last executing test programs:

1m15.920578166s ago: executing program 3 (id=446):
r0 = socket$inet_sctp(0x2, 0x4, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0xc0, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000d0000fffffdff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000008000000000000000000000000000000000000e370107ebdb34e2607879e9ee200000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000"]}, 0x142)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x2, 0x2fc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000800], 0x0, &(0x7f0000000000), &(0x7f0000000800)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{0x11, 0x3c, 0x4, 'team0\x00', 'bridge0\x00', 'virt_wifi0\x00', 'nr0\x00', @multicast, [0x0, 0xff, 0x0, 0xff, 0xff, 0xff], @broadcast, [0xff, 0xff, 0xff, 0xff], 0x6e, 0xe6, 0x12e, [], [@common=@nflog={'nflog\x00', 0x50, {{0x0, 0x3, 0x587, 0x0, 0x0, "8e548a8f95106c242f688ff9f5ef4c2a83e2381f9687aa29c95478756c72be0d4bd0a03571be22406105043331ffb45d63f8d8dc0c0c946260a5492ee50ee532"}}}], @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x8b, 0xd, {0x2}}}}}]}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{0x9, 0x34, 0x6003, 'veth0_to_batadv\x00', 'nicvf0\x00', 'ip6gre0\x00', 'vxcan1\x00', @empty, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], @multicast, [0xff, 0xff, 0x0, 0xff, 0xff], 0xae, 0x10e, 0x13e, [@quota={{'quota\x00', 0x0, 0x18}, {{0x1, 0x0, 0x7, {0x5}}}}], [@common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0xa}}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x7}}}], @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x374)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000340)="3f031c000302140006001e008900", 0xe, 0x1, &(0x7f0000000540)={0xc9, 0x8100, r2, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)
mount(&(0x7f0000000200)=@md0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='bdev\x00', 0xc0810, 0x0)

1m15.838931313s ago: executing program 3 (id=447):
syz_io_uring_submit(0x0, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @private2, 0x3, 0x2, 0x5, 0x500, 0xb3, 0x84c30021, r2})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$kcm(0x29, 0x2, 0x0)
r4 = dup(r3)
write$UHID_INPUT(r4, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={0x0}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x28, 0x0, 0x8, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x4}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x40005}, 0x20000011)
syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @private2, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0x80}}]}]}}}}}}}, 0x0)

1m15.83875139s ago: executing program 3 (id=448):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000100)={[{@huge_within_size}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="4801000041000701fcfffffffddbdf25017c0000040036802e010180140076"], 0x148}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
chdir(&(0x7f0000000280)='./file0\x00')
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x4, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ftruncate(r1, 0x82081fc)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
mprotect(&(0x7f00005c4000/0x4000)=nil, 0x4000, 0x14f4910c86c95fd9)

1m15.780773525s ago: executing program 3 (id=449):
r0 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x13)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$incfs(0xffffffffffffff9c, &(0x7f0000000300)='.pending_reads\x00', 0x2, 0x90)
r1 = socket(0x2, 0x80805, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x71569364445f416e, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r2, 0x80083314, &(0x7f0000000080))
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="30000000000057008400000001000000000000000c000000040000000000000000000000000000000000000080ed0df2791b03832cadddcde32efe2633677c55f37c4429702372f726e355ca2879219364c6c012dc205545a52fcd273b267804", @ANYRES32=0x0], 0x30}], 0x1, 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
tkill(r0, 0x12)
wait4(r0, 0x0, 0x4000000a, 0x0)

1m15.70970044s ago: executing program 3 (id=450):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1a4801, 0x1d1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x88}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, r0, &(0x7f00000000c0)='!', 0xb7f40}])

1m15.709475887s ago: executing program 3 (id=451):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='clear_refs\x00')
statx(r0, &(0x7f0000001380)='./file0\x00', 0x1000, 0x0, 0x0)
syz_io_uring_setup(0x5c26, &(0x7f0000000240)={0x0, 0x0, 0x13290, 0x0, 0x0, 0x0, r0}, &(0x7f0000000440), &(0x7f0000000080))
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x38)
fcntl$setsig(r1, 0xa, 0x21) (async)
fcntl$setlease(r1, 0x400, 0x1) (async)
close_range(r1, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)

1m15.632503971s ago: executing program 32 (id=451):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='clear_refs\x00')
statx(r0, &(0x7f0000001380)='./file0\x00', 0x1000, 0x0, 0x0)
syz_io_uring_setup(0x5c26, &(0x7f0000000240)={0x0, 0x0, 0x13290, 0x0, 0x0, 0x0, r0}, &(0x7f0000000440), &(0x7f0000000080))
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x38)
fcntl$setsig(r1, 0xa, 0x21) (async)
fcntl$setlease(r1, 0x400, 0x1) (async)
close_range(r1, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000000)='pids.current\x00', 0x0, 0x0)

55.942418229s ago: executing program 1 (id=715):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000008000f00fd000000", 0x24)

55.889336822s ago: executing program 1 (id=717):
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

55.820608602s ago: executing program 1 (id=719):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x9f}]}, 0x40}}, 0x0)

55.739382122s ago: executing program 1 (id=723):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x20008000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

55.731403907s ago: executing program 1 (id=724):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002ac0)=@polexpire={0xd8, 0x1b, 0x1, 0x0, 0x0, {{{@in6=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, [@sec_ctx={0xc, 0x8, {0x8}}, @mark={0xc}]}, 0xd8}}, 0x4000000)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0) (async)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x2000, 0x0) (async)
msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x2000, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0xc0049364, &(0x7f00000000c0))
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, 0x0, 0x10, 0x70bd29, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x24048010}, 0x8004) (async)
sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x1c, 0x0, 0x10, 0x70bd29, 0x25dfdbfc}, 0x1c}, 0x1, 0x0, 0x0, 0x24048010}, 0x8004)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x315}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) (async)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080), 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10, 0x1})
io_uring_enter(r2, 0x3f70, 0x0, 0x0, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x80060, &(0x7f0000000080)={[{@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x32]}}]})

55.650211494s ago: executing program 1 (id=726):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000008000f00fd000000", 0x24)

40.684988227s ago: executing program 33 (id=726):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x80000000, 0x0, 0xfffffffc}, 0x10)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe0000000000000008000f00fd000000", 0x24)

3.774372169s ago: executing program 2 (id=1484):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10) (async)
sendmmsg$inet(r0, &(0x7f00000005c0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000040)="aec174e1d091c31e329ac286d972820877f1899e42f3f47b0ccedb3f0a", 0x1d}, {&(0x7f0000000080)="c22a420dd18724dadf58483e7d41f08f7c1e737d31c359922300e9bfd146409287b3a1f5f2ab187f51bbd4d6e69574c2863d1d9e2418b25c74069ae0970e8f96f05720134c659a55032241dd34fb9e75ae8680b71a41228df55c0cb47bf29bc2985ec8484533f80477809b324c1083ff218ebed5a763577fe6afd47182d41850d254ab5d8011292c7d2aa954d26ee03a71232dcdd217299f63f17de61fd6e5d15cd87a", 0xa3}, {&(0x7f0000000140)="3a24397a13cff9f63063fefc178a2917e0c80104f373e5e6d27a72a31abdc0473ac7588cb42aa3c64e00daf3fd9e", 0x2e}, {&(0x7f0000000180)="4bd0d60bf506", 0x6}, {&(0x7f0000000280)="ab414218a487e3ed7472b13a98dacdf0847b0d461241d54be58cbf07e8f19d821e5b996d1561ddac3b97677f559802e075242389f983e66c33fb9cf8891ed424b57add676fa85bd19fe7aafa8680de860f0ebbe08e88aa94c0dca2265779c1b7a67faff23c9d316d4be56c5874e0f8122076578f28dc6878907180f191bd5f405e1a5090fec206", 0x87}, {&(0x7f00000001c0)="ec81e753e39180c7ec4c9d049f6200c80f476490ba1a131d1eba24f37fff2ffa3df9f867ea1f3a1dcd5d933d38538d121ad38f7c661de52a07d73ddbc4fc5b3b8dfa98ede9487b865cde557b7a28", 0x4e}, {&(0x7f0000000340)="13cc2bf568a7c7eb66ee8b0adcf752e1f9aa8df36e190d7592c1a8cee7a8bcc726440e101a03bf7a3b142088c7374a26b9af9c58140fe837", 0x38}, {&(0x7f0000000380)="c5e7441dc589598493cde07b45df0a4762f9c603abaa2ccfde8a893ec957d7b955bfa401870ff8cb40072a50d5b805b31b40de9967a68a2e3b698041e059a390361af41fee21e6a89e8c4883ef8c7152a6dc2e83637c99da8139", 0x5a}], 0x8, &(0x7f00000006c0)=ANY=[@ANYBLOB="11000000000000000000000001000000af000000000000001c00f6ffffff00000000000008000000bfebb9b530468f946eb4ed8a4dc0a2747fff6157edbf7f8ae8a1c9f7056ff7cf0f63fdb9779091fe49500ea4fb8a9f1281ae4b582c2b06000000000000005985e1867eaa8ca65986fcb3988c68ed8a4b6d365ca095439d3354c3dd54d5a3a67a0fdd2af8df60ec7dacfdb9ea446dd13a1c07a60156000000000000000090f9c00723f8df04449ada72224fb5019a1d51ceea59f62ba723adf6c1810900000000000000e41f40960845e9d85bd0c42f4992906ca7b1b080b9b8271b14de6a3e33161fc2864a443aebcac5bccbb8e218e39022ff4a68a33b1c9dc383996bb9eb75f38f59b55ef3fb02c806b6dfb2221e846d635d", @ANYRES32=0x0, @ANYBLOB="7f000001ac1414bb0000000014000000000000000000000002000000300c0000000000001400000000000000000000000100000001000000000000004c000000000000000000000007000000443c5781e0000001000000046401010000000007ac1e00010000000300000000000000807f00000100000001e000000200000009ac141417000000eb0000000011000000000000000000000001000000010000000000000020000000000000000000000007000000070fa7ac1e0001e0000001e000000201140000000000000000000000010000000600000000000000"], 0x108}}], 0x1, 0x40005) (async)
sendmmsg$inet(r0, &(0x7f0000003040)=[{{&(0x7f0000000680)={0x2, 0x4c22, @multicast1}, 0x10, 0x0}}], 0x1, 0xc090)

3.7094633s ago: executing program 2 (id=1485):
syz_usb_connect(0x1, 0x36, &(0x7f0000000040)=ANY=[], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, 0x0, 0x0)

1.659868988s ago: executing program 5 (id=1514):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0xb}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0xfc}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xc0}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {r0}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x6, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r2, 0x8, 0x0, 0x0, 0x18, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x6d)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x208103, 0x2c)

1.657335549s ago: executing program 5 (id=1515):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000140), 0x5, 0x20)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r2, 0x40044145, &(0x7f0000000280)=0x54967700)
fcntl$lock(r1, 0x26, &(0x7f0000000000))
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x2, 0x1, 0x7fff, 0x2e})
r3 = socket$inet(0x2, 0x2, 0x1)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0x970b)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r5, {0x8}}, './file0\x00'})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRESDEC=r3, @ANYRES32=r0, @ANYRESOCT=r3, @ANYRES8=r0, @ANYRESHEX=r0], 0x6c}, 0x1, 0x0, 0x0, 0xd1}, 0x4008080)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) (async)
syz_open_dev$sndpcmp(&(0x7f0000000140), 0x5, 0x20) (async)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r2, 0x40044145, &(0x7f0000000280)=0x54967700) (async)
fcntl$lock(r1, 0x26, &(0x7f0000000000)) (async)
fcntl$lock(r1, 0x25, &(0x7f00000000c0)={0x2, 0x1, 0x7fff, 0x2e}) (async)
socket$inet(0x2, 0x2, 0x1) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
openat$cgroup_int(r4, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0) (async)
sendfile(r5, r5, 0x0, 0x970b) (async)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r5, {0x8}}, './file0\x00'}) (async)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRESDEC=r0, @ANYRESDEC=r3, @ANYRES32=r0, @ANYRESOCT=r3, @ANYRES8=r0, @ANYRESHEX=r0], 0x6c}, 0x1, 0x0, 0x0, 0xd1}, 0x4008080) (async)

1.585013002s ago: executing program 5 (id=1516):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async, rerun: 32)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) (async)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x4, 0x6, 0x7, 0x400}) (async)
setrlimit(0x40000000000008, &(0x7f0000000080)={0x0, 0x6}) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) (async)
sendmmsg$inet(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804) (async)
exit(0x8d1) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) (rerun: 64)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000008, 0x12, r1, 0x0) (async)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e07002d0c"], 0xa) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap$dsp(&(0x7f0000bcf000/0x14000)=nil, 0x14000, 0x4, 0x8010, r1, 0x0) (async, rerun: 32)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async, rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000180)={'batadv0\x00', &(0x7f0000000140)=@ethtool_stats}) (async)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a0b0400000000000000000200000058000480240001800b000100736f636b65740000140002800800024000000003080001400000000230000180080001006e61740024000280080006480000000b0800054000000003080001400000000008000240000000020900010073797a30000000000900020073797a320000000014000000110001"], 0xac}}, 0x0) (async, rerun: 32)
r4 = userfaultfd(0x1) (async, rerun: 32)
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x48a}) (async)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x6}) (async)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) (async, rerun: 32)
ioctl$UFFDIO_ZEROPAGE(r4, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}}) (async, rerun: 32)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)

1.583869886s ago: executing program 5 (id=1518):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/21, 0x15}], 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f0000000640)={0x2, &(0x7f0000000240)=[{0x6, 0x3, 0x0, 0x1000}, {0x7db9, 0x4, 0x65, 0x401}]}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x8a, &(0x7f0000000380)={@local, @link_local, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x1, 0x1, "c993f8ba4dab9d3f46c31ee915ad199d18c1e855f5d24d292fd2efe1537df139", "d062f6ff1b9b6a43060002f9ffffff00", {"265c431057398334af42413578ca83f1", "ec5fe8ffb2b2703bbb2d43cab7469d09"}}}}}}}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}, 0x1, 0x0, 0x0, 0x4048800}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x34, r7, 0x20, 0x70bd28, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0x1f, 0x1, @udp='udp:syz1\x00'}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

1.208877499s ago: executing program 5 (id=1521):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0xd)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f00000003c0)=ANY=[@ANYBLOB="12011001020000082505a1a440000102030109025c0002018160080904000001020d000005240600010524004aa30d240f01060000003fd50200b406241a8b0b140905810320000903460904010000021200000904010102020d0000090582022000070808090503020002f81801"], &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x0, 0x4, [{0x0, 0x0}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x445}}, {0x4, &(0x7f00000005c0)=@lang_id={0x4, 0x3, 0x83e}}, {0xc1, &(0x7f0000000100)=ANY=[@ANYBLOB="c1036a5477196df678ea1620bcd37a96eb68b2cb2f8c391099fc557cf06eee92285944f210414eae4f9f0300814bf425364e3fdceeab83f619a5505f8d4a726dc602d5317e4bf7d75769234c27df16a1024c16b06f0fe5fc65c37824178b086b8226f153ceae1f1041215283bf92c67281b7ed754eb0d3bca778e8d10b02be176d11c6c3e154f801a4d9620f758e49e9cb8d59c58e6dc16048ddf784db39a6a6adbddac15685d5126fc497a03f43836034d47033d5c664ed3e75be1d5f467395cbbae528a89602cad0a090af9ba19aabc09aabd472dad874e878c8120fefb45590227b8d7d719d1708e531286e4f0c154cadcf7f8c52bb54b36232e21c2234b9de917b0c984e8e8e6418d42fea4496074f18a54c17ede14902df12a96070d6338a1e6585eca30a368ee3dc8f572267c9f0c68e49bd8de28b325d7e8d27c7157cfdf30fdcf5965d640324967d121655fa9707835fc5f1d66fca1687544df7c730c851c490d1707dbf740423ba5489035211c3c8566f3c66c2ea98c5"]}]})

680.047913ms ago: executing program 2 (id=1528):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r1, {0xffe0, 0xfff1}, {}, {0x4, 0xffe0}}}, 0x24}}, 0x0)

679.40331ms ago: executing program 2 (id=1530):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000100)='./file0\x00')
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x200002, 0x0)
chdir(&(0x7f0000000000)='./cgroup\x00')
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
pipe(&(0x7f0000019480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)
mbind(&(0x7f00000a2000/0x4000)=nil, 0x4000, 0x4002, &(0x7f0000000200)=0x2000000000000008, 0x5, 0x3)
clock_gettime(0x0, &(0x7f0000001fc0)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000001f00)=[{{&(0x7f0000000000)=@nl, 0x80, &(0x7f0000000380)=[{&(0x7f0000000080)=""/119, 0x77}, {&(0x7f0000000140)=""/148, 0x94}, {&(0x7f0000000200)=""/96, 0x60}, {&(0x7f0000000280)=""/251, 0xfb}], 0x4, &(0x7f00000003c0)=""/27, 0x1b}, 0x1}, {{&(0x7f0000000400)=@l2tp6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @dev}}, 0x80, &(0x7f0000001b00)=[{&(0x7f0000000480)=""/7, 0x7}, {&(0x7f00000004c0)=""/127, 0x7f}, {&(0x7f0000000540)=""/12, 0xc}, {&(0x7f0000000580)=""/79, 0x4f}, {&(0x7f0000000600)=""/208, 0xd0}, {&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000700)=""/105, 0x69}, {&(0x7f00000019c0)=""/44, 0x2c}, {&(0x7f0000001a00)=""/237, 0xed}], 0x9}, 0xffffffa6}, {{&(0x7f0000001bc0)=@alg, 0x80, &(0x7f0000001e80)=[{&(0x7f0000001c40)=""/116, 0x74}, {&(0x7f0000001cc0)=""/145, 0x91}, {&(0x7f0000001d80)=""/213, 0xd5}], 0x3, &(0x7f0000001ec0)=""/60, 0x3c}, 0x39d}], 0x3, 0x2260, &(0x7f0000002000)={r2, r3+10000000})

619.323107ms ago: executing program 2 (id=1533):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ecb(compress_null-generic),blake2s-224-arm)\x00'}, 0x58)
socket$alg(0x26, 0x5, 0x0) (async)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ecb(compress_null-generic),blake2s-224-arm)\x00'}, 0x58) (async)
bind$alg(r1, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ecb(compress_null-generic),blake2s-224-arm)\x00'}, 0x58)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x3a, 0x1, 0x0, 0x20) (async)
setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x3a, 0x1, 0x0, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x340, 0x30, 0x1, 0x0, 0x0, {}, [{0x32c, 0x1, [@m_ife={0x328, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xfffffe01, 0xffffffffffffffff, 0x1, 0x6b9f}}}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_PRIO={0x4, 0x3, @void}]}]}, {0x2dc, 0x6, "a0955de1c1171bd76aeb484079b69d35da94d51bc36a29966fb08ee1c67a153fde699a35e331c75cb2dd570472e91647db6fc2b1a8695dc23bee33342873b3063d74088d526c18fb8290e30431d5c027ed1d5faf81fa4a235e42bd0e9bcb32c91a67dc0c6e5045816ae2c723bbd6ffca03fd9940e4e345a72ef84fc9ab0c478bee51c56a733f46b3318bb3f1bd78e20f8ad7e35d0746dab421c20bb67bc941c6a230103ed1dd0b437e08f77a6e465ee76a5e0ac092fe7a9af378edaa151d75862ca620ca4de06ae0552a885bae91c6e8d7ad42cb6a1dd9b3234056a29652b928ff69bbd346c56a10c9fe30ca4fe033661cde458c83cc475feebaecb4dbedc09924ee43adeb6343311754f402cd060a5db5495e47c55826e8e84a5b04f23cb5a7aabd7d21cdd7f7ce574c17fdb463e6b87b0d61547577ca633b0e7af7c322b65fa24059367b342d35ed901b7f79ade354500f69998030b5487a12888208511aff32b458a9bce371fb4d99af45339a58ca05ec5b0909302dc79631ccad4c1b8ece0df709946c21083dfdc443b6fad822ac2b9b3a897d9fe1bd83f708964e311ebdcb3c813fb419abbc120f17b39735add5e4eb6e31a2db53509e53cdb5d5b4c5743fa33824d870c50d82679dac9bbcc8078fa230567639399cc43575fcae03e13933f1be48bfaf23347847f5382d568e5589d6969123df6c6534262ccdb632bca0ecd281b9b9ef847828c4a65ab9acd260b25327bb9a47ea3be48db18db7532e142a12e23b0ce0970000000093198e4658ae6fc2a150e53758f7b25639e2621378653f039b6dfdd71bed0b97f8975f84ffcc0d5a745d698feed333b513e70fd7c466da0dc403157a8fc86b6e8cdb590fd49d7968c3cb7d0b62afbc243884bd601060a86d03417a9e6b5f5a62e9f84595c72cfb55fcc6b0df67dc47b5726dc713ae7d51d8f3d1c2be9b5505e7210aae25bb757b38a6427e16e9a48731a9cbdbee96876ef8c6e968421087ef2d98082235c4512cc20684593d28"}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x340}, 0x1, 0x0, 0x0, 0x8010}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x340, 0x30, 0x1, 0x0, 0x0, {}, [{0x32c, 0x1, [@m_ife={0x328, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xfffffe01, 0xffffffffffffffff, 0x1, 0x6b9f}}}, @TCA_IFE_METALST={0x8, 0x6, [@IFE_META_PRIO={0x4, 0x3, @void}]}]}, {0x2dc, 0x6, "a0955de1c1171bd76aeb484079b69d35da94d51bc36a29966fb08ee1c67a153fde699a35e331c75cb2dd570472e91647db6fc2b1a8695dc23bee33342873b3063d74088d526c18fb8290e30431d5c027ed1d5faf81fa4a235e42bd0e9bcb32c91a67dc0c6e5045816ae2c723bbd6ffca03fd9940e4e345a72ef84fc9ab0c478bee51c56a733f46b3318bb3f1bd78e20f8ad7e35d0746dab421c20bb67bc941c6a230103ed1dd0b437e08f77a6e465ee76a5e0ac092fe7a9af378edaa151d75862ca620ca4de06ae0552a885bae91c6e8d7ad42cb6a1dd9b3234056a29652b928ff69bbd346c56a10c9fe30ca4fe033661cde458c83cc475feebaecb4dbedc09924ee43adeb6343311754f402cd060a5db5495e47c55826e8e84a5b04f23cb5a7aabd7d21cdd7f7ce574c17fdb463e6b87b0d61547577ca633b0e7af7c322b65fa24059367b342d35ed901b7f79ade354500f69998030b5487a12888208511aff32b458a9bce371fb4d99af45339a58ca05ec5b0909302dc79631ccad4c1b8ece0df709946c21083dfdc443b6fad822ac2b9b3a897d9fe1bd83f708964e311ebdcb3c813fb419abbc120f17b39735add5e4eb6e31a2db53509e53cdb5d5b4c5743fa33824d870c50d82679dac9bbcc8078fa230567639399cc43575fcae03e13933f1be48bfaf23347847f5382d568e5589d6969123df6c6534262ccdb632bca0ecd281b9b9ef847828c4a65ab9acd260b25327bb9a47ea3be48db18db7532e142a12e23b0ce0970000000093198e4658ae6fc2a150e53758f7b25639e2621378653f039b6dfdd71bed0b97f8975f84ffcc0d5a745d698feed333b513e70fd7c466da0dc403157a8fc86b6e8cdb590fd49d7968c3cb7d0b62afbc243884bd601060a86d03417a9e6b5f5a62e9f84595c72cfb55fcc6b0df67dc47b5726dc713ae7d51d8f3d1c2be9b5505e7210aae25bb757b38a6427e16e9a48731a9cbdbee96876ef8c6e968421087ef2d98082235c4512cc20684593d28"}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x340}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58) (async)
bind$alg(r6, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$packet(0x11, 0x3, 0x300)
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r7, &(0x7f0000000280)=ANY=[@ANYBLOB="000008000100000000003d0000004600004000000000008490783fffffffac1414aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="b40000009078001c0a030005020000000000000000d0c50a3338068b91000000"], 0x4e)
r9 = accept4(r6, 0x0, 0x0, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0) (async)
close_range(r9, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000040)=0x9, 0x4)
ioctl$sock_bt_hci(r5, 0x800448d2, &(0x7f0000000040))
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
ioctl$KVM_CHECK_EXTENSION(r4, 0xae03, 0x3)

470.060336ms ago: executing program 2 (id=1536):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, [<r2=>0x0], [0x0, 0x7], [0x0, 0x0, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r2})
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x40202, 0x0)
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f00000000c0)=0x1)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000007, 0x12, r3, 0x0)
ioctl$SNDCTL_DSP_POST(r3, 0x5008, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x17, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95b, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x7fff, 0xb, 0x3, 0x8003, 0x4c74, 0x80000000, 0x242, 0x3, 0xd, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x92a3, 0x4, 0x1, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1000, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x8000, 0x1, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0x9, 0x2, 0x7f, 0x9, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x6, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x1, 0x8, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x8001, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x10002, 0x3, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x25], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xb, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

409.969793ms ago: executing program 4 (id=1538):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r1, {0xffe0, 0xfff1}, {}, {0x4, 0xffe0}}}, 0x24}}, 0x0)

409.518816ms ago: executing program 4 (id=1540):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, 0x1, 0x2, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4811}, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

358.615597ms ago: executing program 4 (id=1541):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="687567653d0300000000000000697a652c00"])
chdir(&(0x7f0000000280)='./file0\x00')
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x4)
recvmmsg(r0, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000002c0)=""/177, 0xb1}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000000200)=""/84, 0x54}, {&(0x7f0000000380)=""/65, 0x41}, {&(0x7f00000000c0)=""/13, 0xd}, {&(0x7f0000000400)=""/107, 0x6b}, {&(0x7f0000000140)=""/54, 0x36}], 0x8}, 0x1}], 0x1, 0x10000, &(0x7f0000000540)={0x0, 0x989680})
ftruncate(r0, 0x82081fc)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14d0be, 0x48)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f0000000580)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r0}}, './file0\x00'})
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7ffff4, 0x20012, r1, 0x26ca6000)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1710c2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

358.505888ms ago: executing program 4 (id=1542):
r0 = socket(0x5, 0x2, 0x0)
sendto$inet6(r0, &(0x7f0000000000)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006020a0000000d0085a168d0bf46d32345653600648d270005000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160012000a0000000000e000e218d1dd3b6ed538f6523250", 0x78, 0x4, 0x0, 0x0)

289.960017ms ago: executing program 4 (id=1543):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x4000}, @TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x5) (async)
ioctl$TCFLSH(r1, 0x8925, 0x20001116) (async)
ioctl$TIOCNOTTY(r1, 0x5422)

217.393086ms ago: executing program 4 (id=1547):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x44080)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40841, 0x0)
close(0xffffffffffffffff)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

109.773424ms ago: executing program 0 (id=1548):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x64, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x40800)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x397, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='cdg\x00', 0x4)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r2, 0xc0205648, &(0x7f0000000b00)={0x0, 0x1, 0x8, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f0000000180)=0x404}})
shutdown(r1, 0x1)
r3 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(0x0, &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, r3)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x2326, &(0x7f0000000340)={0x0, 0x21a0, 0x4000, 0x0, 0x4d}, &(0x7f0000000040), &(0x7f0000000140))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4a, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2, r4}})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000f80), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r6=>0xffffffffffffffff}, './file0\x00'})
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000003c0)=<r7=>0x0)
syz_open_procfs(r7, &(0x7f0000000400)='net/llc/socket\x00')
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$EVIOCGPROP(r8, 0x40047438, &(0x7f0000000180)=""/246)
socket$key(0xf, 0x3, 0x2)
socket$netlink(0x10, 0x3, 0x10)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e22, 0x4, @empty, 0x7}, 0x1c)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0), 0x4)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)

109.601964ms ago: executing program 0 (id=1549):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r1, {0xffe0, 0xfff1}, {}, {0x4, 0xffe0}}}, 0x24}}, 0x0)

60.098201ms ago: executing program 0 (id=1550):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0xd)
syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)

59.864279ms ago: executing program 0 (id=1551):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001a00910c07a551559a257aac81", @ANYRESHEX], 0xfe33)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newnexthop={0x38, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0xfffffffd}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000)

48.392987ms ago: executing program 5 (id=1552):
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x110)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
writev(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r3, 0x0)
r4 = io_uring_setup(0x7c8c, &(0x7f00000000c0)={0x0, 0xa3e5, 0x10003, 0x0, 0x135})
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
socket$alg(0x26, 0x5, 0x0)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f0000000000)=<r7=>0x0)
bind$nfc_llcp(r5, &(0x7f0000000240)={0x27, r7, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a07760760beeab11e88509de7f1939e8abfe0055acc8ef039a5be42200000000000000000100", 0x38}, 0x60)
close_range(r4, 0xffffffffffffffff, 0x0)
r8 = fsopen(&(0x7f00000011c0)='hfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x101840, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r9, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x3}]})
ioctl$TUNDETACHFILTER(r9, 0x401054d6, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x0, 'ip6gretap0\x00', {0x3}, 0x42d})
chdir(&(0x7f0000000340)='./file0\x00')
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080))
r10 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r11 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r11)
getdents(r10, &(0x7f0000001fc0)=""/184, 0xb8)

183.8µs ago: executing program 0 (id=1553):
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x3000000, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

0s ago: executing program 0 (id=1554):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = mq_open(&(0x7f0000000080)='^^/-{n/#\x00', 0x40, 0x2, &(0x7f00000000c0)={0x2050, 0x400000000000000, 0x0, 0xb7c2})
syz_open_dev$vim2m(&(0x7f0000000080), 0x2000000000, 0x2) (async)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000140)=<r3=>0xffffffffffffffff)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000340)=@mmap={0x20000, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x1, 0x0, 0x0, 0x2, 0xb, "000003fc"}, 0xfffffffe, 0x1, {}, 0x0, 0x0, r3})
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r4}, &(0x7f0000bbdffc))
mq_notify(r1, &(0x7f0000000100)={0x0, 0x34, 0x2, @tid=r4})
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e40)=ANY=[@ANYRESDEC=r4], 0x78}}, 0x4004) (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e40)=ANY=[@ANYRESDEC=r4], 0x78}}, 0x4004)

kernel console output (not intermixed with test programs):

syzkaller1: entered promiscuous mode
[  123.663620][ T9349] syzkaller1: entered allmulticast mode
[  123.802548][ T9355] bridge0: port 3(erspan0) entered blocking state
[  123.804618][ T9355] bridge0: port 3(erspan0) entered disabled state
[  123.806590][ T9355] erspan0: entered allmulticast mode
[  123.808873][ T9355] erspan0: entered promiscuous mode
[  123.810577][ T9355] bridge0: port 3(erspan0) entered blocking state
[  123.812342][ T9355] bridge0: port 3(erspan0) entered forwarding state
[  123.842927][   T40] audit: type=1400 audit(1744426811.233:592): avc:  granted  { setsecparam } for  pid=9356 comm="syz.2.1066" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  123.849243][   T40] audit: type=1400 audit(1744426811.243:593): avc:  granted  { setsecparam } for  pid=9356 comm="syz.2.1066" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  123.902568][ T9361] overlayfs: missing 'workdir'
[  123.935564][ T9363] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1069'.
[  124.040178][ T9371] netem: incorrect gi model size
[  124.041806][ T9371] netem: change failed
[  124.190754][ T9383] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1078'.
[  124.198072][ T9383] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  124.201185][ T9383] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  124.203765][ T9383] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  124.207823][ T9383] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  124.301627][ T9394] overlayfs: failed to resolve './file0': -2
[  124.452120][ T9417] bpf: Bad value for 'mode'
[  124.458865][ T9419] Cannot find del_set index 0 as target
[  124.482039][ T9424] FAULT_INJECTION: forcing a failure.
[  124.482039][ T9424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.485636][ T9424] CPU: 1 UID: 0 PID: 9424 Comm: syz.5.1093 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  124.485650][ T9424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.485657][ T9424] Call Trace:
[  124.485661][ T9424]  <TASK>
[  124.485664][ T9424]  dump_stack_lvl+0x16c/0x1f0
[  124.485682][ T9424]  should_fail_ex+0x512/0x640
[  124.485696][ T9424]  _copy_from_user+0x2e/0xd0
[  124.485708][ T9424]  memdup_user+0x6b/0xe0
[  124.485721][ T9424]  strndup_user+0x78/0xe0
[  124.485733][ T9424]  __x64_sys_mount+0x137/0x310
[  124.485746][ T9424]  ? __pfx___x64_sys_mount+0x10/0x10
[  124.485757][ T9424]  ? rcu_is_watching+0x12/0xc0
[  124.485773][ T9424]  do_syscall_64+0xcd/0x260
[  124.485789][ T9424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.485799][ T9424] RIP: 0033:0x7f5490f8d169
[  124.485808][ T9424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.485818][ T9424] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  124.485827][ T9424] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  124.485833][ T9424] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  124.485839][ T9424] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  124.485845][ T9424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.485851][ T9424] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  124.485863][ T9424]  </TASK>
[  124.537061][    C1] vkms_vblank_simulate: vblank timer overrun
[  124.574100][ T9434] overlayfs: failed to resolve './file0': -2
[  124.599395][   T40] audit: type=1400 audit(1744426811.993:594): avc:  denied  { write } for  pid=9438 comm="syz.2.1098" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.610656][   T40] audit: type=1400 audit(1744426812.003:595): avc:  denied  { map } for  pid=9438 comm="syz.2.1098" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  124.673423][ T9447] input: syz1 as /devices/virtual/input/input11
[  124.715644][ T9449] xt_HMARK: spi-set and port-set can't be combined
[  124.854054][ T9456] FAULT_INJECTION: forcing a failure.
[  124.854054][ T9456] name failslab, interval 1, probability 0, space 0, times 0
[  124.858976][ T9456] CPU: 2 UID: 0 PID: 9456 Comm: syz.5.1104 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  124.858999][ T9456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  124.859010][ T9456] Call Trace:
[  124.859016][ T9456]  <TASK>
[  124.859023][ T9456]  dump_stack_lvl+0x16c/0x1f0
[  124.859050][ T9456]  should_fail_ex+0x512/0x640
[  124.859067][ T9456]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  124.859095][ T9456]  should_failslab+0xc2/0x120
[  124.859114][ T9456]  __kmalloc_cache_noprof+0x6a/0x3e0
[  124.859139][ T9456]  ? copy_mount_options+0x55/0x190
[  124.859160][ T9456]  ? _copy_from_user+0x59/0xd0
[  124.859179][ T9456]  copy_mount_options+0x55/0x190
[  124.859201][ T9456]  __x64_sys_mount+0x1ac/0x310
[  124.859220][ T9456]  ? __pfx___x64_sys_mount+0x10/0x10
[  124.859247][ T9456]  do_syscall_64+0xcd/0x260
[  124.859272][ T9456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.859289][ T9456] RIP: 0033:0x7f5490f8d169
[  124.859303][ T9456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.859319][ T9456] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  124.859335][ T9456] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  124.859346][ T9456] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  124.859356][ T9456] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  124.859367][ T9456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.859377][ T9456] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  124.859400][ T9456]  </TASK>
[  125.215237][ T6057] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  125.375411][ T6057] usb 10-1: Using ep0 maxpacket: 8
[  125.384444][ T6057] usb 10-1: config 2 has an invalid interface number: 101 but max is 3
[  125.387989][ T6057] usb 10-1: config 2 has an invalid interface number: 54 but max is 3
[  125.391212][ T6057] usb 10-1: config 2 contains an unexpected descriptor of type 0x2, skipping
[  125.393651][ T6057] usb 10-1: config 2 has an invalid interface number: 237 but max is 3
[  125.396217][ T6057] usb 10-1: config 2 contains an unexpected descriptor of type 0x1, skipping
[  125.398748][ T6057] usb 10-1: config 2 has an invalid interface number: 244 but max is 3
[  125.401276][ T6057] usb 10-1: config 2 contains an unexpected descriptor of type 0x2, skipping
[  125.403748][ T6057] usb 10-1: config 2 contains an unexpected descriptor of type 0x1, skipping
[  125.406410][ T6057] usb 10-1: config 2 has no interface number 0
[  125.408162][ T6057] usb 10-1: config 2 has no interface number 1
[  125.409964][ T6057] usb 10-1: config 2 has no interface number 2
[  125.411757][ T6057] usb 10-1: config 2 has no interface number 3
[  125.413542][ T6057] usb 10-1: config 2 interface 54 altsetting 7 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  125.417450][ T6057] usb 10-1: config 2 interface 237 altsetting 4 has a duplicate endpoint with address 0xC, skipping
[  125.420576][ T6057] usb 10-1: config 2 interface 237 altsetting 4 endpoint 0xD has an invalid bInterval 57, changing to 9
[  125.423777][ T6057] usb 10-1: config 2 interface 237 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  125.426895][ T6057] usb 10-1: config 2 interface 237 altsetting 4 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  125.429826][ T6057] usb 10-1: config 2 interface 237 altsetting 4 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  125.432831][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has an endpoint descriptor with address 0xF9, changing to 0x89
[  125.436253][ T6057] usb 10-1: config 2 interface 244 altsetting 96 endpoint 0x89 has an invalid bInterval 48, changing to 7
[  125.439469][ T6057] usb 10-1: config 2 interface 244 altsetting 96 endpoint 0x89 has invalid maxpacket 49269, setting to 1024
[  125.442636][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0x8, skipping
[  125.445800][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xA, skipping
[  125.448540][ T6057] usb 10-1: config 2 interface 244 altsetting 96 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  125.451751][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xC, skipping
[  125.454557][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0x3, skipping
[  125.457998][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has an invalid descriptor for endpoint zero, skipping
[  125.460996][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xB, skipping
[  125.463987][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xE, skipping
[  125.467166][ T6057] usb 10-1: config 2 interface 244 altsetting 96 endpoint 0x6 has invalid wMaxPacketSize 0
[  125.470163][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xB, skipping
[  125.473160][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xA, skipping
[  125.476544][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has a duplicate endpoint with address 0xC, skipping
[  125.479602][ T6057] usb 10-1: config 2 interface 244 altsetting 96 has 16 endpoint descriptors, different from the interface descriptor's value: 15
[  125.483296][ T6057] usb 10-1: config 2 interface 101 has no altsetting 0
[  125.485337][ T6057] usb 10-1: config 2 interface 54 has no altsetting 0
[  125.487289][ T6057] usb 10-1: config 2 interface 237 has no altsetting 0
[  125.489177][ T6057] usb 10-1: config 2 interface 244 has no altsetting 0
[  125.492768][ T6057] usb 10-1: Dual-Role OTG device on HNP port
[  125.494738][ T6057] usb 10-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=a8.0c
[  125.497357][ T6057] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.499600][ T6057] usb 10-1: Product: syz
[  125.500802][ T6057] usb 10-1: Manufacturer: ခ
[  125.502108][ T6057] usb 10-1: SerialNumber: syz
[  125.632805][ T9484] xt_socket: unknown flags 0x8
[  125.793350][ T9493] FAULT_INJECTION: forcing a failure.
[  125.793350][ T9493] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.799158][ T9493] CPU: 3 UID: 0 PID: 9493 Comm: syz.2.1114 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  125.799173][ T9493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  125.799180][ T9493] Call Trace:
[  125.799184][ T9493]  <TASK>
[  125.799188][ T9493]  dump_stack_lvl+0x16c/0x1f0
[  125.799206][ T9493]  should_fail_ex+0x512/0x640
[  125.799220][ T9493]  _copy_from_user+0x2e/0xd0
[  125.799232][ T9493]  copy_mount_options+0x76/0x190
[  125.799247][ T9493]  __x64_sys_mount+0x1ac/0x310
[  125.799259][ T9493]  ? __pfx___x64_sys_mount+0x10/0x10
[  125.799270][ T9493]  ? rcu_is_watching+0x12/0xc0
[  125.799288][ T9493]  do_syscall_64+0xcd/0x260
[  125.799303][ T9493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.799313][ T9493] RIP: 0033:0x7fa660f8d169
[  125.799321][ T9493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.799331][ T9493] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  125.799341][ T9493] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  125.799347][ T9493] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  125.799354][ T9493] RBP: 00007fa661dba090 R08: 0000200000000480 R09: 0000000000000000
[  125.799359][ T9493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.799365][ T9493] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  125.799377][ T9493]  </TASK>
[  125.802954][ T9491] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  125.846234][ T9491] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  125.851386][ T9491] vhci_hcd vhci_hcd.0: Device attached
[  125.866436][ T9494] vhci_hcd: connection closed
[  125.867034][ T1238] vhci_hcd: stop threads
[  125.871985][ T1238] vhci_hcd: release socket
[  125.873314][ T1238] vhci_hcd: disconnect device
[  125.980893][ T9506] use of bytesused == 0 is deprecated and will be removed in the future,
[  125.983454][ T9506] use the actual size instead.
[  125.989255][ T9506] IPv6: NLM_F_CREATE should be specified when creating new route
[  126.122796][ T9511] input: syz1 as /devices/virtual/input/input12
[  126.259192][ T9513] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  126.361995][ T9521] input: syz1 as /devices/virtual/input/input13
[  126.483397][ T9529] FAULT_INJECTION: forcing a failure.
[  126.483397][ T9529] name failslab, interval 1, probability 0, space 0, times 0
[  126.487159][ T9529] CPU: 2 UID: 0 PID: 9529 Comm: syz.0.1128 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  126.487173][ T9529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  126.487180][ T9529] Call Trace:
[  126.487184][ T9529]  <TASK>
[  126.487187][ T9529]  dump_stack_lvl+0x16c/0x1f0
[  126.487204][ T9529]  should_fail_ex+0x512/0x640
[  126.487216][ T9529]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  126.487228][ T9529]  should_failslab+0xc2/0x120
[  126.487240][ T9529]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  126.487250][ T9529]  ? getname_flags.part.0+0x48/0x540
[  126.487266][ T9529]  getname_flags.part.0+0x48/0x540
[  126.487281][ T9529]  getname_flags+0x93/0xf0
[  126.487296][ T9529]  user_path_at+0x24/0x60
[  126.487306][ T9529]  __x64_sys_mount+0x1fc/0x310
[  126.487318][ T9529]  ? __pfx___x64_sys_mount+0x10/0x10
[  126.487334][ T9529]  do_syscall_64+0xcd/0x260
[  126.487349][ T9529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.487359][ T9529] RIP: 0033:0x7fdad3f8d169
[  126.487367][ T9529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.487377][ T9529] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  126.487387][ T9529] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  126.487393][ T9529] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  126.487399][ T9529] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  126.487405][ T9529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.487411][ T9529] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  126.487423][ T9529]  </TASK>
[  126.513973][ T9531] overlayfs: missing 'lowerdir'
[  126.545311][ T5982] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  126.684317][ T6057] carl9170 10-1:2.54: probe with driver carl9170 failed with error -22
[  126.690676][ T6057] carl9170 10-1:2.237: probe with driver carl9170 failed with error -22
[  126.695883][ T6057] carl9170 10-1:2.244: probe with driver carl9170 failed with error -22
[  126.705943][ T6057] usb 10-1: USB disconnect, device number 2
[  126.707857][ T5982] usb 7-1: Using ep0 maxpacket: 8
[  126.711192][ T5982] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  126.713407][ T5982] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.723316][ T5982] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.726867][ T5982] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  126.731902][ T5982] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  126.735902][ T5982] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  126.738403][ T5982] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.877184][ T6057] usb 10-1: new low-speed USB device number 3 using dummy_hcd
[  126.945910][ T5982] usb 7-1: usb_control_msg returned -32
[  126.947553][ T5982] usbtmc 7-1:16.0: can't read capabilities
[  127.037758][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.040193][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  127.042139][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.044579][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.047833][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.050835][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.053800][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.057414][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.060282][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  127.062742][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.065285][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.068394][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.071300][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.074350][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.077840][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.080208][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  127.082173][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.084612][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.087776][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.091385][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.094475][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.099404][ T6057] usb 10-1: string descriptor 0 read error: -22
[  127.101217][ T6057] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  127.103642][ T6057] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.109966][ T6057] adutux 10-1:246.0: ADU100  now attached to /dev/usb/adutux1
[  127.299384][ T9546] usbtmc 7-1:16.0: INITIATE_CLEAR returned 0
[  127.301703][ T9546] __nla_validate_parse: 7 callbacks suppressed
[  127.301712][ T9546] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1123'.
[  127.305900][ T9546] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1123'.
[  127.317156][ T6057] usb 10-1: USB disconnect, device number 3
[  127.328061][   T64] usb 7-1: USB disconnect, device number 9
[  127.418944][ T9550] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  127.421409][ T9550] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  127.423905][ T9550] vhci_hcd vhci_hcd.0: Device attached
[  127.428580][ T9552] vhci_hcd: connection closed
[  127.430136][ T1144] vhci_hcd: stop threads
[  127.433452][ T1144] vhci_hcd: release socket
[  127.435364][ T1144] vhci_hcd: disconnect device
[  127.645217][ T6221] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[  127.734820][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  127.734831][   T40] audit: type=1400 audit(1744426815.123:602): avc:  denied  { listen } for  pid=9569 comm="syz.4.1142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  127.796502][ T6221] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.798967][ T6221] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  127.801080][ T6221] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.804084][ T6221] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.808610][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.811669][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.814770][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.818932][ T6221] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.821485][ T6221] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  127.823625][ T6221] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.826840][ T6221] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.830242][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.833361][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.837791][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.841382][ T6221] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  127.843973][ T6221] usb 5-1: config 246 descriptor has 1 excess byte, ignoring
[  127.846443][ T6221] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42
[  127.849081][ T6221] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  127.852660][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  127.855813][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  127.858898][ T6221] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  127.864370][ T6221] usb 5-1: string descriptor 0 read error: -22
[  127.865227][ T9580] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  127.867129][ T6221] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  127.872046][ T6221] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.879299][ T6221] adutux 5-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  127.980107][ T9587] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1148'.
[  128.036657][   T40] audit: type=1400 audit(1744426815.433:603): avc:  denied  { setopt } for  pid=9586 comm="syz.5.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  128.043530][   T40] audit: type=1400 audit(1744426815.433:604): avc:  denied  { connect } for  pid=9586 comm="syz.5.1148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  128.062518][ T9595] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1151'.
[  128.115660][ T6057] usb 5-1: USB disconnect, device number 14
[  128.237281][ T9606] kvm: emulating exchange as write
[  128.322504][ T9606] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  128.990773][ T9630] FAULT_INJECTION: forcing a failure.
[  128.990773][ T9630] name failslab, interval 1, probability 0, space 0, times 0
[  128.994309][ T9630] CPU: 2 UID: 0 PID: 9630 Comm: syz.0.1163 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  128.994324][ T9630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  128.994331][ T9630] Call Trace:
[  128.994338][ T9630]  <TASK>
[  128.994342][ T9630]  dump_stack_lvl+0x16c/0x1f0
[  128.994369][ T9630]  should_fail_ex+0x512/0x640
[  128.994385][ T9630]  ? fs_reclaim_acquire+0xae/0x150
[  128.994402][ T9630]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  128.994419][ T9630]  should_failslab+0xc2/0x120
[  128.994432][ T9630]  __kmalloc_noprof+0xd2/0x510
[  128.994442][ T9630]  ? trace_kmalloc+0x2b/0xd0
[  128.994455][ T9630]  ? __kmalloc_noprof+0x242/0x510
[  128.994467][ T9630]  tomoyo_realpath_from_path+0xc2/0x6e0
[  128.994484][ T9630]  ? tomoyo_fill_path_info+0x233/0x420
[  128.994498][ T9630]  tomoyo_mount_acl+0x1ae/0x850
[  128.994511][ T9630]  ? kernel_text_address+0x8d/0x100
[  128.994525][ T9630]  ? __kernel_text_address+0xd/0x40
[  128.994537][ T9630]  ? unwind_get_return_address+0x59/0xa0
[  128.994552][ T9630]  ? arch_stack_walk+0xa6/0x100
[  128.994568][ T9630]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  128.994598][ T9630]  ? tomoyo_domain+0xbb/0x150
[  128.994607][ T9630]  ? tomoyo_profile+0x47/0x60
[  128.994618][ T9630]  tomoyo_mount_permission+0x16d/0x420
[  128.994632][ T9630]  ? tomoyo_mount_permission+0x14f/0x420
[  128.994647][ T9630]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  128.994670][ T9630]  security_sb_mount+0x9b/0x260
[  128.994686][ T9630]  path_mount+0x128/0x1f30
[  128.994700][ T9630]  ? kmem_cache_free+0x2d4/0x4d0
[  128.994710][ T9630]  ? __pfx_path_mount+0x10/0x10
[  128.994724][ T9630]  ? putname+0x154/0x1a0
[  128.994738][ T9630]  __x64_sys_mount+0x28d/0x310
[  128.994751][ T9630]  ? __pfx___x64_sys_mount+0x10/0x10
[  128.994767][ T9630]  do_syscall_64+0xcd/0x260
[  128.994784][ T9630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.994795][ T9630] RIP: 0033:0x7fdad3f8d169
[  128.994804][ T9630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.994815][ T9630] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  128.994825][ T9630] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  128.994832][ T9630] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  128.994838][ T9630] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  128.994844][ T9630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.994850][ T9630] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  128.994864][ T9630]  </TASK>
[  128.994868][ T9630] ERROR: Out of memory at tomoyo_realpath_from_path.
[  128.995564][ T9631] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1164'.
[  129.089124][ T9638] dlm: no locking on control device
[  129.095251][   T40] audit: type=1400 audit(1744426816.483:605): avc:  denied  { ioctl } for  pid=9637 comm="syz.0.1166" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  129.182444][ T9642] kvm: pic: non byte read
[  129.184874][ T9642] kvm: pic: level sensitive irq not supported
[  129.185463][ T9642] kvm: pic: non byte read
[  129.189648][ T9642] kvm: pic: level sensitive irq not supported
[  129.189949][ T9642] kvm: pic: non byte read
[  129.194459][ T9642] kvm: pic: level sensitive irq not supported
[  129.194692][ T9642] kvm: pic: non byte read
[  129.201389][ T9642] kvm: pic: level sensitive irq not supported
[  129.201618][ T9642] kvm: pic: non byte read
[  129.207036][ T9642] kvm: pic: level sensitive irq not supported
[  129.207349][ T9642] kvm: pic: non byte read
[  129.211731][ T9642] kvm: pic: level sensitive irq not supported
[  129.211960][ T9642] kvm: pic: non byte read
[  129.216791][ T9642] kvm: pic: level sensitive irq not supported
[  129.217018][ T9642] kvm: pic: non byte read
[  129.221597][ T9642] kvm: pic: level sensitive irq not supported
[  129.221897][ T9642] kvm: pic: non byte read
[  129.243255][ T9658] input: syz1 as /devices/virtual/input/input15
[  129.437648][ T9666] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1173'.
[  129.446330][ T9666] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  129.448846][ T9666] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  129.453315][ T5955] Bluetooth: hci1: unknown advertising packet type: 0x66
[  129.512640][ T9676] capability: warning: `syz.0.1180' uses 32-bit capabilities (legacy support in use)
[  129.632542][ T9692] input: syz1 as /devices/virtual/input/input16
[  129.652452][   T40] audit: type=1400 audit(1744426817.043:606): avc:  denied  { mount } for  pid=9689 comm="syz.0.1183" name="/" dev="rpc_pipefs" ino=32213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  129.659640][   T40] audit: type=1400 audit(1744426817.053:607): avc:  denied  { unmount } for  pid=9689 comm="syz.0.1183" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  129.769969][ T9702] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1186'.
[  129.782557][   T40] audit: type=1400 audit(1744426817.173:608): avc:  denied  { write } for  pid=9701 comm="syz.4.1186" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  129.808271][   T40] audit: type=1400 audit(1744426817.203:609): avc:  denied  { read } for  pid=9699 comm="syz.5.1184" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  129.815027][   T40] audit: type=1400 audit(1744426817.203:610): avc:  denied  { open } for  pid=9699 comm="syz.5.1184" path="/dev/loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  129.822014][   T40] audit: type=1400 audit(1744426817.203:611): avc:  denied  { ioctl } for  pid=9699 comm="syz.5.1184" path="/dev/loop-control" dev="devtmpfs" ino=657 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  129.867713][ T9707] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1188'.
[  129.868732][ T9700] misc userio: Begin command sent, but we're already running
[  130.289004][ T9736] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  130.397342][ T9738] fuse: Unknown parameter 'fl'
[  130.518266][ T9746] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  130.643218][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1204'.
[  130.647935][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1204'.
[  130.730460][ T9766] netlink: 'syz.2.1206': attribute type 1 has an invalid length.
[  131.014085][ T9773] erspan0: entered promiscuous mode
[  131.016683][ T9773] gretap0: entered promiscuous mode
[  131.107542][ T9786] FAULT_INJECTION: forcing a failure.
[  131.107542][ T9786] name failslab, interval 1, probability 0, space 0, times 0
[  131.111296][ T9786] CPU: 2 UID: 0 PID: 9786 Comm: syz.4.1215 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  131.111316][ T9786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.111326][ T9786] Call Trace:
[  131.111332][ T9786]  <TASK>
[  131.111351][ T9786]  dump_stack_lvl+0x16c/0x1f0
[  131.111376][ T9786]  should_fail_ex+0x512/0x640
[  131.111393][ T9786]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  131.111419][ T9786]  should_failslab+0xc2/0x120
[  131.111436][ T9786]  __kmalloc_cache_noprof+0x6a/0x3e0
[  131.111460][ T9786]  ? alloc_fs_context+0x57/0x9c0
[  131.111480][ T9786]  alloc_fs_context+0x57/0x9c0
[  131.111500][ T9786]  path_mount+0xb06/0x1f30
[  131.111519][ T9786]  ? kmem_cache_free+0x2d4/0x4d0
[  131.111533][ T9786]  ? __pfx_path_mount+0x10/0x10
[  131.111553][ T9786]  ? putname+0x154/0x1a0
[  131.111574][ T9786]  __x64_sys_mount+0x28d/0x310
[  131.111592][ T9786]  ? __pfx___x64_sys_mount+0x10/0x10
[  131.111608][ T9786]  ? rcu_is_watching+0x12/0xc0
[  131.111633][ T9786]  do_syscall_64+0xcd/0x260
[  131.111655][ T9786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.111671][ T9786] RIP: 0033:0x7f687698d169
[  131.111683][ T9786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.111698][ T9786] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  131.111713][ T9786] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  131.111722][ T9786] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  131.111731][ T9786] RBP: 00007f68747f6090 R08: 0000200000000480 R09: 0000000000000000
[  131.111741][ T9786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.111750][ T9786] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  131.111770][ T9786]  </TASK>
[  131.207488][ T9788] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  131.323408][ T9799] input: syz1 as /devices/virtual/input/input17
[  131.415232][ T6057] hid-generic 0005:10CF:5703.0003: unknown main item tag 0x0
[  131.417416][ T6057] hid-generic 0005:10CF:5703.0003: unknown main item tag 0x2
[  131.419576][ T6057] hid-generic 0005:10CF:5703.0003: unknown main item tag 0x1
[  131.420250][ T9811] FAULT_INJECTION: forcing a failure.
[  131.420250][ T9811] name failslab, interval 1, probability 0, space 0, times 0
[  131.421587][ T6057] hid-generic 0005:10CF:5703.0003: reserved main item tag 0xd
[  131.426769][ T9811] CPU: 1 UID: 0 PID: 9811 Comm: syz.0.1224 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  131.426785][ T9811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.426792][ T9811] Call Trace:
[  131.426796][ T9811]  <TASK>
[  131.426799][ T9811]  dump_stack_lvl+0x16c/0x1f0
[  131.426822][ T9811]  should_fail_ex+0x512/0x640
[  131.426834][ T9811]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  131.426851][ T9811]  should_failslab+0xc2/0x120
[  131.426863][ T9811]  __kmalloc_cache_noprof+0x6a/0x3e0
[  131.426879][ T9811]  ? ovl_init_fs_context+0x52/0x5d0
[  131.426892][ T9811]  ovl_init_fs_context+0x52/0x5d0
[  131.426901][ T9811]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  131.426911][ T9811]  alloc_fs_context+0x54a/0x9c0
[  131.426926][ T9811]  path_mount+0xb06/0x1f30
[  131.426938][ T9811]  ? kmem_cache_free+0x2d4/0x4d0
[  131.426948][ T9811]  ? __pfx_path_mount+0x10/0x10
[  131.426961][ T9811]  ? putname+0x154/0x1a0
[  131.426974][ T9811]  __x64_sys_mount+0x28d/0x310
[  131.426986][ T9811]  ? __pfx___x64_sys_mount+0x10/0x10
[  131.427001][ T9811]  do_syscall_64+0xcd/0x260
[  131.427016][ T9811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.427027][ T9811] RIP: 0033:0x7fdad3f8d169
[  131.427036][ T9811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.427046][ T9811] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  131.427055][ T9811] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  131.427062][ T9811] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  131.427068][ T9811] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  131.427073][ T9811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.427079][ T9811] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  131.427091][ T9811]  </TASK>
[  131.480174][ T6057] hid-generic 0005:10CF:5703.0003: item fetching failed at offset 27/153
[  131.482826][ T6057] hid-generic 0005:10CF:5703.0003: probe with driver hid-generic failed with error -22
[  131.529860][ T9814] dlm: non-version read from control device 0
[  131.574884][ T9823] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  131.647773][ T9827] netlink: 'syz.4.1230': attribute type 3 has an invalid length.
[  131.649963][ T9827] netlink: 'syz.4.1230': attribute type 1 has an invalid length.
[  131.730290][ T9836] FAULT_INJECTION: forcing a failure.
[  131.730290][ T9836] name failslab, interval 1, probability 0, space 0, times 0
[  131.734192][ T9836] CPU: 1 UID: 0 PID: 9836 Comm: syz.0.1233 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  131.734214][ T9836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  131.734224][ T9836] Call Trace:
[  131.734230][ T9836]  <TASK>
[  131.734236][ T9836]  dump_stack_lvl+0x16c/0x1f0
[  131.734281][ T9836]  should_fail_ex+0x512/0x640
[  131.734299][ T9836]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  131.734327][ T9836]  should_failslab+0xc2/0x120
[  131.734346][ T9836]  __kmalloc_cache_noprof+0x6a/0x3e0
[  131.734372][ T9836]  ? ovl_init_fs_context+0x96/0x5d0
[  131.734388][ T9836]  ? kasan_save_track+0x14/0x30
[  131.734408][ T9836]  ovl_init_fs_context+0x96/0x5d0
[  131.734424][ T9836]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  131.734441][ T9836]  alloc_fs_context+0x54a/0x9c0
[  131.734464][ T9836]  path_mount+0xb06/0x1f30
[  131.734485][ T9836]  ? kmem_cache_free+0x2d4/0x4d0
[  131.734500][ T9836]  ? __pfx_path_mount+0x10/0x10
[  131.734522][ T9836]  ? putname+0x154/0x1a0
[  131.734543][ T9836]  __x64_sys_mount+0x28d/0x310
[  131.734563][ T9836]  ? __pfx___x64_sys_mount+0x10/0x10
[  131.734588][ T9836]  do_syscall_64+0xcd/0x260
[  131.734613][ T9836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.734630][ T9836] RIP: 0033:0x7fdad3f8d169
[  131.734643][ T9836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.734658][ T9836] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  131.734673][ T9836] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  131.734684][ T9836] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  131.734694][ T9836] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  131.734703][ T9836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  131.734713][ T9836] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  131.734736][ T9836]  </TASK>
[  131.800289][    C1] vkms_vblank_simulate: vblank timer overrun
[  131.927685][ T9860] macvlan1: entered promiscuous mode
[  131.930386][ T9860] tmpfs: Bad value for 'mpol'
[  131.932341][ T9860] fuse: blksize only supported for fuseblk
[  131.959572][ T9866] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  132.106010][ T9872] FAULT_INJECTION: forcing a failure.
[  132.106010][ T9872] name failslab, interval 1, probability 0, space 0, times 0
[  132.109585][ T9872] CPU: 3 UID: 0 PID: 9872 Comm: syz.2.1245 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  132.109613][ T9872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  132.109623][ T9872] Call Trace:
[  132.109628][ T9872]  <TASK>
[  132.109635][ T9872]  dump_stack_lvl+0x16c/0x1f0
[  132.109661][ T9872]  should_fail_ex+0x512/0x640
[  132.109678][ T9872]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  132.109705][ T9872]  should_failslab+0xc2/0x120
[  132.109723][ T9872]  __kmalloc_cache_noprof+0x6a/0x3e0
[  132.109748][ T9872]  ? ovl_init_fs_context+0x11f/0x5d0
[  132.109764][ T9872]  ? kasan_save_track+0x14/0x30
[  132.109781][ T9872]  ovl_init_fs_context+0x11f/0x5d0
[  132.109797][ T9872]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  132.109814][ T9872]  alloc_fs_context+0x54a/0x9c0
[  132.109836][ T9872]  path_mount+0xb06/0x1f30
[  132.109855][ T9872]  ? kmem_cache_free+0x2d4/0x4d0
[  132.109870][ T9872]  ? __pfx_path_mount+0x10/0x10
[  132.109892][ T9872]  ? putname+0x154/0x1a0
[  132.109914][ T9872]  __x64_sys_mount+0x28d/0x310
[  132.109933][ T9872]  ? __pfx___x64_sys_mount+0x10/0x10
[  132.109960][ T9872]  do_syscall_64+0xcd/0x260
[  132.109984][ T9872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.110000][ T9872] RIP: 0033:0x7fa660f8d169
[  132.110013][ T9872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.110028][ T9872] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  132.110043][ T9872] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  132.110050][ T9872] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  132.110056][ T9872] RBP: 00007fa661dba090 R08: 0000200000000480 R09: 0000000000000000
[  132.110062][ T9872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  132.110068][ T9872] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  132.110081][ T9872]  </TASK>
[  132.291485][ T9893] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1549 sclass=netlink_tcpdiag_socket pid=9893 comm=syz.0.1252
[  132.292344][ T9891] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  132.326753][ T9893] netlink: 'syz.0.1252': attribute type 1 has an invalid length.
[  132.329843][ T9893] netlink: 'syz.0.1252': attribute type 1 has an invalid length.
[  132.332938][ T9893] __nla_validate_parse: 5 callbacks suppressed
[  132.332950][ T9893] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1252'.
[  132.467257][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  132.469568][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  132.641082][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880365e8c00: rx timeout, send abort
[  132.720015][ T9923] tmpfs: Invalid gid '0x00000000ffffffff'
[  132.751523][ T9926] overlayfs: failed to resolve './file1': -2
[  132.807948][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  132.807964][   T40] audit: type=1400 audit(1744426820.203:624): avc:  denied  { getopt } for  pid=9936 comm="syz.4.1266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  133.144335][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880365e8c00: abort rx timeout. Force session deactivation
[  133.245270][   T64] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  133.272345][ T9960] program syz.5.1273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  133.298483][ T9962] mmap: syz.5.1274 (9962): VmData 37859328 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  133.375484][   T64] usb 7-1: device descriptor read/64, error -71
[  133.518323][ T9977] ptrace attach of "/syz-executor exec"[9978] was attempted by "/syz-executor exec"[9977]
[  133.556193][ T9981] SELinux:  policydb magic number 0xb65 does not match expected magic number 0xf97cff8c
[  133.560469][ T9981] SELinux: failed to load policy
[  133.562673][ T9980] SELinux:  policydb magic number 0xb65 does not match expected magic number 0xf97cff8c
[  133.565531][ T9980] SELinux: failed to load policy
[  133.615295][   T64] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  133.748211][   T64] usb 7-1: device descriptor read/64, error -71
[  133.855530][   T64] usb usb7-port1: attempt power cycle
[  134.035279][   T34] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  134.196833][   T34] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  134.200446][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  134.204332][    C3] vcan0: j1939_tp_rxtimer: 0xffff888050e92000: rx timeout, send abort
[  134.204452][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff888050e92000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  134.214932][   T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  134.215253][   T64] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  134.218650][   T34] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.224159][   T34] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.226830][   T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.230297][   T34] usb 10-1: config 0 descriptor??
[  134.235238][ T9994] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  134.235603][   T64] usb 7-1: device descriptor read/8, error -71
[  134.242855][   T40] audit: type=1326 audit(1744426821.633:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9998 comm="syz.4.1285" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f687698d169 code=0x0
[  134.374986][   T40] audit: type=1400 audit(1744426821.763:626): avc:  denied  { getopt } for  pid=10007 comm="syz.0.1288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  134.427223][   T40] audit: type=1400 audit(1744426821.823:627): avc:  denied  { write } for  pid=10007 comm="syz.0.1288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  134.430734][T10011] overlay: Unknown parameter 'subj_role'
[  134.487180][   T64] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[  134.515998][   T64] usb 7-1: device descriptor read/8, error -71
[  134.625512][   T64] usb usb7-port1: unable to enumerate USB device
[  134.644883][   T34] plantronics 0003:047F:FFFF.0004: reserved main item tag 0xd
[  134.649105][   T34] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  134.658846][   T34] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  134.908523][ T6057] usb 10-1: USB disconnect, device number 4
[  135.239371][   T40] audit: type=1400 audit(1744426822.633:628): avc:  denied  { append } for  pid=10016 comm="syz.0.1290" name="file0" dev="9p" ino=36831320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.247694][   T40] audit: type=1400 audit(1744426822.633:629): avc:  denied  { open } for  pid=10016 comm="syz.0.1290" path="/356/file0/file0" dev="9p" ino=36831320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.257464][   T40] audit: type=1400 audit(1744426822.653:630): avc:  denied  { read } for  pid=10016 comm="syz.0.1290" name="file0" dev="9p" ino=36831320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  135.265364][   T40] audit: type=1804 audit(1744426822.653:631): pid=10017 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1290" name="/newroot/356/file0/file0" dev="9p" ino=36831320 res=1 errno=0
[  135.278635][T10017] input: syz0 as /devices/virtual/input/input19
[  135.450587][T10027] tipc: Enabled bearer <udp:s>, priority 10
[  135.547976][T10038] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1297'.
[  135.551138][T10038] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1297'.
[  135.556846][T10038] tmpfs: Unknown parameter 'm'
[  135.558239][   T40] audit: type=1400 audit(1744426822.953:632): avc:  denied  { mounton } for  pid=10037 comm="syz.5.1297" path="/89/file0" dev="hugetlbfs" ino=33820 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=dir permissive=1
[  135.699334][T10046] input: syz1 as /devices/virtual/input/input20
[  135.982009][T10058] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1303'.
[  136.008961][   T40] audit: type=1400 audit(1744426823.403:633): avc:  denied  { getopt } for  pid=10057 comm="syz.5.1303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  136.219968][T10067] FAULT_INJECTION: forcing a failure.
[  136.219968][T10067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  136.223700][T10067] CPU: 1 UID: 0 PID: 10067 Comm: syz.2.1305 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  136.223714][T10067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.223721][T10067] Call Trace:
[  136.223725][T10067]  <TASK>
[  136.223729][T10067]  dump_stack_lvl+0x16c/0x1f0
[  136.223746][T10067]  should_fail_ex+0x512/0x640
[  136.223760][T10067]  _copy_from_iter+0x2a4/0x15b0
[  136.223777][T10067]  ? __alloc_skb+0x200/0x380
[  136.223790][T10067]  ? __pfx__copy_from_iter+0x10/0x10
[  136.223803][T10067]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  136.223821][T10067]  netlink_sendmsg+0x829/0xdd0
[  136.223838][T10067]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.223856][T10067]  ____sys_sendmsg+0xa95/0xc70
[  136.223872][T10067]  ? copy_msghdr_from_user+0x10a/0x160
[  136.223884][T10067]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.223906][T10067]  ___sys_sendmsg+0x134/0x1d0
[  136.223919][T10067]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.223946][T10067]  __sys_sendmsg+0x16d/0x220
[  136.223959][T10067]  ? __pfx___sys_sendmsg+0x10/0x10
[  136.223975][T10067]  ? rcu_is_watching+0x12/0xc0
[  136.223991][T10067]  do_syscall_64+0xcd/0x260
[  136.224007][T10067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.224017][T10067] RIP: 0033:0x7fa660f8d169
[  136.224026][T10067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.224036][T10067] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.224046][T10067] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  136.224052][T10067] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000006
[  136.224058][T10067] RBP: 00007fa661dba090 R08: 0000000000000000 R09: 0000000000000000
[  136.224064][T10067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.224069][T10067] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  136.224082][T10067]  </TASK>
[  136.286395][    C1] vkms_vblank_simulate: vblank timer overrun
[  136.337972][T10085] FAULT_INJECTION: forcing a failure.
[  136.337972][T10085] name failslab, interval 1, probability 0, space 0, times 0
[  136.341485][T10085] CPU: 3 UID: 0 PID: 10085 Comm: syz.0.1309 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  136.341499][T10085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.341506][T10085] Call Trace:
[  136.341510][T10085]  <TASK>
[  136.341514][T10085]  dump_stack_lvl+0x16c/0x1f0
[  136.341531][T10085]  should_fail_ex+0x512/0x640
[  136.341542][T10085]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  136.341556][T10085]  should_failslab+0xc2/0x120
[  136.341572][T10085]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  136.341583][T10085]  ? rcu_watching_snap_stopped_since+0xe1/0x110
[  136.341598][T10085]  ? ovl_parse_param+0x6f0/0x1570
[  136.341609][T10085]  kstrdup+0x53/0x100
[  136.341622][T10085]  ovl_parse_param+0x6f0/0x1570
[  136.341633][T10085]  ? __pfx_ovl_parse_param+0x10/0x10
[  136.341643][T10085]  ? trace_kmalloc+0x2b/0xd0
[  136.341655][T10085]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  136.341674][T10085]  ? static_key_count+0x5a/0x70
[  136.341687][T10085]  ? __pfx_ovl_parse_param+0x10/0x10
[  136.341697][T10085]  vfs_parse_fs_param+0x208/0x3c0
[  136.341709][T10085]  vfs_parse_fs_string+0xe9/0x150
[  136.341720][T10085]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  136.341735][T10085]  ? ovl_next_opt+0x143/0x1c0
[  136.341751][T10085]  ? __pfx_ovl_next_opt+0x10/0x10
[  136.341766][T10085]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  136.341778][T10085]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  136.341790][T10085]  ? alloc_fs_context+0x59b/0x9c0
[  136.341803][T10085]  path_mount+0x148d/0x1f30
[  136.341816][T10085]  ? kmem_cache_free+0x2d4/0x4d0
[  136.341826][T10085]  ? __pfx_path_mount+0x10/0x10
[  136.341839][T10085]  ? putname+0x154/0x1a0
[  136.341853][T10085]  __x64_sys_mount+0x28d/0x310
[  136.341865][T10085]  ? __pfx___x64_sys_mount+0x10/0x10
[  136.341876][T10085]  ? rcu_is_watching+0x12/0xc0
[  136.341891][T10085]  do_syscall_64+0xcd/0x260
[  136.341907][T10085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.341918][T10085] RIP: 0033:0x7fdad3f8d169
[  136.341926][T10085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.341937][T10085] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  136.341947][T10085] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  136.341953][T10085] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  136.341959][T10085] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  136.341965][T10085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  136.341971][T10085] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  136.341984][T10085]  </TASK>
[  136.378297][T10088] input: syz1 as /devices/virtual/input/input22
[  136.768881][T10113] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  136.780480][T10108] FAULT_INJECTION: forcing a failure.
[  136.780480][T10108] name failslab, interval 1, probability 0, space 0, times 0
[  136.784104][T10108] CPU: 0 UID: 0 PID: 10108 Comm: syz.4.1318 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  136.784118][T10108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  136.784125][T10108] Call Trace:
[  136.784129][T10108]  <TASK>
[  136.784133][T10108]  dump_stack_lvl+0x16c/0x1f0
[  136.784151][T10108]  should_fail_ex+0x512/0x640
[  136.784165][T10108]  should_failslab+0xc2/0x120
[  136.784177][T10108]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  136.784188][T10108]  ? skb_clone+0x190/0x3f0
[  136.784203][T10108]  skb_clone+0x190/0x3f0
[  136.784216][T10108]  netlink_deliver_tap+0xabd/0xd30
[  136.784233][T10108]  netlink_unicast+0x5df/0x7f0
[  136.784249][T10108]  ? __pfx_netlink_unicast+0x10/0x10
[  136.784267][T10108]  netlink_sendmsg+0x8d1/0xdd0
[  136.784283][T10108]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.784302][T10108]  ____sys_sendmsg+0xa95/0xc70
[  136.784319][T10108]  ? copy_msghdr_from_user+0x10a/0x160
[  136.784331][T10108]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.784353][T10108]  ___sys_sendmsg+0x134/0x1d0
[  136.784366][T10108]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.784394][T10108]  __sys_sendmsg+0x16d/0x220
[  136.784407][T10108]  ? __pfx___sys_sendmsg+0x10/0x10
[  136.784423][T10108]  ? rcu_is_watching+0x12/0xc0
[  136.784441][T10108]  do_syscall_64+0xcd/0x260
[  136.784456][T10108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.784466][T10108] RIP: 0033:0x7f687698d169
[  136.784475][T10108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.784485][T10108] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.784495][T10108] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  136.784502][T10108] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000006
[  136.784508][T10108] RBP: 00007f68747f6090 R08: 0000000000000000 R09: 0000000000000000
[  136.784513][T10108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.784519][T10108] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  136.784532][T10108]  </TASK>
[  136.893148][T10119] tc_dump_action: action bad kind
[  136.911184][T10118] netlink: 'syz.4.1320': attribute type 2 has an invalid length.
[  136.914211][T10118] netlink: 'syz.4.1320': attribute type 1 has an invalid length.
[  136.917092][T10118] netlink: 'syz.4.1320': attribute type 1 has an invalid length.
[  136.975178][T10124] input: syz1 as /devices/virtual/input/input23
[  137.061204][T10126] FAULT_INJECTION: forcing a failure.
[  137.061204][T10126] name failslab, interval 1, probability 0, space 0, times 0
[  137.065485][T10126] CPU: 1 UID: 0 PID: 10126 Comm: syz.4.1322 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  137.065506][T10126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.065517][T10126] Call Trace:
[  137.065522][T10126]  <TASK>
[  137.065528][T10126]  dump_stack_lvl+0x16c/0x1f0
[  137.065553][T10126]  should_fail_ex+0x512/0x640
[  137.065568][T10126]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  137.065591][T10126]  should_failslab+0xc2/0x120
[  137.065608][T10126]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  137.065627][T10126]  ? ovl_mount_dir+0x26/0x1f0
[  137.065654][T10126]  kstrdup+0x53/0x100
[  137.065674][T10126]  ovl_mount_dir+0x26/0x1f0
[  137.065699][T10126]  ovl_parse_param+0xdaf/0x1570
[  137.065719][T10126]  ? __pfx_ovl_parse_param+0x10/0x10
[  137.065735][T10126]  ? trace_kmalloc+0x2b/0xd0
[  137.065753][T10126]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  137.065774][T10126]  ? static_key_count+0x5a/0x70
[  137.065789][T10126]  ? __pfx_ovl_parse_param+0x10/0x10
[  137.065805][T10126]  vfs_parse_fs_param+0x208/0x3c0
[  137.065831][T10126]  vfs_parse_fs_string+0xe9/0x150
[  137.065849][T10126]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  137.065874][T10126]  ? ovl_next_opt+0x143/0x1c0
[  137.065898][T10126]  ? __pfx_ovl_next_opt+0x10/0x10
[  137.065920][T10126]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  137.065939][T10126]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  137.065959][T10126]  ? alloc_fs_context+0x59b/0x9c0
[  137.065979][T10126]  path_mount+0x148d/0x1f30
[  137.066000][T10126]  ? kmem_cache_free+0x2d4/0x4d0
[  137.066014][T10126]  ? __pfx_path_mount+0x10/0x10
[  137.066034][T10126]  ? putname+0x154/0x1a0
[  137.066055][T10126]  __x64_sys_mount+0x28d/0x310
[  137.066072][T10126]  ? __pfx___x64_sys_mount+0x10/0x10
[  137.066090][T10126]  ? rcu_is_watching+0x12/0xc0
[  137.066117][T10126]  do_syscall_64+0xcd/0x260
[  137.066141][T10126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.066157][T10126] RIP: 0033:0x7f687698d169
[  137.066171][T10126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.066187][T10126] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  137.066227][T10126] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  137.066238][T10126] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  137.066248][T10126] RBP: 00007f68747f6090 R08: 0000200000000480 R09: 0000000000000000
[  137.066258][T10126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  137.066269][T10126] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  137.066291][T10126]  </TASK>
[  137.156803][    C1] vkms_vblank_simulate: vblank timer overrun
[  137.366567][T10141] overlayfs: conflicting options: userxattr,metacopy=on
[  137.473255][T10150] kvm: pic: non byte write
[  137.640049][T10153] FAULT_INJECTION: forcing a failure.
[  137.640049][T10153] name failslab, interval 1, probability 0, space 0, times 0
[  137.643513][T10153] CPU: 2 UID: 0 PID: 10153 Comm: syz.4.1329 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  137.643527][T10153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  137.643534][T10153] Call Trace:
[  137.643538][T10153]  <TASK>
[  137.643542][T10153]  dump_stack_lvl+0x16c/0x1f0
[  137.643570][T10153]  should_fail_ex+0x512/0x640
[  137.643585][T10153]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  137.643601][T10153]  should_failslab+0xc2/0x120
[  137.643613][T10153]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  137.643623][T10153]  ? __alloc_skb+0x2b2/0x380
[  137.643638][T10153]  __alloc_skb+0x2b2/0x380
[  137.643648][T10153]  ? __pfx___alloc_skb+0x10/0x10
[  137.643659][T10153]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  137.643674][T10153]  netlink_ack+0x15d/0xb80
[  137.643693][T10153]  netlink_rcv_skb+0x347/0x440
[  137.643706][T10153]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  137.643721][T10153]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  137.643742][T10153]  ? netlink_deliver_tap+0x1ae/0xd30
[  137.643758][T10153]  netlink_unicast+0x53a/0x7f0
[  137.643773][T10153]  ? __pfx_netlink_unicast+0x10/0x10
[  137.643791][T10153]  netlink_sendmsg+0x8d1/0xdd0
[  137.643807][T10153]  ? __pfx_netlink_sendmsg+0x10/0x10
[  137.643826][T10153]  ____sys_sendmsg+0xa95/0xc70
[  137.643841][T10153]  ? copy_msghdr_from_user+0x10a/0x160
[  137.643854][T10153]  ? __pfx_____sys_sendmsg+0x10/0x10
[  137.643875][T10153]  ___sys_sendmsg+0x134/0x1d0
[  137.643888][T10153]  ? __pfx____sys_sendmsg+0x10/0x10
[  137.643915][T10153]  __sys_sendmsg+0x16d/0x220
[  137.643928][T10153]  ? __pfx___sys_sendmsg+0x10/0x10
[  137.643944][T10153]  ? rcu_is_watching+0x12/0xc0
[  137.643961][T10153]  do_syscall_64+0xcd/0x260
[  137.643976][T10153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  137.643987][T10153] RIP: 0033:0x7f687698d169
[  137.643995][T10153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.644004][T10153] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  137.644014][T10153] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  137.644020][T10153] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000006
[  137.644026][T10153] RBP: 00007f68747f6090 R08: 0000000000000000 R09: 0000000000000000
[  137.644032][T10153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  137.644038][T10153] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  137.644050][T10153]  </TASK>
[  137.792234][T10163] input: syz1 as /devices/virtual/input/input25
[  137.811057][T10161] 9pnet_fd: Insufficient options for proto=fd
[  138.074436][T10171] FAULT_INJECTION: forcing a failure.
[  138.074436][T10171] name failslab, interval 1, probability 0, space 0, times 0
[  138.081193][T10171] CPU: 0 UID: 0 PID: 10171 Comm: syz.4.1333 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  138.081209][T10171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  138.081216][T10171] Call Trace:
[  138.081219][T10171]  <TASK>
[  138.081223][T10171]  dump_stack_lvl+0x16c/0x1f0
[  138.081241][T10171]  should_fail_ex+0x512/0x640
[  138.081252][T10171]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  138.081265][T10171]  should_failslab+0xc2/0x120
[  138.081277][T10171]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  138.081287][T10171]  ? trace_kmalloc+0x2b/0xd0
[  138.081299][T10171]  ? getname_kernel+0x52/0x370
[  138.081313][T10171]  getname_kernel+0x52/0x370
[  138.081325][T10171]  kern_path+0x1d/0x50
[  138.081334][T10171]  ovl_mount_dir+0x13e/0x1f0
[  138.081352][T10171]  ovl_parse_param+0xdaf/0x1570
[  138.081364][T10171]  ? __pfx_ovl_parse_param+0x10/0x10
[  138.081373][T10171]  ? trace_kmalloc+0x2b/0xd0
[  138.081384][T10171]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  138.081397][T10171]  ? static_key_count+0x5a/0x70
[  138.081406][T10171]  ? __pfx_ovl_parse_param+0x10/0x10
[  138.081416][T10171]  vfs_parse_fs_param+0x208/0x3c0
[  138.081427][T10171]  vfs_parse_fs_string+0xe9/0x150
[  138.081438][T10171]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  138.081452][T10171]  ? ovl_next_opt+0x143/0x1c0
[  138.081468][T10171]  ? __pfx_ovl_next_opt+0x10/0x10
[  138.081483][T10171]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  138.081494][T10171]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  138.081506][T10171]  ? alloc_fs_context+0x59b/0x9c0
[  138.081519][T10171]  path_mount+0x148d/0x1f30
[  138.081531][T10171]  ? kmem_cache_free+0x2d4/0x4d0
[  138.081540][T10171]  ? __pfx_path_mount+0x10/0x10
[  138.081553][T10171]  ? putname+0x154/0x1a0
[  138.081566][T10171]  __x64_sys_mount+0x28d/0x310
[  138.081578][T10171]  ? __pfx___x64_sys_mount+0x10/0x10
[  138.081588][T10171]  ? rcu_is_watching+0x12/0xc0
[  138.081605][T10171]  do_syscall_64+0xcd/0x260
[  138.081620][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.081630][T10171] RIP: 0033:0x7f687698d169
[  138.081639][T10171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.081648][T10171] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  138.081658][T10171] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  138.081665][T10171] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  138.081670][T10171] RBP: 00007f68747f6090 R08: 0000200000000480 R09: 0000000000000000
[  138.081676][T10171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  138.081682][T10171] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  138.081694][T10171]  </TASK>
[  138.081698][T10171] overlayfs: failed to resolve './file0': -12
[  138.284770][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  138.284779][   T40] audit: type=1400 audit(1744426825.673:637): avc:  denied  { shutdown } for  pid=10192 comm="syz.2.1340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  138.378528][   T40] audit: type=1400 audit(1744426825.773:638): avc:  denied  { create } for  pid=10196 comm="syz.2.1342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  138.384323][T10201] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1341'.
[  138.421475][T10201] vlan2: entered promiscuous mode
[  138.422999][T10201] syz_tun: entered promiscuous mode
[  138.435314][ T6057] usb 10-1: new low-speed USB device number 5 using dummy_hcd
[  138.435593][ T1020] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  138.522314][T10205] xt_hashlimit: size too large, truncated to 1048576
[  138.599243][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  138.602744][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  138.605580][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  138.608982][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  138.613268][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  138.620043][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  138.623772][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  138.628810][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  138.631254][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  138.633359][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  138.636037][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  138.639200][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  138.642136][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  138.645255][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  138.648853][ T6057] usb 10-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  138.651318][ T6057] usb 10-1: config 246 descriptor has 1 excess byte, ignoring
[  138.653690][ T6057] usb 10-1: config 246 has 1 interface, different from the descriptor's value: 42
[  138.656372][ T6057] usb 10-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  138.659605][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  138.662573][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  138.666401][ T6057] usb 10-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  138.671283][ T6057] usb 10-1: string descriptor 0 read error: -22
[  138.673573][ T6057] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  138.676335][ T6057] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.682749][ T6057] adutux 10-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  138.885729][ T6057] usb 10-1: USB disconnect, device number 5
[  139.162369][T10213] FAULT_INJECTION: forcing a failure.
[  139.162369][T10213] name failslab, interval 1, probability 0, space 0, times 0
[  139.166708][T10213] CPU: 2 UID: 0 PID: 10213 Comm: syz.4.1347 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  139.166732][T10213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.166742][T10213] Call Trace:
[  139.166748][T10213]  <TASK>
[  139.166755][T10213]  dump_stack_lvl+0x16c/0x1f0
[  139.166782][T10213]  should_fail_ex+0x512/0x640
[  139.166799][T10213]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  139.166828][T10213]  should_failslab+0xc2/0x120
[  139.166848][T10213]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  139.166867][T10213]  ? kasan_quarantine_put+0x10a/0x240
[  139.166882][T10213]  ? lockdep_hardirqs_on+0x7c/0x110
[  139.166903][T10213]  ? ovl_do_parse_layer+0x2f/0x10f0
[  139.166936][T10213]  kstrdup+0x53/0x100
[  139.166957][T10213]  ovl_do_parse_layer+0x2f/0x10f0
[  139.166985][T10213]  ? ovl_mount_dir+0x15f/0x1f0
[  139.167014][T10213]  ovl_parse_param+0xdd9/0x1570
[  139.167035][T10213]  ? __pfx_ovl_parse_param+0x10/0x10
[  139.167051][T10213]  ? trace_kmalloc+0x2b/0xd0
[  139.167069][T10213]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  139.167089][T10213]  ? static_key_count+0x5a/0x70
[  139.167103][T10213]  ? __pfx_ovl_parse_param+0x10/0x10
[  139.167119][T10213]  vfs_parse_fs_param+0x208/0x3c0
[  139.167139][T10213]  vfs_parse_fs_string+0xe9/0x150
[  139.167156][T10213]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  139.167181][T10213]  ? ovl_next_opt+0x143/0x1c0
[  139.167205][T10213]  ? __pfx_ovl_next_opt+0x10/0x10
[  139.167228][T10213]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  139.167246][T10213]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  139.167266][T10213]  ? alloc_fs_context+0x59b/0x9c0
[  139.167288][T10213]  path_mount+0x148d/0x1f30
[  139.167308][T10213]  ? kmem_cache_free+0x2d4/0x4d0
[  139.167322][T10213]  ? __pfx_path_mount+0x10/0x10
[  139.167344][T10213]  ? putname+0x154/0x1a0
[  139.167366][T10213]  __x64_sys_mount+0x28d/0x310
[  139.167385][T10213]  ? __pfx___x64_sys_mount+0x10/0x10
[  139.167411][T10213]  do_syscall_64+0xcd/0x260
[  139.167435][T10213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.167451][T10213] RIP: 0033:0x7f687698d169
[  139.167465][T10213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.167480][T10213] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.167496][T10213] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  139.167506][T10213] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  139.167516][T10213] RBP: 00007f68747f6090 R08: 0000200000000480 R09: 0000000000000000
[  139.167526][T10213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.167535][T10213] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  139.167558][T10213]  </TASK>
[  139.525171][   T40] audit: type=1400 audit(1744426826.913:639): avc:  denied  { append } for  pid=10220 comm="syz.5.1351" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  139.554482][T10236] input: syz1 as /devices/virtual/input/input26
[  139.578091][T10230] 9pnet_fd: Insufficient options for proto=fd
[  139.602558][T10242] program syz.0.1358 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.607059][   T40] audit: type=1400 audit(1744426827.003:640): avc:  denied  { write } for  pid=10241 comm="syz.0.1358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  139.638490][T10245] FAULT_INJECTION: forcing a failure.
[  139.638490][T10245] name failslab, interval 1, probability 0, space 0, times 0
[  139.642322][T10245] CPU: 1 UID: 0 PID: 10245 Comm: syz.0.1359 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  139.642336][T10245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.642342][T10245] Call Trace:
[  139.642347][T10245]  <TASK>
[  139.642351][T10245]  dump_stack_lvl+0x16c/0x1f0
[  139.642369][T10245]  should_fail_ex+0x512/0x640
[  139.642381][T10245]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  139.642394][T10245]  should_failslab+0xc2/0x120
[  139.642406][T10245]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  139.642418][T10245]  ? vfs_parse_fs_string+0xc3/0x150
[  139.642431][T10245]  kmemdup_nul+0x49/0xf0
[  139.642444][T10245]  vfs_parse_fs_string+0xc3/0x150
[  139.642454][T10245]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  139.642468][T10245]  ? ovl_next_opt+0x143/0x1c0
[  139.642485][T10245]  ? __pfx_ovl_next_opt+0x10/0x10
[  139.642500][T10245]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  139.642512][T10245]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  139.642524][T10245]  ? alloc_fs_context+0x59b/0x9c0
[  139.642537][T10245]  path_mount+0x148d/0x1f30
[  139.642550][T10245]  ? kmem_cache_free+0x2d4/0x4d0
[  139.642559][T10245]  ? __pfx_path_mount+0x10/0x10
[  139.642572][T10245]  ? putname+0x154/0x1a0
[  139.642585][T10245]  __x64_sys_mount+0x28d/0x310
[  139.642597][T10245]  ? __pfx___x64_sys_mount+0x10/0x10
[  139.642612][T10245]  do_syscall_64+0xcd/0x260
[  139.642627][T10245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.642638][T10245] RIP: 0033:0x7fdad3f8d169
[  139.642646][T10245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.642656][T10245] RSP: 002b:00007fdad4d2b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.642665][T10245] RAX: ffffffffffffffda RBX: 00007fdad41a5fa0 RCX: 00007fdad3f8d169
[  139.642672][T10245] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  139.642677][T10245] RBP: 00007fdad4d2b090 R08: 0000200000000480 R09: 0000000000000000
[  139.642683][T10245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.642689][T10245] R13: 0000000000000000 R14: 00007fdad41a5fa0 R15: 00007ffd082e4008
[  139.642701][T10245]  </TASK>
[  139.710432][    C1] vkms_vblank_simulate: vblank timer overrun
[  140.278363][   T40] audit: type=1400 audit(1744426827.673:641): avc:  denied  { accept } for  pid=10259 comm="syz.5.1366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  140.372247][T10265] input: syz1 as /devices/virtual/input/input27
[  140.375298][ T2294] usb 9-1: new low-speed USB device number 13 using dummy_hcd
[  140.385451][ T5306] Bluetooth: hci3: command 0x1003 tx timeout
[  140.388443][ T5955] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  140.523549][T10279] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1372'.
[  140.556365][ T2294] usb 9-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  140.558860][ T2294] usb 9-1: config 246 descriptor has 1 excess byte, ignoring
[  140.560954][ T2294] usb 9-1: config 246 has 1 interface, different from the descriptor's value: 42
[  140.563491][ T2294] usb 9-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  140.566984][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  140.570028][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  140.573062][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  140.577151][ T2294] usb 9-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  140.579631][ T2294] usb 9-1: config 246 descriptor has 1 excess byte, ignoring
[  140.582108][ T2294] usb 9-1: config 246 has 1 interface, different from the descriptor's value: 42
[  140.584627][ T2294] usb 9-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  140.588047][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  140.590983][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  140.593983][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  140.597622][ T2294] usb 9-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  140.600065][ T2294] usb 9-1: config 246 descriptor has 1 excess byte, ignoring
[  140.602123][ T2294] usb 9-1: config 246 has 1 interface, different from the descriptor's value: 42
[  140.604627][ T2294] usb 9-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  140.607972][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  140.610893][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  140.613917][ T2294] usb 9-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  140.618945][ T2294] usb 9-1: string descriptor 0 read error: -22
[  140.620714][ T2294] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  140.623203][ T2294] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.634263][ T2294] adutux 9-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  141.029306][T10284] FAULT_INJECTION: forcing a failure.
[  141.029306][T10284] name failslab, interval 1, probability 0, space 0, times 0
[  141.033132][T10284] CPU: 2 UID: 0 PID: 10284 Comm: syz.5.1374 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  141.033153][T10284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  141.033163][T10284] Call Trace:
[  141.033169][T10284]  <TASK>
[  141.033173][T10284]  dump_stack_lvl+0x16c/0x1f0
[  141.033202][T10284]  should_fail_ex+0x512/0x640
[  141.033218][T10284]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  141.033232][T10284]  should_failslab+0xc2/0x120
[  141.033243][T10284]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  141.033255][T10284]  ? ovl_mount_dir+0x26/0x1f0
[  141.033273][T10284]  kstrdup+0x53/0x100
[  141.033286][T10284]  ovl_mount_dir+0x26/0x1f0
[  141.033303][T10284]  ovl_parse_param+0x10ae/0x1570
[  141.033313][T10284]  ? selinux_fs_context_parse_param+0xd8/0x130
[  141.033329][T10284]  ? __pfx_ovl_parse_param+0x10/0x10
[  141.033338][T10284]  ? trace_kmalloc+0x2b/0xd0
[  141.033350][T10284]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  141.033363][T10284]  ? static_key_count+0x5a/0x70
[  141.033372][T10284]  ? __pfx_ovl_parse_param+0x10/0x10
[  141.033382][T10284]  vfs_parse_fs_param+0x208/0x3c0
[  141.033393][T10284]  vfs_parse_fs_string+0xe9/0x150
[  141.033404][T10284]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  141.033419][T10284]  ? ovl_next_opt+0x143/0x1c0
[  141.033434][T10284]  ? __pfx_ovl_next_opt+0x10/0x10
[  141.033449][T10284]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  141.033461][T10284]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  141.033474][T10284]  ? alloc_fs_context+0x59b/0x9c0
[  141.033487][T10284]  path_mount+0x148d/0x1f30
[  141.033499][T10284]  ? kmem_cache_free+0x2d4/0x4d0
[  141.033508][T10284]  ? __pfx_path_mount+0x10/0x10
[  141.033521][T10284]  ? putname+0x154/0x1a0
[  141.033535][T10284]  __x64_sys_mount+0x28d/0x310
[  141.033546][T10284]  ? __pfx___x64_sys_mount+0x10/0x10
[  141.033562][T10284]  do_syscall_64+0xcd/0x260
[  141.033577][T10284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.033588][T10284] RIP: 0033:0x7f5490f8d169
[  141.033596][T10284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.033606][T10284] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.033616][T10284] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  141.033622][T10284] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  141.033628][T10284] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  141.033634][T10284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.033640][T10284] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  141.033652][T10284]  </TASK>
[  141.124814][T10286] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1375'.
[  141.182702][   T40] audit: type=1400 audit(1744426828.573:642): avc:  denied  { setopt } for  pid=10290 comm="syz.2.1377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  141.292336][T10297] input: syz1 as /devices/virtual/input/input28
[  142.087237][T10312] FAULT_INJECTION: forcing a failure.
[  142.087237][T10312] name failslab, interval 1, probability 0, space 0, times 0
[  142.090656][T10312] CPU: 2 UID: 0 PID: 10312 Comm: syz.5.1384 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  142.090670][T10312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.090676][T10312] Call Trace:
[  142.090680][T10312]  <TASK>
[  142.090683][T10312]  dump_stack_lvl+0x16c/0x1f0
[  142.090700][T10312]  should_fail_ex+0x512/0x640
[  142.090712][T10312]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  142.090724][T10312]  should_failslab+0xc2/0x120
[  142.090736][T10312]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  142.090746][T10312]  ? trace_kmalloc+0x2b/0xd0
[  142.090758][T10312]  ? getname_kernel+0x52/0x370
[  142.090773][T10312]  getname_kernel+0x52/0x370
[  142.090785][T10312]  kern_path+0x1d/0x50
[  142.090794][T10312]  ovl_mount_dir+0x13e/0x1f0
[  142.090811][T10312]  ovl_parse_param+0x10ae/0x1570
[  142.090821][T10312]  ? selinux_fs_context_parse_param+0xd8/0x130
[  142.090837][T10312]  ? __pfx_ovl_parse_param+0x10/0x10
[  142.090846][T10312]  ? trace_kmalloc+0x2b/0xd0
[  142.090857][T10312]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  142.090870][T10312]  ? static_key_count+0x5a/0x70
[  142.090880][T10312]  ? __pfx_ovl_parse_param+0x10/0x10
[  142.090889][T10312]  vfs_parse_fs_param+0x208/0x3c0
[  142.090901][T10312]  vfs_parse_fs_string+0xe9/0x150
[  142.090912][T10312]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  142.090926][T10312]  ? ovl_next_opt+0x143/0x1c0
[  142.090941][T10312]  ? __pfx_ovl_next_opt+0x10/0x10
[  142.090956][T10312]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  142.090967][T10312]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  142.090979][T10312]  ? alloc_fs_context+0x59b/0x9c0
[  142.090992][T10312]  path_mount+0x148d/0x1f30
[  142.091004][T10312]  ? kmem_cache_free+0x2d4/0x4d0
[  142.091013][T10312]  ? __pfx_path_mount+0x10/0x10
[  142.091026][T10312]  ? putname+0x154/0x1a0
[  142.091039][T10312]  __x64_sys_mount+0x28d/0x310
[  142.091051][T10312]  ? __pfx___x64_sys_mount+0x10/0x10
[  142.091061][T10312]  ? rcu_is_watching+0x12/0xc0
[  142.091078][T10312]  do_syscall_64+0xcd/0x260
[  142.091094][T10312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.091104][T10312] RIP: 0033:0x7f5490f8d169
[  142.091113][T10312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.091123][T10312] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  142.091133][T10312] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  142.091139][T10312] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  142.091145][T10312] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  142.091150][T10312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.091156][T10312] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  142.091168][T10312]  </TASK>
[  142.091172][T10312] overlayfs: failed to resolve './file1': -12
[  142.195025][T10314] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1385'.
[  142.230573][   T40] audit: type=1400 audit(1744426829.623:643): avc:  denied  { watch watch_reads } for  pid=10315 comm="syz.5.1386" path="/116/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  142.232673][T10316] overlayfs: conflicting lowerdir path
[  142.325352][T10320] input: syz1 as /devices/virtual/input/input29
[  142.366679][T10322] QAT: Stopping all acceleration devices.
[  142.453024][T10324] FAULT_INJECTION: forcing a failure.
[  142.453024][T10324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.457129][T10324] CPU: 0 UID: 0 PID: 10324 Comm: syz.5.1389 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  142.457146][T10324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.457153][T10324] Call Trace:
[  142.457156][T10324]  <TASK>
[  142.457160][T10324]  dump_stack_lvl+0x16c/0x1f0
[  142.457178][T10324]  should_fail_ex+0x512/0x640
[  142.457191][T10324]  _copy_to_user+0x32/0xd0
[  142.457204][T10324]  simple_read_from_buffer+0xcb/0x170
[  142.457222][T10324]  proc_fail_nth_read+0x197/0x270
[  142.457239][T10324]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  142.457255][T10324]  ? rw_verify_area+0xcf/0x680
[  142.457269][T10324]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  142.457285][T10324]  vfs_read+0x1de/0xc70
[  142.457303][T10324]  ? __pfx___mutex_lock+0x10/0x10
[  142.457318][T10324]  ? __pfx_vfs_read+0x10/0x10
[  142.457337][T10324]  ? __fget_files+0x20e/0x3c0
[  142.457351][T10324]  ksys_read+0x12a/0x240
[  142.457359][T10324]  ? __pfx_ksys_read+0x10/0x10
[  142.457367][T10324]  ? rcu_is_watching+0x12/0xc0
[  142.457383][T10324]  do_syscall_64+0xcd/0x260
[  142.457399][T10324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.457409][T10324] RIP: 0033:0x7f5490f8bb7c
[  142.457418][T10324] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  142.457428][T10324] RSP: 002b:00007f5491d5e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  142.457438][T10324] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8bb7c
[  142.457444][T10324] RDX: 000000000000000f RSI: 00007f5491d5e0a0 RDI: 0000000000000008
[  142.457450][T10324] RBP: 00007f5491d5e090 R08: 0000000000000000 R09: 0000000000000000
[  142.457456][T10324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.457461][T10324] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  142.457474][T10324]  </TASK>
[  142.869690][ T6223] usb 9-1: USB disconnect, device number 13
[  142.961248][T10344] FAULT_INJECTION: forcing a failure.
[  142.961248][T10344] name failslab, interval 1, probability 0, space 0, times 0
[  142.964822][T10344] CPU: 3 UID: 0 PID: 10344 Comm: syz.4.1394 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  142.964836][T10344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  142.964843][T10344] Call Trace:
[  142.964847][T10344]  <TASK>
[  142.964851][T10344]  dump_stack_lvl+0x16c/0x1f0
[  142.964869][T10344]  should_fail_ex+0x512/0x640
[  142.964880][T10344]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  142.964894][T10344]  should_failslab+0xc2/0x120
[  142.964906][T10344]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  142.964917][T10344]  ? kasan_quarantine_put+0x10a/0x240
[  142.964925][T10344]  ? lockdep_hardirqs_on+0x7c/0x110
[  142.964939][T10344]  ? ovl_do_parse_layer+0x2f/0x10f0
[  142.964957][T10344]  kstrdup+0x53/0x100
[  142.964970][T10344]  ovl_do_parse_layer+0x2f/0x10f0
[  142.964986][T10344]  ? ovl_mount_dir+0x15f/0x1f0
[  142.965003][T10344]  ovl_parse_param+0x10e3/0x1570
[  142.965013][T10344]  ? selinux_fs_context_parse_param+0xd8/0x130
[  142.965029][T10344]  ? __pfx_ovl_parse_param+0x10/0x10
[  142.965038][T10344]  ? trace_kmalloc+0x2b/0xd0
[  142.965050][T10344]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  142.965062][T10344]  ? static_key_count+0x5a/0x70
[  142.965072][T10344]  ? __pfx_ovl_parse_param+0x10/0x10
[  142.965082][T10344]  vfs_parse_fs_param+0x208/0x3c0
[  142.965094][T10344]  vfs_parse_fs_string+0xe9/0x150
[  142.965105][T10344]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  142.965120][T10344]  ? ovl_next_opt+0x143/0x1c0
[  142.965147][T10344]  ? __pfx_ovl_next_opt+0x10/0x10
[  142.965162][T10344]  vfs_parse_monolithic_sep+0x16f/0x1f0
[  142.965174][T10344]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  142.965186][T10344]  ? alloc_fs_context+0x59b/0x9c0
[  142.965199][T10344]  path_mount+0x148d/0x1f30
[  142.965211][T10344]  ? kmem_cache_free+0x2d4/0x4d0
[  142.965221][T10344]  ? __pfx_path_mount+0x10/0x10
[  142.965234][T10344]  ? putname+0x154/0x1a0
[  142.965247][T10344]  __x64_sys_mount+0x28d/0x310
[  142.965259][T10344]  ? __pfx___x64_sys_mount+0x10/0x10
[  142.965275][T10344]  do_syscall_64+0xcd/0x260
[  142.965290][T10344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.965300][T10344] RIP: 0033:0x7f687698d169
[  142.965311][T10344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.965321][T10344] RSP: 002b:00007f68747f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  142.965331][T10344] RAX: ffffffffffffffda RBX: 00007f6876ba5fa0 RCX: 00007f687698d169
[  142.965337][T10344] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  142.965343][T10344] RBP: 00007f68747f6090 R08: 0000200000000480 R09: 0000000000000000
[  142.965349][T10344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  142.965355][T10344] R13: 0000000000000000 R14: 00007f6876ba5fa0 R15: 00007ffdcc080a98
[  142.965367][T10344]  </TASK>
[  143.084657][   T40] audit: type=1400 audit(1744426830.473:644): avc:  denied  { getattr } for  pid=10347 comm="syz.4.1395" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  143.085509][T10348] overlayfs: statfs failed on './file0'
[  143.226284][T10350] input: syz1 as /devices/virtual/input/input30
[  143.247778][T10350] 9pnet_fd: Insufficient options for proto=fd
[  143.331631][T10360] xt_TPROXY: Can be used only with -p tcp or -p udp
[  143.467602][T10373] vlan2: entered allmulticast mode
[  143.469165][T10373] batadv0: entered allmulticast mode
[  143.620050][T10380] input: syz1 as /devices/virtual/input/input31
[  143.635218][ T6223] usb 7-1: new low-speed USB device number 14 using dummy_hcd
[  143.647790][T10378] 9pnet_fd: Insufficient options for proto=fd
[  143.779969][   T40] audit: type=1326 audit(1744426831.173:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10392 comm="syz.5.1408" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5490f8d169 code=0x0
[  143.786574][ T6223] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  143.789335][ T6223] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  143.791974][ T6223] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  143.794487][ T6223] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  143.800361][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  143.803342][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  143.807298][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  143.812369][ T6223] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  143.814809][ T6223] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  143.817568][ T6223] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  143.820289][ T6223] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  143.823466][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  143.826649][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  143.829677][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  143.831570][   T40] audit: type=1400 audit(1744426831.223:646): avc:  denied  { map } for  pid=10399 comm="syz.5.1410" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  143.833102][ T6223] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32
[  143.843291][ T6223] usb 7-1: config 246 descriptor has 1 excess byte, ignoring
[  143.845406][ T6223] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42
[  143.847916][ T6223] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF
[  143.851055][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 77, setting to 8
[  143.853950][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  143.857020][ T6223] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  143.862252][ T6223] usb 7-1: string descriptor 0 read error: -22
[  143.864008][ T6223] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  143.866722][ T6223] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.872789][ T6223] adutux 7-1:246.0: ADU100  now attached to /dev/usb/adutux0
[  143.944140][   T40] audit: type=1326 audit(1744426831.333:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10407 comm="syz.0.1413" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdad3f8d169 code=0x0
[  144.086576][T10401] /dev/sr0: Can't open blockdev
[  144.165827][  T143] usb 9-1: new low-speed USB device number 14 using dummy_hcd
[  144.249701][T10416] input: syz1 as /devices/virtual/input/input32
[  144.275743][T10414] 9pnet_fd: Insufficient options for proto=fd
[  144.298690][  T143] usb 9-1: device descriptor read/64, error -71
[  144.304995][T10418] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1415'.
[  144.430092][T10426] FAULT_INJECTION: forcing a failure.
[  144.430092][T10426] name failslab, interval 1, probability 0, space 0, times 0
[  144.433522][T10426] CPU: 0 UID: 0 PID: 10426 Comm: syz.5.1417 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  144.433536][T10426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  144.433542][T10426] Call Trace:
[  144.433550][T10426]  <TASK>
[  144.433554][T10426]  dump_stack_lvl+0x16c/0x1f0
[  144.433581][T10426]  should_fail_ex+0x512/0x640
[  144.433596][T10426]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  144.433614][T10426]  should_failslab+0xc2/0x120
[  144.433625][T10426]  __kmalloc_cache_noprof+0x6a/0x3e0
[  144.433641][T10426]  ? alloc_super+0x52/0xbd0
[  144.433659][T10426]  alloc_super+0x52/0xbd0
[  144.433674][T10426]  ? sget_fc+0xd3/0xc20
[  144.433691][T10426]  sget_fc+0x116/0xc20
[  144.433707][T10426]  ? __pfx_set_anon_super_fc+0x10/0x10
[  144.433722][T10426]  ? __pfx_ovl_fill_super+0x10/0x10
[  144.433738][T10426]  get_tree_nodev+0x28/0x190
[  144.433748][T10426]  vfs_get_tree+0x8b/0x340
[  144.433762][T10426]  path_mount+0x14d4/0x1f30
[  144.433774][T10426]  ? kmem_cache_free+0x2d4/0x4d0
[  144.433783][T10426]  ? __pfx_path_mount+0x10/0x10
[  144.433796][T10426]  ? putname+0x154/0x1a0
[  144.433810][T10426]  __x64_sys_mount+0x28d/0x310
[  144.433821][T10426]  ? __pfx___x64_sys_mount+0x10/0x10
[  144.433848][T10426]  do_syscall_64+0xcd/0x260
[  144.433864][T10426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.433875][T10426] RIP: 0033:0x7f5490f8d169
[  144.433883][T10426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.433893][T10426] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  144.433903][T10426] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  144.433909][T10426] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  144.433915][T10426] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  144.433921][T10426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  144.433926][T10426] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  144.433939][T10426]  </TASK>
[  144.545234][  T143] usb 9-1: new low-speed USB device number 15 using dummy_hcd
[  144.685334][  T143] usb 9-1: device descriptor read/64, error -71
[  144.795492][  T143] usb usb9-port1: attempt power cycle
[  145.145277][  T143] usb 9-1: new low-speed USB device number 16 using dummy_hcd
[  145.165979][  T143] usb 9-1: device descriptor read/8, error -71
[  145.415349][  T143] usb 9-1: new low-speed USB device number 17 using dummy_hcd
[  145.445634][  T143] usb 9-1: device descriptor read/8, error -71
[  145.555367][  T143] usb usb9-port1: unable to enumerate USB device
[  145.610421][T10457] input: syz1 as /devices/virtual/input/input33
[  146.145734][ T6057] usb 7-1: USB disconnect, device number 14
[  146.216493][T10465] FAULT_INJECTION: forcing a failure.
[  146.216493][T10465] name failslab, interval 1, probability 0, space 0, times 0
[  146.221311][T10465] CPU: 0 UID: 0 PID: 10465 Comm: syz.5.1426 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  146.221334][T10465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  146.221344][T10465] Call Trace:
[  146.221350][T10465]  <TASK>
[  146.221357][T10465]  dump_stack_lvl+0x16c/0x1f0
[  146.221400][T10465]  should_fail_ex+0x512/0x640
[  146.221422][T10465]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  146.221450][T10465]  should_failslab+0xc2/0x120
[  146.221469][T10465]  __kmalloc_cache_noprof+0x6a/0x3e0
[  146.221494][T10465]  ? shrinker_alloc+0xf5/0xbf0
[  146.221517][T10465]  shrinker_alloc+0xf5/0xbf0
[  146.221538][T10465]  ? mark_held_locks+0x49/0x80
[  146.221553][T10465]  ? pcpu_memcg_post_alloc_hook+0x1e/0x740
[  146.221574][T10465]  ? __pfx_shrinker_alloc+0x10/0x10
[  146.221597][T10465]  ? lockdep_init_map_type+0x5c/0x280
[  146.221615][T10465]  ? __raw_spin_lock_init+0x3a/0x110
[  146.221633][T10465]  ? __init_rwsem+0x12d/0x1b0
[  146.221653][T10465]  alloc_super+0x7c8/0xbd0
[  146.221683][T10465]  sget_fc+0x116/0xc20
[  146.221706][T10465]  ? __pfx_set_anon_super_fc+0x10/0x10
[  146.221734][T10465]  ? __pfx_ovl_fill_super+0x10/0x10
[  146.221758][T10465]  get_tree_nodev+0x28/0x190
[  146.221772][T10465]  vfs_get_tree+0x8b/0x340
[  146.221793][T10465]  path_mount+0x14d4/0x1f30
[  146.221813][T10465]  ? kmem_cache_free+0x2d4/0x4d0
[  146.221826][T10465]  ? __pfx_path_mount+0x10/0x10
[  146.221845][T10465]  ? putname+0x154/0x1a0
[  146.221865][T10465]  __x64_sys_mount+0x28d/0x310
[  146.221882][T10465]  ? __pfx___x64_sys_mount+0x10/0x10
[  146.221906][T10465]  do_syscall_64+0xcd/0x260
[  146.221927][T10465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.221942][T10465] RIP: 0033:0x7f5490f8d169
[  146.221954][T10465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.221967][T10465] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  146.221981][T10465] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  146.221991][T10465] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  146.222000][T10465] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  146.222009][T10465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  146.222018][T10465] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  146.222040][T10465]  </TASK>
[  146.273681][T10443] Set syz1 is full, maxelem 65536 reached
[  146.284054][T10468] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  146.367586][   T40] audit: type=1400 audit(1744426833.763:648): avc:  denied  { audit_write } for  pid=10471 comm="syz.0.1429" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  146.901914][T10482] lo speed is unknown, defaulting to 1000
[  147.109333][   T40] audit: type=1400 audit(1744426834.503:649): avc:  denied  { write } for  pid=10490 comm="syz.0.1435" name="file0" dev="9p" ino=36831320 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  147.152066][T10493] FAULT_INJECTION: forcing a failure.
[  147.152066][T10493] name failslab, interval 1, probability 0, space 0, times 0
[  147.155745][T10493] CPU: 0 UID: 0 PID: 10493 Comm: syz.2.1437 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  147.155759][T10493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  147.155765][T10493] Call Trace:
[  147.155769][T10493]  <TASK>
[  147.155773][T10493]  dump_stack_lvl+0x16c/0x1f0
[  147.155791][T10493]  should_fail_ex+0x512/0x640
[  147.155802][T10493]  ? __kmalloc_noprof+0xbf/0x510
[  147.155813][T10493]  ? __list_lru_init+0xe8/0x4c0
[  147.155823][T10493]  should_failslab+0xc2/0x120
[  147.155835][T10493]  __kmalloc_noprof+0xd2/0x510
[  147.155848][T10493]  __list_lru_init+0xe8/0x4c0
[  147.155859][T10493]  alloc_super+0x8bf/0xbd0
[  147.155878][T10493]  sget_fc+0x116/0xc20
[  147.155893][T10493]  ? __pfx_set_anon_super_fc+0x10/0x10
[  147.155909][T10493]  ? __pfx_ovl_fill_super+0x10/0x10
[  147.155925][T10493]  get_tree_nodev+0x28/0x190
[  147.155935][T10493]  vfs_get_tree+0x8b/0x340
[  147.155949][T10493]  path_mount+0x14d4/0x1f30
[  147.155961][T10493]  ? kmem_cache_free+0x2d4/0x4d0
[  147.155971][T10493]  ? __pfx_path_mount+0x10/0x10
[  147.155984][T10493]  ? putname+0x154/0x1a0
[  147.155997][T10493]  __x64_sys_mount+0x28d/0x310
[  147.156009][T10493]  ? __pfx___x64_sys_mount+0x10/0x10
[  147.156025][T10493]  do_syscall_64+0xcd/0x260
[  147.156040][T10493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.156050][T10493] RIP: 0033:0x7fa660f8d169
[  147.156059][T10493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.156069][T10493] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  147.156078][T10493] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  147.156085][T10493] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  147.156091][T10493] RBP: 00007fa661dba090 R08: 0000200000000480 R09: 0000000000000000
[  147.156097][T10493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  147.156103][T10493] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  147.156115][T10493]  </TASK>
[  147.228863][    C0] vkms_vblank_simulate: vblank timer overrun
[  147.316604][   T40] audit: type=1400 audit(1744426834.713:650): avc:  denied  { remount } for  pid=10494 comm="syz.2.1438" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  147.565921][T10508] netlink: 5 bytes leftover after parsing attributes in process `syz.5.1443'.
[  147.569213][T10508] netlink: 5 bytes leftover after parsing attributes in process `syz.5.1443'.
[  147.572456][T10508] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1443'.
[  147.575876][T10508] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1443'.
[  147.745368][   T64] usb 9-1: new low-speed USB device number 18 using dummy_hcd
[  147.885229][   T64] usb 9-1: device descriptor read/64, error -71
[  148.127148][   T64] usb 9-1: new low-speed USB device number 19 using dummy_hcd
[  148.199583][T10516] FAULT_INJECTION: forcing a failure.
[  148.199583][T10516] name failslab, interval 1, probability 0, space 0, times 0
[  148.203193][T10516] CPU: 0 UID: 0 PID: 10516 Comm: syz.2.1446 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  148.203207][T10516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.203213][T10516] Call Trace:
[  148.203217][T10516]  <TASK>
[  148.203221][T10516]  dump_stack_lvl+0x16c/0x1f0
[  148.203239][T10516]  should_fail_ex+0x512/0x640
[  148.203250][T10516]  ? __kmalloc_noprof+0xbf/0x510
[  148.203261][T10516]  ? __list_lru_init+0xe8/0x4c0
[  148.203271][T10516]  should_failslab+0xc2/0x120
[  148.203283][T10516]  __kmalloc_noprof+0xd2/0x510
[  148.203293][T10516]  ? lockdep_init_map_type+0x5c/0x280
[  148.203306][T10516]  __list_lru_init+0xe8/0x4c0
[  148.203317][T10516]  alloc_super+0x904/0xbd0
[  148.203336][T10516]  sget_fc+0x116/0xc20
[  148.203351][T10516]  ? __pfx_set_anon_super_fc+0x10/0x10
[  148.203367][T10516]  ? __pfx_ovl_fill_super+0x10/0x10
[  148.203383][T10516]  get_tree_nodev+0x28/0x190
[  148.203393][T10516]  vfs_get_tree+0x8b/0x340
[  148.203407][T10516]  path_mount+0x14d4/0x1f30
[  148.203419][T10516]  ? kmem_cache_free+0x2d4/0x4d0
[  148.203429][T10516]  ? __pfx_path_mount+0x10/0x10
[  148.203442][T10516]  ? putname+0x154/0x1a0
[  148.203455][T10516]  __x64_sys_mount+0x28d/0x310
[  148.203466][T10516]  ? __pfx___x64_sys_mount+0x10/0x10
[  148.203482][T10516]  do_syscall_64+0xcd/0x260
[  148.203497][T10516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.203508][T10516] RIP: 0033:0x7fa660f8d169
[  148.203516][T10516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.203526][T10516] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  148.203536][T10516] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  148.203543][T10516] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  148.203549][T10516] RBP: 00007fa661dba090 R08: 0000200000000480 R09: 0000000000000000
[  148.203554][T10516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  148.203560][T10516] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  148.203572][T10516]  </TASK>
[  148.265683][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.275500][   T64] usb 9-1: device descriptor read/64, error -71
[  148.397717][   T64] usb usb9-port1: attempt power cycle
[  148.745230][   T64] usb 9-1: new low-speed USB device number 20 using dummy_hcd
[  148.765699][   T64] usb 9-1: device descriptor read/8, error -71
[  149.005218][   T64] usb 9-1: new low-speed USB device number 21 using dummy_hcd
[  149.025834][   T64] usb 9-1: device descriptor read/8, error -71
[  149.135509][   T64] usb usb9-port1: unable to enumerate USB device
[  149.139089][T10529] FAULT_INJECTION: forcing a failure.
[  149.139089][T10529] name failslab, interval 1, probability 0, space 0, times 0
[  149.142628][T10529] CPU: 0 UID: 0 PID: 10529 Comm: syz.5.1451 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  149.142643][T10529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.142649][T10529] Call Trace:
[  149.142653][T10529]  <TASK>
[  149.142657][T10529]  dump_stack_lvl+0x16c/0x1f0
[  149.142675][T10529]  should_fail_ex+0x512/0x640
[  149.142686][T10529]  ? fs_reclaim_acquire+0xae/0x150
[  149.142702][T10529]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  149.142717][T10529]  should_failslab+0xc2/0x120
[  149.142729][T10529]  __kmalloc_noprof+0xd2/0x510
[  149.142742][T10529]  tomoyo_realpath_from_path+0xc2/0x6e0
[  149.142758][T10529]  ? tomoyo_profile+0x47/0x60
[  149.142769][T10529]  tomoyo_path_number_perm+0x245/0x580
[  149.142780][T10529]  ? tomoyo_path_number_perm+0x237/0x580
[  149.142794][T10529]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  149.142807][T10529]  ? find_held_lock+0x2b/0x80
[  149.142832][T10529]  ? find_held_lock+0x2b/0x80
[  149.142844][T10529]  ? hook_file_ioctl_common+0x145/0x410
[  149.142857][T10529]  ? __fget_files+0x20e/0x3c0
[  149.142869][T10529]  security_file_ioctl+0x9b/0x240
[  149.142884][T10529]  __x64_sys_ioctl+0xb7/0x200
[  149.142899][T10529]  do_syscall_64+0xcd/0x260
[  149.142915][T10529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.142925][T10529] RIP: 0033:0x7f5490f8d169
[  149.142933][T10529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.142943][T10529] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  149.142952][T10529] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  149.142959][T10529] RDX: 0000200000000000 RSI: 0000000040047452 RDI: 0000000000000005
[  149.142965][T10529] RBP: 00007f5491d5e090 R08: 0000000000000000 R09: 0000000000000000
[  149.142970][T10529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.142976][T10529] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  149.142988][T10529]  </TASK>
[  149.142992][T10529] ERROR: Out of memory at tomoyo_realpath_from_path.
[  149.228853][T10531] netlink: 201384 bytes leftover after parsing attributes in process `syz.5.1452'.
[  149.231728][T10531] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  149.234006][T10531] openvswitch: netlink: Message has 8454 unknown bytes.
[  149.236819][   T40] audit: type=1400 audit(1744426837.626:651): avc:  denied  { write } for  pid=10530 comm="syz.5.1452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  149.375772][   T40] audit: type=1400 audit(1744426837.766:652): avc:  denied  { map } for  pid=10536 comm="syz.5.1455" path="socket:[35325]" dev="sockfs" ino=35325 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  149.382334][   T40] audit: type=1400 audit(1744426837.766:653): avc:  denied  { read } for  pid=10536 comm="syz.5.1455" path="socket:[35325]" dev="sockfs" ino=35325 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  149.673493][T10560] FAULT_INJECTION: forcing a failure.
[  149.673493][T10560] name failslab, interval 1, probability 0, space 0, times 0
[  149.677461][T10560] CPU: 2 UID: 0 PID: 10560 Comm: syz.2.1463 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  149.677475][T10560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.677482][T10560] Call Trace:
[  149.677489][T10560]  <TASK>
[  149.677493][T10560]  dump_stack_lvl+0x16c/0x1f0
[  149.677510][T10560]  should_fail_ex+0x512/0x640
[  149.677521][T10560]  ? fs_reclaim_acquire+0xae/0x150
[  149.677537][T10560]  ? tomoyo_encode2+0x100/0x3e0
[  149.677551][T10560]  should_failslab+0xc2/0x120
[  149.677564][T10560]  __kmalloc_noprof+0xd2/0x510
[  149.677574][T10560]  ? d_absolute_path+0x136/0x1a0
[  149.677590][T10560]  tomoyo_encode2+0x100/0x3e0
[  149.677606][T10560]  tomoyo_encode+0x29/0x50
[  149.677620][T10560]  tomoyo_realpath_from_path+0x18f/0x6e0
[  149.677638][T10560]  tomoyo_path_number_perm+0x245/0x580
[  149.677650][T10560]  ? tomoyo_path_number_perm+0x237/0x580
[  149.677664][T10560]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  149.677678][T10560]  ? find_held_lock+0x2b/0x80
[  149.677703][T10560]  ? find_held_lock+0x2b/0x80
[  149.677715][T10560]  ? hook_file_ioctl_common+0x145/0x410
[  149.677728][T10560]  ? __fget_files+0x20e/0x3c0
[  149.677744][T10560]  security_file_ioctl+0x9b/0x240
[  149.677760][T10560]  __x64_sys_ioctl+0xb7/0x200
[  149.677775][T10560]  do_syscall_64+0xcd/0x260
[  149.677790][T10560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.677801][T10560] RIP: 0033:0x7fa660f8d169
[  149.677809][T10560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.677819][T10560] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  149.677830][T10560] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  149.677837][T10560] RDX: 0000200000000000 RSI: 0000000040047452 RDI: 0000000000000005
[  149.677842][T10560] RBP: 00007fa661dba090 R08: 0000000000000000 R09: 0000000000000000
[  149.677848][T10560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.677854][T10560] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  149.677867][T10560]  </TASK>
[  149.677877][T10560] ERROR: Out of memory at tomoyo_realpath_from_path.
[  149.787734][T10564] FAULT_INJECTION: forcing a failure.
[  149.787734][T10564] name failslab, interval 1, probability 0, space 0, times 0
[  149.791209][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.2.1465 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  149.791224][T10564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  149.791230][T10564] Call Trace:
[  149.791234][T10564]  <TASK>
[  149.791238][T10564]  dump_stack_lvl+0x16c/0x1f0
[  149.791256][T10564]  should_fail_ex+0x512/0x640
[  149.791267][T10564]  ? __kmalloc_noprof+0xbf/0x510
[  149.791279][T10564]  ? lsm_blob_alloc+0x68/0x90
[  149.791289][T10564]  should_failslab+0xc2/0x120
[  149.791301][T10564]  __kmalloc_noprof+0xd2/0x510
[  149.791313][T10564]  lsm_blob_alloc+0x68/0x90
[  149.791323][T10564]  security_prepare_creds+0x30/0x270
[  149.791340][T10564]  prepare_creds+0x56f/0x7d0
[  149.791353][T10564]  ovl_fill_super+0x2bbe/0x6720
[  149.791371][T10564]  ? __pfx___might_resched+0x10/0x10
[  149.791386][T10564]  ? rcu_is_watching+0x12/0xc0
[  149.791399][T10564]  ? find_held_lock+0x2b/0x80
[  149.791413][T10564]  ? shrinker_register+0x154/0x260
[  149.791428][T10564]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  149.791445][T10564]  ? __pfx_ovl_fill_super+0x10/0x10
[  149.791462][T10564]  ? lockdep_init_map_type+0x5c/0x280
[  149.791473][T10564]  ? lockdep_init_map_type+0x5c/0x280
[  149.791483][T10564]  ? __init_swait_queue_head+0xca/0x150
[  149.791497][T10564]  ? shrinker_register+0x1a8/0x260
[  149.791513][T10564]  ? sget_fc+0x808/0xc20
[  149.791530][T10564]  ? __pfx_ovl_fill_super+0x10/0x10
[  149.791545][T10564]  ? get_tree_nodev+0xda/0x190
[  149.791554][T10564]  get_tree_nodev+0xda/0x190
[  149.791563][T10564]  vfs_get_tree+0x8b/0x340
[  149.791577][T10564]  path_mount+0x14d4/0x1f30
[  149.791590][T10564]  ? kmem_cache_free+0x2d4/0x4d0
[  149.791599][T10564]  ? __pfx_path_mount+0x10/0x10
[  149.791612][T10564]  ? putname+0x154/0x1a0
[  149.791626][T10564]  __x64_sys_mount+0x28d/0x310
[  149.791638][T10564]  ? __pfx___x64_sys_mount+0x10/0x10
[  149.791653][T10564]  do_syscall_64+0xcd/0x260
[  149.791669][T10564]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.791679][T10564] RIP: 0033:0x7fa660f8d169
[  149.791687][T10564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.791697][T10564] RSP: 002b:00007fa661dba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.791707][T10564] RAX: ffffffffffffffda RBX: 00007fa6611a5fa0 RCX: 00007fa660f8d169
[  149.791714][T10564] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  149.791720][T10564] RBP: 00007fa661dba090 R08: 0000200000000480 R09: 0000000000000000
[  149.791726][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  149.791731][T10564] R13: 0000000000000000 R14: 00007fa6611a5fa0 R15: 00007fffc25c3b48
[  149.791744][T10564]  </TASK>
[  149.920223][T10566] tmpfs: Unknown parameter ''
[  150.884411][T10606] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1481'.
[  150.918359][   T40] audit: type=1400 audit(1744426839.306:654): avc:  denied  { getopt } for  pid=10608 comm="syz.2.1483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  150.927045][   T40] audit: type=1400 audit(1744426839.306:655): avc:  denied  { ioctl } for  pid=10608 comm="syz.2.1483" path="socket:[33578]" dev="sockfs" ino=33578 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  150.935793][   T58] usb 9-1: new low-speed USB device number 22 using dummy_hcd
[  150.967289][T10615] ucma_write: process 1029 (syz.0.1482) changed security contexts after opening file descriptor, this is not allowed.
[  151.075215][   T58] usb 9-1: device descriptor read/64, error -71
[  151.215211][   T34] usb 7-1: new low-speed USB device number 15 using dummy_hcd
[  151.325222][   T58] usb 9-1: new low-speed USB device number 23 using dummy_hcd
[  151.328051][T10581] Set syz1 is full, maxelem 65536 reached
[  151.365213][   T34] usb 7-1: device descriptor read/64, error -71
[  151.404075][   T40] audit: type=1400 audit(1744426839.786:656): avc:  denied  { accept } for  pid=10622 comm="syz.5.1488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  151.410149][   T40] audit: type=1400 audit(1744426839.786:657): avc:  denied  { ioctl } for  pid=10622 comm="syz.5.1488" path="socket:[36464]" dev="sockfs" ino=36464 ioctlcmd=0xf516 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  151.433874][T10625] FAULT_INJECTION: forcing a failure.
[  151.433874][T10625] name failslab, interval 1, probability 0, space 0, times 0
[  151.437499][T10625] CPU: 0 UID: 0 PID: 10625 Comm: syz.5.1489 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  151.437514][T10625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.437520][T10625] Call Trace:
[  151.437524][T10625]  <TASK>
[  151.437528][T10625]  dump_stack_lvl+0x16c/0x1f0
[  151.437546][T10625]  should_fail_ex+0x512/0x640
[  151.437557][T10625]  ? __kmalloc_noprof+0xbf/0x510
[  151.437579][T10625]  ? ovl_fill_super+0x48f/0x6720
[  151.437595][T10625]  should_failslab+0xc2/0x120
[  151.437607][T10625]  __kmalloc_noprof+0xd2/0x510
[  151.437617][T10625]  ? ovl_fs_params_verify+0x665/0x14a0
[  151.437627][T10625]  ? prepare_creds+0x510/0x7d0
[  151.437639][T10625]  ovl_fill_super+0x48f/0x6720
[  151.437655][T10625]  ? __pfx___might_resched+0x10/0x10
[  151.437671][T10625]  ? rcu_is_watching+0x12/0xc0
[  151.437684][T10625]  ? find_held_lock+0x2b/0x80
[  151.437699][T10625]  ? shrinker_register+0x154/0x260
[  151.437716][T10625]  ? __pfx_ovl_fill_super+0x10/0x10
[  151.437733][T10625]  ? lockdep_init_map_type+0x5c/0x280
[  151.437744][T10625]  ? lockdep_init_map_type+0x5c/0x280
[  151.437754][T10625]  ? __init_swait_queue_head+0xca/0x150
[  151.437768][T10625]  ? shrinker_register+0x1a8/0x260
[  151.437780][T10625]  ? sget_fc+0x808/0xc20
[  151.437798][T10625]  ? __pfx_ovl_fill_super+0x10/0x10
[  151.437813][T10625]  ? get_tree_nodev+0xda/0x190
[  151.437821][T10625]  get_tree_nodev+0xda/0x190
[  151.437831][T10625]  vfs_get_tree+0x8b/0x340
[  151.437845][T10625]  path_mount+0x14d4/0x1f30
[  151.437857][T10625]  ? kmem_cache_free+0x2d4/0x4d0
[  151.437867][T10625]  ? __pfx_path_mount+0x10/0x10
[  151.437880][T10625]  ? putname+0x154/0x1a0
[  151.437893][T10625]  __x64_sys_mount+0x28d/0x310
[  151.437905][T10625]  ? __pfx___x64_sys_mount+0x10/0x10
[  151.437920][T10625]  do_syscall_64+0xcd/0x260
[  151.437936][T10625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.437946][T10625] RIP: 0033:0x7f5490f8d169
[  151.437954][T10625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.437964][T10625] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  151.437974][T10625] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  151.437981][T10625] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  151.437986][T10625] RBP: 00007f5491d5e090 R08: 0000200000000480 R09: 0000000000000000
[  151.437992][T10625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  151.437998][T10625] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  151.438010][T10625]  </TASK>
[  151.516282][    C0] vkms_vblank_simulate: vblank timer overrun
[  151.518014][   T58] usb 9-1: device descriptor read/64, error -71
[  151.590824][T10628] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.593990][T10628] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.615246][   T34] usb 7-1: new low-speed USB device number 16 using dummy_hcd
[  151.625579][   T58] usb usb9-port1: attempt power cycle
[  151.748747][   T34] usb 7-1: device descriptor read/64, error -71
[  151.855360][   T34] usb usb7-port1: attempt power cycle
[  151.886376][T10640] ipvlan1: left allmulticast mode
[  151.975276][   T58] usb 9-1: new low-speed USB device number 24 using dummy_hcd
[  151.982025][T10649] netlink: 'syz.0.1498': attribute type 4 has an invalid length.
[  151.984254][   T40] audit: type=1400 audit(1744426840.366:658): avc:  denied  { setopt } for  pid=10647 comm="syz.0.1498" lport=54033 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  151.995861][   T58] usb 9-1: device descriptor read/8, error -71
[  152.195234][   T34] usb 7-1: new low-speed USB device number 17 using dummy_hcd
[  152.216040][   T34] usb 7-1: device descriptor read/8, error -71
[  152.255234][   T58] usb 9-1: new low-speed USB device number 25 using dummy_hcd
[  152.275860][   T58] usb 9-1: device descriptor read/8, error -71
[  152.385613][   T58] usb usb9-port1: unable to enumerate USB device
[  152.466761][   T34] usb 7-1: new low-speed USB device number 18 using dummy_hcd
[  152.497175][   T34] usb 7-1: device descriptor read/8, error -71
[  152.605366][   T34] usb usb7-port1: unable to enumerate USB device
[  152.674727][T10672] netlink: 'syz.5.1506': attribute type 10 has an invalid length.
[  152.675290][T10673] netlink: 'syz.5.1506': attribute type 10 has an invalid length.
[  152.677420][T10672] hsr0: entered promiscuous mode
[  152.683479][T10672] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  152.686549][T10672] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  152.689924][T10672] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  152.691850][T10673] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  152.695099][T10673] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  152.699571][T10673] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  152.989986][T10691] netlink: 'syz.5.1513': attribute type 10 has an invalid length.
[  152.993047][T10691] hsr0: left promiscuous mode
[  152.996298][T10691] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  153.130721][   T40] audit: type=1400 audit(1744426841.516:659): avc:  denied  { write } for  pid=10714 comm="syz.0.1517" path="socket:[36596]" dev="sockfs" ino=36596 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  153.173458][T10718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1519'.
[  153.239082][T10715] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=10715 comm=syz.5.1518
[  153.735325][  T143] usb 10-1: new low-speed USB device number 6 using dummy_hcd
[  153.757462][T10732] SELinux:  policydb table sizes (0,0) do not match mine (6,7)
[  153.760362][T10732] SELinux: failed to load policy
[  153.896492][  T143] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  153.899661][  T143] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x82 is Bulk; changing to Interrupt
[  153.903218][  T143] usb 10-1: config 1 interface 1 altsetting 1 endpoint 0x3 is Bulk; changing to Interrupt
[  153.915597][  T143] usb 10-1: string descriptor 0 read error: -22
[  153.917417][  T143] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  153.919926][  T143] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.923987][T10723] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  153.939532][T10742] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10742 comm=syz.4.1527
[  154.041056][T10752] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0)
[  154.043681][T10752] SELinux: failed to load policy
[  154.135437][  T143] cdc_ncm 10-1:1.0: bind() failure
[  154.145881][  T143] usb 10-1: USB disconnect, device number 6
[  154.178774][T10768] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1535'.
[  154.298253][   T40] audit: type=1400 audit(1744426842.686:660): avc:  denied  { write } for  pid=10791 comm="syz.4.1540" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  154.328605][T10796] tmpfs: Bad value for 'huge'
[  154.332832][   T40] audit: type=1800 audit(1744426842.716:661): pid=10796 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.1541" name="bus" dev="tmpfs" ino=1592 res=0 errno=0
[  154.359859][   T40] audit: type=1400 audit(1744426842.746:662): avc:  denied  { create } for  pid=10797 comm="syz.4.1542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  154.403994][T10801] mkiss: ax0: crc mode is auto.
[  154.664774][   T40] audit: type=1400 audit(1744426843.046:663): avc:  denied  { map } for  pid=10825 comm="syz.5.1552" path="/180/file0" dev="tmpfs" ino=1064 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  154.732582][T10826] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[  154.735959][T10826] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10826, name: syz.5.1552
[  154.739806][T10826] preempt_count: 0, expected: 0
[  154.741909][T10826] RCU nest depth: 1, expected: 0
[  154.743353][T10826] 4 locks held by syz.5.1552/10826:
[  154.744888][T10826]  #0: ffff888029cf1eb8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  154.749811][T10826]  #1: ffff88803b640148 (&type->i_mutex_dir_key#10){++++}-{4:4}, at: iterate_dir+0x18b/0xb40
[  154.753096][T10826]  #2: ffffffff8e3c15c0 (rcu_read_lock){....}-{1:3}, at: afs_dynroot_readdir+0x619/0xf50
[  154.755980][T10826]  #3: ffff8880242b0be0 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x35/0x6e0
[  154.758783][T10826] CPU: 0 UID: 0 PID: 10826 Comm: syz.5.1552 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) 
[  154.758799][T10826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.758806][T10826] Call Trace:
[  154.758810][T10826]  <TASK>
[  154.758815][T10826]  dump_stack_lvl+0x16c/0x1f0
[  154.758832][T10826]  __might_resched+0x3c0/0x5e0
[  154.758847][T10826]  ? find_held_lock+0x2b/0x80
[  154.758860][T10826]  ? __pfx___might_resched+0x10/0x10
[  154.758879][T10826]  prepare_alloc_pages+0x413/0x610
[  154.758893][T10826]  ? __pfx_stack_trace_save+0x10/0x10
[  154.758909][T10826]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  154.758922][T10826]  ? __lock_acquire+0x5ca/0x1ba0
[  154.758934][T10826]  ? __lock_acquire+0x5ca/0x1ba0
[  154.758944][T10826]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  154.758957][T10826]  ? __lock_acquire+0x5ca/0x1ba0
[  154.758973][T10826]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  154.758986][T10826]  ? policy_nodemask+0xea/0x4e0
[  154.758999][T10826]  alloc_pages_mpol+0x1fb/0x550
[  154.759012][T10826]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  154.759024][T10826]  ? __lock_acquire+0x5ca/0x1ba0
[  154.759035][T10826]  folio_alloc_mpol_noprof+0x36/0x2f0
[  154.759050][T10826]  vma_alloc_folio_noprof+0xed/0x1e0
[  154.759063][T10826]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  154.759081][T10826]  do_pte_missing+0x223d/0x3fb0
[  154.759103][T10826]  __handle_mm_fault+0x103d/0x2a40
[  154.759123][T10826]  ? __pfx___handle_mm_fault+0x10/0x10
[  154.759147][T10826]  ? find_vma+0xbf/0x140
[  154.759159][T10826]  ? __pfx_find_vma+0x10/0x10
[  154.759174][T10826]  handle_mm_fault+0x3fe/0xad0
[  154.759194][T10826]  do_user_addr_fault+0x7a6/0x1370
[  154.759208][T10826]  ? rcu_is_watching+0x12/0xc0
[  154.759222][T10826]  exc_page_fault+0x5c/0xc0
[  154.759235][T10826]  asm_exc_page_fault+0x26/0x30
[  154.759245][T10826] RIP: 0010:filldir+0x2b7/0x5f0
[  154.759260][T10826] Code: e8 6e 41 83 ff 0f 01 cb 0f ae e8 48 8b 04 24 49 89 47 08 e8 5b 41 83 ff 4c 8b 7c 24 30 48 8b 44 24 10 49 89 07 e8 49 41 83 ff <66> 45 89 6f 10 e8 3f 41 83 ff 49 63 f5 0f b6 7c 24 1c 48 89 34 24
[  154.759271][T10826] RSP: 0018:ffffc90004b57c68 EFLAGS: 00050283
[  154.759280][T10826] RAX: 00000000000000bf RBX: ffffc90004b57e80 RCX: ffffc90027041000
[  154.759286][T10826] RDX: 0000000000080000 RSI: ffffffff8237fc27 RDI: 0000000000000006
[  154.759292][T10826] RBP: 0000200000002008 R08: 0000000000000006 R09: 0000200000001fd8
[  154.759298][T10826] R10: 0000200000002008 R11: 0000000000000000 R12: 0000000000000003
[  154.759304][T10826] R13: 0000000000000018 R14: ffff88802b27dac1 R15: 0000200000001ff0
[  154.759315][T10826]  ? filldir+0x2b7/0x5f0
[  154.759331][T10826]  ? filldir+0x2b7/0x5f0
[  154.759349][T10826]  afs_dynroot_readdir+0x9bb/0xf50
[  154.759363][T10826]  ? __pfx_filldir+0x10/0x10
[  154.759380][T10826]  ? __pfx_afs_dynroot_readdir+0x10/0x10
[  154.759393][T10826]  ? selinux_file_permission+0x11f/0x580
[  154.759412][T10826]  iterate_dir+0x293/0xb40
[  154.759433][T10826]  __x64_sys_getdents+0x14d/0x2c0
[  154.759452][T10826]  ? __x64_sys_futex+0x1e9/0x4c0
[  154.759474][T10826]  ? __pfx___x64_sys_getdents+0x10/0x10
[  154.759495][T10826]  ? xfd_validate_state+0x5d/0x180
[  154.759513][T10826]  ? __pfx_filldir+0x10/0x10
[  154.759536][T10826]  ? rcu_is_watching+0x12/0xc0
[  154.759565][T10826]  do_syscall_64+0xcd/0x260
[  154.759590][T10826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.759607][T10826] RIP: 0033:0x7f5490f8d169
[  154.759621][T10826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.759645][T10826] RSP: 002b:00007f5491d5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  154.759662][T10826] RAX: ffffffffffffffda RBX: 00007f54911a5fa0 RCX: 00007f5490f8d169
[  154.759672][T10826] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000009
[  154.759682][T10826] RBP: 00007f549100e990 R08: 0000000000000000 R09: 0000000000000000
[  154.759692][T10826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  154.759702][T10826] R13: 0000000000000000 R14: 00007f54911a5fa0 R15: 00007ffe4bf556b8
[  154.759728][T10826]  </TASK>
[  154.880863][    C0] vkms_vblank_simulate: vblank timer overrun
[  154.884011][   T40] audit: type=1400 audit(1744426843.156:664): avc:  denied  { append } for  pid=10838 comm="syz.2.1555" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1

VM DIAGNOSIS:
03:00:42  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000070 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854dfee5 RDI=ffffffff9ae254e0 RBP=ffffffff9ae254a0 RSP=ffffc90004b56f58
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000070 R14=ffffffff9ae254a0 R15=ffffffff854dfe80
RIP=ffffffff854dff0f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f5491d5e6c0 ffffffff 00c00000
GS =0000 ffff8880d69b3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000002000 CR3=000000003b65a000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000000032e7 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003172 656c6c616b7a7973
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0f972
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0f97f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0f979
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0f98d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0fa13
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876a0faf1
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876b7d488 00007f6876b7d480 00007f6876b7d478 00007f6876b7d450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f68776dd100 00007f6876b7d440 00007f6876b70004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6876b7d498 00007f6876b7d490 00007f6876b7d488 00007f6876b7d480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=00007fff848449d0 RCX=00000000002c3f90 RDX=ffffffffffffffff
RSI=0000000000310000 RDI=00007f9105180080 RBP=00005558ec007270 RSP=00007fff84844818
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=00005558ec006250 R13=00005558ea8c3937 R14=00005558ec007e10 R15=00005558ec007100
RIP=00007f9105b2e92f RFL=00010246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9105f19d00 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00005558ea8bee95 CR3=0000000024890000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7
ZMM22=d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db
ZMM23=6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061
ZMM24=d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27
ZMM25=2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818
ZMM26=a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459
ZMM27=7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194
ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000
info registers vcpu 2

CPU#2
RAX=0000000000248ba1 RBX=0000000000000002 RCX=ffffffff8b725439 RDX=0000000000000000
RSI=ffffffff8dbef50e RDI=ffffffff8bf46340 RBP=ffffed1003ad2910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000
R12=0000000000000002 R13=ffff88801d694880 R14=ffffffff90865310 R15=0000000000000000
RIP=ffffffff8b723ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6bb3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001e40 CR3=0000000032e0c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555584cd0470
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555584ce2a35 0000555584ce2790
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555584ce5386 0000555584ce4c20
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000698030408 0006900300080006 88030008000a1000 4c100006006daa3c
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0400098003018010 0029800420100006 0102a00fffffffff ffff0429e0030fff
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 09a0030000000000 007265687069636b 7301ffffffffffff ffffe3080984034c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65687069632d6263 6501ffffffffffff fffeff0809b00300 080009a803000800
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00006c6c756e5f72
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01208010000fffff ffffffff040fffff ffffffff04010000 00080608011601b0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1000098004010000 000806060101ba00 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6c756e5f726568 7069632d62636501 fffffffffffffffe ff0809b003000800
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a4415e0 RCX=ffffffff81af2699 RDX=ffff88801d2f8000
RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000107930
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d4882bd R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806a73b040
RIP=ffffffff81bb3732 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cb3000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa6611772d8 CR3=000000000e182000 CR4=00352ef0
DR0=000000000000d33c DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=6ebd1061d3bdc5db 8191b5c74694ae52 6ebd1061d3bdc5db 8191b5c74694ae52 6ebd1061d3bdc5db 8191b5c74694ae52 6ebd1061d3bdc5db 8191b5c74694ae52
ZMM18=7fb78194a5faf459 2cbc2818d23dbd27 7fb78194a5faf459 2cbc2818d23dbd27 7fb78194a5faf459 2cbc2818d23dbd27 7fb78194a5faf459 2cbc2818d23dbd27
ZMM19=930a000000000000 000000000000003f 930a000000000000 000000000000003e 930a000000000000 000000000000003d 930a000000000000 000000000000003c
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7 8191b5c78191b5c7
ZMM22=d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db d3bdc5dbd3bdc5db
ZMM23=6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061 6ebd10616ebd1061
ZMM24=d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27 d23dbd27d23dbd27
ZMM25=2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818 2cbc28182cbc2818
ZMM26=a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459 a5faf459a5faf459
ZMM27=7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194 7fb781947fb78194
ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000 930a0000930a0000