905f2c50 R15=0000000000000000
RIP=ffffffff8b294a5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3bcb2b CR3=0000000024c02000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcda0462f0 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e02a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fccb6e02b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e776f6e6b6e7500 6f6c6c3332302500 657a697320740004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b524a4b4e4b5000 4a49491617150000 405f4c560551464a 5751560541444700
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=00000000001464f4 RBX=0000000000000002 RCX=ffffffff8b293679 RDX=ffffed100d506fee
RSI=ffffffff8bd1e7e0 RDI=ffffffff817095a9 RBP=ffffed1003ad1000 RSP=ffffc90000197e08
R8 =0000000000000000 R9 =ffffed100d506fed R10=ffff88806a837f6b R11=0000000000000001
R12=0000000000000002 R13=ffff88801d688000 R14=ffffffff905f2c50 R15=0000000000000000
RIP=ffffffff8b294a5f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055558eb18808 CR3=00000000234c4000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f10029b2
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f10029bf
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f10029b9
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f10029cd
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f1002a53
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f1002b31
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f114b488 00007f98f114b480 00007f98f114b478 00007f98f114b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f1cad100 00007f98f114b440 00007f98f114b458 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98f114b498 00007f98f114b490 00007f98f114b488 00007f98f114b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000000d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851b91a5 RDI=ffffffff9ab0cc20 RBP=ffffffff9ab0cbe0 RSP=ffffc9000dc963a0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000000d R14=ffffffff851b9140 R15=0000000000000000
RIP=ffffffff851b91cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007efef18186c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007efef096bac0 CR3=0000000031e00000 CR4=00352ef0
DR0=00000000ffffa000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fff00880 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ce5769c9604f4536 067cae7c89614900
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 97e3f0ce3f072eec 42bde2f426be4d1d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a868a38bf0501856 ba221c194e50c30e
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01ad11f029b3103f 479d6a90bd7750d1
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000740
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000005b 33eb1ab03aad6aa4
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005b0000005b aaaa0000899c30aa
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000033526d26 004545d431e44884
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 aaaaaaaa005b3b6c 0000005b00073a7e
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 62691067a6d3fa62 5ad1237bcabefdc6
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 21d515fed8fae304 b76ef43a68ff1061
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000003130302f 3330302f6273752f 7375622f7665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000001213130c 1013130c4150560c 5056410c5546470c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000