last executing test programs:

4m29.654179705s ago: executing program 3 (id=2596):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x12}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x3c}}, 0x0)
fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r3=>0x0})
utimensat(0xffffffffffffff9c, 0x0, &(0x7f0000000100)={{0x0, 0x3ffffffe}, {0x0, 0x3ffffffe}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x54, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x7, 0x200, 0x6, 0x2, 0xf136, 0x2}}, {0x4}}]}]}, 0x54}}, 0x0)

4m29.653095022s ago: executing program 3 (id=2598):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r2=>0x0})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0x0, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x3, 0x1}}]}, 0x2c}}, 0x0)

4m29.49221616s ago: executing program 3 (id=2600):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000240)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getpid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r2, 0x0)
accept4$rose(r2, 0x0, 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', &(0x7f0000000140)='ubifs\x00', 0x8800, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="bc000000", @ANYRESHEX=r0, @ANYBLOB="05000200c97095575a459ba2000008000300", @ANYRES32=r5, @ANYBLOB="74000e008000ff000802110000000802110000015050505050500000000000000000000064003001000601010101010101000503000000250300b5332a01002d1a00000000000000000000000000000000000000000000000000007206030303030303710700000000000000760600000000000012009100b2edba9e12112dc1d8790a347a870000080026006c09000008000c006400000008000d"], 0xbc}}, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x80)
sendto$inet6(r6, &(0x7f0000000000)="8c", 0x1, 0x0, 0x0, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000003640)={r8, 0x4}, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x5, 0x6f38, 0x8208, 0x7, 0x81, 0x0, 0x9d, 0x8, <r9=>0x0}, &(0x7f00000000c0)=0x20)
setsockopt$inet_sctp_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000180)={0xa78e, 0x100, 0xc0, 0x3}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000100)={r9, 0x5}, 0x8)
syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x402)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000480), r10)

4m29.333995139s ago: executing program 3 (id=2602):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x28, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}, {0x0, 0x1}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)

4m29.333448044s ago: executing program 3 (id=2603):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000002030104000000f4ffffffff000000000800010001"], 0x28}}, 0x40000)
recvfrom$inet6(r0, &(0x7f0000000240)=""/192, 0xc0, 0x41, &(0x7f00000001c0)={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x22}, 0x4}, 0x1c)
r2 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x101c00)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f00000011c0)={0x8, 0xd, 0x0, 'queue1\x00', 0x5})
add_key$user(&(0x7f0000000440), 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000840)="2e00000010008188040f6fec59acbc0435a181003f00000000060000000000000e000d000d6ed60012801900121f", 0x2e}], 0x1}, 0x0)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_MAKE_EQUIV(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x3f7, 0x20, 0x70bd2d, 0x25dfdbfe, {0x7, 0x7, './file0', './file0'}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x20008080)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000040)=0x10)
statx(r6, 0x0, 0x1000, 0x20, &(0x7f0000000040))
sendmsg$NFT_MSG_GETOBJ(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[], 0x34}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m29.2740746s ago: executing program 3 (id=2604):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000080)=0xd5d8)
keyctl$session_to_parent(0x12)

4m14.281506208s ago: executing program 32 (id=2604):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000080)=0xd5d8)
keyctl$session_to_parent(0x12)

54.31426558s ago: executing program 0 (id=5226):
mkdir(&(0x7f0000000100)='./file1\x00', 0x11c)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000340)='msdos\x00', 0x300000000000000, 0x0)

54.313877753s ago: executing program 0 (id=5245):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="9321000000d0650000040002800800290041fa0000000000000000000df5b9a370e2076c870ee70000000000000000d732cd6a0f40065ca0101c7af1a3d1855035d3243a074a0e5a44ae0db257bbc126bea787bc49bc5e8d14ec9e574275e958d7cedf381c6c5360698ec993af4ef241352259ea0659658191644c1ee1717f3099b4ec1949f120d598554ee4bbd49c470ad274b3f3c39f861c1139a6351007ff007e74a09dfa0c82f5"], 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) (async, rerun: 32)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000640)=0x8000) (rerun: 32)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) (async, rerun: 32)
sched_setaffinity(0x0, 0x0, 0x0) (rerun: 32)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000003d0009000000000000000000010000000400000014000180100010800c0000000900000000000000080002"], 0x34}}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async, rerun: 64)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000009006000000000000000000000a44000000090a0000000000fa82a3fa211411fa0008000a40000000000900020073797a31000000000900010073797a30000000000800054000000000080008400000000014000000110001"], 0x6c}, 0x1, 0x0, 0x0, 0x4840}, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x18) (rerun: 64)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c00028018000280080001"], 0xec}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r4 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x20a0}, 0x10) (async)
write(r7, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001700000000000000080009000d000000", 0x24) (async, rerun: 32)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x27, 0x0, 0x2028060}}, 0x50) (async, rerun: 32)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

54.235087344s ago: executing program 0 (id=5248):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/sockstat\x00')
read$FUSE(r3, &(0x7f0000000640)={0x2020}, 0x2020)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000bc0)={{0x1, 0x8000000, 0xa, 0x5, 0x5, 0xff, 0x6, 0x5, 0x7f, 0x3, 0xe, 0x80}, {0xdddd0000, 0x1000, 0x10, 0x84, 0x55, 0x15, 0x64, 0x9, 0x60, 0x7, 0x12, 0x9}, {0x3000, 0xeeef0000, 0x0, 0x9, 0x9, 0x9f, 0x9, 0x5, 0x3, 0x2, 0xa, 0x5d}, {0x80a0000, 0xeeef0000, 0x4, 0xd1, 0x9, 0x89, 0x95, 0x29, 0x0, 0x3, 0xa7, 0x5}, {0xeeee8000, 0x4, 0xb, 0x0, 0x40, 0x8, 0x1, 0xb, 0x5, 0x0, 0x80, 0x2}, {0xeeef0000, 0x4000, 0xe, 0x5, 0x8, 0x9, 0x81, 0x2, 0x6, 0x6, 0x8, 0x9}, {0x1000, 0x2, 0xd, 0x5, 0x8a, 0x8, 0x81, 0x1, 0xa, 0x3, 0x0, 0x1}, {0xeeee8000, 0x4, 0xc, 0x1, 0xdd, 0x98, 0x8, 0x2, 0x10, 0x8, 0x5, 0x6}, {0xeeee8000}, {0x4000, 0xf4cb}, 0x22, 0x0, 0x0, 0x10002, 0x9, 0x5401, 0xffff1000, [0x47, 0x100000000, 0x0, 0xffffffffffffc3a8]})
close_range(r0, 0xffffffffffffffff, 0x0)

54.039232733s ago: executing program 0 (id=5253):
mkdir(&(0x7f0000000100)='./file1\x00', 0x11c)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000340)='msdos\x00', 0x400000000000000, 0x0)

54.038771821s ago: executing program 0 (id=5254):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000140)="240000001a", 0x5)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000002980), 0x82, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f00000003c0)='./file1\x00', 0x109000, 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r6=>0x0, <r7=>0x0})
utimensat(r5, &(0x7f0000000100)='./file1\x00', &(0x7f0000000200)={{}, {r6, r7/1000+60000}}, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)
mq_timedreceive(r3, &(0x7f0000000280)=""/240, 0xf0, 0x80000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x15, 0xe, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

53.855588611s ago: executing program 0 (id=5258):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x3000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

37.625243736s ago: executing program 33 (id=5258):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x3000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

15.165593714s ago: executing program 4 (id=5761):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), r1)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r0, &(0x7f0000000d00)=[{&(0x7f0000000100)="89e7ee2c7cdad9b4b47380c988cafb", 0xf}], 0x1)

14.508063295s ago: executing program 4 (id=5764):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$inet6(r1, 0x0, 0x0, 0x12000, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f00000000c0)=ANY=[@ANYRESOCT], 0x2000, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2000000000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000411000/0x4000)=nil, 0x4000, &(0x7f0000000140)=""/220)

14.344128215s ago: executing program 4 (id=5768):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5543, 0x781, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0xff}}}}}]}}]}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)=@arm64={0x10, 0xc, 0x7, '\x00', 0x4}) (async)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]}) (async)
r3 = memfd_create(&(0x7f00000005c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\x00\x00\x00\x00\x00\x00\x00\x05L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0\xc8d\x96G\xcf\x066\x84\x82-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r3, &(0x7f0000000140)='\x00', 0x0, 0x0, 0x1000)

13.155119312s ago: executing program 4 (id=5778):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_to_bond\x00'})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000300)='\xa3X\xbf){P\xbd&\xfa\xd5\xc7\x1a^L\x8c\nc\b\x03\x00\x00\x00\x00\x00\x00\x0018-\xf9\x18\xfb\xb1\xf9\xff\xff\xff\xff\xff\xff\xffN\x8db\xc9\x0fJ\x00d%\xb6wV\"UP\x00-\x1c\xb2\xa2\x17Z\xd7', &(0x7f00000000c0)='\x00', 0x0)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002ec0)=[{{0x0, 0x0, &(0x7f0000002600)=[{&(0x7f00000004c0)="98b43bd7ead6cbaee154bc9b7cf8ce765cdf70ec96b7b492406594a5f7de32acaa318d256b664f6d37c315c0dad21ed12516244e708df6d3bb35cf262dbdd4bb785d456025a958f7cfcaf98b8aad67a16be9169617c3fa17f53caaec42d6f6e0a66bb09356586e85954c851c58dc19547503b93a7c3b12b1976dff06fddb5d14a1a6e0ad95bf4d292a55fd05d7a1683a01b240b342deed1d149f37609d6154bd799d33bc46bedaa667e77bfba2e0ba89a8c9c39f13d5441cb2820b8ec98c5603bb0388d7e1f55be03d9b6f25d0caf5c49764d6f2fbe893a32b35f8b9a32826865829c52e4d3165fe36b011f9309aed12cc3f1aa7d8fe27", 0xf7}], 0x1}}], 0x1, 0x2000040)
write$tun(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="034886dd020027000300300000006000000000082f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001"], 0xfdef)

12.983003268s ago: executing program 4 (id=5779):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r1}, './file0\x00'})
r2 = openat$selinux_enforce(0xffffff9c, &(0x7f00000000c0), 0x40002, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000180), 0x2, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0)
dup(r3)
mkdirat(r2, &(0x7f0000000340)='./file1\x00', 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x106)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0xa00, 0x0)
write$cgroup_int(r4, &(0x7f0000000040)=0x1f02, 0x12)

12.982800817s ago: executing program 4 (id=5780):
syz_emit_ethernet(0x76, &(0x7f0000000140)={@broadcast, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x40, 0x3c, 0x0, @rand_addr=' \x01\x00', @mcast2, {[@hopopts={0x0, 0x4, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @empty}}]}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000)={0x0, 0x2, 0x1, 0x2, 0x0, [@mcast1]}, 0x18)

2.161999585s ago: executing program 5 (id=5869):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = creat(&(0x7f0000000180)='./file0\x00', 0xfa)
pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
open(&(0x7f0000000140)='./file0\x00', 0xec40, 0x12)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffffff300000290017f973e800002e75"], 0x15)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
r1 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000002c0), 0x88, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES64=r0, @ANYRES32=0x0, @ANYRES8])
truncate(&(0x7f0000000040)='./file0\x00', 0xff8c)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000002580)=ANY=[], 0x2040}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000480)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x7, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '', 0x3a, './file0'}, 0x12f)
r4 = dup(r2)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="580000000202030000000000fffff0000000000011000300686173683a69702c6d61726b00000000050004000000000005000500020000000900020073797a320000000005000100070000000c00078008000b4000000002"], 0x58}}, 0x0)
write$binfmt_misc(r0, &(0x7f0000000580)="77f76e", 0x3)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r5, &(0x7f0000000040)={0x23, 0x1, 0x5b, 0xfd}, 0x10)
ioctl$SIOCPNENABLEPIPE(r5, 0x89ed, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c74c50000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)

2.105471818s ago: executing program 5 (id=5871):
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x74, 0xb, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0xfffffffffffffead}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x4c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_COMMENT={0x7, 0x1a, '$.\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_BYTES={0xc, 0x18, 0x1, 0x0, 0x9}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_SKBMARK={0xc, 0x1b, 0x1, 0x0, 0x10}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x10000}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0x0, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x0, 0x2, 0x1, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}]}, 0x74}}, 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)

2.105159114s ago: executing program 5 (id=5872):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000c40)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6, 0x1, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x8000)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
close(r5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
ioctl$TUNSETLINK(r6, 0x400454cd, 0x304)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000001c0011d28726c2f540015eb4c2ec57f40fe6c53a2457bc90a259017f7e6df0c9881bcd05226f7ff38389937f4083c243ed4b282ffa2ea9050dfb0000000000"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000844)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r9 = accept(r7, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x3a98, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x8000)
recvfrom(r8, &(0x7f00000001c0)=""/48, 0xfffffffffffffecb, 0x40010289, 0x0, 0x74)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0xfffffffffffffd2a, &(0x7f0000000040), 0x3}, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})

1.219326506s ago: executing program 5 (id=5888):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, &(0x7f00000001c0)={@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, "455a936e29dce970f9495ce7c5993abb4736e49865037714c0dde0c23a7f5e32", 0x6, 0x24, 0xffffffff}, 0x3c)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000001800110117000000000000000a000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000100)={0x0, 0xfffffffffffffe80, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a090000cd95a69c00000000000000000000ffff"], 0x4c}}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000040), 0x100000001, 0x2)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r3, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000fe0000000000000008000f00fd000000", 0x24)
setsockopt$bt_BT_SNDMTU(r3, 0x112, 0xc, &(0x7f0000000080)=0x4, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f00000000c0)={0xf0f006, 0x5})

1.162257224s ago: executing program 1 (id=5889):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/129, 0x0, 0xffff1000})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000740)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs2/binder1\x00', 0x0, 0x0)
socket$inet(0x2, 0x3, 0x2)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001, 0x2000000}}}}}, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1})
r4 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r5=>r2, {0xc77}}, './file0\x00'})
r6 = dup3(r5, r2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x5, 0x12, r6, 0x100000000)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r8, 0x4068aea3, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$llc_int(r4, 0x10c, 0x9, &(0x7f0000000240)=0x9, 0x4)
r9 = socket$inet6(0xa, 0x80002, 0x0)
getsockopt$inet6_int(r9, 0x29, 0x4d, 0x0, &(0x7f0000004d80))
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xdd, &(0x7f0000000780)=""/221}]})

1.162058247s ago: executing program 5 (id=5890):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x26, 0x22}}, './file2\x00'})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x20080, 0x175)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@volatile}], [], 0x2c})
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8b26, &(0x7f0000000740)={'caif0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}})
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), r2)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x1c, r4, 0x100, 0x70bd2c, 0x25dfdbfc, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0xc519638967e2ec30}, 0x44)
r5 = dup3(r2, r0, 0x80000)
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0xc020f509, &(0x7f0000000040)={r5, 0x401, 0x1, 0xae2b})
r6 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
ioctl$EVIOCGNAME(r5, 0x80404506, &(0x7f00000004c0)=""/227)
r7 = io_uring_setup(0x4778, &(0x7f0000000140)={0x0, 0x5ff8, 0x2, 0x5, 0xce})
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @dev}], 0x10)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0xfffc, @dev={0xac, 0x14, 0x14, 0x4}}], 0x10)
sendmmsg$inet6(r9, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0x1}], 0x1}}], 0x1, 0x0)
sendmmsg$inet6(r8, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0xff12}], 0x1}}], 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range(r7, 0xffffffffffffffff, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file1\x00')
preadv(r6, &(0x7f0000000080)=[{&(0x7f0000000280)=""/76, 0xff0d}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd63cd00cb83d1228"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

981.732826ms ago: executing program 1 (id=5892):
r0 = syz_open_dev$swradio(&(0x7f0000001f40), 0x0, 0x2)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r2, 0xab00, r3)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0xff)
ioctl$NBD_DO_IT(r2, 0xab03)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000180)={0xb, @raw_data="43553038522f066aa77bcbd58029d9e29e40e1ab76791ba30239eb507475c6c2cbb955b7d140e4f162db4862b37117cac86845a7d8f7f38c0b0a396404170e2cec3a2aa0d8d197425150e7ff584f4d217116b1fdc8c5d5b07b17d099ca09fffc6b04d47bdf6b8e55d400967e7839fc52c1e4d0d7e57761669b250d429f54e44efaf46fc412b198b64750948c8966522a045074677219326dfba82ddead81002829ea3b9676e4df2af4cfacaf6344419001e43e4498bfab7b8cc4e36954ee1765000be9e18c1655b6"})

828.799056ms ago: executing program 1 (id=5893):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r1, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000})
open_by_handle_at(r2, &(0x7f0000000380)=@FILEID_INO32_GEN={0x8, 0x1, {0x6, 0x10000}}, 0x200000)

827.492576ms ago: executing program 1 (id=5894):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = add_key$fscrypt_v1(&(0x7f0000000100), &(0x7f0000000140)={'fscrypt:', @desc4}, &(0x7f0000000180)={0x0, "e5c7f20eae1fae974c170f6484d0a76b00489afd264e961114174dd08e6a34da6c9cb5dcb0fcccd12f9b47b8ea086c1c1c593c15de9400"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r2, r2, 0x0, 0x0) (async)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)={0x2c, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}, @typed={0x8, 0x18, 0x0, 0x0, @ipv4=@multicast1}]}]}, 0x2c}}, 0x8004)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)) (async)
r3 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r3, &(0x7f00000005c0)=@abs={0x1}, 0x6e) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x1ff, 0x4, 0x8000000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})

821.983251ms ago: executing program 1 (id=5895):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r1=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4000000010003b1500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB], 0x40}}, 0x2400c080)

762.40981ms ago: executing program 1 (id=5896):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x20a0}, 0x10)
write(r2, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000001700000000000000080009000d000000", 0x24)
read$FUSE(0xffffffffffffffff, &(0x7f0000001680)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000180)={0x50, 0x0, r3, {0x7, 0x27, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0xfffffffd}}, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r7, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r6, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r5, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, r8, 0x0, 0x81, 0xf80, &(0x7f0000000700)="85653f453420ca7d5107cac3b1c61de0a1009492a7c67d538843c3f5ba1f143fc6f1cd155f7653e1393744f396a94d8d0becf9445701326980185d6f5cc0c2ee263914da7695c86440305aa84ad2ff0c61d29e1218e6659aedbc1cea7416b5b4a991455d2534207f281a52670d763fdb36af099158c93f565c3ec3a6eddd7ee3974954d0d20fa5635c69037286a94ddd6f1a231625bcc29bdb05b5e8fef40e9a6a30de284e26f47210a18f5b1063528c16d560d916a6c811c1bae078daa7534d43906981300cd79bddf1b6c4bb873604d671da76de5d729fcd8bd703e97bde4721558c2a43dc7d5b6208acdcd8f82f3bba8753d4136b76471bd0d8d31a9f1596a15e0e18e14005249610e97f6bf581db1a50871d65742514336bc9e1fcee7dd958da853a56757f38a1009a8f81886992d594388aa4815b168d966b71b50f87b4a6ef57b5c8b1e0ce840c244d052ddf45923a7843883431b9bc43785c0e07a24459fe47642a251f6181f8c679e6bd568213f1df3cdd59dd9bd3c6131865f11570fe242d6551dc3201eaa3705cf9096561fce1273b3b767f0ea0657acf84783f609186b63533973d5b495b5bf5e66364d035214286f56748e275d2b4df9def6e844e69ba0958a9762a9c7e278811b2cda2c1abf4530cb5c3283a8bb8024bc3ed59524c6d5283bba208769540eb9f433d7a759ca5bab28ede3f39742350b9900e94c19407394b600510d553163392189c3cd831cb014260b48ed47e15fe8f89dc4e13933bf66f00d3570158130f73d641db28ddaa3dbd06fc777bc059ab7138cb7e72120e0c45135d4bff8d68dd33cebc410f116fc8bec4317e59ed5fdf7be27b64aad180ac6453b283c187072a232be84445ed91ef2ba779a7a445ee8199fafc1c74e0073fb3313a16d317b9aac2b37e215cf76984668446b2194712cd1cbcf78c9a10bc9dd104dbc03ffb0dc4a28484a0332f98cf1b99322b176546cf0c9b180e627a7e67bb16e671fdc739c255ddcba53457fb12d39700d2695f2414668f9665ec167bc763b2191f913efe3eab99a05c737662930f46567d0e2b7d3fdfaedda8ab53c4f4e0a700efe0c8cf34b30b1c2569216d1ddf1471c7cab5ccf0dae565dfcc42b2fb0d19fb92808b42d086c68eb3c0ed0a1954e19fa1e3d85bfd8a521d6230b407ed193a625f7f289c31a3a1738505c5e62177bb5b791bd861827d48655ea01d2a5009c4e8c78e426ccad4fcbe96b532eee5208967e6ee8a680319a005411ecb28e764aadf1aa83fd46f09028cd2b0ac6babc10f48c8ad3e886fb949672410b3ac31364753cabe3e9518fafc0189c7135445d202bd9703b8571ccc44c9de9f7b94c3f43afab423dddf2c8c621e2b0042b75cc198b1b93710e09fb36b4dc9c962bc4def0598eb76d9bb1e1dccf092461351b63de3c1ba850c0d82b6ebf932e32aab962b4da19fd9692164a3447f13c9eddaba5c298a76c195a86d2421906a8f242bc5c7553f0d45f23edda3a888278bc195bfb1d142361d398d8e94731fe0ff2d408ed5f6e9163623c3fb41c8cd92fed66fba7cf8799bd3a37855c1b13634190cfe32817dcc31cd320bf39a1a843d8f6c1f6cb1bd53bd45a341fc54b14bd129f1295de6f4e1693e0299dcd95a7c2d1fc909e5ee61215bdb01ea46a7d580ffe4bfb9b0bf1f5a4756151cbc3e768b77357f7b6bf568c5acb81d1d10fb7661ac5b47c0b89885857e1f0ae27a47b5890fcb316abf6a6de29ff9115f7826897f920c07816b8dfcae84d1f1baa252328caac033e723d136b8b23288a7d8db15598ba302b122ba18a300b593d1af073b8c2d627bf9c6305d79b9041f392d00bb53e18e485495d0429a873efb57fd4aefc6c5c18a37ff5cc728a86d6a06a56c390d743d0688f972cbf0d4741b77392735d0935662c150d42b74f841b463a3a91e7078e6c3cb4f627de75964a3d72b61ded7a056872ade46f34497e69922e5d900fa518042682c86ac4fd3488874c7c3e2650bbe330b7d3f8696c44199ff232ff7bcace227b6221f50c0a08378338ee81b5a86c4cbe1316c1a98761fb7979a04a3d42b9560d0852fde3054ee25e8f20db90c16de4a2de142006b7309870dfb1b4cf6a7daf418cf694a888adfce81687ab35b303f77b3437ad6c45cc35a6074ecba569d5e6d641e6b240177f0c8a1a1d4dc9f209ef748832578b0a6b80caf9ef4d0192ca8f73eee012a119c97e34bc6901ee7532345a5162d81fcd1981e9b0b6997b890277ed72604f5b29e82288924715dcb53888fbcc6dc338576e1819e2e252167b3bd01f9ec9e75cb4d62631906e728313a65c07d2778ecf3a9ee0c10fb4cf24966c4824cf23385008a892577c58d62278512160119fdc9e26d0dd617083be3c36439ffc1e074299ccde8049540ecfc89bb8351e2331b99ec9444fbcdf4401e507492c3fd63ae394b65a82aab32b589e16498b4cd8242839b75f730213ca4588a360807a813d62369a975a264e756977a1670e3d906308aa5648cca15293dfbb240eff8277262d41d1a71e0179eeb77318c1cdad85a8631d0b9950ed89c183589fa675eb0e008aaf7cfb19b87f6537ddfe55d13b6a95be4ca0baef65b724f0fb1f35ba4b13312dc06cec253c1ee3df64279c30fa2a85dbca8e52729016439cbe86e5639b177de80333a09b230a569b14fca2fb6c8294a172ecf6c9b9019c23b09c083ba564e6a137432a5460a5aea13b70bf0fb81a9ba5c2d6df490cbe4fe9ad6658b9b0f74e5ee9e5788840f3e3d0b7619c7fb4f960ce821de814ba73e5f5c75707e4ea144b003f250371b272fd317bfa7fbbda24456f2d032feca108532afda61a600e1532e9256e4fe6cf7e41f0964496a1485e7996ce8ab4375c694de12445d3d2706f957f12b29dcbf58fd449881770bd12a948cfa4b3dd2097b1b42bfa3c7eced5f0838b685bfde7d00e656244c6744953ff2e1741e0057be97a2434a25b9d976e220f4e46fa9da305fd626ab3ff16b0ee82b09d738c92923c8ada89493a0e6282d0ecd5e3498adc8cad641d8eb86669ebcd7f08f27ec47b850257582def7c16ea4ca545bb4c5b3b8612138a98f2d0528d083d067e40d51405174f2a3a4df89c822859f6cfaaf967eb43d41caee5ef44861eca76a647fd826b33460a5be331bc0e7ee0cd73683419b518f679197da31fc751a31a4ace15d481774211c7d832948b0d5c9577d5a5876909ee75a34ed78a819de1d11ff64ba157432c7e26d9e492cf5f9103639d0afd8b6b29168cdc7af1f5a219243856f25aab4981c940d143b0935d8cdd860f3687e3b30a424233b7bb96fa18bd42c7def00baa43fe15a556feca816164b1d94a2bca6ed3abe60969db27d12ab9948fb73ef599cd2d8eb2fea93814a0027f2aaa940c2b325da21b07abe82b43f9d17c9a78665e30ccad353e5167fc582e85fd888cfafa4a355673c0a771700ae1e6763bc0f2bb130ea9dead2b75ce360d635a760122e8e6a351c68ee2c707f42475222d998e2ed0829394597a6c0406cdba56e3209cc1ce6af6fedeae4e932053ba7a31ed2b413ca70511a95874be02da6d6512768a20187d9276e7faaf26a31f7c471ea235a8e39bebfc089871cffcdbb6887e8c954b23d3efc349999c202e23114bb1b5717150e06d84c1651630b248594bd8b4cd987b0db3b09d2dd4e8bcb9e0b5ebe79036ddf7f86ca3b5c0d9e34e2b82be9e7e4d9ada32bc56af4d34282fff7610a685084007e1c9dbda3abd403d7c324bbcced9d355350f70114270d454c65c4b3245c0473c8a10e9dd9c7bb6bc55df646a76dbc07593217e825096139a1e8b6971f72f2eec80f41b2ec980be41ec841931be6515c70db08f9bae265ba99a05fcb29c0d723fdd502901c3a3dde76e000eaa46e24c6f3b09fe4547db0d094c7ed26832e429fc5a6305b8fae3e8eba015b5b80f3edbd5a9e5743650b1b4712b3289179dc95a52bb8b136a23091d62ca75af09e609c59271cb408ea74c369323b41ae9cfeb557fc7218f48187ceda18b555566de67ea6a5e109498b6b95afd166f105a2c0fba32e5f655182b318e248f863d54e17ebc8146dfe72553b2bb0334673405e1aacbc1b4174f15fede379bccfa63ac01ae2edce46cbbc18c43e188946e9ce6f650a3242688b0036edf5e6a53fcd43ee55012997041dc80d7b529097424cf6014cac9d62aea104913b20ad57358b723d0dacb14e5eacf32fff43a52d1a3c31ecb8b82a47a0c69b7a05e38dac434aa08ddce5b144ae4fc113d07adbf540878750877aef994796b66419ff992f6c4fbdd527d1970701b1a873905d5cf51dbd6a873123d85a45700e9f496bf27dba143bc00846cac194a7dda72273d9294e80f2d28c68c5936db45ac92be19f0fa06d4a7bb8e564c6ea5dfcdeb38d0981bbd3280b81b1eff7c07690946b993b86238e59a8a448d4cb9cdf1044ece50fa7bae2862fdd50a988d5f6868f5409e619bb2f3d951058ebb850da0db361cf158d78ebfe51d529e8c51a5c1c2023e9c3ac46d235a8f615e66e4b3a694ec1b993f104fe46465c3581af614079d5acaf3449c22b34dadbfa50c9271896d8d4be1fa4b840f4c3c20d2bcdeb1c4f9f04031a6951d5081e8aed0c7a3ea1dac2884a2ff271f66ffc924fae53524c2988cf3b3f38eb872ff40d8ed321b130bbc0c653a081e6036f2fc8169aa748b39e407f757c2537b0d850d88d94b4623e2af105030592dc853dfb972b44a0c424c318e500eab92a392461f7525c76335109d879fb7566fcc7f179bd57aa0bf745ecab1c41470bdd17541bf93e0c8d4e03db9cb0b3aceeafb507353d49748c7cd38141d6c311b701aa80e7cb3778c63cdee1fa53be3b225a6acb3b4a68545dd0455c95823be8cae3cf58e5d07ccfcacf64e888b5d3bb2a9d4c74f6a39a4345d39dbd1c67a4028b55d94d5e322449eeaed495b5005de37abc038a4e879716913d187884bc4d7bee4bf2000fa6afdb7298a83414de1d8c615220446e29bd2f74063fd7c7b76ff06fbfb4e5c4fdbbe6b3701a59a4da60d38185e1887ca0aaf182c3b5c2f7e073aad60d59417cdc7964f9533ce39e8325a29661689d900903d5347afeb92fd492b048dd7d121ae14970f3ef85389393c0f62a41b18aabdbe6eca40ce9b623d7122be1b6b99c184b555eabbd9fb97d09793764c8479e853fd19951fd5da22508a2306603ea75107c080a08335a7aa4b4afed6037f47d0c4f91cae57b97a70cdbf2cddc8fa5e58421af2e3ebacd240f228cbda39e0cdbda97bf748f4060f85421f05adeb9f7f4183f7866e025e4e1a902764bbc6ddb092aaedbad1fe53464eabee7769eaaf9999aa67350666c4bccda54d1dbf4da4944d6398e75f6ceb5c858fea2c9d33388c93a830f2b7baf6f8e99814b60f46d06fb42f97e6b48f3eaf006540fa996adb9bc6376f073199b598e96b500176316021c048a07475015a3dbe8a19e8ef46b6a86277e157e14d654c0427a0484223f4c79a56a909dc23f190e08cfd2f9e1b270a6973aaf089dd4c7aa7c76789411e526e9652fe5fca65f5bdf38f2859f6e15a1987713d385fb90284ea7290d350deb40e60d3bc1a8cf2df7", 0x4})

324.141099ms ago: executing program 5 (id=5897):
mlockall(0x3) (fail_nth: 68)

124.47373ms ago: executing program 2 (id=5900):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="090200000000000000000100000008000600ac1414aa08000b00", @ANYRES32], 0x24}}, 0x0)

121.988743ms ago: executing program 2 (id=5901):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002b00)=ANY=[@ANYBLOB="b702000007000000bfa300000000000007030000f0ffffff7a0af0ff0000008179a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000b5000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a55b000000c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2d90addedc28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000801989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802c8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a8f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c40bde6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b01b823c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b988494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74585cf5e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f222c714870582a8832c2a326c5d1e406c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada47288e41e7e6ee82d66b99ae4b0889fe949e7342ca97c1a64dcc7f6a0c0da07de8c808b4caec54820f856889fc5f1af3d675206e3257f974d6e45ff1e905c2f0fc0173ac6714acaaca2397bee23630ecaa2c1c6ddc3085689a033d6d41a1a7ac59baec299158faa52308856805f2130863f4668e27b8bbef4f4cd43a2fd294b5b0bf2b0e4afbe570c54aa214579ca0caf54231d00a94eda2be6f037e2befdd03bf152f696ca1d1ea86eb7ee1f021062ad71246dae1580c4f959a320912032ed468a8ed9f27a2258ddf465de77a51b4713bc6b789a0e8b203f0f592ddb27aa90989a9e0cb624bc34e7d6ebf156ea251e3a2f83ada9f0b70035e8ed200a52b00"/3910], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xb, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000003801f0000000000370000009500000000001400a431d205b52e439406deb9f1c9c74f8cb0d58742586a6e74a2358b3c37508e42e7c426418ff090abae83b69b2c1ef774a2bdf5559496476d53694ed1a22796108163307899f5660573f269d6a667abe56f901b3fe8f967f7ec735b1419ddf329502349d8f3dc80708301c618fc"], &(0x7f0000000200)='GPL\x00', 0x3d3, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x1, 0x1000f, 0x8, 0x800}, 0x10, 0xffffffffffffffff, r0, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=[{0x5, 0x4, 0xe, 0x4}], 0x10, 0x200, @void, @value}, 0x94)
r4 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r4, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18000000f80002"], 0x10002)
fstat(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
quotactl_fd$Q_GETQUOTA(r1, 0xffffffff80000700, r5, &(0x7f0000000480))
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000400)=r3, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002b00)=ANY=[@ANYBLOB="b702000007000000bfa300000000000007030000f0ffffff7a0af0ff0000008179a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000b5000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a55b000000c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2d90addedc28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000801989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802c8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000ff0ffd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a8f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c40bde6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b01b823c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b988494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74585cf5e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f222c714870582a8832c2a326c5d1e406c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada47288e41e7e6ee82d66b99ae4b0889fe949e7342ca97c1a64dcc7f6a0c0da07de8c808b4caec54820f856889fc5f1af3d675206e3257f974d6e45ff1e905c2f0fc0173ac6714acaaca2397bee23630ecaa2c1c6ddc3085689a033d6d41a1a7ac59baec299158faa52308856805f2130863f4668e27b8bbef4f4cd43a2fd294b5b0bf2b0e4afbe570c54aa214579ca0caf54231d00a94eda2be6f037e2befdd03bf152f696ca1d1ea86eb7ee1f021062ad71246dae1580c4f959a320912032ed468a8ed9f27a2258ddf465de77a51b4713bc6b789a0e8b203f0f592ddb27aa90989a9e0cb624bc34e7d6ebf156ea251e3a2f83ada9f0b70035e8ed200a52b00"/3910], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040)={0x0, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
syz_init_net_socket$ax25(0x3, 0x2, 0x1) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xb, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000003801f0000000000370000009500000000001400a431d205b52e439406deb9f1c9c74f8cb0d58742586a6e74a2358b3c37508e42e7c426418ff090abae83b69b2c1ef774a2bdf5559496476d53694ed1a22796108163307899f5660573f269d6a667abe56f901b3fe8f967f7ec735b1419ddf329502349d8f3dc80708301c618fc"], &(0x7f0000000200)='GPL\x00', 0x3d3, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x1, 0x1000f, 0x8, 0x800}, 0x10, 0xffffffffffffffff, r0, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=[{0x5, 0x4, 0xe, 0x4}], 0x10, 0x200, @void, @value}, 0x94) (async)
creat(&(0x7f0000000440)='./file0\x00', 0x0) (async)
open_by_handle_at(r4, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18000000f80002"], 0x10002) (async)
fstat(r3, &(0x7f0000000280)) (async)
quotactl_fd$Q_GETQUOTA(r1, 0xffffffff80000700, r5, &(0x7f0000000480)) (async)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000400)=r3, 0x4) (async)

76.369129ms ago: executing program 2 (id=5902):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xc4}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x9)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r0, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180), 0x0, 0x31, &(0x7f0000000200), 0x0, 0xfffffffffffffdcc, &(0x7f0000000240), &(0x7f0000000000), 0x8, 0x4f, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r1 = socket$phonet(0x23, 0x2, 0x1)
listen(r1, 0x4) (async)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000180)=0x1)

76.227925ms ago: executing program 2 (id=5903):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000180)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
fsync(r1)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000100)={0x14, 0x0, &(0x7f0000000000)=[@register_looper, @dead_binder_done, @register_looper], 0xfa, 0x0, &(0x7f0000000240)="40996348ddd12e4813f77a07b81bbb86a2ef2a6fe740dbf4a27309ea25e0a3625a0f0354e645efdd3dc3ba707263a19f58530c6b8f52dba8d54fe7ce3be534a6ca0b28b9234e8519c9b22f204a744a9d3ebf1a44b8d64fbe1159bce5a8d3dbb7db5c17550e5095b2a176df3b34ef957179d721c847db257b01fa71a037d6820011875d67eb4a2e200116d0e09a2c13ab8dfb363235c3cffea14aef2f9856f5dbc09571b1d6dec72a85f8a2c3e9890978d58ff8bb171ac8dc2add6c457d9c7977c7e6994d3b03ffc13e84f62ddf9453c20d7a0f4c6402208601781ec866404eee2fd84bcba19e91e63f2feda1c5b809a56447535cb5b747a87e97"})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x4d, 0x0, &(0x7f00000008c0)="25ba07a03f21e804e0d379e1072bb0ff0000000000814201ab4944000081c7cf53206b4e70e6773ef0676ccda393808e827870cd9d778459dee1fe84eb8cabfa3e8b187937d49155278e2ade84", 0x0, 0x3ff, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[@ANYBLOB="850000001e000000350000000000002085000000070000009500000000000000f4670880271e3503200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ee0b737136ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b1b2d2747c45b0c52087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53e7309ecc07d8d3c76e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b7c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037861f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec595838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1c14fab5ccf7117a25a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c71a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5174e7ea5dd7f1caa699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4d5ef793096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f0000000180)=""/153, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

321.692µs ago: executing program 2 (id=5904):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000018c0)={'team0\x00', <r1=>0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4000000010003b1500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1, @ANYBLOB], 0x40}}, 0x2400c080)

0s ago: executing program 2 (id=5905):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x5be7, 0x4)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e21, @loopback}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000280)={0x1, @bcast, @bpq0, 0xffff, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xfffffdba, 0x2, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @bcast, @default]})

kernel console output (not intermixed with test programs):

6-1: USB disconnect, device number 27
[  389.567570][T19733] netlink: 'syz.2.5153': attribute type 1 has an invalid length.
[  389.706406][T19750] overlayfs: failed to resolve './file1': -2
[  389.877829][   T25] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  390.050211][   T25] usb 6-1: config 0 has no interfaces?
[  390.051921][   T25] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  390.054713][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.058346][   T25] usb 6-1: config 0 descriptor??
[  390.139694][   T39] audit: type=1400 audit(1735430379.545:4871): avc:  denied  { getattr } for  pid=19764 comm="syz.0.5161" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=81020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  390.155613][T19774] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(6)
[  390.158302][T19774] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  390.160666][T19773] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  390.162636][T19773] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  390.165137][T19773] vhci_hcd vhci_hcd.0: Device attached
[  390.165354][T19774] vhci_hcd vhci_hcd.0: Device attached
[  390.170737][T19773] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(5)
[  390.172845][T19773] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  390.175902][T19773] vhci_hcd vhci_hcd.0: Device attached
[  390.178708][T19779] vhci_hcd: connection closed
[  390.178818][T19775] vhci_hcd: connection closed
[  390.180416][T16063] vhci_hcd: stop threads
[  390.180519][T19776] vhci_hcd: connection closed
[  390.181848][T16063] vhci_hcd: release socket
[  390.181867][T16063] vhci_hcd: disconnect device
[  390.182482][T16063] vhci_hcd: stop threads
[  390.193496][T16063] vhci_hcd: release socket
[  390.194903][T16063] vhci_hcd: disconnect device
[  390.196449][T16063] vhci_hcd: stop threads
[  390.197742][T16063] vhci_hcd: release socket
[  390.199679][T16063] vhci_hcd: disconnect device
[  390.626163][ T5939] Bluetooth: hci2: command tx timeout
[  390.914821][   T25] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  391.068679][T12119] usb 6-1: USB disconnect, device number 28
[  391.085887][   T25] usb 7-1: Using ep0 maxpacket: 16
[  391.092557][   T25] usb 7-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  391.096458][   T25] usb 7-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  391.099938][   T25] usb 7-1: Product: syz
[  391.101651][   T25] usb 7-1: Manufacturer: syz
[  391.103587][   T25] usb 7-1: SerialNumber: syz
[  391.114951][   T25] usb 7-1: config 0 descriptor??
[  391.513737][   T57] usb 7-1: USB disconnect, device number 26
[  391.577729][T12119] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  391.727536][T12119] usb 6-1: device descriptor read/64, error -71
[  391.788010][   T39] audit: type=1400 audit(1735430381.089:4872): avc:  denied  { unlink } for  pid=19841 comm="syz.4.5172" name="file0" dev="9p" ino=36575164 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sock_file permissive=1
[  391.967822][T19857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5176'.
[  391.984048][T12119] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  392.123182][T12119] usb 6-1: device descriptor read/64, error -71
[  392.207938][T19861] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  392.241592][T12119] usb usb6-port1: attempt power cycle
[  392.261865][   T57] usb 7-1: new full-speed USB device number 27 using dummy_hcd
[  392.314392][T19866] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5178'.
[  392.318004][T19866] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5178'.
[  392.401039][   T57] usb 7-1: device descriptor read/64, error -71
[  392.570110][T19882] __nla_validate_parse: 1 callbacks suppressed
[  392.570122][T19882] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5183'.
[  392.604136][T12119] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  392.626417][T12119] usb 6-1: device descriptor read/8, error -71
[  392.632702][T19884] XFS (nullb0): Invalid superblock magic number
[  392.672923][   T57] usb 7-1: new full-speed USB device number 28 using dummy_hcd
[  392.807045][   T57] usb 7-1: device descriptor read/64, error -71
[  392.892881][T12119] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  392.925015][T12119] usb 6-1: device descriptor read/8, error -71
[  392.927703][   T57] usb usb7-port1: attempt power cycle
[  393.042436][T12119] usb usb6-port1: unable to enumerate USB device
[  393.309790][   T57] usb 7-1: new full-speed USB device number 29 using dummy_hcd
[  393.331608][   T57] usb 7-1: device descriptor read/8, error -71
[  393.505490][T19907] lo speed is unknown, defaulting to 1000
[  393.587860][   T57] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[  393.616738][   T57] usb 7-1: device descriptor read/8, error -71
[  393.737498][   T57] usb usb7-port1: unable to enumerate USB device
[  393.741185][T19914] dvmrp8: entered allmulticast mode
[  393.744173][T19914] dvmrp8: left allmulticast mode
[  393.875627][T19917] netlink: 156 bytes leftover after parsing attributes in process `syz.4.5192'.
[  393.879653][T19917] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57104 sclass=netlink_route_socket pid=19917 comm=syz.4.5192
[  394.132928][ T8358] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[  394.298198][   T39] audit: type=1326 audit(1735430383.437:4873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19826 comm="syz.1.5170" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb294b85d29 code=0x7fc00000
[  394.303851][ T8358] usb 9-1: Using ep0 maxpacket: 8
[  394.311149][ T8358] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  394.313654][ T8358] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  394.317232][ T8358] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  394.320257][ T8358] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  394.323212][ T8358] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  394.327211][ T8358] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  394.329917][ T8358] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.336450][T19920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5193'.
[  394.549477][ T8358] usb 9-1: usb_control_msg returned -32
[  394.551393][ T8358] usbtmc 9-1:16.0: can't read capabilities
[  395.301772][T19931] usbtmc 9-1:16.0: INITIATE_CLEAR returned 0
[  395.321697][   T39] audit: type=1400 audit(1735430384.400:4874): avc:  denied  { accept } for  pid=19916 comm="syz.4.5192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  395.332859][T19933] netlink: 165 bytes leftover after parsing attributes in process `syz.2.5195'.
[  395.337261][T19933] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=19933 comm=syz.2.5195
[  395.467727][T19942] lo speed is unknown, defaulting to 1000
[  395.564902][T19947] lo speed is unknown, defaulting to 1000
[  396.012600][T19965] netlink: 596 bytes leftover after parsing attributes in process `syz.0.5204'.
[  396.178360][T19976] lo speed is unknown, defaulting to 1000
[  396.185339][   T57] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  396.356769][   T57] usb 6-1: Using ep0 maxpacket: 8
[  396.360370][   T57] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  396.364257][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  396.369343][   T57] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  396.374105][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  396.378593][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  396.383806][   T57] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  396.386701][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  396.391349][   T57] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  396.396067][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  396.399745][T19988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5212'.
[  396.401068][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  396.403102][T19988] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5212'.
[  396.412248][   T57] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  396.414800][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  396.417776][T19988] geneve2: entered promiscuous mode
[  396.419157][   T57] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  396.421413][T19988] geneve2: entered allmulticast mode
[  396.428623][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  396.433344][   T57] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  396.440310][   T57] usb 6-1: string descriptor 0 read error: -22
[  396.443081][   T57] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  396.447030][   T57] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.457964][   T57] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux1
[  396.499158][T19979] Context (ID=0x0) not attached to queue pair (handle=0x4d6:0x0)
[  396.542343][T19992] 9pnet: Could not find request transport: 0xffffffffffffffff
[  396.682735][T19997] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5216'.
[  396.684092][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.689050][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.691750][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.694865][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.698036][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.706053][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.706222][ T6195] usb 6-1: USB disconnect, device number 33
[  396.708300][T19959] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  396.753234][T20003] overlayfs: missing 'lowerdir'
[  396.900092][T20018] bridge0: port 1(syz_tun) entered blocking state
[  396.902854][T20018] bridge0: port 1(syz_tun) entered disabled state
[  396.905956][T20018] syz_tun: entered allmulticast mode
[  396.912450][T20018] syz_tun: entered promiscuous mode
[  396.928597][   T39] audit: type=1400 audit(1735430385.897:4875): avc:  denied  { connect } for  pid=20019 comm="syz.0.5225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  396.935793][T20020] tmpfs: Bad value for 'mpol'
[  396.995730][T20022] veth1_macvtap: left promiscuous mode
[  396.997480][T20022] macsec0: entered promiscuous mode
[  396.999927][T20022] macsec0: entered allmulticast mode
[  397.029002][T20022] veth1_macvtap: entered promiscuous mode
[  397.034938][T20022] veth1_macvtap: entered allmulticast mode
[  397.036961][T20022] macsec0: left promiscuous mode
[  397.038649][T20022] macsec0: left allmulticast mode
[  397.040335][T20022] veth1_macvtap: left allmulticast mode
[  397.066766][ T5945] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  397.070365][ T5945] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  397.074462][ T5945] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  397.080166][ T5945] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  397.083357][ T5945] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  397.087185][ T5945] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  397.129791][   T57] usb 9-1: USB disconnect, device number 31
[  397.141441][T20023] lo speed is unknown, defaulting to 1000
[  397.172015][T20027] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5228'.
[  397.172673][T20028] overlayfs: missing 'lowerdir'
[  397.263091][T20023] chnl_net:caif_netlink_parms(): no params data found
[  397.348201][T20042] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.379062][T20023] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.382023][T20023] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.385514][T20023] bridge_slave_0: entered allmulticast mode
[  397.389110][T20023] bridge_slave_0: entered promiscuous mode
[  397.394883][T20023] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.397072][T20023] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.399252][T20023] bridge_slave_1: entered allmulticast mode
[  397.401586][T20023] bridge_slave_1: entered promiscuous mode
[  397.431521][T20023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  397.435839][T20023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  397.464788][T20023] team0: Port device team_slave_0 added
[  397.470511][T20023] team0: Port device team_slave_1 added
[  397.490817][T20023] batman_adv: batadv0: Adding interface: batadv_slave_0
[  397.493650][T20023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.504841][T20023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  397.511168][T20023] batman_adv: batadv0: Adding interface: batadv_slave_1
[  397.513932][T20023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  397.525068][T20023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  397.563879][T20023] hsr_slave_0: entered promiscuous mode
[  397.570281][T20023] hsr_slave_1: entered promiscuous mode
[  397.572405][T20023] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  397.574711][T20023] Cannot create hsr debugfs directory
[  397.685954][T20023] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.724801][ T5995] usb 9-1: new full-speed USB device number 32 using dummy_hcd
[  397.788375][T20023] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.861051][T20067] overlayfs: missing 'lowerdir'
[  397.887045][ T5995] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  397.891861][ T5995] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  397.906676][ T5995] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  397.910703][ T5995] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  397.915771][ T5995] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  397.918476][T20023] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.919598][ T5995] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.931483][ T5995] usbtmc 9-1:16.0: probe with driver usbtmc failed with error -22
[  398.128128][T20023] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  398.133627][T20023] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  398.138857][T20023] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  398.156090][T20023] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  398.191710][T20023] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.206255][T20023] 8021q: adding VLAN 0 to HW filter on device team0
[  398.212143][T16062] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.215074][T16062] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.228527][T16064] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.230831][T16064] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.364937][T20023] 8021q: adding VLAN 0 to HW filter on device batadv0
[  398.400326][T20023] veth0_vlan: entered promiscuous mode
[  398.406200][T20023] veth1_vlan: entered promiscuous mode
[  398.423389][T20023] veth0_macvtap: entered promiscuous mode
[  398.428545][T20023] veth1_macvtap: entered promiscuous mode
[  398.441598][T20023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.448462][T20023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.453230][T20023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.457405][T20023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.462527][T20023] batman_adv: batadv0: Interface activated: batadv_slave_0
[  398.469121][T20023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  398.473768][T20023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.476736][T20023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  398.479820][T20023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.483574][T20023] batman_adv: batadv0: Interface activated: batadv_slave_1
[  398.489240][T20023] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  398.492102][T20023] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  398.495318][T20023] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  398.497967][T20023] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.551575][T16059] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.554966][T16059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.576098][T16064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.578963][T16064] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.656599][T20089] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5245'.
[  398.718184][T20096] batman_adv: batadv0: Adding interface: dummy0
[  398.722300][T20096] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  398.725540][T20099] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  398.730897][T20096] batman_adv: batadv0: Interface activated: dummy0
[  398.788544][T20104] lo speed is unknown, defaulting to 1000
[  398.837806][T20107] team0: Device gtp0 is of different type
[  399.001411][   T39] audit: type=1400 audit(1735430387.833:4876): avc:  denied  { mounton } for  pid=20115 comm="syz.0.5254" path="/4/file1/file1" dev="autofs" ino=81510 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  399.028793][T20123] /dev/loop0: Can't lookup blockdev
[  399.100707][T20126] tun0: tun_chr_ioctl cmd 1074025675
[  399.102386][T20126] tun0: persist disabled
[  399.104831][T20126] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5257'.
[  399.108322][T20126] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5257'.
[  399.125404][   T39] audit: type=1400 audit(1735430387.945:4877): avc:  denied  { listen } for  pid=20119 comm="syz.2.5255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  399.152742][T20113] ebtables: ebtables: counters copy to user failed while replacing table
[  399.156160][T20113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5234'.
[  399.253610][ T5939] Bluetooth: hci4: command tx timeout
[  399.382025][   T56] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  399.433437][T20136] syz.1.5259: attempt to access beyond end of device
[  399.433437][T20136] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[  399.439123][T20136] MINIX-fs: unable to read superblock
[  399.500518][T20139] lo speed is unknown, defaulting to 1000
[  399.552796][   T56] usb 7-1: Using ep0 maxpacket: 8
[  399.555933][   T56] usb 7-1: config 0 has no interfaces?
[  399.558410][   T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  399.561347][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.565540][   T56] usb 7-1: config 0 descriptor??
[  399.591693][T20143] IPVS: length: 184 != 24
[  399.769897][   T39] audit: type=1400 audit(1735430388.553:4878): avc:  denied  { create } for  pid=20156 comm="syz.1.5266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  400.666094][    T8] usb 9-1: USB disconnect, device number 32
[  400.667254][T20166] lo speed is unknown, defaulting to 1000
[  400.800623][T20175] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5272'.
[  400.803702][T20175] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5272'.
[  401.156498][    T8] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  401.338261][    T8] usb 9-1: Using ep0 maxpacket: 8
[  401.341905][    T8] usb 9-1: config 0 has no interfaces?
[  401.344360][    T8] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  401.348137][    T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.352295][    T8] usb 9-1: config 0 descriptor??
[  401.477318][ T5939] Bluetooth: hci4: command tx timeout
[  401.572564][   T39] audit: type=1400 audit(1735430390.237:4879): avc:  denied  { accept } for  pid=20167 comm="syz.4.5270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  401.802072][T20185] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=53 sclass=netlink_audit_socket pid=20185 comm=syz.1.5274
[  401.806895][T20185] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=46 sclass=netlink_audit_socket pid=20185 comm=syz.1.5274
[  402.212831][   T56] usb 7-1: USB disconnect, device number 31
[  402.264772][T20202] lo speed is unknown, defaulting to 1000
[  402.421008][T20214] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  402.422552][T20210] 9pnet_fd: p9_fd_create_tcp (20210): problem binding to privport
[  402.423732][T20214] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  402.432159][T20214] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  402.662758][T20220] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5287'.
[  403.582482][   T39] audit: type=1400 audit(1735430392.117:4880): avc:  denied  { append } for  pid=20226 comm="syz.2.5290" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  403.702312][ T5939] Bluetooth: hci4: command tx timeout
[  403.899073][   T39] audit: type=1400 audit(1735430392.416:4881): avc:  denied  { write } for  pid=20242 comm="syz.2.5296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  403.937647][    T8] usb 9-1: USB disconnect, device number 33
[  404.259098][T20255] vxcan0: tx address claim with dlc 1
[  404.263075][T20255] netlink: 104 bytes leftover after parsing attributes in process `syz.4.5301'.
[  404.276774][   T39] audit: type=1400 audit(1735430392.763:4882): avc:  denied  { accept } for  pid=20254 comm="syz.4.5301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  404.280353][T20255] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  404.286414][T20255] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  404.507975][T20257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5302'.
[  404.513516][T20257] fuse: Unknown parameter '000000000000000000040x0000000000000006'
[  405.027430][T20271] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5307'.
[  405.035452][T20270] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5307'.
[  405.043267][T20272] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5307'.
[  405.043282][T20272] nbd: must specify a size in bytes for the device
[  405.187575][T20279] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5125 sclass=netlink_route_socket pid=20279 comm=syz.4.5310
[  405.196242][T20279] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  405.535617][T20304] hfs: can't find a HFS filesystem on dev sr0
[  405.617482][T20310] xt_time: unknown flags 0xc
[  405.643707][T20313] xt_time: unknown flags 0xc
[  405.799260][T20327] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=20327 comm=syz.4.5328
[  405.888684][T20329] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5329'.
[  405.924626][ T5939] Bluetooth: hci4: command tx timeout
[  406.095353][T20338] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5331'.
[  406.166293][T20342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5333'.
[  406.177440][T20342] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.182748][T20342] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.430676][T20351] ptm ptm2: ldisc open failed (-12), clearing slot 2
[  406.479688][T20355] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  406.485441][T20354] tipc: Disabling bearer <eth:syzkaller0>
[  406.804150][T20361] netlink: 47 bytes leftover after parsing attributes in process `syz.1.5339'.
[  407.640494][T20369] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 64993
[  407.750621][T20378] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  407.794611][T20380] tipc: Started in network mode
[  407.796404][T20380] tipc: Node identity a2e443600ff1, cluster identity 4711
[  407.798653][T20380] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  407.803195][T20379] tipc: Disabling bearer <eth:syzkaller0>
[  407.927231][T20386] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5349'.
[  407.936131][T20386] (syz.4.5349,20386,2):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "norWcvvsryÎØž@i&)·²óÁ€ª�v‰#㋧UŽ#{&›”
[  407.936131][T20386] ûTŒÃQ÷Iò\E§}ëpxø_ækpÇ¦í" or missing value
[  407.942535][T20386] (syz.4.5349,20386,2):ocfs2_fill_super:1178 ERROR: status = -22
[  407.955217][T20386] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  408.813628][T20409] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  408.818697][T20408] tipc: Disabling bearer <eth:syzkaller0>
[  408.961378][T20413] overlayfs: missing 'workdir'
[  409.013449][T20415] tipc: Can't bind to reserved service type 2
[  409.220883][T20435] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  409.226716][T20434] tipc: Disabling bearer <eth:syzkaller0>
[  409.460912][T20447] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  409.506633][T20453] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  409.572848][T20456] ucma_write: process 764 (syz.1.5372) changed security contexts after opening file descriptor, this is not allowed.
[  409.765579][T20461] input: syz0 as /devices/virtual/input/input38
[  409.948787][T20479] lo speed is unknown, defaulting to 1000
[  410.183904][T20492] __nla_validate_parse: 1 callbacks suppressed
[  410.183917][T20492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5384'.
[  410.242178][T20495] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5385'.
[  410.248272][   T39] audit: type=1400 audit(1735430398.356:4883): avc:  denied  { listen } for  pid=20494 comm="syz.2.5385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  410.360732][T20500] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5387'.
[  410.392176][   T39] audit: type=1326 audit(1735430398.487:4884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.413772][   T39] audit: type=1326 audit(1735430398.506:4885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.422508][   T39] audit: type=1326 audit(1735430398.506:4886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.446558][   T39] audit: type=1326 audit(1735430398.506:4887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.453951][   T39] audit: type=1326 audit(1735430398.506:4888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.462659][   T39] audit: type=1326 audit(1735430398.506:4889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.478890][   T39] audit: type=1326 audit(1735430398.506:4890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.488573][   T39] audit: type=1326 audit(1735430398.506:4891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.498367][   T39] audit: type=1326 audit(1735430398.543:4892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20501 comm="syz.2.5388" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  410.728384][T20515] overlay: ./bus is not a directory
[  411.427981][T20542] bad cache= option: none

[  411.427981][T20542] 
[  411.430409][T20542] CIFS: VFS: bad cache= option: none

[  411.491776][T20550] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  411.500743][T20547] tipc: Disabling bearer <eth:syzkaller0>
[  411.647593][T20560] lo speed is unknown, defaulting to 1000
[  411.729638][T20562] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5406'.
[  411.760961][T20569] pimreg: entered allmulticast mode
[  411.763354][T20569] pimreg: left allmulticast mode
[  411.796721][T20572] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5409'.
[  412.059049][T20593] lo speed is unknown, defaulting to 1000
[  412.192104][ T5939] Bluetooth: hci1: unexpected event for opcode 0x042c
[  412.359461][T20621] futex_wake_op: syz.4.5419 tries to shift op by -1; fix this program
[  412.456533][   T56] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[  412.520988][T20636] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5421'.
[  412.524384][T20636] macvlan0: entered allmulticast mode
[  412.526085][T20636] veth1_vlan: entered allmulticast mode
[  412.595744][   T56] usb 7-1: device descriptor read/64, error -71
[  412.819888][ T5995] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  412.852174][   T56] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  412.983723][ T5995] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  412.983737][T20644] lo speed is unknown, defaulting to 1000
[  412.983754][ T5995] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.000772][ T5995] usb 9-1: Product: syz
[  413.002672][ T5995] usb 9-1: Manufacturer: syz
[  413.004583][ T5995] usb 9-1: SerialNumber: syz
[  413.011835][ T5995] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  413.012993][   T56] usb 7-1: device descriptor read/64, error -71
[  413.033829][    T8] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  413.140983][   T56] usb usb7-port1: attempt power cycle
[  413.218005][T20644] veth0_vlan: left promiscuous mode
[  413.220347][T20644] veth0_vlan: entered promiscuous mode
[  413.420961][   T57] usb 9-1: USB disconnect, device number 34
[  413.514759][   T56] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  413.538575][   T56] usb 7-1: device descriptor read/8, error -71
[  413.803767][   T56] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  413.825544][   T56] usb 7-1: device descriptor read/8, error -71
[  413.953754][   T56] usb usb7-port1: unable to enumerate USB device
[  414.146042][    T8] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive
[  414.149783][    T8] ath9k_htc: Failed to initialize the device
[  414.153028][   T57] usb 9-1: ath9k_htc: USB layer deinitialized
[  414.208597][T20665] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5429'.
[  414.304168][T20669] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  414.311342][T20668] tipc: Disabling bearer <eth:syzkaller0>
[  414.435066][T20672] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5432'.
[  415.380113][T16061] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.382316][T16061] bridge0: port 1(bridge_slave_0) entered forwarding state
[  415.511360][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  415.515761][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  415.519923][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  415.523342][ T5945] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  415.532848][ T5945] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  415.537199][ T5945] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  415.544748][T20697] lo speed is unknown, defaulting to 1000
[  415.551080][T20685] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  415.580056][T20692] lo speed is unknown, defaulting to 1000
[  415.651660][T16026] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.722721][T20711] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition
[  415.728078][T20711] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0)
[  415.803532][T16026] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.842529][T20728] netlink: 700 bytes leftover after parsing attributes in process `syz.1.5442'.
[  415.855359][T20692] chnl_net:caif_netlink_parms(): no params data found
[  415.873927][T20731] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5443'.
[  415.883328][T20733] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  415.918277][T20735] 9pnet_virtio: no channels available for device syz
[  415.920260][T20732] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5443'.
[  415.971900][T16026] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.110388][T16026] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.115746][T20692] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.117902][T20692] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.120247][T20692] bridge_slave_0: entered allmulticast mode
[  416.122683][T20692] bridge_slave_0: entered promiscuous mode
[  416.137662][T20692] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.137922][T20744] lo speed is unknown, defaulting to 1000
[  416.139879][T20692] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.143809][T20692] bridge_slave_1: entered allmulticast mode
[  416.146200][T20692] bridge_slave_1: entered promiscuous mode
[  416.187892][T20692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  416.193107][T20692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  416.196627][T20753] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  416.250545][T20692] team0: Port device team_slave_0 added
[  416.261074][T20692] team0: Port device team_slave_1 added
[  416.337676][T20692] batman_adv: batadv0: Adding interface: batadv_slave_0
[  416.340161][T20692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  416.348147][T20692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  416.358848][T20692] batman_adv: batadv0: Adding interface: batadv_slave_1
[  416.361063][T20692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  416.369054][T20692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  416.394371][T20768] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1, syncid = 4, id = 0
[  416.395590][T20765] IPVS: stopping backup sync thread 20768 ...
[  416.397258][T16026] bridge_slave_1: left allmulticast mode
[  416.400953][T16026] bridge_slave_1: left promiscuous mode
[  416.405783][T16026] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.413812][T16026] bridge_slave_0: left allmulticast mode
[  416.415569][T16026] bridge_slave_0: left promiscuous mode
[  416.417331][T16026] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.540719][   T56] usb 9-1: new full-speed USB device number 35 using dummy_hcd
[  416.701719][   T56] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  416.704460][   T56] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  416.707553][   T56] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  416.711734][   T56] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  416.714443][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.770857][T16026] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  416.776180][T16026] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  416.780884][T16026] bond0 (unregistering): Released all slaves
[  416.839195][T20692] hsr_slave_0: entered promiscuous mode
[  416.848257][T20692] hsr_slave_1: entered promiscuous mode
[  416.851658][T20692] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  416.854030][T20692] Cannot create hsr debugfs directory
[  416.880603][   T39] kauditd_printk_skb: 21 callbacks suppressed
[  416.880616][   T39] audit: type=1400 audit(1735430404.558:4914): avc:  denied  { ioctl } for  pid=20779 comm="syz.2.5460" path="socket:[87676]" dev="sockfs" ino=87676 ioctlcmd=0x7201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  416.946633][   T56] usb 9-1: usb_control_msg returned -32
[  416.948393][   T56] usbtmc 9-1:16.0: can't read capabilities
[  416.969879][T20795] openvswitch: netlink: nsh attr 8192 is out of range max 3
[  416.972606][T20795] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  417.050840][T20795] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20795 comm=syz.1.5463
[  417.169131][T20692] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  417.188048][T20692] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  417.204084][T20692] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  417.216440][T20692] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  417.289964][T20692] 8021q: adding VLAN 0 to HW filter on device bond0
[  417.298337][T20692] 8021q: adding VLAN 0 to HW filter on device team0
[  417.305143][T16063] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.307971][T16063] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.322384][T16060] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.324388][T20813] XFS (nullb0): Invalid superblock magic number
[  417.324590][T16060] bridge0: port 2(bridge_slave_1) entered forwarding state
[  417.353836][T16026] hsr_slave_0: left promiscuous mode
[  417.368630][T16026] hsr_slave_1: left promiscuous mode
[  417.380111][T16026] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  417.387120][T16026] batman_adv: batadv0: Removing interface: batadv_slave_0
[  417.399160][   T39] audit: type=1400 audit(1735430405.044:4915): avc:  denied  { map } for  pid=20826 comm="syz.2.5467" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  417.399319][T16026] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  417.411575][T16026] batman_adv: batadv0: Removing interface: batadv_slave_1
[  417.454398][T16026] veth1_macvtap: left promiscuous mode
[  417.456239][T16026] veth0_macvtap: left promiscuous mode
[  417.459816][T16026] veth1_vlan: left promiscuous mode
[  417.461540][T16026] veth0_vlan: left promiscuous mode
[  417.545716][T20821] usbtmc 9-1:16.0: stb usb_control_msg returned -71
[  417.549998][   T57] usb 9-1: USB disconnect, device number 35
[  417.563652][T20759] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5456'.
[  417.673629][ T5975] usb 7-1: new low-speed USB device number 36 using dummy_hcd
[  417.731396][ T5945] Bluetooth: hci3: command tx timeout
[  417.844455][ T5975] usb 7-1: Invalid ep0 maxpacket: 64
[  417.994265][ T5975] usb 7-1: new low-speed USB device number 37 using dummy_hcd
[  418.147195][T20836] FAULT_INJECTION: forcing a failure.
[  418.147195][T20836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  418.151138][T20836] CPU: 1 UID: 0 PID: 20836 Comm: syz.4.5471 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  418.154319][T20836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  418.157529][T20836] Call Trace:
[  418.158548][T20836]  <TASK>
[  418.159461][T20836]  dump_stack_lvl+0x16c/0x1f0
[  418.160948][T20836]  should_fail_ex+0x497/0x5b0
[  418.162388][T20836]  _copy_to_user+0x32/0xd0
[  418.163764][T20836]  simple_read_from_buffer+0xd0/0x160
[  418.165400][T20836]  proc_fail_nth_read+0x198/0x270
[  418.166949][T20836]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  418.168631][T20836]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  418.170257][T20836]  vfs_read+0x1df/0xbe0
[  418.171526][T20836]  ? __fget_files+0x1fc/0x3a0
[  418.172958][T20836]  ? __pfx___mutex_lock+0x10/0x10
[  418.174515][T20836]  ? __pfx_vfs_read+0x10/0x10
[  418.175947][T20836]  ? __fget_files+0x206/0x3a0
[  418.177403][T20836]  ksys_read+0x12b/0x250
[  418.178717][T20836]  ? __pfx_ksys_read+0x10/0x10
[  418.180188][T20836]  do_syscall_64+0xcd/0x250
[  418.181562][T20836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.183348][T20836] RIP: 0033:0x7f5d63b8473c
[  418.184722][T20836] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  418.190420][T20836] RSP: 002b:00007f5d649c0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  418.192862][T20836] RAX: ffffffffffffffda RBX: 00007f5d63d75fa0 RCX: 00007f5d63b8473c
[  418.195202][T20836] RDX: 000000000000000f RSI: 00007f5d649c00a0 RDI: 0000000000000003
[  418.197547][T20836] RBP: 00007f5d649c0090 R08: 0000000000000000 R09: 0000000000000000
[  418.199914][T20836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  418.202241][T20836] R13: 0000000000000000 R14: 00007f5d63d75fa0 R15: 00007ffc8e61f858
[  418.204607][T20836]  </TASK>
[  418.209523][ T5975] usb 7-1: Invalid ep0 maxpacket: 64
[  418.218733][ T5975] usb usb7-port1: attempt power cycle
[  418.333853][T20834] netlink: 'syz.1.5470': attribute type 10 has an invalid length.
[  418.564580][ T5975] usb 7-1: new low-speed USB device number 38 using dummy_hcd
[  418.593758][ T5975] usb 7-1: Invalid ep0 maxpacket: 64
[  418.669855][T16026] team0 (unregistering): Port device team_slave_1 removed
[  418.717307][ T5975] usb 7-1: new low-speed USB device number 39 using dummy_hcd
[  418.736735][ T5975] usb 7-1: Invalid ep0 maxpacket: 64
[  418.738636][ T5975] usb usb7-port1: unable to enumerate USB device
[  418.781880][T16026] team0 (unregistering): Port device team_slave_0 removed
[  419.672430][T20834] 8021q: adding VLAN 0 to HW filter on device team0
[  419.675323][T20834] bond0: (slave team0): Enslaving as an active interface with an up link
[  419.774831][ T5945] Bluetooth: hci3: command tx timeout
[  419.822483][T20692] 8021q: adding VLAN 0 to HW filter on device batadv0
[  419.840712][T20874] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  419.949174][T20692] veth0_vlan: entered promiscuous mode
[  419.953844][T20692] veth1_vlan: entered promiscuous mode
[  419.965034][T20692] veth0_macvtap: entered promiscuous mode
[  419.974117][T20692] veth1_macvtap: entered promiscuous mode
[  419.985393][T20692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  419.989282][T20692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  419.993021][T20692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  419.997526][T20692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.001049][   T25] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  420.001170][T20692] batman_adv: batadv0: Interface activated: batadv_slave_0
[  420.016581][T20692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.019813][T20692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.023397][T20692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  420.026611][T20692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  420.030585][T20692] batman_adv: batadv0: Interface activated: batadv_slave_1
[  420.035794][T20692] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  420.038444][T20692] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  420.041069][T20692] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  420.043974][T20692] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  420.143071][T16026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.149896][T16026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.152295][   T25] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  420.159230][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.163929][T16063] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  420.166126][   T25] usb 6-1: Product: syz
[  420.168721][T16063] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.170572][   T25] usb 6-1: Manufacturer: syz
[  420.174947][   T25] usb 6-1: SerialNumber: syz
[  420.179017][   T25] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  420.196803][   T25] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  420.260924][T20902] IPVS: set_ctl: invalid protocol: 12 255.255.255.255:20002
[  420.395297][   T39] audit: type=1400 audit(1735430402.094:4916): avc:  denied  { mounton } for  pid=20914 comm="syz.5.5486" path="/proc/9/cgroup" dev="proc" ino=86904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  420.555305][T20932] netlink: 'syz.4.5491': attribute type 3 has an invalid length.
[  420.558152][T20934] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  420.558799][T20932] netlink: 'syz.4.5491': attribute type 1 has an invalid length.
[  420.563878][T20932] netlink: 216 bytes leftover after parsing attributes in process `syz.4.5491'.
[  420.566750][T20932] NCSI netlink: No device for ifindex 33022
[  420.573735][T20934] kvm: pic: non byte read
[  420.576944][T20934] kvm: pic: level sensitive irq not supported
[  420.577890][T20934] kvm: pic: non byte read
[  420.584803][T20934] kvm: pic: level sensitive irq not supported
[  420.585355][T20934] kvm: pic: non byte read
[  420.659799][   T39] audit: type=1400 audit(1735430402.367:4917): avc:  denied  { append } for  pid=20944 comm="syz.5.5493" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  420.750425][   T39] audit: type=1400 audit(1735430402.461:4918): avc:  denied  { setopt } for  pid=20955 comm="syz.2.5495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  420.899706][T20965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5496'.
[  420.903122][T20965] bridge_slave_1: left allmulticast mode
[  420.904869][T20965] bridge_slave_1: left promiscuous mode
[  420.906683][T20965] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.910440][T20965] bridge_slave_0: left allmulticast mode
[  420.912270][T20965] bridge_slave_0: left promiscuous mode
[  420.914114][T20965] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.935563][T12119] usb 6-1: USB disconnect, device number 34
[  421.042576][T20973] sctp: [Deprecated]: syz.1.5498 (pid 20973) Use of int in maxseg socket option.
[  421.042576][T20973] Use struct sctp_assoc_value instead
[  421.060238][T20973] ISOFS: Unable to identify CD-ROM format.
[  421.117565][T20980] atomic_op ffff888060b1a998 conn xmit_atomic 0000000000000000
[  421.212698][   T25] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  421.214800][   T25] ath9k_htc: Failed to initialize the device
[  421.219105][T12119] usb 6-1: ath9k_htc: USB layer deinitialized
[  421.580293][T21003] syz.1.5509: attempt to access beyond end of device
[  421.580293][T21003] loop1: rw=0, sector=64, nr_sectors = 2 limit=0
[  421.587141][T21003] isofs_fill_super: bread failed, dev=loop1, iso_blknum=16, block=32
[  421.644608][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  421.755457][ T5945] Bluetooth: hci3: command tx timeout
[  421.802371][T21015] input: syz1 as /devices/virtual/input/input39
[  421.994320][T21026] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5516'.
[  421.997499][T21026] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5516'.
[  422.000275][T21026] netlink: 'syz.4.5516': attribute type 4 has an invalid length.
[  422.162826][   T39] audit: type=1400 audit(1735430403.941:4919): avc:  denied  { unmount } for  pid=21043 comm="syz.4.5523" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  422.474940][T21056] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5526'.
[  422.840214][T21075] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5531'.
[  423.183367][T21094] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5535'.
[  423.387090][T21064] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  423.479989][  T834] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  423.622501][  T834] usb 9-1: device descriptor read/64, error -71
[  423.743050][ T5945] Bluetooth: hci3: command tx timeout
[  423.853980][T21136] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5548'.
[  423.860297][T21136] sctp: [Deprecated]: syz.1.5548 (pid 21136) Use of struct sctp_assoc_value in delayed_ack socket option.
[  423.860297][T21136] Use struct sctp_sack_info instead
[  423.870592][  T834] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  423.912658][T21144] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  424.004467][  T834] usb 9-1: device descriptor read/64, error -71
[  424.118186][  T834] usb usb9-port1: attempt power cycle
[  424.470581][  T834] usb 9-1: new high-speed USB device number 38 using dummy_hcd
[  424.505503][  T834] usb 9-1: device descriptor read/8, error -71
[  424.595571][T21172] Bluetooth: hci4: Frame reassembly failed (-84)
[  424.604248][T16062] Bluetooth: hci4: Frame reassembly failed (-84)
[  424.654458][T21173] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  424.746517][  T834] usb 9-1: new high-speed USB device number 39 using dummy_hcd
[  424.775742][  T834] usb 9-1: device descriptor read/8, error -71
[  424.871471][T21183] lo speed is unknown, defaulting to 1000
[  424.885958][  T834] usb usb9-port1: unable to enumerate USB device
[  425.061443][T21193] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  425.074127][T21193] FAULT_INJECTION: forcing a failure.
[  425.074127][T21193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.078118][T21193] CPU: 3 UID: 0 PID: 21193 Comm: syz.1.5567 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  425.081375][T21193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  425.084833][T21193] Call Trace:
[  425.085887][T21193]  <TASK>
[  425.086773][T21193]  dump_stack_lvl+0x16c/0x1f0
[  425.088219][T21193]  should_fail_ex+0x497/0x5b0
[  425.089667][T21193]  strncpy_from_user+0x3b/0x2d0
[  425.091160][T21193]  getname_flags.part.0+0x8f/0x550
[  425.092720][T21193]  getname_flags+0x93/0xf0
[  425.094119][T21193]  __x64_sys_rename+0x58/0xa0
[  425.095555][T21193]  do_syscall_64+0xcd/0x250
[  425.096933][T21193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.098713][T21193] RIP: 0033:0x7fb294b85d29
[  425.099662][ T5975] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  425.100124][T21193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  425.110446][T21193] RSP: 002b:00007fb295a1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  425.113005][T21193] RAX: ffffffffffffffda RBX: 00007fb294d75fa0 RCX: 00007fb294b85d29
[  425.115401][T21193] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040
[  425.117765][T21193] RBP: 00007fb295a1d090 R08: 0000000000000000 R09: 0000000000000000
[  425.120331][T21193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.122721][T21193] R13: 0000000000000000 R14: 00007fb294d75fa0 R15: 00007ffeb259a5f8
[  425.125087][T21193]  </TASK>
[  425.126129][    C3] vkms_vblank_simulate: vblank timer overrun
[  425.241968][ T5975] usb 10-1: Using ep0 maxpacket: 32
[  425.245039][ T5975] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[  425.248076][ T5975] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  425.251339][ T5975] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  425.254961][ T5975] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  425.259575][ T5975] usb 10-1: config 0 interface 0 has no altsetting 0
[  425.264442][ T5975] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  425.267455][ T5975] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  425.271610][ T5975] usb 10-1: Product: syz
[  425.272931][ T5975] usb 10-1: Manufacturer: syz
[  425.274370][ T5975] usb 10-1: SerialNumber: syz
[  425.277130][ T5975] usb 10-1: config 0 descriptor??
[  425.281368][ T5975] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  425.284959][ T5975] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  425.479027][   T39] audit: type=1400 audit(1735430407.427:4920): avc:  denied  { accept } for  pid=21207 comm="syz.1.5573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  425.522298][T21185] ldusb 10-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  425.522375][   T57] usb 10-1: USB disconnect, device number 2
[  425.522478][    C0] ldusb 10-1:0.0: usb_submit_urb failed (-19)
[  425.532642][   T57] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  426.169346][T21216] lo speed is unknown, defaulting to 1000
[  426.461126][   T39] audit: type=1400 audit(1735430408.455:4921): avc:  denied  { read } for  pid=21238 comm="syz.5.5583" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  426.468507][T21239] binder: 21238:21239 ioctl 89e7 20000440 returned -22
[  426.547462][ T5945] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  426.624321][T21244] lo speed is unknown, defaulting to 1000
[  427.199493][T21257] lo speed is unknown, defaulting to 1000
[  427.243486][T21261] netlink: 172 bytes leftover after parsing attributes in process `syz.1.5587'.
[  427.249100][T21261] overlayfs: failed to resolve './bus': -2
[  427.527980][   T25] usb 6-1: new low-speed USB device number 35 using dummy_hcd
[  427.604345][   T56] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  427.672591][   T25] usb 6-1: unable to get BOS descriptor or descriptor too short
[  427.675802][   T25] usb 6-1: config 1 has an invalid interface number: 222 but max is 0
[  427.678533][   T25] usb 6-1: config 1 has no interface number 0
[  427.681122][   T25] usb 6-1: config 1 interface 222 altsetting 7 endpoint 0xD has invalid maxpacket 1024, setting to 8
[  427.684583][   T25] usb 6-1: config 1 interface 222 has no altsetting 0
[  427.688981][   T25] usb 6-1: string descriptor 0 read error: -22
[  427.691021][   T25] usb 6-1: New USB device found, idVendor=19d2, idProduct=1057, bcdDevice= 9.6c
[  427.693746][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.698928][T21267] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  427.703078][   T25] option 6-1:1.222: GSM modem (1-port) converter detected
[  427.747111][   T56] usb 10-1: Using ep0 maxpacket: 8
[  427.750591][   T56] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  427.754148][   T56] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  427.758300][   T56] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  427.761934][   T56] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  427.766822][   T56] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  427.770449][   T56] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.848192][T21279] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5593'.
[  427.895232][T21284] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=259 sclass=netlink_route_socket pid=21284 comm=syz.2.5594
[  427.895687][T21286] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21286 comm=syz.2.5594
[  427.901370][T21287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5594'.
[  427.909034][    T8] usb 6-1: USB disconnect, device number 35
[  427.912078][    T8] option 6-1:1.222: device disconnected
[  427.941165][   T39] audit: type=1400 audit(1735430410.020:4922): avc:  denied  { getopt } for  pid=21289 comm="syz.2.5597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  427.973489][   T56] usb 10-1: GET_CAPABILITIES returned 0
[  427.976181][   T56] usbtmc 10-1:16.0: can't read capabilities
[  427.979874][T21293] overlayfs: failed to resolve './file1': -2
[  427.989902][   T39] audit: type=1400 audit(1735430410.062:4923): avc:  denied  { accept } for  pid=21291 comm="syz.4.5595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  428.050621][T21303] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  428.063037][T21303] FAULT_INJECTION: forcing a failure.
[  428.063037][T21303] name failslab, interval 1, probability 0, space 0, times 0
[  428.068593][T21303] CPU: 3 UID: 0 PID: 21303 Comm: syz.4.5599 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  428.073021][T21303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  428.077526][T21303] Call Trace:
[  428.078963][T21303]  <TASK>
[  428.080259][T21303]  dump_stack_lvl+0x16c/0x1f0
[  428.082226][T21303]  should_fail_ex+0x497/0x5b0
[  428.084245][T21303]  ? fs_reclaim_acquire+0xae/0x150
[  428.086432][T21303]  should_failslab+0xc2/0x120
[  428.088469][T21303]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  428.090874][T21303]  ? __d_alloc+0x31/0xaa0
[  428.092688][T21303]  __d_alloc+0x31/0xaa0
[  428.094483][T21303]  d_alloc+0x4a/0x1e0
[  428.096200][T21303]  lookup_one_qstr_excl+0xcb/0x190
[  428.098253][T21303]  ? mnt_want_write+0x161/0x450
[  428.100186][T21303]  do_renameat2+0x5ae/0xdd0
[  428.102031][T21303]  ? __pfx_do_renameat2+0x10/0x10
[  428.104149][T21303]  ? lock_acquire+0x2f/0xb0
[  428.106048][T21303]  ? __virt_addr_valid+0x5e/0x590
[  428.108116][T21303]  ? __phys_addr_symbol+0x30/0x80
[  428.110174][T21303]  ? getname_flags.part.0+0x1c5/0x550
[  428.112348][T21303]  __x64_sys_rename+0x7d/0xa0
[  428.114482][T21303]  do_syscall_64+0xcd/0x250
[  428.116434][T21303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.118845][T21303] RIP: 0033:0x7f5d63b85d29
[  428.121031][T21303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.127819][T21303] RSP: 002b:00007f5d649c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  428.130434][T21303] RAX: ffffffffffffffda RBX: 00007f5d63d75fa0 RCX: 00007f5d63b85d29
[  428.131671][T21310] netlink: 188 bytes leftover after parsing attributes in process `syz.2.5601'.
[  428.132751][T21303] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040
[  428.132792][T21303] RBP: 00007f5d649c0090 R08: 0000000000000000 R09: 0000000000000000
[  428.141481][T21303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.144377][T21303] R13: 0000000000000000 R14: 00007f5d63d75fa0 R15: 00007ffc8e61f858
[  428.146825][T21303]  </TASK>
[  428.170313][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  428.262155][T21316] netlink: 'syz.5.5591': attribute type 2 has an invalid length.
[  428.425724][T21332] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  428.955152][   T39] audit: type=1400 audit(1735430411.080:4924): avc:  denied  { read } for  pid=21371 comm="syz.1.5617" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  430.252928][  T143] usb 10-1: USB disconnect, device number 3
[  430.324701][T21401] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  430.329962][T21401] 9pnet_fd: Insufficient options for proto=fd
[  430.332607][T21401] binder: 21400:21401 ioctl 89f3 20000140 returned -22
[  430.577380][T21427] syz_tun (unregistering): left allmulticast mode
[  430.579893][T21427] syz_tun (unregistering): left promiscuous mode
[  430.582360][T21427] bridge0: port 1(syz_tun) entered disabled state
[  430.589226][T21432] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5630'.
[  430.781777][T21441] overlay: ./bus is not a directory
[  431.007196][T21464] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5640'.
[  431.070131][T21467] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  431.116477][T21476] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  431.240733][   T39] audit: type=1400 audit(1735430413.473:4925): avc:  denied  { ioctl } for  pid=21485 comm="syz.4.5644" path="socket:[92823]" dev="sockfs" ino=92823 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  431.368319][T21496] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5647'.
[  431.383918][T21505] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5650'.
[  431.438756][T21514] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  431.461365][T21513] tipc: Disabling bearer <eth:syzkaller0>
[  431.587236][T21529] ata1.00: invalid cdb length 6
[  431.826363][T21500] syz.1.5648 (21500): drop_caches: 1
[  431.861663][T21500] syz.1.5648 (21500): drop_caches: 1
[  431.967989][T21545] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  432.008496][T21543] ebtables: ebtables: counters copy to user failed while replacing table
[  432.064028][   T56] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  432.143696][T21557] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5661'.
[  432.160187][T21557] xt_CT: No such helper "pptp"
[  432.205515][   T56] usb 7-1: Using ep0 maxpacket: 8
[  432.215532][   T56] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  432.218026][   T56] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  432.221458][   T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  432.224363][   T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  432.229110][   T56] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  432.235430][   T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  432.238142][   T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.305338][T21571] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  432.324916][T21569] tipc: Disabling bearer <eth:syzkaller0>
[  432.338041][T21574] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  432.440411][T21541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  432.445265][T21541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  432.449226][   T56] usb 7-1: usb_control_msg returned -32
[  432.451353][   T56] usbtmc 7-1:16.0: can't read capabilities
[  432.493104][T21588] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  432.499416][T21588] cramfs: wrong magic
[  432.576146][T21600] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5671'.
[  432.647514][T21595] /dev/sr0: Can't open blockdev
[  432.712603][T21616] FAULT_INJECTION: forcing a failure.
[  432.712603][T21616] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  432.716432][T21616] CPU: 1 UID: 0 PID: 21616 Comm: syz.1.5673 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  432.719747][T21616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  432.722935][T21616] Call Trace:
[  432.723959][T21616]  <TASK>
[  432.724853][T21616]  dump_stack_lvl+0x16c/0x1f0
[  432.726299][T21616]  should_fail_ex+0x497/0x5b0
[  432.727726][T21616]  _copy_to_user+0x32/0xd0
[  432.729032][T21616]  simple_read_from_buffer+0xd0/0x160
[  432.730590][T21616]  proc_fail_nth_read+0x198/0x270
[  432.732089][T21616]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  432.733714][T21616]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  432.735402][T21616]  vfs_read+0x1df/0xbe0
[  432.736666][T21616]  ? __fget_files+0x1fc/0x3a0
[  432.738102][T21616]  ? __pfx___mutex_lock+0x10/0x10
[  432.739777][T21616]  ? __pfx_vfs_read+0x10/0x10
[  432.741206][T21616]  ? __fget_files+0x206/0x3a0
[  432.742650][T21616]  ksys_read+0x12b/0x250
[  432.743937][T21616]  ? __pfx_ksys_read+0x10/0x10
[  432.745415][T21616]  do_syscall_64+0xcd/0x250
[  432.746850][T21616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.749497][T21616] RIP: 0033:0x7fb294b8473c
[  432.750894][T21616] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  432.756482][T21616] RSP: 002b:00007fb295a1d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  432.758996][T21616] RAX: ffffffffffffffda RBX: 00007fb294d75fa0 RCX: 00007fb294b8473c
[  432.761261][T21616] RDX: 000000000000000f RSI: 00007fb295a1d0a0 RDI: 0000000000000003
[  432.763688][T21616] RBP: 00007fb295a1d090 R08: 0000000000000000 R09: 0000000000000000
[  432.765936][T21616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.768642][T21616] R13: 0000000000000000 R14: 00007fb294d75fa0 R15: 00007ffeb259a5f8
[  432.770944][T21616]  </TASK>
[  432.784817][T21625] usbtmc 7-1:16.0: usb_control_msg returned -32
[  432.791222][T21595] /dev/sr0: Can't open blockdev
[  432.798822][   T56] usb 7-1: USB disconnect, device number 40
[  432.893334][T21595] /dev/sr0: Can't open blockdev
[  433.015953][T21595] /dev/sr0: Can't open blockdev
[  433.083760][T21654] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[  433.130175][T21595] /dev/sr0: Can't open blockdev
[  433.184043][T21661] fuse: Bad value for 'user_id'
[  433.187129][T21661] fuse: Bad value for 'user_id'
[  433.200087][T21663] netlink: 830 bytes leftover after parsing attributes in process `syz.5.5679'.
[  433.235990][T21595] /dev/sr0: Can't open blockdev
[  433.252902][T21668] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  433.316069][T21673] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  433.320765][T21595] /dev/sr0: Can't open blockdev
[  433.321753][T21671] mkiss: ax0: crc mode is auto.
[  433.347082][T21673] FAULT_INJECTION: forcing a failure.
[  433.347082][T21673] name failslab, interval 1, probability 0, space 0, times 0
[  433.352955][T21673] CPU: 2 UID: 0 PID: 21673 Comm: syz.2.5684 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  433.356872][T21673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  433.360063][T21673] Call Trace:
[  433.361048][T21673]  <TASK>
[  433.361893][T21673]  dump_stack_lvl+0x16c/0x1f0
[  433.363362][T21673]  should_fail_ex+0x497/0x5b0
[  433.364792][T21673]  ? fs_reclaim_acquire+0xae/0x150
[  433.366349][T21673]  should_failslab+0xc2/0x120
[  433.367804][T21673]  __kmalloc_noprof+0xcb/0x510
[  433.369254][T21673]  ? rcu_is_watching+0x12/0xc0
[  433.370712][T21673]  ? slab_debug_trace_release+0x11/0x50
[  433.372403][T21673]  p9_fcall_init+0x97/0x260
[  433.373794][T21673]  p9_tag_alloc+0x21c/0x870
[  433.375183][T21673]  ? __pfx_p9_tag_alloc+0x10/0x10
[  433.376765][T21673]  ? hlock_class+0x4e/0x130
[  433.378208][T21673]  p9_client_prepare_req+0x19f/0x4d0
[  433.379796][T21673]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  433.381586][T21673]  ? hlock_class+0x4e/0x130
[  433.382961][T21673]  ? mark_lock+0xb5/0xc60
[  433.384275][T21673]  ? __pfx___lock_acquire+0x10/0x10
[  433.385853][T21673]  p9_client_rpc+0x1c3/0xc10
[  433.387229][T21673]  ? __pfx_p9_client_rpc+0x10/0x10
[  433.388772][T21673]  ? find_held_lock+0x2d/0x110
[  433.390350][T21673]  ? p9_fid_create+0x26a/0x470
[  433.391816][T21673]  ? __pfx_lock_release+0x10/0x10
[  433.393264][T21673]  ? mark_held_locks+0x9f/0xe0
[  433.394710][T21673]  ? trace_9p_fid_ref+0x179/0x1f0
[  433.396273][T21673]  p9_client_walk+0x1ac/0x530
[  433.397718][T21673]  ? __pfx_p9_client_walk+0x10/0x10
[  433.399339][T21673]  ? v9fs_fid_lookup+0xe9/0xec0
[  433.400823][T21673]  v9fs_vfs_lookup+0x208/0x5c0
[  433.402275][T21673]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  433.403895][T21673]  ? lockdep_init_map_type+0x16d/0x7d0
[  433.405514][T21673]  __lookup_slow+0x24f/0x460
[  433.406870][T21673]  ? __pfx___lookup_slow+0x10/0x10
[  433.408445][T21673]  ? lookup_one_unlocked+0x133/0x160
[  433.410045][T21673]  ? d_lookup+0xe9/0x180
[  433.411350][T21673]  lookup_one_unlocked+0x142/0x160
[  433.412896][T21673]  ? __pfx_lookup_one_unlocked+0x10/0x10
[  433.414596][T21673]  ovl_lookup_single+0x201/0xf90
[  433.416138][T21673]  ? __pfx_ovl_lookup_single+0x10/0x10
[  433.417686][T21673]  ovl_lookup_layer+0x3a9/0x4a0
[  433.419130][T21673]  ? rcu_is_watching+0x12/0xc0
[  433.420624][T21673]  ? __pfx_ovl_lookup_layer+0x10/0x10
[  433.422260][T21673]  ? hlock_class+0x11/0x130
[  433.423635][T21673]  ovl_lookup+0x13a9/0x21f0
[  433.424985][T21673]  ? __pfx_ovl_lookup+0x10/0x10
[  433.426488][T21673]  ? lock_acquire.part.0+0x11b/0x380
[  433.428093][T21673]  ? find_held_lock+0x2d/0x110
[  433.429467][T21673]  ? d_alloc+0x176/0x1e0
[  433.430694][T21673]  ? __pfx_lock_release+0x10/0x10
[  433.432223][T21673]  ? do_raw_spin_lock+0x12d/0x2c0
[  433.433672][T21673]  ? do_raw_spin_unlock+0x172/0x230
[  433.435214][T21673]  ? _raw_spin_unlock+0x28/0x50
[  433.436620][T21673]  lookup_one_qstr_excl+0x11d/0x190
[  433.438091][T21673]  ? mnt_want_write+0x161/0x450
[  433.439533][T21673]  do_renameat2+0x5ae/0xdd0
[  433.440938][T21673]  ? __pfx_do_renameat2+0x10/0x10
[  433.442452][T21673]  ? lock_acquire+0x2f/0xb0
[  433.443839][T21673]  ? __virt_addr_valid+0x5e/0x590
[  433.445366][T21673]  ? __phys_addr_symbol+0x30/0x80
[  433.446886][T21673]  ? getname_flags.part.0+0x1c5/0x550
[  433.448517][T21673]  __x64_sys_rename+0x7d/0xa0
[  433.449939][T21673]  do_syscall_64+0xcd/0x250
[  433.451358][T21673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.453122][T21673] RIP: 0033:0x7f1e5eb85d29
[  433.454442][T21673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.460116][T21673] RSP: 002b:00007f1e5fa9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  433.462585][T21673] RAX: ffffffffffffffda RBX: 00007f1e5ed75fa0 RCX: 00007f1e5eb85d29
[  433.464960][T21673] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040
[  433.467363][T21673] RBP: 00007f1e5fa9e090 R08: 0000000000000000 R09: 0000000000000000
[  433.469668][T21673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  433.471890][T21673] R13: 0000000000000000 R14: 00007f1e5ed75fa0 R15: 00007ffeaffc0d78
[  433.474194][T21673]  </TASK>
[  433.531408][T21595] /dev/sr0: Can't open blockdev
[  433.606289][T21693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5689'.
[  433.614879][T21693] netlink: 'syz.2.5689': attribute type 21 has an invalid length.
[  433.647794][T21699] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5691'.
[  433.670800][T21700] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5691'.
[  433.703911][T21703] netlink: 160 bytes leftover after parsing attributes in process `syz.4.5690'.
[  433.772994][T21704] overlayfs: missing 'lowerdir'
[  434.200905][T21726] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5700'.
[  434.400569][T21734] hub 6-0:1.0: USB hub found
[  434.402548][T21734] hub 6-0:1.0: 1 port detected
[  434.460583][T21736] bond0: (slave team0): Releasing backup interface
[  434.466444][T21736] batman_adv: batadv0: Interface deactivated: dummy0
[  434.469118][T21736] batman_adv: batadv0: Removing interface: dummy0
[  434.518156][T21736] tipc: Enabled bearer <eth:team0>, priority 0
[  434.629616][   T39] audit: type=1400 audit(1735430417.032:4926): avc:  denied  { bind } for  pid=21742 comm="syz.1.5705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  434.636006][T21743] kAFS: No cell specified
[  434.638621][   T39] audit: type=1400 audit(1735430417.032:4927): avc:  denied  { setopt } for  pid=21742 comm="syz.1.5705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  434.737177][T21752] netlink: 'syz.1.5707': attribute type 2 has an invalid length.
[  434.739912][T21752] netlink: 784 bytes leftover after parsing attributes in process `syz.1.5707'.
[  434.745161][T21753] netlink: 'syz.1.5707': attribute type 1 has an invalid length.
[  434.747850][T21753] netlink: 'syz.1.5707': attribute type 4 has an invalid length.
[  434.750282][T21753] netlink: 15294 bytes leftover after parsing attributes in process `syz.1.5707'.
[  434.984313][T21768] netlink: 'syz.2.5711': attribute type 1 has an invalid length.
[  434.994612][T21768] 8021q: adding VLAN 0 to HW filter on device bond7
[  435.013782][T21768] bond7: (slave gretap1): making interface the new active one
[  435.026095][T21768] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  435.090524][T21771] overlayfs: failed to resolve './file1': -2
[  435.311318][ T5939] Bluetooth: hci3: command 0x0405 tx timeout
[  435.348807][    T8] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  435.416467][   T39] audit: type=1400 audit(1735430417.862:4928): avc:  denied  { execute } for  pid=21790 comm="syz.4.5719" path="/proc/asound/timers" dev="proc" ino=4026532336 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=file permissive=1
[  435.428061][   T39] audit: type=1400 audit(1735430417.872:4929): avc:  denied  { read } for  pid=21790 comm="syz.4.5719" dev="sockfs" ino=89934 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  435.502858][    T8] usb 10-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  435.506250][    T8] usb 10-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  435.509023][    T8] usb 10-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00
[  435.511990][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.542582][   T39] audit: type=1326 audit(1735430417.998:4930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21801 comm="syz.2.5722" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  435.559100][   T39] audit: type=1326 audit(1735430417.998:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21801 comm="syz.2.5722" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e5eb85d29 code=0x7ffc0000
[  435.747584][T21807] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  435.768780][T21820] input: syz0 as /devices/virtual/input/input41
[  435.821460][T21823] kvm: user requested TSC rate below hardware speed
[  435.912019][ T5979] usb 10-1: USB disconnect, device number 4
[  435.933792][T21831] overlay: filesystem on ./bus not supported as upperdir
[  435.979020][T21835] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  435.989761][T21835] FAULT_INJECTION: forcing a failure.
[  435.989761][T21835] name failslab, interval 1, probability 0, space 0, times 0
[  435.993613][T21835] CPU: 0 UID: 0 PID: 21835 Comm: syz.5.5730 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  435.996904][T21835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  436.000115][T21835] Call Trace:
[  436.001131][T21835]  <TASK>
[  436.002038][T21835]  dump_stack_lvl+0x16c/0x1f0
[  436.003482][T21835]  should_fail_ex+0x497/0x5b0
[  436.005183][T21835]  ? fs_reclaim_acquire+0xae/0x150
[  436.006974][T21835]  should_failslab+0xc2/0x120
[  436.008439][T21835]  __kmalloc_noprof+0xcb/0x510
[  436.009880][T21835]  ? rcu_is_watching+0x12/0xc0
[  436.011330][T21835]  p9pdu_readf+0x14d4/0x1e50
[  436.012727][T21835]  ? __pfx_p9pdu_readf+0x10/0x10
[  436.014396][T21835]  ? __pfx_autoremove_wake_function+0x10/0x10
[  436.016308][T21835]  ? p9_fid_create+0x26a/0x470
[  436.017814][T21835]  ? __pfx_lock_release+0x10/0x10
[  436.019347][T21835]  ? mark_held_locks+0x9f/0xe0
[  436.020785][T21835]  ? trace_9p_fid_ref+0x179/0x1f0
[  436.022302][T21835]  p9_client_walk+0x223/0x530
[  436.023816][T21835]  ? __pfx_p9_client_walk+0x10/0x10
[  436.025434][T21835]  ? v9fs_fid_lookup+0xe9/0xec0
[  436.026941][T21835]  v9fs_vfs_lookup+0x208/0x5c0
[  436.028399][T21835]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  436.029979][T21835]  ? lockdep_init_map_type+0x16d/0x7d0
[  436.031639][T21835]  __lookup_slow+0x24f/0x460
[  436.033047][T21835]  ? __pfx___lookup_slow+0x10/0x10
[  436.034678][T21835]  ? lookup_one_unlocked+0x133/0x160
[  436.036513][T21835]  ? d_lookup+0xe9/0x180
[  436.037882][T21835]  lookup_one_unlocked+0x142/0x160
[  436.039443][T21835]  ? __pfx_lookup_one_unlocked+0x10/0x10
[  436.041112][T21835]  ovl_lookup_single+0x201/0xf90
[  436.042605][T21835]  ? __pfx_ovl_lookup_single+0x10/0x10
[  436.044342][T21835]  ovl_lookup_layer+0x3a9/0x4a0
[  436.045819][T21835]  ? rcu_is_watching+0x12/0xc0
[  436.047278][T21835]  ? __pfx_ovl_lookup_layer+0x10/0x10
[  436.048899][T21835]  ? hlock_class+0x11/0x130
[  436.050282][T21835]  ovl_lookup+0x13a9/0x21f0
[  436.051672][T21835]  ? __pfx_ovl_lookup+0x10/0x10
[  436.053140][T21835]  ? lock_acquire.part.0+0x11b/0x380
[  436.054788][T21835]  ? find_held_lock+0x2d/0x110
[  436.056243][T21835]  ? d_alloc+0x176/0x1e0
[  436.057524][T21835]  ? __pfx_lock_release+0x10/0x10
[  436.059033][T21835]  ? do_raw_spin_lock+0x12d/0x2c0
[  436.060560][T21835]  ? do_raw_spin_unlock+0x172/0x230
[  436.062125][T21835]  ? _raw_spin_unlock+0x28/0x50
[  436.063653][T21835]  lookup_one_qstr_excl+0x11d/0x190
[  436.065354][T21835]  ? mnt_want_write+0x161/0x450
[  436.066830][T21835]  do_renameat2+0x5ae/0xdd0
[  436.068220][T21835]  ? __pfx_do_renameat2+0x10/0x10
[  436.069766][T21835]  ? lock_acquire+0x2f/0xb0
[  436.071139][T21835]  ? __virt_addr_valid+0x5e/0x590
[  436.072663][T21835]  ? __phys_addr_symbol+0x30/0x80
[  436.074359][T21835]  ? getname_flags.part.0+0x1c5/0x550
[  436.076026][T21835]  __x64_sys_rename+0x7d/0xa0
[  436.077486][T21835]  do_syscall_64+0xcd/0x250
[  436.078863][T21835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.080655][T21835] RIP: 0033:0x7f9d4c785d29
[  436.082005][T21835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  436.087898][T21835] RSP: 002b:00007f9d4d545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  436.090381][T21835] RAX: ffffffffffffffda RBX: 00007f9d4c975fa0 RCX: 00007f9d4c785d29
[  436.092730][T21835] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000020000040
[  436.095182][T21835] RBP: 00007f9d4d545090 R08: 0000000000000000 R09: 0000000000000000
[  436.097646][T21835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  436.100018][T21835] R13: 0000000000000000 R14: 00007f9d4c975fa0 R15: 00007ffeeedd9b18
[  436.102387][T21835]  </TASK>
[  436.103388][    C0] vkms_vblank_simulate: vblank timer overrun
[  436.567469][T21872] fuse: Unknown parameter 'fBÙ0x0000000000000009'
[  436.571103][T21875] binfmt_misc: register: failed to install interpreter file ./file0
[  436.622333][   T39] audit: type=1400 audit(1735430419.121:4932): avc:  denied  { mount } for  pid=21876 comm="syz.4.5745" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  436.805868][T21879] erspan0: entered promiscuous mode
[  436.808989][T21879] macvtap1: entered promiscuous mode
[  436.811182][T21879] macvtap1: entered allmulticast mode
[  436.813375][T21879] erspan0: entered allmulticast mode
[  436.863132][    T8] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[  436.953024][T21883] kvm: pic: non byte write
[  437.025192][    T8] usb 9-1: Using ep0 maxpacket: 8
[  437.034115][    T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  437.038914][    T8] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  437.042416][    T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.050874][    T8] usb 9-1: config 0 descriptor??
[  437.054590][    T8] iowarrior 9-1:0.0: no interrupt-in endpoint found
[  437.089713][T21896] skbuff: bad partial csum: csum=65506/2 headroom=160 headlen=65526
[  437.169074][T21901] __nla_validate_parse: 7 callbacks suppressed
[  437.169092][T21901] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5754'.
[  437.254446][   T39] audit: type=1400 audit(1735430419.793:4933): avc:  denied  { shutdown } for  pid=21876 comm="syz.4.5745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  437.254832][  T143] usb 9-1: USB disconnect, device number 40
[  437.421979][   T56] IPVS: starting estimator thread 0...
[  437.471076][   T39] audit: type=1400 audit(1735430420.014:4934): avc:  denied  { append } for  pid=21917 comm="syz.5.5760" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  437.511333][T21916] IPVS: using max 36 ests per chain, 86400 per kthread
[  437.520609][  T834] usb 6-1: new full-speed USB device number 36 using dummy_hcd
[  437.664760][  T834] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  437.667715][  T834] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  437.672625][  T834] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  437.675376][  T834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.677679][  T834] usb 6-1: Product: syz
[  437.678856][  T834] usb 6-1: Manufacturer: syz
[  437.680152][  T834] usb 6-1: SerialNumber: syz
[  437.682657][  T834] usb 6-1: config 0 descriptor??
[  437.691961][ T1455] usb 7-1: new full-speed USB device number 41 using dummy_hcd
[  437.855363][ T1455] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  437.858999][ T1455] usb 7-1: config 0 has no interfaces?
[  437.862225][ T1455] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  437.865765][ T1455] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.868176][ T1455] usb 7-1: Product: syz
[  437.869450][ T1455] usb 7-1: Manufacturer: syz
[  437.870843][ T1455] usb 7-1: SerialNumber: syz
[  437.873455][ T1455] usb 7-1: config 0 descriptor??
[  437.882897][T21923] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  437.883685][   T39] audit: type=1400 audit(1735430420.455:4935): avc:  denied  { read } for  pid=5337 comm="acpid" name="event4" dev="devtmpfs" ino=3424 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  438.073022][ T8358] usb 7-1: USB disconnect, device number 41
[  438.259196][T21918] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  438.262634][T21918] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  438.266587][T21918] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  438.271678][T21918] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  438.273617][T21918] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  438.276145][T21918] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  438.278368][T21918] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  438.280148][T21918] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  438.304234][T21918] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  438.398820][  T834] usb 6-1: USB disconnect, device number 36
[  438.418842][T21933] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  438.421955][T21936] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  438.453560][T21938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5763'.
[  438.816623][  T834] usb 9-1: new high-speed USB device number 41 using dummy_hcd
[  438.930944][   T56] usb 6-1: new low-speed USB device number 37 using dummy_hcd
[  438.958977][  T834] usb 9-1: Using ep0 maxpacket: 16
[  438.962648][  T834] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.967325][  T834] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.981032][  T834] usb 9-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  438.984826][  T834] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.994003][  T834] usb 9-1: config 0 descriptor??
[  439.054679][   T56] usb 6-1: device descriptor read/64, error -71
[  439.292944][   T56] usb 6-1: new low-speed USB device number 38 using dummy_hcd
[  439.316172][  T834] usbhid 9-1:0.0: can't add hid device: -71
[  439.318050][  T834] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  439.322715][  T834] usb 9-1: USB disconnect, device number 41
[  439.425544][   T56] usb 6-1: device descriptor read/64, error -71
[  439.502059][ T5939] Bluetooth: hci1: command 0x0405 tx timeout
[  439.540285][   T56] usb usb6-port1: attempt power cycle
[  439.570092][T22000] IPVS: Error connecting to the multicast addr
[  439.669054][T22003] netlink: 'syz.2.5776': attribute type 1 has an invalid length.
[  439.873311][   T56] usb 6-1: new low-speed USB device number 39 using dummy_hcd
[  439.893006][   T56] usb 6-1: device descriptor read/8, error -71
[  440.140328][   T56] usb 6-1: new low-speed USB device number 40 using dummy_hcd
[  440.169767][   T56] usb 6-1: device descriptor read/8, error -71
[  440.187688][ T5939] Bluetooth: hci3: command 0x0405 tx timeout
[  440.187702][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[  440.274535][   T56] usb usb6-port1: unable to enumerate USB device
[  440.535292][T22022] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5784'.
[  441.483489][ T5945] Bluetooth: hci1: command 0x0405 tx timeout
[  441.703393][T22068] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  441.705679][T22068] IPv6: NLM_F_CREATE should be set when creating new route
[  441.707936][T22068] IPv6: NLM_F_CREATE should be set when creating new route
[  441.710129][T22068] IPv6: NLM_F_CREATE should be set when creating new route
[  441.758034][T22071] input: syz1 as /devices/virtual/input/input42
[  441.808460][   T39] kauditd_printk_skb: 2 callbacks suppressed
[  441.808515][   T39] audit: type=1400 audit(1735430424.570:4938): avc:  denied  { setattr } for  pid=22064 comm="syz.2.5797" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  441.977382][T22081] overlayfs: failed to resolve './file1': -2
[  442.107250][T22083] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  442.169401][ T5945] Bluetooth: hci3: command 0x0405 tx timeout
[  442.178587][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[  442.213625][T22087] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  442.216062][T22087] overlayfs: failed to set xattr on upper
[  442.219063][T22087] overlayfs: ...falling back to redirect_dir=nofollow.
[  442.221878][T22087] overlayfs: ...falling back to index=off.
[  442.224276][T22087] overlayfs: ...falling back to uuid=null.
[  442.226844][T22087] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  442.233493][T22087] netlink: 256 bytes leftover after parsing attributes in process `syz.2.5805'.
[  442.237384][T22087] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5805'.
[  442.398207][T22100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5808'.
[  442.440848][ T5945] Bluetooth: hci4: sending frame failed (-49)
[  442.443839][ T5939] Bluetooth: hci4: Entering manufacturer mode failed (-49)
[  442.520076][T22104] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5810'.
[  442.557134][T22106] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  442.732619][T22110] xt_CT: You must specify a L4 protocol and not use inversions on it
[  442.894184][T22112] netlink: 176 bytes leftover after parsing attributes in process `syz.5.5813'.
[  442.989937][T22124] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5818'.
[  443.214669][   T39] audit: type=1400 audit(1735430426.050:4939): avc:  denied  { accept } for  pid=22134 comm="syz.2.5822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  443.474298][ T5939] Bluetooth: hci1: command 0x0405 tx timeout
[  443.770169][T22139] syzkaller0: entered promiscuous mode
[  443.771945][T22139] syzkaller0: entered allmulticast mode
[  443.864379][T22144] mqueue: Unknown parameter 'gid'
[  443.924206][T22145] overlay: Unknown parameter 'func'
[  443.925152][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  444.160137][ T5939] Bluetooth: hci3: command 0x0405 tx timeout
[  444.162291][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout
[  445.565073][T22147] GUP no longer grows the stack in syz.1.5825 (22147): 20004000-2000a000 (20002000)
[  445.568257][T22147] CPU: 0 UID: 0 PID: 22147 Comm: syz.1.5825 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  445.571521][T22147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  445.575896][T22147] Call Trace:
[  445.577137][T22147]  <TASK>
[  445.578410][T22147]  dump_stack_lvl+0x16c/0x1f0
[  445.580454][T22147]  gup_vma_lookup+0x1d2/0x220
[  445.582458][T22147]  __get_user_pages+0x236/0x3b50
[  445.584598][T22147]  ? find_held_lock+0x2d/0x110
[  445.586726][T22147]  ? mtree_load+0x30a/0xa40
[  445.588633][T22147]  ? __pfx_lock_release+0x10/0x10
[  445.590793][T22147]  ? __pfx___get_user_pages+0x10/0x10
[  445.593160][T22147]  get_user_pages_remote+0x25e/0xb30
[  445.595373][T22147]  ? __pfx_get_user_pages_remote+0x10/0x10
[  445.597115][T22147]  __access_remote_vm+0x235/0x7a0
[  445.598659][T22147]  ? __pfx___access_remote_vm+0x10/0x10
[  445.600315][T22147]  ? lock_acquire+0x2f/0xb0
[  445.601663][T22147]  ? proc_pid_cmdline_read+0x25c/0x900
[  445.603213][T22147]  proc_pid_cmdline_read+0x4f5/0x900
[  445.604785][T22147]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  445.606552][T22147]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  445.608734][T22147]  vfs_readv+0x6bf/0x890
[  445.610032][T22147]  ? __pfx___lock_acquire+0x10/0x10
[  445.611649][T22147]  ? __pfx_vfs_readv+0x10/0x10
[  445.613181][T22147]  ? __fget_files+0x1fc/0x3a0
[  445.614693][T22147]  ? __pfx_lock_release+0x10/0x10
[  445.616338][T22147]  ? __fget_files+0x206/0x3a0
[  445.617875][T22147]  ? do_preadv+0x1b1/0x270
[  445.619286][T22147]  do_preadv+0x1b1/0x270
[  445.620616][T22147]  ? __pfx_do_preadv+0x10/0x10
[  445.622126][T22147]  do_syscall_64+0xcd/0x250
[  445.623606][T22147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.625435][T22147] RIP: 0033:0x7fb294b85d29
[  445.626887][T22147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.632911][T22147] RSP: 002b:00007fb295a1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  445.635581][T22147] RAX: ffffffffffffffda RBX: 00007fb294d75fa0 RCX: 00007fb294b85d29
[  445.638030][T22147] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000005
[  445.640474][T22147] RBP: 00007fb294c01b08 R08: 0000000000000000 R09: 0000000000000000
[  445.642934][T22147] R10: 0000000000000500 R11: 0000000000000246 R12: 0000000000000000
[  445.645509][T22147] R13: 0000000000000000 R14: 00007fb294d75fa0 R15: 00007ffeb259a5f8
[  445.648030][T22147]  </TASK>
[  445.656164][   T39] audit: type=1400 audit(1735430428.612:4940): avc:  denied  { ioctl } for  pid=22146 comm="syz.1.5825" path="socket:[96505]" dev="sockfs" ino=96505 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  445.960765][T22154] JFS: charset not found
[  445.992567][T22158] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5830'.
[  445.995799][T22158] overlayfs: overlapping lowerdir path
[  446.005790][T22160] netlink: 'syz.1.5829': attribute type 4 has an invalid length.
[  446.083359][T22172] overlay: filesystem on ./bus not supported as upperdir
[  446.090613][T22175] FAULT_INJECTION: forcing a failure.
[  446.090613][T22175] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  446.094944][T22175] CPU: 2 UID: 0 PID: 22175 Comm: syz.5.5836 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  446.098209][T22175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  446.101713][T22175] Call Trace:
[  446.103138][T22175]  <TASK>
[  446.104498][T22175]  dump_stack_lvl+0x16c/0x1f0
[  446.106055][T22175]  should_fail_ex+0x497/0x5b0
[  446.107759][T22175]  ? fs_reclaim_acquire+0xae/0x150
[  446.109604][T22175]  should_fail_alloc_page+0xe7/0x130
[  446.111268][T22175]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  446.113199][T22175]  ? mark_lock+0xb5/0xc60
[  446.114758][T22175]  __alloc_pages_noprof+0x190/0x25b0
[  446.116488][T22175]  ? __pfx_mark_lock+0x10/0x10
[  446.118172][T22175]  ? hlock_class+0x4e/0x130
[  446.119650][T22175]  ? mark_lock+0xb5/0xc60
[  446.121046][T22175]  ? __lock_acquire+0xcc5/0x3c40
[  446.122673][T22175]  ? __pfx_mark_lock+0x10/0x10
[  446.124353][T22175]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  446.126171][T22175]  ? hlock_class+0x4e/0x130
[  446.127613][T22175]  ? hlock_class+0x4e/0x130
[  446.129306][T22175]  ? mark_lock+0xb5/0xc60
[  446.130611][T22175]  ? __pfx_mark_lock+0x10/0x10
[  446.132077][T22175]  ? hlock_class+0x4e/0x130
[  446.133514][T22175]  ? __lock_acquire+0xcc5/0x3c40
[  446.135020][T22175]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  446.136896][T22175]  ? policy_nodemask+0xea/0x4e0
[  446.138427][T22175]  alloc_pages_mpol_noprof+0x2c9/0x610
[  446.140147][T22175]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  446.141996][T22175]  folio_alloc_mpol_noprof+0x36/0xd0
[  446.143765][T22175]  vma_alloc_folio_noprof+0xee/0x1b0
[  446.145457][T22175]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  446.147398][T22175]  ? find_held_lock+0x2d/0x110
[  446.148957][T22175]  do_pte_missing+0x2017/0x3e00
[  446.150470][T22175]  __handle_mm_fault+0x103c/0x2a40
[  446.152066][T22175]  ? find_held_lock+0x2d/0x110
[  446.153585][T22175]  ? __pfx___handle_mm_fault+0x10/0x10
[  446.155318][T22175]  ? follow_page_pte+0x3c3/0x1b20
[  446.156904][T22175]  ? __pfx_lock_release+0x10/0x10
[  446.158497][T22175]  ? follow_page_pte+0x3f7/0x1b20
[  446.160132][T22175]  handle_mm_fault+0x3fa/0xaa0
[  446.161622][T22175]  __get_user_pages+0x8d9/0x3b50
[  446.163162][T22175]  ? __pfx_mt_find+0x10/0x10
[  446.164708][T22175]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  446.166435][T22175]  ? __pfx___get_user_pages+0x10/0x10
[  446.168234][T22175]  ? __mm_populate+0x21d/0x380
[  446.169718][T22175]  populate_vma_page_range+0x27f/0x3a0
[  446.171431][T22175]  ? __pfx_populate_vma_page_range+0x10/0x10
[  446.173262][T22175]  ? __pfx_find_vma_intersection+0x10/0x10
[  446.175217][T22175]  ? __do_sys_mlockall+0x2f0/0x580
[  446.176867][T22175]  __mm_populate+0x1d6/0x380
[  446.178527][T22175]  ? __pfx___mm_populate+0x10/0x10
[  446.180710][T22175]  ? up_write+0x1b2/0x520
[  446.182506][T22175]  __do_sys_mlockall+0x4df/0x580
[  446.184178][T22175]  do_syscall_64+0xcd/0x250
[  446.185629][T22175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.187442][T22175] RIP: 0033:0x7f9d4c785d29
[  446.188803][T22175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  446.194811][T22175] RSP: 002b:00007f9d4d545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  446.197360][T22175] RAX: ffffffffffffffda RBX: 00007f9d4c975fa0 RCX: 00007f9d4c785d29
[  446.199740][T22175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  446.202106][T22175] RBP: 00007f9d4d545090 R08: 0000000000000000 R09: 0000000000000000
[  446.204508][T22175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  446.206850][T22175] R13: 0000000000000001 R14: 00007f9d4c975fa0 R15: 00007ffeeedd9b18
[  446.209389][T22175]  </TASK>
[  446.512841][T16064] wlan1: Trigger new scan to find an IBSS to join
[  446.579300][ T8358] usb 7-1: new full-speed USB device number 42 using dummy_hcd
[  446.727450][ T8358] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.735143][ T8358] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  446.746450][ T8358] usb 7-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  446.750302][ T8358] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.754048][ T8358] usb 7-1: Product: syz
[  446.755776][ T8358] usb 7-1: Manufacturer: syz
[  446.757700][ T8358] usb 7-1: SerialNumber: syz
[  446.761564][ T8358] usb 7-1: config 0 descriptor??
[  446.817707][T22188] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  446.826432][   T39] audit: type=1400 audit(1735430429.840:4941): avc:  denied  { link } for  pid=22187 comm="syz.5.5841" name="file1" dev="9p" ino=36575006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  446.833382][   T39] audit: type=1400 audit(1735430429.850:4942): avc:  denied  { rename } for  pid=22187 comm="syz.5.5841" name="file1" dev="9p" ino=36575006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  446.833564][T22167] 9pnet_fd: p9_fd_create_tcp (22167): problem connecting socket to 127.0.0.1
[  446.842919][   T39] audit: type=1400 audit(1735430429.850:4943): avc:  denied  { unlink } for  pid=22187 comm="syz.5.5841" name="file0" dev="9p" ino=36575164 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  446.883466][   T39] audit: type=1400 audit(1735430429.892:4944): avc:  denied  { setopt } for  pid=22189 comm="syz.1.5842" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  446.949604][T22194] netlink: 'syz.5.5843': attribute type 2 has an invalid length.
[  447.073322][ T8358] usb 7-1: USB disconnect, device number 42
[  447.079906][T22203] veth1_virt_wifi: mtu less than device minimum
[  447.246294][  T143] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  447.323970][   T57] usb 6-1: new low-speed USB device number 41 using dummy_hcd
[  447.389332][  T143] usb 10-1: Using ep0 maxpacket: 8
[  447.395069][  T143] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  447.399891][  T143] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  447.403751][  T143] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.408936][  T143] usb 10-1: config 0 descriptor??
[  447.467554][   T57] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  447.471036][   T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  447.473836][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  447.477486][   T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  447.480569][   T57] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  447.483347][   T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.488526][   T57] hub 6-1:1.0: bad descriptor, ignoring hub
[  447.490433][   T57] hub 6-1:1.0: probe with driver hub failed with error -5
[  447.492838][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  447.494755][   T57] cdc_wdm 6-1:1.0: skipping garbage
[  447.497077][   T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  447.499045][   T57] cdc_wdm 6-1:1.0: Unknown control protocol
[  447.605494][  T143] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  447.690989][T22203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.693909][T22203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.846687][    T8] usb 10-1: USB disconnect, device number 5
[  448.230965][T22203] usb 6-1: reset low-speed USB device number 41 using dummy_hcd
[  448.402968][T22210] FAULT_INJECTION: forcing a failure.
[  448.402968][T22210] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  448.408872][T22210] CPU: 0 UID: 0 PID: 22210 Comm: syz.2.5850 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  448.413070][T22210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  448.417447][T22210] Call Trace:
[  448.418917][T22210]  <TASK>
[  448.420202][T22210]  dump_stack_lvl+0x16c/0x1f0
[  448.422169][T22210]  should_fail_ex+0x497/0x5b0
[  448.424210][T22210]  ? fs_reclaim_acquire+0xae/0x150
[  448.426095][T22210]  should_fail_alloc_page+0xe7/0x130
[  448.427703][T22210]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  448.429605][T22210]  ? mark_lock+0xb5/0xc60
[  448.431121][T22210]  __alloc_pages_noprof+0x190/0x25b0
[  448.433142][T22210]  ? __pfx_mark_lock+0x10/0x10
[  448.434867][T22210]  ? hlock_class+0x4e/0x130
[  448.436681][T22210]  ? mark_lock+0xb5/0xc60
[  448.438393][T22210]  ? __lock_acquire+0xcc5/0x3c40
[  448.440395][T22210]  ? __pfx_mark_lock+0x10/0x10
[  448.442211][T22210]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  448.444744][T22210]  ? hlock_class+0x4e/0x130
[  448.446576][T22210]  ? hlock_class+0x4e/0x130
[  448.448294][T22210]  ? mark_lock+0xb5/0xc60
[  448.449955][T22210]  ? __pfx_mark_lock+0x10/0x10
[  448.451584][T22210]  ? hlock_class+0x4e/0x130
[  448.452951][T22210]  ? __lock_acquire+0xcc5/0x3c40
[  448.454746][T22210]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  448.457257][T22210]  ? policy_nodemask+0xea/0x4e0
[  448.459307][T22210]  alloc_pages_mpol_noprof+0x2c9/0x610
[  448.461523][T22210]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  448.463914][T22210]  folio_alloc_mpol_noprof+0x36/0xd0
[  448.465974][T22210]  vma_alloc_folio_noprof+0xee/0x1b0
[  448.468014][T22210]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  448.469882][T22210]  ? find_held_lock+0x2d/0x110
[  448.471853][T22210]  do_pte_missing+0x2017/0x3e00
[  448.473887][T22210]  __handle_mm_fault+0x103c/0x2a40
[  448.475995][T22210]  ? find_held_lock+0x2d/0x110
[  448.478026][T22210]  ? __pfx___handle_mm_fault+0x10/0x10
[  448.480290][T22210]  ? follow_page_pte+0x3c3/0x1b20
[  448.482411][T22210]  ? __pfx_lock_release+0x10/0x10
[  448.484563][T22210]  ? follow_page_pte+0x3f7/0x1b20
[  448.486739][T22210]  handle_mm_fault+0x3fa/0xaa0
[  448.488768][T22210]  __get_user_pages+0x8d9/0x3b50
[  448.490843][T22210]  ? __pfx_mt_find+0x10/0x10
[  448.492825][T22210]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  448.495167][T22210]  ? __pfx___get_user_pages+0x10/0x10
[  448.496931][T22210]  ? __mm_populate+0x21d/0x380
[  448.498920][T22210]  populate_vma_page_range+0x27f/0x3a0
[  448.501181][T22210]  ? __pfx_populate_vma_page_range+0x10/0x10
[  448.503601][T22203] usb 6-1: device descriptor read/64, error -71
[  448.503676][T22210]  ? __pfx_find_vma_intersection+0x10/0x10
[  448.507674][T22210]  ? __do_sys_mlockall+0x2f0/0x580
[  448.509247][T22210]  __mm_populate+0x1d6/0x380
[  448.510646][T22210]  ? __pfx___mm_populate+0x10/0x10
[  448.512194][T22210]  ? up_write+0x1b2/0x520
[  448.513889][T22210]  __do_sys_mlockall+0x4df/0x580
[  448.515714][T22210]  do_syscall_64+0xcd/0x250
[  448.517298][T22210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.519706][T22210] RIP: 0033:0x7f1e5eb85d29
[  448.521591][T22210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.529438][T22210] RSP: 002b:00007f1e5fa9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  448.532079][T22210] RAX: ffffffffffffffda RBX: 00007f1e5ed75fa0 RCX: 00007f1e5eb85d29
[  448.535185][T22210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  448.538273][T22210] RBP: 00007f1e5fa9e090 R08: 0000000000000000 R09: 0000000000000000
[  448.541491][T22210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.544741][T22210] R13: 0000000000000001 R14: 00007f1e5ed75fa0 R15: 00007ffeaffc0d78
[  448.548048][T22210]  </TASK>
[  448.875348][T22203] usb 6-1: reset low-speed USB device number 41 using dummy_hcd
[  449.009168][T22214] netlink: 'syz.2.5852': attribute type 9 has an invalid length.
[  449.012450][T22214] netlink: 201392 bytes leftover after parsing attributes in process `syz.2.5852'.
[  449.023665][T22214] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  449.132584][T22203] usb 6-1: device descriptor read/64, error -71
[  449.184910][T22217] syz.2.5853 (22217): drop_caches: 2
[  449.465996][ T5979] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  449.494250][T16062] wlan1: Trigger new scan to find an IBSS to join
[  449.513246][T22203] usb 6-1: reset low-speed USB device number 41 using dummy_hcd
[  449.533282][T22203] usb 6-1: device descriptor read/8, error -71
[  449.608442][ T5979] usb 7-1: Using ep0 maxpacket: 8
[  449.611198][ T5979] usb 7-1: config 2 interface 0 has no altsetting 0
[  449.614626][ T5979] usb 7-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  449.617378][ T5979] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.620144][ T5979] usb 7-1: Product: syz
[  449.621419][ T5979] usb 7-1: Manufacturer: syz
[  449.622821][ T5979] usb 7-1: SerialNumber: syz
[  449.823793][ T5979] usb 7-1: USB disconnect, device number 43
[  449.904008][T22203] usb 6-1: reset low-speed USB device number 41 using dummy_hcd
[  449.925089][T22203] usb 6-1: device descriptor read/8, error -71
[  450.032906][T22203] cdc_wdm 6-1:1.0: Error autopm - -16
[  450.033060][   T57] usb 6-1: USB disconnect, device number 41
[  450.037782][T22199] cdc_wdm 6-1:1.0: Error autopm - -16
[  450.077003][T22221] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  450.079354][T22221] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  450.141696][T22225] ip6t_rpfilter: unknown options
[  450.154889][T22225] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  450.162495][   T39] audit: type=1400 audit(1735430433.346:4945): avc:  denied  { mount } for  pid=22226 comm="syz.1.5857" name="/" dev="pstore" ino=5808 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  450.164857][T22227] tap0: tun_chr_ioctl cmd 1074025677
[  450.172091][T22227] tap0: linktype set to 772
[  450.174809][T22227] pim6reg1: entered promiscuous mode
[  450.176422][T22227] pim6reg1: entered allmulticast mode
[  450.320827][T22229] FAULT_INJECTION: forcing a failure.
[  450.320827][T22229] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  450.326185][T22229] CPU: 0 UID: 0 PID: 22229 Comm: syz.5.5859 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  450.330493][T22229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  450.334829][T22229] Call Trace:
[  450.336262][T22229]  <TASK>
[  450.337507][T22229]  dump_stack_lvl+0x16c/0x1f0
[  450.339474][T22229]  should_fail_ex+0x497/0x5b0
[  450.341386][T22229]  ? fs_reclaim_acquire+0xae/0x150
[  450.343517][T22229]  should_fail_alloc_page+0xe7/0x130
[  450.345706][T22229]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  450.348254][T22229]  ? mark_lock+0xb5/0xc60
[  450.350050][T22229]  __alloc_pages_noprof+0x190/0x25b0
[  450.352218][T22229]  ? __pfx_mark_lock+0x10/0x10
[  450.354199][T22229]  ? hlock_class+0x4e/0x130
[  450.356117][T22229]  ? mark_lock+0xb5/0xc60
[  450.357918][T22229]  ? __lock_acquire+0xcc5/0x3c40
[  450.359985][T22229]  ? __pfx_mark_lock+0x10/0x10
[  450.361975][T22229]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  450.364340][T22229]  ? hlock_class+0x4e/0x130
[  450.366256][T22229]  ? hlock_class+0x4e/0x130
[  450.368157][T22229]  ? mark_lock+0xb5/0xc60
[  450.369952][T22229]  ? __pfx_mark_lock+0x10/0x10
[  450.371977][T22229]  ? hlock_class+0x4e/0x130
[  450.373372][T22229]  ? __lock_acquire+0xcc5/0x3c40
[  450.375156][T22229]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  450.377376][T22229]  ? policy_nodemask+0xea/0x4e0
[  450.379418][T22229]  alloc_pages_mpol_noprof+0x2c9/0x610
[  450.381595][T22229]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  450.383840][T22229]  folio_alloc_mpol_noprof+0x36/0xd0
[  450.385640][T22229]  vma_alloc_folio_noprof+0xee/0x1b0
[  450.387386][T22229]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  450.389899][T22229]  ? find_held_lock+0x2d/0x110
[  450.391871][T22229]  do_pte_missing+0x2017/0x3e00
[  450.393920][T22229]  __handle_mm_fault+0x103c/0x2a40
[  450.396121][T22229]  ? find_held_lock+0x2d/0x110
[  450.398236][T22229]  ? __pfx___handle_mm_fault+0x10/0x10
[  450.400578][T22229]  ? follow_page_pte+0x3c3/0x1b20
[  450.402426][T22229]  ? __pfx_lock_release+0x10/0x10
[  450.403998][T22229]  ? follow_page_pte+0x3f7/0x1b20
[  450.405575][T22229]  handle_mm_fault+0x3fa/0xaa0
[  450.407054][T22229]  __get_user_pages+0x8d9/0x3b50
[  450.408567][T22229]  ? __pfx_mt_find+0x10/0x10
[  450.409989][T22229]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  450.411930][T22229]  ? __pfx___get_user_pages+0x10/0x10
[  450.413523][T22229]  ? __mm_populate+0x21d/0x380
[  450.415316][T22229]  populate_vma_page_range+0x27f/0x3a0
[  450.417113][T22229]  ? __pfx_populate_vma_page_range+0x10/0x10
[  450.418889][T22229]  ? __pfx_find_vma_intersection+0x10/0x10
[  450.420822][T22229]  ? __do_sys_mlockall+0x2f0/0x580
[  450.422545][T22229]  __mm_populate+0x1d6/0x380
[  450.424251][T22229]  ? __pfx___mm_populate+0x10/0x10
[  450.425755][T22229]  ? up_write+0x1b2/0x520
[  450.427085][T22229]  __do_sys_mlockall+0x4df/0x580
[  450.428672][T22229]  do_syscall_64+0xcd/0x250
[  450.430068][T22229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.432261][T22229] RIP: 0033:0x7f9d4c785d29
[  450.433671][T22229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.440152][T22229] RSP: 002b:00007f9d4d545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  450.442582][T22229] RAX: ffffffffffffffda RBX: 00007f9d4c975fa0 RCX: 00007f9d4c785d29
[  450.444922][T22229] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  450.447295][T22229] RBP: 00007f9d4d545090 R08: 0000000000000000 R09: 0000000000000000
[  450.449595][T22229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  450.452260][T22229] R13: 0000000000000001 R14: 00007f9d4c975fa0 R15: 00007ffeeedd9b18
[  450.454931][T22229]  </TASK>
[  450.463222][T22232] bond0: (slave bond_slave_0): Releasing backup interface
[  450.467649][T16025] wlan1: Creating new IBSS network, BSSID f6:0f:fc:60:90:f7
[  450.474079][T22232] bond0: (slave bond_slave_1): Releasing backup interface
[  450.496484][   T39] audit: type=1400 audit(1735430433.693:4946): avc:  denied  { unmount } for  pid=17821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  450.501140][T22232] team0: Port device team_slave_0 removed
[  450.521708][T22232] team0: Port device team_slave_1 removed
[  450.524213][T22232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.526525][T22232] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.530537][T22232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.537662][T22232] batman_adv: batadv0: Removing interface: batadv_slave_1
[  450.545354][T22232] bond7: (slave gretap1): Releasing active interface
[  450.592108][T22242] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5863'.
[  450.605700][T22239] netlink: 'syz.1.5862': attribute type 9 has an invalid length.
[  450.608187][T22239] netlink: 201392 bytes leftover after parsing attributes in process `syz.1.5862'.
[  450.614781][T22239] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  450.724543][T22248] futex_wake_op: syz.2.5865 tries to shift op by 32; fix this program
[  450.753468][   T39] audit: type=1400 audit(1735430433.966:4947): avc:  denied  { view } for  pid=22249 comm="syz.2.5866" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  450.778588][T22255] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[  450.785224][T22258] netlink: 'syz.2.5868': attribute type 4 has an invalid length.
[  450.785994][T22259] 9pnet_virtio: no channels available for device syz
[  450.794534][T22259] netlink: 'syz.5.5869': attribute type 4 has an invalid length.
[  450.920937][T22272] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  451.062661][T22284] FAULT_INJECTION: forcing a failure.
[  451.062661][T22284] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  451.066842][T22284] CPU: 2 UID: 0 PID: 22284 Comm: syz.1.5878 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  451.070067][T22284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  451.073625][T22284] Call Trace:
[  451.073861][T22265] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5872'.
[  451.074645][T22284]  <TASK>
[  451.074652][T22284]  dump_stack_lvl+0x16c/0x1f0
[  451.079606][T22265] syzkaller0: entered allmulticast mode
[  451.080910][T22284]  should_fail_ex+0x497/0x5b0
[  451.084673][T22284]  ? fs_reclaim_acquire+0xae/0x150
[  451.086295][T22284]  should_fail_alloc_page+0xe7/0x130
[  451.087895][T22284]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  451.089729][T22284]  ? mark_lock+0xb5/0xc60
[  451.091036][T22284]  __alloc_pages_noprof+0x190/0x25b0
[  451.092798][T22284]  ? __pfx_mark_lock+0x10/0x10
[  451.094327][T22284]  ? hlock_class+0x4e/0x130
[  451.095873][T22284]  ? mark_lock+0xb5/0xc60
[  451.097197][T22284]  ? __lock_acquire+0xcc5/0x3c40
[  451.098690][T22284]  ? __pfx_mark_lock+0x10/0x10
[  451.100144][T22284]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  451.101917][T22284]  ? hlock_class+0x4e/0x130
[  451.103342][T22284]  ? hlock_class+0x4e/0x130
[  451.104771][T22284]  ? mark_lock+0xb5/0xc60
[  451.106520][T22284]  ? __pfx_mark_lock+0x10/0x10
[  451.108490][T22284]  ? hlock_class+0x4e/0x130
[  451.110032][T22284]  ? __lock_acquire+0xcc5/0x3c40
[  451.111717][T22284]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  451.114264][T22284]  ? policy_nodemask+0xea/0x4e0
[  451.116322][T22284]  alloc_pages_mpol_noprof+0x2c9/0x610
[  451.118571][T22284]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  451.121143][T22284]  folio_alloc_mpol_noprof+0x36/0xd0
[  451.123297][T22284]  vma_alloc_folio_noprof+0xee/0x1b0
[  451.125300][T22284]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  451.127258][T22284]  ? find_held_lock+0x2d/0x110
[  451.128941][T22284]  do_pte_missing+0x2017/0x3e00
[  451.130576][T22284]  __handle_mm_fault+0x103c/0x2a40
[  451.132217][T22284]  ? find_held_lock+0x2d/0x110
[  451.133667][T22284]  ? __pfx___handle_mm_fault+0x10/0x10
[  451.135348][T22284]  ? follow_page_pte+0x3c3/0x1b20
[  451.136844][T22284]  ? __pfx_lock_release+0x10/0x10
[  451.138363][T22284]  ? follow_page_pte+0x3f7/0x1b20
[  451.139933][T22284]  handle_mm_fault+0x3fa/0xaa0
[  451.141350][T22284]  __get_user_pages+0x8d9/0x3b50
[  451.142855][T22284]  ? __pfx_mt_find+0x10/0x10
[  451.144227][T22284]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  451.145869][T22284]  ? __pfx___get_user_pages+0x10/0x10
[  451.147479][T22284]  ? __mm_populate+0x21d/0x380
[  451.148936][T22284]  populate_vma_page_range+0x27f/0x3a0
[  451.151231][T22284]  ? __pfx_populate_vma_page_range+0x10/0x10
[  451.153521][T22284]  ? __pfx_find_vma_intersection+0x10/0x10
[  451.155247][T22284]  ? __do_sys_mlockall+0x2f0/0x580
[  451.156732][T22284]  __mm_populate+0x1d6/0x380
[  451.158132][T22284]  ? __pfx___mm_populate+0x10/0x10
[  451.159838][T22284]  ? up_write+0x1b2/0x520
[  451.161093][T22284]  __do_sys_mlockall+0x4df/0x580
[  451.162587][T22284]  do_syscall_64+0xcd/0x250
[  451.164016][T22284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.165800][T22284] RIP: 0033:0x7fb294b85d29
[  451.167079][T22284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.173822][T22284] RSP: 002b:00007fb295a1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  451.177278][T22284] RAX: ffffffffffffffda RBX: 00007fb294d75fa0 RCX: 00007fb294b85d29
[  451.180485][T22284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  451.183710][T22284] RBP: 00007fb295a1d090 R08: 0000000000000000 R09: 0000000000000000
[  451.186816][T22284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  451.189983][T22284] R13: 0000000000000001 R14: 00007fb294d75fa0 R15: 00007ffeb259a5f8
[  451.193276][T22284]  </TASK>
[  451.194695][    C2] vkms_vblank_simulate: vblank timer overrun
[  451.282669][T22290] ufs: You didn't specify the type of your ufs filesystem
[  451.282669][T22290] 
[  451.282669][T22290] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  451.282669][T22290] 
[  451.282669][T22290] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  451.295059][T22290] ufs: ufstype=old is supported read-only
[  451.298823][T22290] syz.2.5880: attempt to access beyond end of device
[  451.298823][T22290] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  451.344359][   T39] audit: type=1400 audit(1735430434.585:4948): avc:  denied  { bind } for  pid=22291 comm="syz.2.5881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  451.680611][T22308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5886'.
[  451.800709][T22314] overlayfs: failed to resolve './file1': -2
[  452.063465][ T5945] block nbd1: Receive control failed (result -32)
[  452.073459][T22326] block nbd1: shutting down sockets
[  452.154484][T22334] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5895'.
[  452.629158][T22340] FAULT_INJECTION: forcing a failure.
[  452.629158][T22340] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  452.633009][T22340] CPU: 1 UID: 0 PID: 22340 Comm: syz.5.5897 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  452.636199][T22340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  452.639490][T22340] Call Trace:
[  452.640509][T22340]  <TASK>
[  452.641417][T22340]  dump_stack_lvl+0x16c/0x1f0
[  452.642871][T22340]  should_fail_ex+0x497/0x5b0
[  452.644320][T22340]  ? fs_reclaim_acquire+0xae/0x150
[  452.645929][T22340]  should_fail_alloc_page+0xe7/0x130
[  452.647562][T22340]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  452.649556][T22340]  ? mark_lock+0xb5/0xc60
[  452.650874][T22340]  __alloc_pages_noprof+0x190/0x25b0
[  452.652500][T22340]  ? __pfx_mark_lock+0x10/0x10
[  452.653980][T22340]  ? hlock_class+0x4e/0x130
[  452.655413][T22340]  ? mark_lock+0xb5/0xc60
[  452.656738][T22340]  ? __lock_acquire+0xcc5/0x3c40
[  452.658238][T22340]  ? __pfx_mark_lock+0x10/0x10
[  452.659733][T22340]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  452.661468][T22340]  ? hlock_class+0x4e/0x130
[  452.662893][T22340]  ? hlock_class+0x4e/0x130
[  452.664292][T22340]  ? mark_lock+0xb5/0xc60
[  452.665619][T22340]  ? __pfx_mark_lock+0x10/0x10
[  452.667133][T22340]  ? hlock_class+0x4e/0x130
[  452.668570][T22340]  ? __lock_acquire+0xcc5/0x3c40
[  452.670078][T22340]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  452.671907][T22340]  ? policy_nodemask+0xea/0x4e0
[  452.673389][T22340]  alloc_pages_mpol_noprof+0x2c9/0x610
[  452.675049][T22340]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  452.676897][T22340]  folio_alloc_mpol_noprof+0x36/0xd0
[  452.678517][T22340]  vma_alloc_folio_noprof+0xee/0x1b0
[  452.680133][T22340]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  452.681964][T22340]  ? find_held_lock+0x2d/0x110
[  452.683440][T22340]  do_pte_missing+0x2017/0x3e00
[  452.684934][T22340]  __handle_mm_fault+0x103c/0x2a40
[  452.686525][T22340]  ? find_held_lock+0x2d/0x110
[  452.688060][T22340]  ? __pfx___handle_mm_fault+0x10/0x10
[  452.689745][T22340]  ? follow_page_pte+0x3c3/0x1b20
[  452.691289][T22340]  ? __pfx_lock_release+0x10/0x10
[  452.692822][T22340]  ? follow_page_pte+0x3f7/0x1b20
[  452.694383][T22340]  handle_mm_fault+0x3fa/0xaa0
[  452.695910][T22340]  __get_user_pages+0x8d9/0x3b50
[  452.697435][T22340]  ? __pfx_mt_find+0x10/0x10
[  452.698846][T22340]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  452.700549][T22340]  ? __pfx___get_user_pages+0x10/0x10
[  452.702176][T22340]  ? __mm_populate+0x21d/0x380
[  452.703653][T22340]  populate_vma_page_range+0x27f/0x3a0
[  452.705326][T22340]  ? __pfx_populate_vma_page_range+0x10/0x10
[  452.707192][T22340]  ? __pfx_find_vma_intersection+0x10/0x10
[  452.708985][T22340]  ? __do_sys_mlockall+0x2f0/0x580
[  452.710540][T22340]  __mm_populate+0x1d6/0x380
[  452.711962][T22340]  ? __pfx___mm_populate+0x10/0x10
[  452.713529][T22340]  ? up_write+0x1b2/0x520
[  452.714860][T22340]  __do_sys_mlockall+0x4df/0x580
[  452.716446][T22340]  do_syscall_64+0xcd/0x250
[  452.717906][T22340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.719708][T22340] RIP: 0033:0x7f9d4c785d29
[  452.721079][T22340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.726952][T22340] RSP: 002b:00007f9d4d545038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  452.729487][T22340] RAX: ffffffffffffffda RBX: 00007f9d4c975fa0 RCX: 00007f9d4c785d29
[  452.732175][T22340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  452.734567][T22340] RBP: 00007f9d4d545090 R08: 0000000000000000 R09: 0000000000000000
[  452.736974][T22340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  452.739378][T22340] R13: 0000000000000001 R14: 00007f9d4c975fa0 R15: 00007ffeeedd9b18
[  452.741765][T22340]  </TASK>
[  452.939763][T22362] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5904'.
[  453.045961][T22365] 
[  453.047139][T22365] ======================================================
[  453.050126][T22365] WARNING: possible circular locking dependency detected
[  453.053063][T22365] 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0 Not tainted
[  453.057612][T22365] ------------------------------------------------------
[  453.060513][T22365] syz.2.5905/22365 is trying to acquire lock:
[  453.063038][T22365] ffffffff90129eb8 (nr_neigh_list_lock){+...}-{3:3}, at: nr_remove_neigh+0x1a/0x290
[  453.066861][T22365] 
[  453.066861][T22365] but task is already holding lock:
[  453.069575][T22365] ffff888028e25f70 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0x60b/0x2be0
[  453.073268][T22365] 
[  453.073268][T22365] which lock already depends on the new lock.
[  453.073268][T22365] 
[  453.077286][T22365] 
[  453.077286][T22365] the existing dependency chain (in reverse order) is:
[  453.080888][T22365] 
[  453.080888][T22365] -> #2 (&nr_node->node_lock){+...}-{3:3}:
[  453.084117][T22365]        _raw_spin_lock_bh+0x33/0x40
[  453.086278][T22365]        nr_rt_device_down+0x188/0x7f0
[  453.088467][T22365]        nr_device_event+0x126/0x170
[  453.090580][T22365]        notifier_call_chain+0xb7/0x410
[  453.092896][T22365]        call_netdevice_notifiers_info+0xbe/0x140
[  453.095568][T22365]        dev_close_many+0x333/0x6a0
[  453.097639][T22365]        dev_close+0x181/0x230
[  453.099586][T22365]        bpq_device_event+0x820/0xaf0
[  453.101535][T22365]        notifier_call_chain+0xb7/0x410
[  453.103759][T22365]        call_netdevice_notifiers_info+0xbe/0x140
[  453.106285][T22365]        dev_close_many+0x333/0x6a0
[  453.108380][T22365]        dev_close+0x181/0x230
[  453.110118][T22365]        bond_enslave+0x1f67/0x6040
[  453.112338][T22365]        bond_do_ioctl+0x60e/0x6d0
[  453.114190][T22365]        dev_ifsioc+0x1ea/0x10b0
[  453.116532][T22365]        dev_ioctl+0x224/0x10c0
[  453.118483][T22365]        sock_do_ioctl+0x19e/0x280
[  453.120545][T22365]        sock_ioctl+0x228/0x6c0
[  453.122455][T22365]        __x64_sys_ioctl+0x190/0x200
[  453.124703][T22365]        do_syscall_64+0xcd/0x250
[  453.127010][T22365]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.129600][T22365] 
[  453.129600][T22365] -> #1 (nr_node_list_lock){+...}-{3:3}:
[  453.132588][T22365]        _raw_spin_lock_bh+0x33/0x40
[  453.134217][T22365]        nr_rt_device_down+0xd5/0x7f0
[  453.135887][T22365]        nr_device_event+0x126/0x170
[  453.137614][T22365]        notifier_call_chain+0xb7/0x410
[  453.139344][T22365]        call_netdevice_notifiers_info+0xbe/0x140
[  453.141377][T22365]        dev_close_many+0x333/0x6a0
[  453.142987][T22365]        dev_close+0x181/0x230
[  453.144654][T22365]        bpq_device_event+0x820/0xaf0
[  453.146335][T22365]        notifier_call_chain+0xb7/0x410
[  453.148063][T22365]        call_netdevice_notifiers_info+0xbe/0x140
[  453.150063][T22365]        dev_close_many+0x333/0x6a0
[  453.151699][T22365]        dev_close+0x181/0x230
[  453.153154][T22365]        bond_enslave+0x1f67/0x6040
[  453.154749][T22365]        bond_do_ioctl+0x60e/0x6d0
[  453.156339][T22365]        dev_ifsioc+0x1ea/0x10b0
[  453.157792][T22365]        dev_ioctl+0x224/0x10c0
[  453.159216][T22365]        sock_do_ioctl+0x19e/0x280
[  453.160852][T22365]        sock_ioctl+0x228/0x6c0
[  453.162246][T22365]        __x64_sys_ioctl+0x190/0x200
[  453.163919][T22365]        do_syscall_64+0xcd/0x250
[  453.165463][T22365]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.167471][T22365] 
[  453.167471][T22365] -> #0 (nr_neigh_list_lock){+...}-{3:3}:
[  453.169823][T22365]        __lock_acquire+0x249e/0x3c40
[  453.171520][T22365]        lock_acquire.part.0+0x11b/0x380
[  453.173217][T22365]        _raw_spin_lock_bh+0x33/0x40
[  453.174857][T22365]        nr_remove_neigh+0x1a/0x290
[  453.176467][T22365]        nr_add_node+0x23d1/0x2be0
[  453.178016][T22365]        nr_rt_ioctl+0x126e/0x29e0
[  453.179572][T22365]        nr_ioctl+0x19a/0x2e0
[  453.181042][T22365]        sock_do_ioctl+0x116/0x280
[  453.182587][T22365]        sock_ioctl+0x228/0x6c0
[  453.184110][T22365]        __x64_sys_ioctl+0x190/0x200
[  453.185745][T22365]        do_syscall_64+0xcd/0x250
[  453.187354][T22365]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.189380][T22365] 
[  453.189380][T22365] other info that might help us debug this:
[  453.189380][T22365] 
[  453.192452][T22365] Chain exists of:
[  453.192452][T22365]   nr_neigh_list_lock --> nr_node_list_lock --> &nr_node->node_lock
[  453.192452][T22365] 
[  453.196574][T22365]  Possible unsafe locking scenario:
[  453.196574][T22365] 
[  453.198785][T22365]        CPU0                    CPU1
[  453.200430][T22365]        ----                    ----
[  453.202215][T22365]   lock(&nr_node->node_lock);
[  453.203805][T22365]                                lock(nr_node_list_lock);
[  453.206357][T22365]                                lock(&nr_node->node_lock);
[  453.208973][T22365]   lock(nr_neigh_list_lock);
[  453.210639][T22365] 
[  453.210639][T22365]  *** DEADLOCK ***
[  453.210639][T22365] 
[  453.213090][T22365] 1 lock held by syz.2.5905/22365:
[  453.214885][T22365]  #0: ffff888028e25f70 (&nr_node->node_lock){+...}-{3:3}, at: nr_add_node+0x60b/0x2be0
[  453.217692][T22365] 
[  453.217692][T22365] stack backtrace:
[  453.219461][T22365] CPU: 0 UID: 0 PID: 22365 Comm: syz.2.5905 Not tainted 6.13.0-rc4-syzkaller-00078-g059dd502b263 #0
[  453.222680][T22365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  453.225937][T22365] Call Trace:
[  453.226950][T22365]  <TASK>
[  453.227861][T22365]  dump_stack_lvl+0x116/0x1f0
[  453.229290][T22365]  print_circular_bug+0x419/0x5d0
[  453.230811][T22365]  check_noncircular+0x31a/0x400
[  453.232397][T22365]  ? __pfx_check_noncircular+0x10/0x10
[  453.234345][T22365]  ? lockdep_lock+0xc6/0x200
[  453.236359][T22365]  ? __pfx_lockdep_lock+0x10/0x10
[  453.238071][T22365]  ? kmemdup_noprof+0x29/0x60
[  453.239523][T22365]  ? nr_ioctl+0x19a/0x2e0
[  453.240843][T22365]  __lock_acquire+0x249e/0x3c40
[  453.242409][T22365]  ? __pfx___lock_acquire+0x10/0x10
[  453.243995][T22365]  ? __pfx___lock_acquire+0x10/0x10
[  453.245581][T22365]  lock_acquire.part.0+0x11b/0x380
[  453.247144][T22365]  ? nr_remove_neigh+0x1a/0x290
[  453.248648][T22365]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  453.250346][T22365]  ? rcu_is_watching+0x12/0xc0
[  453.251868][T22365]  ? trace_lock_acquire+0x14e/0x1f0
[  453.253457][T22365]  ? rcu_is_watching+0x12/0xc0
[  453.255512][T22365]  ? nr_remove_neigh+0x1a/0x290
[  453.257095][T22365]  ? lock_acquire+0x2f/0xb0
[  453.258490][T22365]  ? nr_remove_neigh+0x1a/0x290
[  453.260000][T22365]  _raw_spin_lock_bh+0x33/0x40
[  453.261469][T22365]  ? nr_remove_neigh+0x1a/0x290
[  453.263001][T22365]  nr_remove_neigh+0x1a/0x290
[  453.264566][T22365]  nr_add_node+0x23d1/0x2be0
[  453.266485][T22365]  nr_rt_ioctl+0x126e/0x29e0
[  453.268427][T22365]  ? __pfx_nr_rt_ioctl+0x10/0x10
[  453.270072][T22365]  ? __pfx_lock_release+0x10/0x10
[  453.271609][T22365]  ? bpf_lsm_capable+0x9/0x10
[  453.273057][T22365]  ? security_capable+0x7e/0x260
[  453.274616][T22365]  nr_ioctl+0x19a/0x2e0
[  453.275919][T22365]  sock_do_ioctl+0x116/0x280
[  453.277329][T22365]  ? __pfx_sock_do_ioctl+0x10/0x10
[  453.278891][T22365]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  453.280855][T22365]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  453.282809][T22365]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  453.284869][T22365]  sock_ioctl+0x228/0x6c0
[  453.286220][T22365]  ? __pfx_sock_ioctl+0x10/0x10
[  453.287732][T22365]  ? selinux_file_ioctl+0x180/0x270
[  453.289307][T22365]  ? selinux_file_ioctl+0xb4/0x270
[  453.290881][T22365]  ? __pfx_sock_ioctl+0x10/0x10
[  453.292382][T22365]  __x64_sys_ioctl+0x190/0x200
[  453.293858][T22365]  do_syscall_64+0xcd/0x250
[  453.295273][T22365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.297064][T22365] RIP: 0033:0x7f1e5eb85d29
[  453.298420][T22365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.304281][T22365] RSP: 002b:00007f1e5fa7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  453.306840][T22365] RAX: ffffffffffffffda RBX: 00007f1e5ed76080 RCX: 00007f1e5eb85d29
[  453.309242][T22365] RDX: 0000000020000280 RSI: 000000000000890b RDI: 0000000000000004
[  453.311667][T22365] RBP: 00007f1e5ec01b08 R08: 0000000000000000 R09: 0000000000000000
[  453.314216][T22365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  453.316929][T22365] R13: 0000000000000001 R14: 00007f1e5ed76080 R15: 00007ffeaffc0d78
[  453.319362][T22365]  </TASK>

VM DIAGNOSIS:
00:00:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851bc915 RDI=ffffffff9ab0fb60 RBP=ffffffff9ab0fb20 RSP=ffffc9000ff87178
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36
R12=0000000000000000 R13=0000000000000030 R14=ffffffff851bc8b0 R15=0000000000000000
RIP=ffffffff851bc93f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f1e5fa7d6c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1e5fa7cf98 CR3=0000000054602000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000000000e8 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02a9a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02aa7
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02aa1
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02ab5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02b3b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02c19
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ed4b488 00007f1e5ed4b480 00007f1e5ed4b478 00007f1e5ed4b450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5f8ad100 00007f1e5ed4b440 00007f1e5ed4b458 00007f1e5ed4b4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ed4b498 00007f1e5ed4b490 00007f1e5ed4b488 00007f1e5ed4b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff350d79c RBX=0000000000065882 RCX=0000000000000001 RDX=dffffc0000000000
RSI=0000000000000007 RDI=0000000000065882 RBP=000000000000000c RSP=ffffc90003917780
R8 =0000000000000001 R9 =fffff9400032c406 R10=ffffea0001962037 R11=dffffc0000000000
R12=ffffea0001962080 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff81eec3cf RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000555573d4f500 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f9d4d544f98 CR3=0000000064756000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00317a79732f7570 632e70756f726763
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02a9a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02aa7
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02aa1
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02ab5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02b3b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294c02c19
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 eec2c05c6f5d1880 6932015744f9ec0b 8d4da996f3443739 e153765f15cdf1c6
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb2958ad100 00007fb294d4b440 00007fb294d40004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb294d4b498 00007fb294d4b490 00007fb294d4b488 00007fb294d4b480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000080000101 RBX=ffff88806a8404c8 RCX=ffffffff8918cc6f RDX=ffff88803bafa440
RSI=ffffffff890c5ef6 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90000658d00
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=00000000000a4001
R12=0000000000000040 R13=0000000000000001 R14=ffff88806a8404d8 R15=ffffc90000658de8
RIP=ffffffff819a15e1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f1e5fa9e6c0 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020011038 CR3=0000000054602000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000008 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557710c2ea 000055557710ba70
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557709cb87 000055557709c7b0
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f602000ad20302f6 02000ad00302f602 000ace0300000030 7a797301ffffffff
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffffff1080ac0 0307fffe08000ab8 0300000000000000 0000000000307170
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6201ffffffffffff ffffdf080a960300 02000a9403018002 000a920301800200
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a9003018002000a 8e0302d002000a8c 0302cc02000a8a03 02c402000a880302
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0304040012800308 10000280044a0800 0208000100000208 060a0156ca02efce
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1280040100000208 06060103900ff080 8082048800128803 02b8c20484001284
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000a8003001000 01808080ba100003 ff80040100000208 06080144f8201000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010a800404a49608 0001000000080606 012ee60402000bde 03018002000bdc03
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=ffff888045c42440 RCX=1ffff1100d4c4342 RDX=ffff888045c42860
RSI=0000000000000000 RDI=ffffffff8da77ce0 RBP=ffff88806a621a10 RSP=ffffc90000708968
R8 =0000000000000000 R9 =fffffbfff20be6ca R10=ffffffff905f3657 R11=ffffffff816bc2de
R12=ffff888045c42870 R13=0000000000000002 R14=0000000000000000 R15=ffff88801c6c0000
RIP=ffffffff816beb4f RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000002000f038 CR3=0000000054602000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeaffc1110 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02a9a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02aa7
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02aa1
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02ab5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02b3b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e5ec02c19
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000