last executing test programs:

4m29.653893457s ago: executing program 2 (id=408):
openat$vmci(0xffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt(r3, 0x1, 0x2, &(0x7f0000000000)=""/166, &(0x7f00000000c0)=0xa6)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd(0xfffffffe)
ioctl$KVM_IOEVENTFD(r5, 0x4040ae79, &(0x7f00000002c0)={0x0, 0x0, 0x4, r6, 0xb})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x10003, 0x3, 0xeeef0000, 0x2000, &(0x7f0000009000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

4m28.676364025s ago: executing program 2 (id=414):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000008000000000000000000007301"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000a00), 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0xabbfef308bf18ce3, &(0x7f0000000200)={0x11, 0x8100, 0x0, 0x1, 0xe0}, 0x14)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
syz_io_uring_setup(0xefc, &(0x7f0000000200)={0x0, 0x2344, 0x10100}, &(0x7f0000000140), &(0x7f0000000580))

4m27.746432526s ago: executing program 2 (id=417):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
accept4(r1, &(0x7f0000000140)=@generic, 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)

4m27.624556307s ago: executing program 2 (id=419):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

4m27.554699139s ago: executing program 2 (id=420):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
chdir(&(0x7f0000004340)='./file0\x00')
write$FUSE_INIT(r0, &(0x7f00000066c0)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
read$FUSE(r0, &(0x7f0000006740)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f00000063c0)={0x10, 0x0, r2}, 0x10)

4m27.284826291s ago: executing program 2 (id=421):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80)
ioctl$SNDRV_PCM_IOCTL_PREPARE(r0, 0x4140, 0x0)

4m27.264449289s ago: executing program 32 (id=421):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80)
ioctl$SNDRV_PCM_IOCTL_PREPARE(r0, 0x4140, 0x0)

1m33.064555251s ago: executing program 4 (id=2407):
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_io_uring_setup(0x2000d2, &(0x7f0000000840)={0x0, 0x0, 0x405, 0xfffffffd}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x3}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000012c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x7fff}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
socketpair(0x2b, 0x2, 0x7, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="54d34d7b681c90c4a09619e5d2ec8f27fa434f2504cdb1777409d31f5cb62c6229f010b97a4ee14b7619e89bc4d91d1ed49e84da6e55ce0f1c1c6ddeb128c7c5697de4724db7e44d55a5cf39f75b835aa5d80c54ac31102d6816240b396367e235034e29333f3ae45d08fc3fad2009ae2b83a2a59cd5ee8deb2fcd1286fadf1d6b90b13f47dcbdfe83d240e9207cf5d0fe", @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000004200)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x0, 0x0, 0xffff}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0xa000}}}, 0x0, 0x0, 0x0, 0x0})
readlink(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000540)=""/179, 0xb9)
read$FUSE(r5, &(0x7f000000ac00)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000280)={0x50, 0xffffffffffffffb4, r7, {0x7, 0x24, 0x0, 0x0, 0xfffe}}, 0x50)
r8 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
sendmsg$inet6(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="5a6871908ddfe3ee43aa1160a73753ce6cab32d184de576a9f314969c1d7546399a47258ea86bbd3febfc84e58f64d32bb361e0af645bad480a103ab7d7fa2404622f26e7f7e668a4d7e5aee1276dc1d52b170003659e627d012cdf5dcb438b8ae0bf19e6c992c68011b7297da8b53655071195f55e0d68ff3a297520e6cd6b2b46822b62f0fa2c9bd78d970b17a23e4096c1aeb98ba30c29a9003ba384101a9bb1ac802a76ec09284effc42886e77fe283439bc49a035bc4699ea3f5f049025dcb27f3bef88634d63ce70dd8756f4bf3100e3fd83131acc6bf88380dd4b1a277f8381d96c02860d605007f25c76d3893b32f43bca88d104b67b9d", 0xfb}, {&(0x7f0000000400)="00d7dcfa632a50c7e2ca9e926aeeec4fd3a058afd83637984e4fc7799bb4d0a6d9952b4862fc0945febba09dd36d7d003a3f2bee15f73ecad8dcced49ebac0ee82b73e666fca9ee06e8fc276d930ca363e81ded9ab4bcfcfc746dde920ce0abd805d7a1139f2a0c3f865aecd944ba7dcc411355fe0fe30c6cc64fd3cc4bbefee8c1796025bb0a941efb1f7992b1f24f68f515efddd644231ab042280db0adc93716380eaf6595835be9246bd9db97a73a284f3bc2dcfeb22599809286d6a441d01abf014aba8eefcf9340f040a0bd5b63b3786b599938d86334cb1aec10768baebac305c82b7be492d10bc022fce5c4c0cff2dd7abe171558eb482156e5472f8eb8c3c4bb1750f00c0ffb2abe4bb3468f3e07bfc15f5ebbd7affadadc5047d2c82b1d075abb7c70d7a305dff7966a8f115699f773442b9b7d57173872ad693d7090b7d946c03ef5f2664400ec4f99b646a21af47f083d9b22fbfaaca86ec515a3298e94f69392bb3bd0af1ef49c7065e8ced08ade3bed0f72e9796f8365623fb405eb5a7b7ca84eb9acb24c58a1cb13c21474eb50c51f664156f53fb44a99ec636d673516c5de2a8bcf8827d6fee81b9b0c414f0eb2db33f5c8ea413b27a6db22b5090e55b9969178a5bb37bc047f59882521d0a730189c48cedd7a6571878ab68ef9fa96bc8a32f50f0c58b1e73828b9ff4194b481b72ef0cc8a0c0bc680f5ef6c81af6da535032e813a47f57f7c3eaf713c07507fa1645bc06989ceb43c0c48dcf92fb37057d4e0adece1e8b4d5b71ebb4b2b3732ecae1dae529e18056b2c21995ec2051a1453fc435c17a7a864c6761453d71d0368cc163dde0dd2423079c3b461b1271404bbb7cce5214b9733c24fb8b48c185a1d2790284848da41a6ddff3b7356ba9ed03ceb3cf346a65b4565e3a6b4dca9ff6955cc8689fc2804b0b34f45fadbd7fab3265f4d8e52c2b0fe0dc4714af1f9d3b2ca9ef9ae1a24c79ac01162ad54ee28bf1aba50a5c395f5a5632c361b070e38b", 0x2d6}], 0x2}, 0x40001080)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000100)=@gcm_128={{0x303}, "fd9192068590ef44", "4ded6853efa14266912ec2cb350be183", "15861006", "84d6d4ab8749281f"}, 0x28)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r8)
ppoll(&(0x7f0000001240)=[{r8, 0x6203}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)

1m30.084844911s ago: executing program 4 (id=2439):
mkdir(&(0x7f0000000400)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x10) (async)
socket$tipc(0x1e, 0x5, 0x0) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540)) (async)
r2 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x7, 0x7, 0x1000}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700}) (async)
semctl$GETZCNT(0x0, 0x0, 0x10, 0x0) (async)
syz_usb_control_io(r2, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r3, 0x104, 0x5, &(0x7f0000000040)=0x5, 0x4) (async)
setresuid(0x0, 0xee00, 0xee00) (async)
r4 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r4, 0x1, 0x24, &(0x7f0000000000), 0x4)
syz_usb_disconnect(r2)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[], 0x0) (async)
syz_usb_disconnect(r2)

1m30.014950672s ago: executing program 4 (id=2441):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000a40)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000100)={0x24, r0, 0x1, 0x0, 0x1, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (fail_nth: 8)

1m29.854081425s ago: executing program 4 (id=2444):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRES16=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r2}, 0x10)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f0000000080)='./file0\x00')

1m29.852901437s ago: executing program 4 (id=2446):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x500, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)

1m29.585037659s ago: executing program 4 (id=2450):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = open(&(0x7f0000000140)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
flock(r1, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)

1m29.582249087s ago: executing program 33 (id=2450):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = open(&(0x7f0000000140)='.\x00', 0x0, 0x0)
flock(r1, 0x2)
flock(r1, 0x1)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0)

50.374675665s ago: executing program 1 (id=2983):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000100)="0fa26667f046836b0876650fc71a66ba4100edb9800000c00f323500100000b93f0800000f32420f017805450f0866b8af008ed86446d8e4b8010000000f01d9", 0x40}], 0x1, 0x9, 0x0, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYBLOB="020000000000000000001b2607d097383aa54345b105aa69e9e8000004000000030000db070000000800000031690000ffffff02"])
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r3, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvfrom(r3, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)

49.337315285s ago: executing program 1 (id=3009):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f0000000040)={'ip6_vti0\x00', <r1=>0x0, 0x29, 0x6, 0x5d, 0x200, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, @private1, 0x40, 0x80, 0x3ff, 0x2}})
r2 = socket(0x10, 0x2, 0x0)
write(r2, &(0x7f0000000280)="1c0000001a009b8a140000003b9b301f00"/28, 0x32)
recvmmsg(r2, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000000100)={'sit0\x00', r1, 0x1, 0x8000, 0x0, 0x5f, {{0xc, 0x4, 0x3, 0x26, 0x30, 0x67, 0x0, 0x9, 0x0, 0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_addr={0x44, 0x1c, 0xf1, 0x1, 0x6, [{@broadcast, 0x8}, {@loopback}, {@broadcast, 0x5}]}]}}}}})
r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = syz_io_uring_setup(0xd3f, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x528d}, &(0x7f0000000380)=<r5=>0x0, &(0x7f00000002c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd, 0x3, 0x0, 0x100, 0x5})
io_uring_enter(r4, 0xce3, 0x0, 0x0, 0x0, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x0, 0x12, r3, 0x0)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000100)=@e={0xff, 0xc, 0x0, 0x0, @generic, 0x0, 0x0, 0x1})
r8 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x28011, r8, 0x0)

49.263068804s ago: executing program 1 (id=3011):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x3, 0x7, 0x52424752, 0xf0, 0x8000, 0x3, 0x6, 0xf, 0x1, 0x7, 0x0, 0x1}})

49.262839599s ago: executing program 1 (id=3012):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0xe2)
ftruncate(r1, 0x3f)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r2, 0x0, 0x30, 0x9, @val=@uprobe_multi={&(0x7f00000028c0)='./file0\x00', &(0x7f0000002900)=[0x4], 0x0, 0x4, 0x1}}, 0x40)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x3b, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xc, 0x2, {{0x100, 0x9, 0x80, 0x0, 0xffffffff, 0x1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000485}, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x4)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x4, &(0x7f0000001200)={&(0x7f0000001080)=ANY=[@ANYBLOB="380000000314010000000000000000000900020053797a310000000808004100736977001400330073797a6b616c6c657230"], 0x38}}, 0x0)

49.145263362s ago: executing program 1 (id=3015):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6, 0x0, <r7=>0x0})
syz_clone(0x80, &(0x7f0000000000)="b2acc68c3ff28bb10bdd093288c9a1e6deb2ba921ce3537282d4cad30b7272b7f57a0aebd1543d34a1e540e7d4b9bcd760b311a8351d868032e1b77346beddf6531bb540b17f8153295da7bfe083b6af9cadccdaf1e0791bbdba2ead529ae6b913cde71bd07cd315425dbdad48843b8cd3b20423ca85cd2e22f00ac463556f008b8dd76e110f854edc", 0x89, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map, 0xffffffffffffffff, 0x5, 0x0, 0x0, @void, @value}, 0x10)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000000c0)={0x3, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000001c0)={0x15, 0x1, 0x3})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r5, 0xc00464b4, &(0x7f0000000400)={r7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87, r8}, './file0\x00'})
ioctl$EVIOCGBITSND(r0, 0x8000450a, 0x0)

49.081159261s ago: executing program 1 (id=3016):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_clone3(&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, &(0x7f00000010c0)=[0x0], 0x1}, 0x58)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp_status(&(0x7f0000bdd000/0x3000)=nil, 0x1000, 0x3000004, 0x12, r4, 0x82000000)
creat(0x0, 0x0)

33.064018637s ago: executing program 34 (id=3016):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_clone3(&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, &(0x7f00000010c0)=[0x0], 0x1}, 0x58)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
mmap$snddsp_status(&(0x7f0000bdd000/0x3000)=nil, 0x1000, 0x3000004, 0x12, r4, 0x82000000)
creat(0x0, 0x0)

3.099729341s ago: executing program 6 (id=3574):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r5, 0x4008ae8a, 0x0)
tee(r1, r2, 0x10000000000000, 0x0)
ioctl$SG_BLKSECTGET(r2, 0x1267, &(0x7f0000000240))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
madvise(&(0x7f00007f2000/0x2000)=nil, 0x2000, 0x9)
madvise(&(0x7f00007c6000/0x1000)=nil, 0x1000, 0x2)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001980)={0xb, {"a2e3ad214fc752f9182909094bf70e0dd038e7ff7fc6e5539b324c078b089b32353b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5d38300d074c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc018aa06, &(0x7f00000001c0)={{&(0x7f00004f6000/0x2000)=nil, 0x2000}, 0x2})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)
mbind(&(0x7f00008d9000/0x4000)=nil, 0x4000, 0x0, &(0x7f0000000140)=0x54, 0x6, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r10, 0xc0d05605, &(0x7f0000000040)={0x1, @pix={0x3, 0x7, 0x52424752, 0x4, 0x7, 0x2, 0x6, 0xf, 0x1, 0x7, 0x0, 0x1}})

2.08437738s ago: executing program 6 (id=3579):
r0 = socket(0x2b, 0x2, 0x1)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x561, @remote, 0xd}, 0x1c)

2.084152908s ago: executing program 6 (id=3580):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="08100800010000000000200000004598b60200000000002f90780700000092b9d001000022eba6dae094091d1eae023d8b39c70b125d32071244acf3d1f95d6e2ac1493ddaf72fa9dccb67839058f7ec9b2e541749cbe31741b47e0ea051ca940e453f3cf22c5abb5791055c57eef79c5b6ba443b1b16d7cd1a23be05f6786c46adb208cb3f7a74a1b7401f40f5a591198fc5f88187154b428482216325d64bff1c179c8dbbdf2a760", @ANYRES32=0x41424344, @ANYRESHEX=r1, @ANYRESHEX=0x0], 0xfdef)

1.956155904s ago: executing program 6 (id=3581):
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000005c0)=""/202, 0xca}], 0x1)
connect$can_bcm(r0, &(0x7f0000000040), 0x10)
sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000001bbb8389a46eb7225600dde7", @ANYRES64=0x0, @ANYRES64=0x2710], 0x80}}, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x445b, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="05a300000000000071"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0700580c"], 0xa)

1.164964428s ago: executing program 0 (id=3588):
r0 = userfaultfd(0x801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f00000000c0))
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r2, 0x4b72, &(0x7f0000000040)={0x1, 0x0, 0x1c, 0x1, 0x20000188, &(0x7f0000000a40)})
sendmsg$nl_xfrm(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="6800000015000100000000000000ff00fe8800000000000000000000800000010000000000000000000000000000000000040000000000000000b10000000000", @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\f\x00\b'], 0x68}}, 0x0)
ioctl$BTRFS_IOC_START_SYNC(r1, 0x80089418, &(0x7f0000000940)=<r3=>0x0)
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000980)={{r0}, r3, 0x28, @unused=[0x6, 0x3, 0x2, 0xbc], @subvolid=0x1})
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000001a40)=@generic={&(0x7f0000001980)='./file0\x00', 0x0, 0x10}, 0x18)
r4 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x532d43, 0x0)
recvmsg$unix(r4, &(0x7f00000008c0)={&(0x7f00000000c0), 0x6e, &(0x7f0000000740)=[{&(0x7f0000000200)=""/212, 0xd4}, {&(0x7f0000000140)=""/36, 0x24}, {&(0x7f0000000300)=""/117, 0x75}, {&(0x7f0000000380)=""/42, 0x2a}, {&(0x7f0000000440)=""/5, 0x5}, {&(0x7f0000000480)=""/100, 0x64}, {&(0x7f0000000500)=""/51, 0x6d}, {&(0x7f0000000640)=""/233, 0xe9}, {&(0x7f0000000540)=""/133, 0x85}], 0x1000000000000262, &(0x7f0000001a80)=[@rights={{0x10}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r6=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x98}, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000900)={{&(0x7f0000a79000/0x2000)=nil, 0x2000}, 0x2})
r7 = socket(0x200000000000011, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r9=>0x0})
bind$packet(r7, &(0x7f0000000180)={0x11, 0x2, r9, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x6}}, 0x14)
ioctl$DRM_IOCTL_SET_UNIQUE(r6, 0x40106410, &(0x7f0000001c40)={0x42, &(0x7f0000001bc0)="914323cc152e71d061df8c0c00702966cc65032a3984cd22ec6eeb575e56fa781e6bb9df9ca83d72f43403d83cf8389055e4a69efb7d311935e90a4807ec5162e1c9"})
sendmsg$nl_route(r5, &(0x7f0000001b40)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000880)={&(0x7f0000000840)=ANY=[@ANYBLOB="3c000000680020002cbd7000ffdbdf250a0002000400000008000500", @ANYRES32=r9, @ANYBLOB="14000600ff010000000000000000f9ffffff00010600030000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r10, 0x0, 0x5}, 0x18)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000600))
r11 = socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c00000013000100000000000000000007000000", @ANYRES32, @ANYBLOB="00000000000000000c001a800800058004000380"], 0x2c}}, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f00000019c0)={0x60, 0x3, &(0x7f0000846000/0x1000)=nil, &(0x7f0000d4c000/0x2000)=nil, 0x8, &(0x7f0000001980), 0x0, 0x4, 0xd, 0x30, 0x20})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f00002b3000/0x2000)=nil, 0x800000})

1.15197676s ago: executing program 0 (id=3589):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2715, 0x0, &(0x7f0000000040))
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="1400000004000000080000000600000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f000000e400)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0xa68d7c519e801be0, 0x0, 0x0, 0x1d45}}, 0x50)
close(r5)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r7 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r7, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r4, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r7}, 0x20)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x9, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'virt_wifi0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'gretap0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000140)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

1.085243964s ago: executing program 0 (id=3590):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
chmod(&(0x7f0000000080)='./file1\x00', 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000040)='./file0/file0\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r1}, 0x11)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$unix(0x1, 0x5, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000380), 0x100, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
syz_80211_join_ibss(&(0x7f0000000140)='wlan1\x00', &(0x7f0000000040)=@default_ibss_ssid, 0xb, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000180)="1b0000002000190f00003fffffffda0602000000ffe80001dd0000", 0x1b}], 0x1)
unlink(&(0x7f0000000180)='./file1\x00')
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mknodat$loop(r8, &(0x7f0000000100)='./bus\x00', 0x0, 0x0)
r9 = open(&(0x7f0000000300)='.\x00', 0x10000, 0x0)
renameat2(r9, &(0x7f00000004c0)='./bus\x00', r7, &(0x7f0000000500)='./file0\x00', 0x0)

1.036462325s ago: executing program 0 (id=3591):
r0 = add_key(&(0x7f0000000080)='big_key\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000000)='z', 0x1, 0xffffffffffffffff)
keyctl$assume_authority(0x10, r0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
syz_emit_ethernet(0x127, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004fdf011900640000f221907864010102ffffffff440c4cd37f00000100000005891f097f0000017f000001e000000100000400ac1414aaac14143200000000863bffffffff0609cb86b5532e2831000a05a3f0a2ee7dba3d4f109383c4555e77aa0e2350d4a2004c020ab03c140e4c8df32c02089189442d5c3f00004e224e2204219078b419e48d002585651f427c71ddbecddcaa943609336027294738b6e6495cc5cb55d4e06eabafacec96db416436f3e54a8d1be000ccc73fe9240754721da9e39908e76181430e84c062c33819a5d5977817acadeef0ac22871940f90af8d9f1fbe1c8bfb076c2deade61200e70bfdc31f92f4cb3e04dec2b8b741843766d18abd772e1cb234ea304fc96566b9c99406910d97f06a9fd4"], 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x3, 0x7, 0x58565559, 0x0, 0x8000, 0x3, 0x6, 0xf, 0x1, 0x7, 0x0, 0x1}})

1.036112455s ago: executing program 0 (id=3592):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000004}, 0x11)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

962.010626ms ago: executing program 0 (id=3593):
r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xa6, 0x9b, 0xbc, 0x10, 0x954f, 0x4199, 0xf76, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x4, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x33, 0x2, 0x2, 0x2, 0xc, 0x7, 0x0, [], [{{0x9, 0x5, 0x1, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000200)={0x4, 0x3})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$MON_IOCX_GETX(r0, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})

961.781026ms ago: executing program 6 (id=3594):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4001, 0x7000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)

812.714345ms ago: executing program 3 (id=3597):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x6000, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)

812.25856ms ago: executing program 3 (id=3598):
r0 = socket$kcm(0x10, 0x3, 0x10)
r1 = io_uring_setup(0x6eaf, &(0x7f00000000c0)={0x0, 0xc974, 0x4, 0x3, 0x279})
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000f40)={&(0x7f0000001000)={[{&(0x7f00000001c0)="7deb2c93d01930b95d214e21fc3cc912bda6826d9c0bf8ef427c80e108e9b015191b7a7a0969df3377a94ef2441d911faa808c6c7af4068dab71d915da203b344c46a4181cfbba1891296de6871de336cca777a586fdf744dab632e03ee234af152a13ad4538b30485622b95ff7b31d09fe20634a0a0f0dc671b62bfe033b3034bf8d6060e16fcb73f0f2ed966faaab642f742e476b010785c8e4ca488cbb23bc417bf61d26afc0debd7ac664fab870351a0bd983d539eb551a6d632d447a91fa6597d1679a3500d2463b3ee4bd99dc6af00d877ec8b12fc95cd442221a4e3d4af1863d6d26f7afafff511", 0xeb, 0x2}, {&(0x7f00000002c0)="6f01cdf59de3f9e5c092fee10b6afa4cbc80531e271f1812fe2b33734ab7922bba9559e42a512358f0df23bc94c5037a0b37ad40ce6f340587531433bf0dc235ac45b41fe1faf9951b10c18271ac6b22a1d1b6e9296383ab29e58aff4ed5b9cc714962d2318f42479f9619459a6109bb1db201a6a1599b6fa90415abd0e6ed8f3363608c3a271c73d11ffb0f452093c3692802b578b765c684f6444491ecfcd5f8d0b0ca69cb910832ecd178ac97ea0657d0fc3758be9981031d87653926661a3ac3e16d418e565c73bb3781e70fdc0cc39c1e81390e281a73521ccea27591d9d6d5b5b01e5e6f3023263569d0bcefaf5c1e", 0xf2, 0x1}, {&(0x7f0000000c80)="0406cfedfed1af8ddca29b6fb18d220d01d8e8c502b96d69f85a5b80b22b35442e65c02ea2e21c7ff4aa25f8f05a98b6e815c1a7f49f60c620f1707e9ddf52791935efda8fd42069201bae00904a586478f18f309780c5de2e2f2f8af5e2f8f0da23", 0x62}, {&(0x7f0000000d00)="f96650c6d007eb7a6989e6a202c0f380b13e8469a9d7ec1dcea6c616a24323213ba458591a2fc64b60f7f81397d735891a6191633ea690d28d0eb76fb6ad2752cd3fe7c02a908a360418d1b3e841f4d7b1182515239d20243c71034e15d6ed8a9ed76437cc9c904cd4ab52eec766d06c2356d7a48bd663ee437dacb379859c9ccd094e275667c6797b9ff0d38cf5bf4d37d52bcddd776113a1655f", 0x9b, 0x2}, {&(0x7f0000000dc0)="81261bc630bf69cdbd79b34e01be5d14265fa2958003565722bb9e308e54f9d454eb88e3d6a846332aa3575d1344c9f85f66e9ee399480b15c5ced3592a042c227283299c5acfe4f1a69152c24740e306cf2b95681a0994eba7b1129154b88e1dafb441ddeb66c5e6a96ab09adf892843a1bbe7da6241f40862c1217d9a21da726", 0x81, 0x3}, {&(0x7f0000000e80)="b35827c3f86d8cd93d88810d3dad3378d12f1e357252e6b052fbf52edf6d59df11aafdf62571c078664303766134861ad1361e51af3f5bbdfe2adf5a2305f5b63089f948dc7ae39d837ddc070fb27a028eece0f475d3b4d1f6f7b1aca5af69f23d016351ff926ce754c24f746fa19df6", 0x70, 0x2}, {&(0x7f0000000f00), 0x0, 0x2}]}, 0x7}, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x8bc, 0x2c, 0x400, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0xfff0}, {0x4, 0xa}, {0xfff2, 0x7}}, [@filter_kind_options=@f_flower={{0xb}, {0x18, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'pimreg\x00'}]}}, @TCA_CHAIN={0x8, 0xb, 0xc}, @filter_kind_options=@f_bpf={{0x8}, {0x854, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_OPS={{0x6, 0x4, 0x2}, {0x14, 0x5, [{0x1d, 0x3, 0x1, 0x8}, {0x2, 0x6, 0x40, 0xfffffff7}]}}, @TCA_BPF_FLAGS={0x8}, @TCA_BPF_POLICE={0x824, 0x2, [@TCA_POLICE_RATE={0x404, 0x2, [0x63b, 0x7, 0x1000, 0x8001, 0x7, 0x1, 0x3b0517f4, 0x3, 0x200, 0x1, 0x2, 0xde, 0x92b6, 0x3ff, 0x2, 0x0, 0xffffff12, 0xfffffff7, 0x3, 0x101, 0x8000, 0x9, 0x0, 0xb, 0xd, 0xffffffff, 0xffff4711, 0x5, 0x7, 0x9, 0x10001, 0x8, 0x4, 0x6, 0x6, 0x6, 0x100, 0x8001, 0x5, 0x9, 0x3, 0x9, 0x4, 0x80, 0x5, 0x6, 0x7fff, 0x3, 0x2, 0x2, 0xc, 0xefc, 0x0, 0x6, 0x6, 0xf0b, 0x5a, 0x4, 0x9b, 0x5, 0x7, 0x1, 0x9, 0x81, 0x1e, 0xfff, 0xffffffff, 0x3, 0x3, 0x3, 0x4d6ba80d, 0x80000000, 0x4, 0xa, 0x8, 0x8, 0x121f, 0x3, 0xa, 0x1ff, 0x1ff, 0x0, 0x86f3, 0x0, 0x2, 0x5, 0x10000, 0x0, 0xd, 0x3, 0x3, 0x77cd, 0x3, 0x9, 0x7, 0x5, 0x7, 0x9, 0x9, 0x81, 0x3, 0x2, 0xfff, 0x4, 0x5, 0x23f1, 0x0, 0xb3d, 0x8, 0x2, 0x5e, 0x2, 0x2cc, 0x1, 0x2, 0x9, 0x3, 0xfba, 0x0, 0xffffff81, 0x7, 0x8, 0x0, 0x100, 0x9481, 0x1, 0x9, 0x2, 0x1, 0x5, 0xbbc, 0x8, 0x5, 0x4, 0x3, 0xfffffffe, 0xa193, 0x5, 0x81, 0x8, 0x7, 0x9, 0x101, 0x6, 0x7, 0x99, 0x2, 0x8, 0x7, 0x800, 0x4, 0x9, 0x1a8, 0x8, 0x6, 0x7, 0x6, 0x5, 0x4, 0x9, 0x2, 0x8001, 0x1, 0xa700000, 0x4, 0x8, 0x2, 0x3, 0x1a1db800, 0x4, 0x85, 0x10001, 0x2, 0x382, 0xc1, 0x3, 0x8, 0x0, 0x10000, 0x3, 0x5ca, 0x1, 0x8, 0xb, 0x67b, 0x151, 0x40, 0x400, 0x7, 0x6, 0x9, 0xf, 0x0, 0xfffffffa, 0x8, 0x5a6ff6c0, 0x7, 0x0, 0xb6ee, 0x340, 0x2, 0x2b461cf7, 0x44, 0xeffe, 0x3, 0x5, 0xd, 0x2, 0x0, 0x3, 0x200, 0x6, 0xe5000000, 0x5, 0x6, 0x1000, 0xff, 0x7, 0x1, 0x9, 0x2, 0x4, 0x99, 0x9, 0x0, 0xf41, 0x1, 0x1, 0x9, 0xcf11, 0x65, 0x4, 0x8, 0x3, 0x3, 0x6, 0x0, 0x4, 0x8, 0x6, 0x0, 0x7fff, 0x6, 0x7fffffff, 0x2, 0x4, 0x0, 0x100, 0x3, 0x8001, 0x3, 0x2, 0x0, 0x41d, 0x7, 0x1]}, @TCA_POLICE_RATE64={0xc}, @TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x7, 0x2, 0x0, 0x5, 0x3, 0xffffff12, 0x1, 0xffff, 0x2, 0x58, 0x7ff, 0xc0000, 0x2f4d9dd, 0x9, 0xeff, 0x810, 0x9, 0x0, 0x800, 0x0, 0x1, 0x4, 0xd, 0x2, 0x6, 0x5, 0x5, 0x15, 0xace9, 0x5697, 0x2c, 0x8, 0x4, 0x0, 0x3, 0x80000000, 0xfffffff8, 0x5, 0x100, 0xfffffffb, 0x9, 0x6, 0x4ba6, 0x9, 0x8, 0x4, 0x0, 0xfffeffff, 0xff, 0x1, 0x7, 0x5, 0x1, 0xa0, 0x5, 0x0, 0x0, 0xfffff1a5, 0x585, 0x7, 0x1df2, 0x2, 0x7fff, 0x4000, 0x58e, 0x8, 0xfffffff8, 0x3, 0x3, 0x6, 0x9, 0x6, 0x3, 0x401, 0xff, 0x0, 0x7, 0x9, 0x9, 0x9, 0x8, 0x0, 0x8, 0xfffffffc, 0x10001, 0x76, 0x7, 0x6, 0x4, 0x5, 0x1000, 0x9, 0x80, 0x7, 0xd1, 0x400, 0xe, 0x8, 0x20d7, 0x9, 0x2, 0x4, 0x5, 0x7ff, 0x6, 0x3, 0x7, 0x200, 0x101, 0x2e50, 0x3ff, 0x63c774f1, 0xd, 0x9, 0x1, 0xffffffff, 0x4, 0x2, 0x3, 0x7, 0x49, 0xfffffffb, 0x3ff, 0x2, 0x40, 0x3, 0x11fd14a0, 0x39, 0xfff, 0x7ff, 0xac14, 0x0, 0x0, 0x1, 0x6, 0x7f, 0x4e, 0x3, 0x200, 0x0, 0x2, 0x2, 0x4, 0x1ff, 0x3, 0x615, 0xb24, 0xc9, 0xd, 0x5, 0xca1, 0xfffffffa, 0x7, 0x1ff, 0x40, 0x1, 0x3ff, 0x8, 0x5, 0x9, 0x2d, 0xcd7, 0xb1, 0x6, 0x9f, 0x21, 0x9, 0x100, 0x4, 0xfffffffc, 0x7fff, 0xffff, 0x6, 0x70, 0x5, 0xdb, 0x6, 0x7, 0x1000, 0x7, 0x7ffe, 0x80000001, 0x8, 0x3a2a, 0x5, 0x8, 0x7fff, 0x8, 0x6, 0x3, 0x4, 0x80, 0x5, 0xa000000, 0x0, 0x1, 0x6, 0xffff, 0x1, 0x1, 0x0, 0x7, 0xe4b3, 0x3, 0x7, 0x1, 0x0, 0xe03, 0x3, 0x723b, 0xd87a, 0xa8, 0x7fff, 0x50e1, 0x9, 0x5, 0x7, 0x0, 0x6847, 0x3ff, 0x8001, 0x401, 0xb, 0x1, 0xb, 0x7, 0x6, 0xffff9070, 0x80, 0x5, 0x0, 0xffffffd6, 0xa3, 0x4, 0x8, 0x8, 0x3, 0x800, 0x94, 0x5, 0x9, 0xded, 0xffb, 0x7, 0x20000000, 0x1fffe00, 0x4, 0x9, 0xa43, 0x282, 0x0, 0x4, 0xee4, 0x486ed29, 0xa]}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9}]}]}}, @filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x8bc}, 0x1, 0x0, 0x0, 0x200c1}, 0x1010)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffffffffffed2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90324fc601000127a0a000600093582c137153e37080c18800dac0f000300", 0x33fe0}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000f00)={<r2=>0x0, 0x8}, &(0x7f0000000f80)=0x8)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/cgroups\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000004800)={0x2020}, 0x2020)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000002000)={r2, @in6={{0xa, 0x4e22, 0x7f, @empty, 0xc0}}, 0x7, 0x8, 0x9, 0x1ff, 0x6}, &(0x7f00000020c0)=0x98)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000fc0)={r2, 0x101}, 0x8)

748.173756ms ago: executing program 3 (id=3599):
r0 = socket$kcm(0x2b, 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) (async)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000180)) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

635.3693ms ago: executing program 3 (id=3600):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b80)=@newtaction={0x12c, 0x30, 0xeaa3ef926154e70d, 0x0, 0x0, {}, [{0x118, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_sample={0xc8, 0x2, 0x0, 0x0, {{0xb}, {0x7c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x3, 0xd, 0x10000000, 0x0, 0x3}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x100008, 0x4d82, 0xffffffffffffffff, 0x7ff, 0x4}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfff, 0x88, 0x6, 0x3, 0x1}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x5}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x9e07, 0x5, 0x3, 0x9}}]}, {0x22, 0x6, "b993a266d04d68c578a189161d7b3605ae1ad871dbd78a555343b82aff5a"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x12c}}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000080)={0x26, 0x2, 0x0, "dd3e9db9a79317cb7346eaff4dfa5b899cec82438ff87936dfd70000ecff00"})
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)

634.778213ms ago: executing program 3 (id=3601):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x48, r2, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x14, 0x51, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "1c8831d91f"}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x48}}, 0x0)

630.783533ms ago: executing program 3 (id=3602):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x18, 0x6, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000812400000000000000366e00000000000005000000950000000000000023df06a87f032a42a65e946b94527744d08e4ea7eed81bd0203561a5ab40f8ecd106155e08f2fe769b799264dd69cfd04894b8a0f3859741372b74bf34075a71f257ecab9cae40cc61d6beea0f62dd0bb473f71dd0478c3829b12d014f637275a221dedf07e31f2be44d30008fe6e22a236c8d95cb960bb5a1fbf9da733b245e030ee2f3c8b68918f4e5d383b7ada8b3e8bfe2488df9d300000000000000"], &(0x7f0000000a80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ppoll(&(0x7f0000000080)=[{r1, 0x42c0}], 0x1, 0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_GET(r3, &(0x7f0000000700)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000540)={0x20, r4, 0x800, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4c62}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000000}, 0x24044004)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
r6 = syz_io_uring_setup(0x6d09, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=<r7=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r8, 0x227b, &(0x7f00000000c0)=0x2004)
r9 = fcntl$dupfd(r8, 0x0, r8)
readv(r9, &(0x7f0000000000)=[{&(0x7f0000001140)=""/136, 0x88}], 0x1)
syz_io_uring_setup(0x5c82, &(0x7f00000003c0), &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000280))
syz_io_uring_submit(r10, r7, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x7a, 0x4004, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1})
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r10, r7, &(0x7f00000004c0)=@IORING_OP_MSG_RING={0x28, 0x3, 0x0, r6, 0x0, &(0x7f00000005c0)="8791f0a695064c655c12becfd0538e329f92bad365447af15cc6cd4dcbaaba0aa24cbcca5091aa7773b5864bbade67b04f024da47ec9057337e8a414892a1e31faef0bd8d0b148e1adb81afdb081eb05371ac668cb68bf7bc82829de7588c7c92e3b246243c53318b568b5ec630b23b4ebe196a74913aa5c9958d327f0ee34c14af697cac2845261383db15b02cc0851231fb3b1f4bea470f0cacc321c9e9e7ead037d6b2eb3c1e80aa87989f11dda4f62a349049d771cc259f509c9328e2bed60426f54a693fae8ce0452714b88c16efa96d7", 0xd3, 0x0, 0x0, {0x0, r11}})
io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x4, &(0x7f0000000300)=[{0x9, 0xd1, 0x8}, {0x8, 0x3c, 0x9}, {0x2, 0x7e, 0x24, 0x2}, {0x8, 0x2, 0x9}]})
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
r12 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r13 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
preadv(r13, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0)
ioctl$VHOST_VDPA_GET_CONFIG(r12, 0x8008af73, &(0x7f00000001c0)={0x0, 0x3f, ""/63})

523.816301ms ago: executing program 5 (id=3603):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x48, r2, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x14, 0x51, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "1c8831d91f"}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x48}}, 0x0) (fail_nth: 3)

523.652181ms ago: executing program 5 (id=3604):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000000080)=[{r1, 0xc020}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f0000000100)='./file0\x00', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000140)=0xf4240)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x48, r3, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x14, 0x51, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "1c8831d91f"}]}]}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x48}}, 0x0)

395.194347ms ago: executing program 5 (id=3605):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000007c0)=@bpf_lsm={0x6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r4}, &(0x7f00000000c0), &(0x7f0000000100)=r3}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r4, &(0x7f0000000100), 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000040)={r4, &(0x7f00000007c0), 0x20000004}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)

299.398153ms ago: executing program 5 (id=3606):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8) (fail_nth: 25)

74.777735ms ago: executing program 5 (id=3607):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x3, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r0, 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000066c0)=ANY=[@ANYBLOB="200000000e1401ff"], 0x20}}, 0x48804)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r3, 0x8030942b, &(0x7f0000000000)={0xa55, {0x71, 0xfffffffffffffff9, 0x715, 0x7, 0xd}})
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_DELRULE={0x38, 0x6, 0xa, 0x301, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}]}], {0x14}}, 0x60}}, 0x4800)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)

74.491424ms ago: executing program 5 (id=3608):
r0 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000100), 0x20102, 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000200)={{0x2, 0x4e20, @private=0xa010101}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, 0x42, {0x2, 0x4e20, @remote}, 'geneve1\x00'})
r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0)
r2 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r2, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x80, 0x0}, 0x20040010)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, 0x0}, 0x20000000)
ioctl$CDROMEJECT_SW(r1, 0x80041284, 0x1)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r5, &(0x7f0000000340)="0b03fe58a5b5393790a0f8f9560f38bbb7c0a1bac186a6c6ca44e2684b8fe9c5c2cf4a7cd94335e0fb1d122303c267a0850fbe63a6684e97ddbb07e47ddf41562fecfad665cafd536c5a1f8675cdc2a776116d559ca0d2f111b01e33c7afb9185a8176c3b5752100d1a77f8cd3b12b2876c774bd04210a231888578b38a60afcfe3024a72f7c0a55ff13f95fede425d02923ba2fbb79dd2324e76779b8ff1c8b02c0151099ae79274c0ff008b857c8130dd6a28d8b9670fb7293785af2e3c2316f6ac8aa565b3e54386082b07070496c3827c795a14a24d72d3f37cf0a86c55051bb54c62ae139311d4d1b062a40ac8a79bfb44504f3d24036de9b08b8cf5354742bc122ad86ecb745ef531bd1f0c82826dac9009583de5b3d462ed21ab744ef25800b395a27a00cbb862cf21dad0d01e854ea9f447fb9282e5d3b9003c83ec8fe38c5c107a3b4b8badff24e42", 0x14d, 0x45884, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x7, 0x6, @random="3047a7670024"}, 0x14)
openat$nmem0(0xffffffffffffff9c, &(0x7f0000000100), 0x20102, 0x0) (async)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000200)={{0x2, 0x4e20, @private=0xa010101}, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, 0x42, {0x2, 0x4e20, @remote}, 'geneve1\x00'}) (async)
openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x800, 0x0) (async)
socket$kcm(0xa, 0x1, 0x106) (async)
sendmsg$kcm(r2, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x80, 0x0}, 0x20040010) (async)
sendmsg$kcm(r2, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @empty}, 0x80, 0x0}, 0x20000000) (async)
ioctl$CDROMEJECT_SW(r1, 0x80041284, 0x1) (async)
socket$packet(0x11, 0x2, 0x300) (async)
socket$packet(0x11, 0x3, 0x300) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'wg0\x00'}) (async)
socket$packet(0x11, 0x2, 0x300) (async)
sendto$packet(r5, &(0x7f0000000340)="0b03fe58a5b5393790a0f8f9560f38bbb7c0a1bac186a6c6ca44e2684b8fe9c5c2cf4a7cd94335e0fb1d122303c267a0850fbe63a6684e97ddbb07e47ddf41562fecfad665cafd536c5a1f8675cdc2a776116d559ca0d2f111b01e33c7afb9185a8176c3b5752100d1a77f8cd3b12b2876c774bd04210a231888578b38a60afcfe3024a72f7c0a55ff13f95fede425d02923ba2fbb79dd2324e76779b8ff1c8b02c0151099ae79274c0ff008b857c8130dd6a28d8b9670fb7293785af2e3c2316f6ac8aa565b3e54386082b07070496c3827c795a14a24d72d3f37cf0a86c55051bb54c62ae139311d4d1b062a40ac8a79bfb44504f3d24036de9b08b8cf5354742bc122ad86ecb745ef531bd1f0c82826dac9009583de5b3d462ed21ab744ef25800b395a27a00cbb862cf21dad0d01e854ea9f447fb9282e5d3b9003c83ec8fe38c5c107a3b4b8badff24e42", 0x14d, 0x45884, &(0x7f0000000140)={0x11, 0x0, r4, 0x1, 0x7, 0x6, @random="3047a7670024"}, 0x14) (async)

0s ago: executing program 6 (id=3609):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000140))
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_vs_stats\x00')
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x8, 0x24a20}, [@IFLA_VFINFO_LIST={0x20, 0x16, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x18, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x7, 0x71e, 0x2d6c4826, 0x88a8}}]}]}]}]}, 0x40}}, 0x800)
recvmmsg(r0, &(0x7f0000006600)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)

kernel console output (not intermixed with test programs):

promiscuous mode
[  323.191954][T14835] veth1_vlan: entered promiscuous mode
[  323.205280][   T39] audit: type=1400 audit(1732601677.541:971): avc:  denied  { setopt } for  pid=14908 comm="syz.3.3222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  323.208414][T14911] syz.0.3223: attempt to access beyond end of device
[  323.208414][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.213170][T14835] veth0_macvtap: entered promiscuous mode
[  323.214844][T14911] MINIX-fs: unable to read superblock
[  323.216786][T14835] veth1_macvtap: entered promiscuous mode
[  323.226795][T14911] syz.0.3223: attempt to access beyond end of device
[  323.226795][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.230310][T14911] MINIX-fs: unable to read superblock
[  323.234702][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.237405][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.239916][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.241957][T14910] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3222'.
[  323.242672][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.242681][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  323.242688][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.243169][T14835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  323.245959][T14910] nbd: must specify an index to disconnect
[  323.250116][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.259107][T14911] syz.0.3223: attempt to access beyond end of device
[  323.259107][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.259721][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.263158][T14911] MINIX-fs: unable to read superblock
[  323.265641][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.268420][T14911] syz.0.3223: attempt to access beyond end of device
[  323.268420][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.269732][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.269744][T14835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  323.273000][T14911] MINIX-fs: unable to read superblock
[  323.275726][T14835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  323.280980][T14911] syz.0.3223: attempt to access beyond end of device
[  323.280980][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.282846][T14835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  323.287656][T14911] MINIX-fs: unable to read superblock
[  323.290337][T14835] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.292621][T14835] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.294865][T14835] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.298063][T14911] syz.0.3223: attempt to access beyond end of device
[  323.298063][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.298236][T14835] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.301514][T14911] MINIX-fs: unable to read superblock
[  323.308576][T14917] FAULT_INJECTION: forcing a failure.
[  323.308576][T14917] name failslab, interval 1, probability 0, space 0, times 0
[  323.312929][T14911] syz.0.3223: attempt to access beyond end of device
[  323.312929][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.312949][T14917] CPU: 1 UID: 0 PID: 14917 Comm: syz.5.3225 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  323.316212][T14911] MINIX-fs: unable to read superblock
[  323.318880][T14917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  323.318889][T14917] Call Trace:
[  323.318893][T14917]  <TASK>
[  323.318898][T14917]  dump_stack_lvl+0x16c/0x1f0
[  323.318928][T14917]  should_fail_ex+0x497/0x5b0
[  323.318952][T14917]  should_failslab+0xc2/0x120
[  323.318966][T14917]  __kmalloc_cache_noprof+0x68/0x410
[  323.318980][T14917]  batadv_hash_new+0x4e/0x2e0
[  323.318992][T14917]  ? queue_delayed_work_on+0xa2/0x150
[  323.319006][T14917]  batadv_tt_init+0x226/0x350
[  323.319017][T14917]  batadv_mesh_init+0x4e3/0x9a0
[  323.319028][T14917]  batadv_softif_init_late+0xbde/0xf40
[  323.319042][T14917]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  323.319057][T14917]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  323.319071][T14917]  register_netdevice+0x672/0x1e90
[  323.319084][T14917]  ? dev_addr_mod+0x321/0x5b0
[  323.319096][T14917]  ? __pfx_register_netdevice+0x10/0x10
[  323.319108][T14917]  ? rtnl_create_link+0xa51/0xfa0
[  323.319124][T14917]  batadv_softif_newlink+0x70/0x90
[  323.319136][T14917]  rtnl_newlink+0xb88/0x1c50
[  323.351317][T14917]  ? __pfx_batadv_softif_newlink+0x10/0x10
[  323.352848][T14917]  ? __pfx_rtnl_newlink+0x10/0x10
[  323.354188][T14917]  ? __pfx___lock_acquire+0x10/0x10
[  323.355564][T14917]  ? cred_has_capability.isra.0+0x192/0x2f0
[  323.357448][T14917]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  323.359462][T14917]  ? find_held_lock+0x2d/0x110
[  323.360770][T14917]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  323.362162][T14917]  ? __pfx_lock_release+0x10/0x10
[  323.363759][T14917]  ? trace_lock_acquire+0x146/0x1e0
[  323.365638][T14917]  ? __pfx_rtnl_newlink+0x10/0x10
[  323.367485][T14917]  rtnetlink_rcv_msg+0x95b/0xea0
[  323.369165][T14917]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  323.370743][T14917]  netlink_rcv_skb+0x16b/0x440
[  323.372136][T14917]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  323.373640][T14917]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  323.375089][T14917]  ? netlink_deliver_tap+0x1ae/0xd30
[  323.376538][T14917]  netlink_unicast+0x53c/0x7f0
[  323.377897][T14917]  ? __pfx_netlink_unicast+0x10/0x10
[  323.379383][T14917]  netlink_sendmsg+0x8b8/0xd70
[  323.380819][T14917]  ? __pfx_netlink_sendmsg+0x10/0x10
[  323.382362][T14917]  ____sys_sendmsg+0xaaf/0xc90
[  323.383674][T14917]  ? copy_msghdr_from_user+0x10b/0x160
[  323.385146][T14917]  ? __pfx_____sys_sendmsg+0x10/0x10
[  323.386595][T14917]  ___sys_sendmsg+0x135/0x1e0
[  323.387916][T14917]  ? __pfx____sys_sendmsg+0x10/0x10
[  323.389328][T14917]  ? __pfx_lock_release+0x10/0x10
[  323.390798][T14917]  ? trace_lock_acquire+0x146/0x1e0
[  323.392582][T14917]  ? __fget_files+0x206/0x3a0
[  323.393945][T14917]  __sys_sendmsg+0x16e/0x220
[  323.395224][T14917]  ? __pfx___sys_sendmsg+0x10/0x10
[  323.396608][T14917]  do_syscall_64+0xcd/0x250
[  323.397844][T14917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.399501][T14917] RIP: 0033:0x7fd5e6d7e819
[  323.400795][T14917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.405913][T14917] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  323.408075][T14917] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  323.410173][T14917] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  323.412402][T14917] RBP: 00007fd5e7bc6090 R08: 0000000000000000 R09: 0000000000000000
[  323.414467][T14917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  323.416598][T14917] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  323.418677][T14917]  </TASK>
[  323.432368][T14911] syz.0.3223: attempt to access beyond end of device
[  323.432368][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.444636][T14911] MINIX-fs: unable to read superblock
[  323.484063][T14911] syz.0.3223: attempt to access beyond end of device
[  323.484063][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.487350][T14911] MINIX-fs: unable to read superblock
[  323.504033][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  323.506133][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  323.510821][T14911] syz.0.3223: attempt to access beyond end of device
[  323.510821][T14911] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  323.514092][T14911] MINIX-fs: unable to read superblock
[  323.517567][T14911] MINIX-fs: unable to read superblock
[  323.519963][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  323.522534][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  323.542417][T14911] MINIX-fs: unable to read superblock
[  323.544498][T14911] MINIX-fs: unable to read superblock
[  323.546433][T14911] MINIX-fs: unable to read superblock
[  323.548766][T14911] MINIX-fs: unable to read superblock
[  323.550673][T14911] MINIX-fs: unable to read superblock
[  323.554108][T14911] MINIX-fs: unable to read superblock
[  323.556061][T14911] MINIX-fs: unable to read superblock
[  323.557970][T14911] MINIX-fs: unable to read superblock
[  323.559859][T14911] MINIX-fs: unable to read superblock
[  323.562222][T14911] MINIX-fs: unable to read superblock
[  323.564348][ T1180] IPVS: stop unused estimator thread 0...
[  323.564639][T14911] MINIX-fs: unable to read superblock
[  323.568738][T14911] MINIX-fs: unable to read superblock
[  323.574517][T14911] MINIX-fs: unable to read superblock
[  323.588607][T14926] netlink: 128 bytes leftover after parsing attributes in process `syz.6.3199'.
[  323.611393][T14911] MINIX-fs: unable to read superblock
[  323.613618][T14911] MINIX-fs: unable to read superblock
[  323.616039][T14911] MINIX-fs: unable to read superblock
[  323.619666][T14911] MINIX-fs: unable to read superblock
[  323.621756][T14911] MINIX-fs: unable to read superblock
[  323.624413][T14911] MINIX-fs: unable to read superblock
[  323.628013][T14911] MINIX-fs: unable to read superblock
[  323.629848][T14911] MINIX-fs: unable to read superblock
[  323.636385][T14911] MINIX-fs: unable to read superblock
[  323.638327][T14911] MINIX-fs: unable to read superblock
[  323.641369][T14911] MINIX-fs: unable to read superblock
[  323.645724][T14911] MINIX-fs: unable to read superblock
[  323.648061][T14911] MINIX-fs: unable to read superblock
[  323.650264][T14911] MINIX-fs: unable to read superblock
[  323.654937][T14928] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3199'.
[  323.658388][T14928] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3199'.
[  323.658621][T14911] MINIX-fs: unable to read superblock
[  323.661727][T14928] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3199'.
[  323.666424][T14928] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3199'.
[  323.666645][T14911] MINIX-fs: unable to read superblock
[  323.670742][T14929] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3228'.
[  323.681575][T14911] MINIX-fs: unable to read superblock
[  323.683617][T14911] MINIX-fs: unable to read superblock
[  323.685561][T14911] MINIX-fs: unable to read superblock
[  323.687419][T14911] MINIX-fs: unable to read superblock
[  323.689275][T14911] MINIX-fs: unable to read superblock
[  323.692201][T14911] MINIX-fs: unable to read superblock
[  323.696923][T14911] MINIX-fs: unable to read superblock
[  323.698758][T14911] MINIX-fs: unable to read superblock
[  323.700579][T14911] MINIX-fs: unable to read superblock
[  323.707619][T14911] MINIX-fs: unable to read superblock
[  323.713523][T14911] MINIX-fs: unable to read superblock
[  323.723336][T14911] MINIX-fs: unable to read superblock
[  323.731860][T14911] MINIX-fs: unable to read superblock
[  323.734935][T14911] MINIX-fs: unable to read superblock
[  323.737693][T14911] MINIX-fs: unable to read superblock
[  323.740508][T14911] MINIX-fs: unable to read superblock
[  323.743052][T14911] MINIX-fs: unable to read superblock
[  323.745284][T14911] MINIX-fs: unable to read superblock
[  323.747233][T14911] MINIX-fs: unable to read superblock
[  323.749144][T14911] MINIX-fs: unable to read superblock
[  323.751065][T14911] MINIX-fs: unable to read superblock
[  323.752980][T14911] MINIX-fs: unable to read superblock
[  323.754632][  T830] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[  323.754904][T14911] MINIX-fs: unable to read superblock
[  323.758771][T14911] MINIX-fs: unable to read superblock
[  323.760672][T14911] MINIX-fs: unable to read superblock
[  323.829528][T14934] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3229'.
[  323.834228][T14934] overlayfs: missing 'lowerdir'
[  323.916345][  T830] usb 8-1: Using ep0 maxpacket: 16
[  323.918909][  T830] usb 8-1: config 4 has an invalid interface number: 51 but max is 0
[  323.921216][  T830] usb 8-1: config 4 has no interface number 0
[  323.923054][  T830] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  323.925744][  T830] usb 8-1: config 4 interface 51 has no altsetting 0
[  323.929319][  T830] usb 8-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  323.931972][  T830] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.934226][  T830] usb 8-1: Product: syz
[  323.935458][  T830] usb 8-1: Manufacturer: syz
[  323.936747][  T830] usb 8-1: SerialNumber: syz
[  323.940286][T14919] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  323.943481][  T830] cdc_eem 8-1:4.51: probe with driver cdc_eem failed with error -22
[  324.265722][T14947] FAULT_INJECTION: forcing a failure.
[  324.265722][T14947] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.276863][T14947] CPU: 0 UID: 0 PID: 14947 Comm: syz.0.3234 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  324.279636][T14947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  324.279646][T14947] Call Trace:
[  324.279654][T14947]  <TASK>
[  324.279659][T14947]  dump_stack_lvl+0x16c/0x1f0
[  324.279698][T14947]  should_fail_ex+0x497/0x5b0
[  324.279718][T14947]  _copy_from_user+0x2e/0xd0
[  324.279734][T14947]  copy_folio_from_user+0xff/0x2a0
[  324.279749][T14947]  mfill_atomic_copy+0x1ba3/0x1e60
[  324.279768][T14947]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  324.293083][T14947]  ? __might_fault+0xe3/0x190
[  324.293103][T14947]  ? __might_fault+0xe3/0x190
[  324.293119][T14947]  userfaultfd_ioctl+0x1e50/0x3830
[  324.296846][   T35] usb 8-1: USB disconnect, device number 46
[  324.296936][T14947]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  324.300022][T14947]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  324.302038][T14947]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  324.303776][T14947]  ? __pfx_lock_release+0x10/0x10
[  324.305109][T14947]  ? selinux_file_ioctl+0x180/0x270
[  324.306485][T14947]  ? selinux_file_ioctl+0xb4/0x270
[  324.307829][T14947]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  324.309263][T14947]  ? __x64_sys_ioctl+0x190/0x200
[  324.310859][T14947]  __x64_sys_ioctl+0x190/0x200
[  324.312632][T14947]  do_syscall_64+0xcd/0x250
[  324.313986][T14947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.315535][T14947] RIP: 0033:0x7fd598f7e819
[  324.316707][T14947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.321814][T14947] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  324.323970][T14947] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  324.326006][T14947] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  324.328055][T14947] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  324.330102][T14947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  324.332945][T14947] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  324.335080][T14947]  </TASK>
[  324.527855][ T5319] Bluetooth: hci3: command tx timeout
[  324.755493][T14970] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3242'.
[  325.423598][  T830] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  325.438802][T15016] FAULT_INJECTION: forcing a failure.
[  325.438802][T15016] name failslab, interval 1, probability 0, space 0, times 0
[  325.443210][T15016] CPU: 1 UID: 0 PID: 15016 Comm: syz.5.3260 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  325.446667][T15016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  325.450310][T15016] Call Trace:
[  325.451471][T15016]  <TASK>
[  325.452489][T15016]  dump_stack_lvl+0x16c/0x1f0
[  325.454124][T15016]  should_fail_ex+0x497/0x5b0
[  325.455764][T15016]  ? fs_reclaim_acquire+0xae/0x150
[  325.457519][T15016]  should_failslab+0xc2/0x120
[  325.459143][T15016]  __kmalloc_noprof+0xcb/0x510
[  325.460809][T15016]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  325.462720][T15016]  tomoyo_realpath_from_path+0xb9/0x720
[  325.464689][T15016]  ? tomoyo_path_number_perm+0x235/0x590
[  325.466650][T15016]  ? tomoyo_path_number_perm+0x235/0x590
[  325.468575][T15016]  tomoyo_path_number_perm+0x248/0x590
[  325.470433][T15016]  ? tomoyo_path_number_perm+0x235/0x590
[  325.472334][T15016]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  325.474373][T15016]  ? __pfx_lock_release+0x10/0x10
[  325.476038][T15016]  ? trace_lock_acquire+0x146/0x1e0
[  325.477827][T15016]  ? lock_acquire+0x2f/0xb0
[  325.479389][T15016]  ? __fget_files+0x40/0x3a0
[  325.480999][T15016]  ? __fget_files+0x206/0x3a0
[  325.482614][T15016]  security_file_ioctl+0x9b/0x240
[  325.484318][T15016]  __x64_sys_ioctl+0xb7/0x200
[  325.485923][T15016]  do_syscall_64+0xcd/0x250
[  325.487497][T15016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  325.489499][T15016] RIP: 0033:0x7fd5e6d7e819
[  325.491020][T15016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  325.497442][T15016] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  325.500277][T15016] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  325.502981][T15016] RDX: 00000000200002c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  325.505520][T15016] RBP: 00007fd5e7bc6090 R08: 0000000000000000 R09: 0000000000000000
[  325.508107][T15016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  325.510770][T15016] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  325.513423][T15016]  </TASK>
[  325.516917][T15016] ERROR: Out of memory at tomoyo_realpath_from_path.
[  325.594788][  T830] usb 5-1: Using ep0 maxpacket: 16
[  325.597674][  T830] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  325.598227][T15019] ALSA: mixer_oss: invalid OSS volume '¢'
[  325.600404][  T830] usb 5-1: config 4 has no interface number 0
[  325.604650][  T830] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  325.608116][  T830] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  325.611416][  T830] usb 5-1: config 4 interface 51 has no altsetting 0
[  325.639192][  T830] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  325.639503][T15026] netlink: 'syz.5.3265': attribute type 39 has an invalid length.
[  325.642242][  T830] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.647343][  T830] usb 5-1: Product: syz
[  325.656947][  T830] usb 5-1: Manufacturer: syz
[  325.658555][  T830] usb 5-1: SerialNumber: syz
[  325.674856][T15009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  325.677339][T15009] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  325.682046][T15030] ptrace attach of "/syz-executor exec"[12779] was attempted by "/syz-executor exec"[15030]
[  325.979588][   T35] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  326.019310][  T830] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -71
[  326.025271][  T830] usb 5-1: USB disconnect, device number 32
[  326.150580][   T35] usb 10-1: Using ep0 maxpacket: 32
[  326.153255][   T35] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.156098][   T35] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  326.158710][   T35] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  326.161126][   T35] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.164738][   T35] usb 10-1: config 0 descriptor??
[  326.167119][   T35] hub 10-1:0.0: USB hub found
[  326.383274][   T35] hub 10-1:0.0: 1 port detected
[  326.428528][  T832] usb 8-1: new high-speed USB device number 47 using dummy_hcd
[  326.621003][  T832] usb 8-1: Using ep0 maxpacket: 32
[  326.623746][  T832] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  326.625958][  T832] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  326.628226][  T832] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  326.630601][  T832] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  326.633432][  T832] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  326.636007][  T832] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  326.639377][  T832] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  326.641764][  T832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.645780][  T832] usb 8-1: config 0 descriptor??
[  326.749251][ T5319] Bluetooth: hci3: command tx timeout
[  326.775193][T15062] Error parsing options; rc = [-22]
[  326.866185][  T832] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 47 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  326.870054][  T832] usb 8-1: USB disconnect, device number 47
[  326.872655][  T832] usblp0: removed
[  326.915954][   T39] kauditd_printk_skb: 36 callbacks suppressed
[  326.915964][   T39] audit: type=1400 audit(1732601681.001:1008): avc:  denied  { getopt } for  pid=15072 comm="syz.0.3282" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  326.930454][   T39] audit: type=1400 audit(1732601681.020:1009): avc:  denied  { bind } for  pid=15066 comm="syz.6.3280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  326.938137][   T39] audit: type=1400 audit(1732601681.020:1010): avc:  denied  { write } for  pid=15066 comm="syz.6.3280" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  327.031752][T15035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.034165][T15035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.037567][   T35] hub 10-1:0.0: hub_ext_port_status failed (err = 0)
[  327.369442][    T8] usb 10-1: USB disconnect, device number 15
[  327.648538][T15078] trusted_key: encrypted_key: insufficient parameters specified
[  327.653709][   T39] audit: type=1400 audit(1732601681.694:1011): avc:  denied  { listen } for  pid=15077 comm="syz.3.3283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  327.772572][   T39] audit: type=1400 audit(1732601681.806:1012): avc:  denied  { create } for  pid=15083 comm="syz.0.3285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  327.780583][   T39] audit: type=1400 audit(1732601681.815:1013): avc:  denied  { ioctl } for  pid=15083 comm="syz.0.3285" path="socket:[58876]" dev="sockfs" ino=58876 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  327.797797][   T39] audit: type=1400 audit(1732601681.834:1014): avc:  denied  { map } for  pid=15083 comm="syz.0.3285" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  327.803850][   T39] audit: type=1400 audit(1732601681.834:1015): avc:  denied  { setopt } for  pid=15083 comm="syz.0.3285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  327.829781][   T39] audit: type=1400 audit(1732601681.862:1016): avc:  denied  { ioctl } for  pid=15086 comm="syz.5.3286" path="/dev/ptyqf" dev="devtmpfs" ino=142 ioctlcmd=0x5414 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  327.940567][   T39] audit: type=1400 audit(1732601681.965:1017): avc:  denied  { bind } for  pid=15098 comm="syz.3.3290" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  327.951062][  T831] usb 38-1: device descriptor read/8, error -110
[  328.021467][  T830] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  328.029903][T15107] xt_socket: unknown flags 0x8
[  328.076277][T15112] fuse: Unknown parameter '0x0000000000000004'
[  328.215731][  T830] usb 11-1: Using ep0 maxpacket: 16
[  328.218347][  T830] usb 11-1: config 4 has an invalid interface number: 51 but max is 0
[  328.220476][  T830] usb 11-1: config 4 has no interface number 0
[  328.222090][  T830] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  328.225296][  T830] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  328.227901][  T830] usb 11-1: config 4 interface 51 has no altsetting 0
[  328.231181][  T830] usb 11-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  328.233547][  T830] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.245918][  T830] usb 11-1: Product: syz
[  328.247064][  T830] usb 11-1: Manufacturer: syz
[  328.248281][  T830] usb 11-1: SerialNumber: syz
[  328.250888][T15082] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  328.252835][T15082] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  328.359640][T15130] Unknown options in mask 5
[  328.366613][  T831] usb usb38-port1: attempt power cycle
[  328.587277][  T830] cdc_eem 11-1:4.51: probe with driver cdc_eem failed with error -71
[  328.591914][  T830] usb 11-1: USB disconnect, device number 2
[  328.624806][T15138] 8021q: adding VLAN 0 to HW filter on device bond4
[  328.717463][T15141] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2758444543 (5516889086 ns) > initial count (4205064 ns). Using initial count to start timer.
[  328.805879][T15144] __nla_validate_parse: 6 callbacks suppressed
[  328.805889][T15144] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3307'.
[  328.889101][T15151] FAULT_INJECTION: forcing a failure.
[  328.889101][T15151] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  328.892572][T15151] CPU: 3 UID: 0 PID: 15151 Comm: syz.0.3310 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  328.895510][T15151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  328.898294][T15151] Call Trace:
[  328.899190][T15151]  <TASK>
[  328.899976][T15151]  dump_stack_lvl+0x16c/0x1f0
[  328.901240][T15151]  should_fail_ex+0x497/0x5b0
[  328.902495][T15151]  should_fail_alloc_page+0xe7/0x130
[  328.903877][T15151]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  328.905633][T15151]  ? __pfx_stack_trace_save+0x10/0x10
[  328.907052][T15151]  ? batadv_hash_new+0xb2/0x2e0
[  328.908345][T15151]  __alloc_pages_noprof+0x190/0x25a0
[  328.909743][T15151]  ? batadv_hash_new+0x74/0x2e0
[  328.911037][T15151]  ? kasan_save_stack+0x42/0x60
[  328.912318][T15151]  ? kasan_save_stack+0x33/0x60
[  328.913599][T15151]  ? kasan_save_track+0x14/0x30
[  328.914913][T15151]  ? __kasan_kmalloc+0xaa/0xb0
[  328.916166][T15151]  ? __kmalloc_noprof+0x21c/0x510
[  328.917476][T15151]  ? batadv_hash_new+0x74/0x2e0
[  328.918761][T15151]  ? batadv_tt_init+0x226/0x350
[  328.920037][T15151]  ? batadv_mesh_init+0x4e3/0x9a0
[  328.921367][T15151]  ? batadv_softif_init_late+0xbde/0xf40
[  328.922835][T15151]  ? register_netdevice+0x672/0x1e90
[  328.924215][T15151]  ? batadv_softif_newlink+0x70/0x90
[  328.925618][T15151]  ? rtnl_newlink+0xb88/0x1c50
[  328.926883][T15151]  ? rtnetlink_rcv_msg+0x95b/0xea0
[  328.928224][T15151]  ? netlink_rcv_skb+0x16b/0x440
[  328.929519][T15151]  ? netlink_unicast+0x53c/0x7f0
[  328.930832][T15151]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  328.932322][T15151]  ? __sys_sendmsg+0x16e/0x220
[  328.933585][T15151]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.935269][T15151]  ? batadv_hash_new+0xb2/0x2e0
[  328.936553][T15151]  ___kmalloc_large_node+0x84/0x1b0
[  328.937915][T15151]  __kmalloc_large_node_noprof+0x1c/0x70
[  328.939600][T15151]  ? rcu_is_watching+0x12/0xc0
[  328.940887][T15151]  __kmalloc_noprof.cold+0xc/0x61
[  328.942471][T15151]  ? kasan_save_track+0x14/0x30
[  328.943915][T15151]  batadv_hash_new+0xb2/0x2e0
[  328.945422][T15151]  ? queue_delayed_work_on+0xa2/0x150
[  328.946833][T15151]  batadv_tt_init+0x226/0x350
[  328.948063][T15151]  batadv_mesh_init+0x4e3/0x9a0
[  328.949335][T15151]  batadv_softif_init_late+0xbde/0xf40
[  328.950765][T15151]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  328.952332][T15151]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  328.953893][T15151]  register_netdevice+0x672/0x1e90
[  328.955622][T15151]  ? dev_addr_mod+0x321/0x5b0
[  328.957352][T15151]  ? __pfx_register_netdevice+0x10/0x10
[  328.958948][T15151]  ? rtnl_create_link+0xa51/0xfa0
[  328.960261][T15151]  batadv_softif_newlink+0x70/0x90
[  328.961611][T15151]  rtnl_newlink+0xb88/0x1c50
[  328.962838][T15151]  ? __pfx_batadv_softif_newlink+0x10/0x10
[  328.964387][T15151]  ? __pfx_rtnl_newlink+0x10/0x10
[  328.966047][T15151]  ? __pfx___lock_acquire+0x10/0x10
[  328.967410][T15151]  ? cred_has_capability.isra.0+0x192/0x2f0
[  328.968945][T15151]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  328.970566][T15151]  ? find_held_lock+0x2d/0x110
[  328.971823][T15151]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  328.973162][T15151]  ? __pfx_lock_release+0x10/0x10
[  328.974565][T15151]  ? trace_lock_acquire+0x146/0x1e0
[  328.976466][T15151]  ? __pfx_rtnl_newlink+0x10/0x10
[  328.978196][T15151]  rtnetlink_rcv_msg+0x95b/0xea0
[  328.979495][T15151]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  328.980937][T15151]  netlink_rcv_skb+0x16b/0x440
[  328.982188][T15151]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  328.983643][T15151]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  328.985243][T15151]  ? netlink_deliver_tap+0x1ae/0xd30
[  328.986632][T15151]  netlink_unicast+0x53c/0x7f0
[  328.987889][T15151]  ? __pfx_netlink_unicast+0x10/0x10
[  328.989264][T15151]  netlink_sendmsg+0x8b8/0xd70
[  328.990521][T15151]  ? __pfx_netlink_sendmsg+0x10/0x10
[  328.991905][T15151]  ____sys_sendmsg+0xaaf/0xc90
[  328.993156][T15151]  ? copy_msghdr_from_user+0x10b/0x160
[  328.994531][ T5319] Bluetooth: hci3: command tx timeout
[  328.994703][T15151]  ? __pfx_____sys_sendmsg+0x10/0x10
[  328.998214][T15151]  ___sys_sendmsg+0x135/0x1e0
[  328.999462][T15151]  ? __pfx____sys_sendmsg+0x10/0x10
[  329.000845][T15151]  ? __pfx_lock_release+0x10/0x10
[  329.002167][T15151]  ? trace_lock_acquire+0x146/0x1e0
[  329.003552][T15151]  ? __fget_files+0x206/0x3a0
[  329.004830][T15151]  __sys_sendmsg+0x16e/0x220
[  329.006055][T15151]  ? __pfx___sys_sendmsg+0x10/0x10
[  329.007410][T15151]  do_syscall_64+0xcd/0x250
[  329.008612][T15151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.010160][T15151] RIP: 0033:0x7fd598f7e819
[  329.011340][T15151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.017229][T15151] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  329.019624][T15151] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  329.021693][T15151] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  329.023764][T15151] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  329.025862][T15151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.027911][T15151] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  329.029960][T15151]  </TASK>
[  329.031304][  T831] usb usb38-port1: unable to enumerate USB device
[  329.108310][T15160] IPv6: NLM_F_CREATE should be specified when creating new route
[  329.173712][T15163] pim6reg1: entered promiscuous mode
[  329.175208][T15163] pim6reg1: entered allmulticast mode
[  329.238525][T15176] FAULT_INJECTION: forcing a failure.
[  329.238525][T15176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.242173][T15176] CPU: 3 UID: 0 PID: 15176 Comm: syz.5.3318 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  329.244928][T15176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  329.247747][T15176] Call Trace:
[  329.248640][T15176]  <TASK>
[  329.249443][T15176]  dump_stack_lvl+0x16c/0x1f0
[  329.250731][T15176]  should_fail_ex+0x497/0x5b0
[  329.252039][T15176]  _copy_from_user+0x2e/0xd0
[  329.253282][T15176]  copy_folio_from_user+0xff/0x2a0
[  329.254649][T15176]  mfill_atomic_copy+0x1ba3/0x1e60
[  329.256009][T15176]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  329.257454][T15176]  ? __might_fault+0xe3/0x190
[  329.258709][T15176]  ? __might_fault+0xe3/0x190
[  329.259965][T15176]  userfaultfd_ioctl+0x1e50/0x3830
[  329.261340][T15176]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  329.262780][T15176]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  329.264481][T15176]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  329.266181][T15176]  ? __pfx_lock_release+0x10/0x10
[  329.267521][T15176]  ? selinux_file_ioctl+0x180/0x270
[  329.268894][T15176]  ? selinux_file_ioctl+0xb4/0x270
[  329.270255][T15176]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  329.271693][T15176]  ? __x64_sys_ioctl+0x190/0x200
[  329.273003][T15176]  __x64_sys_ioctl+0x190/0x200
[  329.274285][T15176]  do_syscall_64+0xcd/0x250
[  329.275505][T15176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.277056][T15176] RIP: 0033:0x7fd5e6d7e819
[  329.278243][T15176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.283268][T15176] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  329.285441][T15176] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  329.287511][T15176] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  329.289582][T15176] RBP: 00007fd5e7bc6090 R08: 0000000000000000 R09: 0000000000000000
[  329.291657][T15176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.293720][T15176] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  329.295790][T15176]  </TASK>
[  329.378827][T15182] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3320'.
[  329.382024][T15182] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3320'.
[  329.385120][T15182] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3320'.
[  329.388126][T15182] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3320'.
[  329.449733][T15192] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  329.470214][T15196] pim6reg1: entered promiscuous mode
[  329.471731][T15196] pim6reg1: entered allmulticast mode
[  329.474549][T15196] netlink: 'syz.3.3325': attribute type 1 has an invalid length.
[  329.483408][T15196] 8021q: adding VLAN 0 to HW filter on device bond3
[  329.492134][T15192] kvm: pic: level sensitive irq not supported
[  329.492644][T15192] kvm: pic: non byte read
[  329.604469][T15207] hpfs: Bad magic ... probably not HPFS
[  329.647004][T15209] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  329.721246][ T5998] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  329.790996][T15221] ipt_ECN: cannot use operation on non-tcp rule
[  329.793793][T15221] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0)
[  329.798525][T15221] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3335'.
[  329.881879][ T5319] Bluetooth: hci3: ACL packet for unknown connection handle 100
[  329.896595][ T5998] usb 10-1: Using ep0 maxpacket: 16
[  329.899230][ T5998] usb 10-1: config 4 has an invalid interface number: 51 but max is 0
[  329.901373][ T5998] usb 10-1: config 4 has no interface number 0
[  329.903820][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  329.907650][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  329.911509][ T5998] usb 10-1: config 4 interface 51 has no altsetting 0
[  329.917268][ T5998] usb 10-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  329.919743][ T5998] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.921877][ T5998] usb 10-1: Product: syz
[  329.923194][ T5998] usb 10-1: Manufacturer: syz
[  329.925263][ T5998] usb 10-1: SerialNumber: syz
[  329.929387][T15189] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  329.932550][T15189] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  329.981060][T15236] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3341'.
[  329.983583][T15236] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3341'.
[  329.986054][T15236] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3341'.
[  329.988607][T15236] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3341'.
[  330.081984][T15242] FAULT_INJECTION: forcing a failure.
[  330.081984][T15242] name failslab, interval 1, probability 0, space 0, times 0
[  330.085570][T15242] CPU: 0 UID: 0 PID: 15242 Comm: syz.6.3342 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  330.088362][T15242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  330.091154][T15242] Call Trace:
[  330.092081][T15242]  <TASK>
[  330.092864][T15242]  dump_stack_lvl+0x16c/0x1f0
[  330.094110][T15242]  should_fail_ex+0x497/0x5b0
[  330.095375][T15242]  ? fs_reclaim_acquire+0xae/0x150
[  330.096715][T15242]  should_failslab+0xc2/0x120
[  330.097951][T15242]  __kmalloc_noprof+0xcb/0x510
[  330.099354][T15242]  ? d_absolute_path+0x137/0x1b0
[  330.100681][T15242]  ? rcu_is_watching+0x12/0xc0
[  330.102088][T15242]  tomoyo_encode2+0x100/0x3e0
[  330.103350][T15242]  tomoyo_encode+0x29/0x50
[  330.104525][T15242]  tomoyo_realpath_from_path+0x19d/0x720
[  330.105992][T15242]  tomoyo_path_number_perm+0x248/0x590
[  330.107446][T15242]  ? tomoyo_path_number_perm+0x235/0x590
[  330.109010][T15242]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  330.110596][T15242]  ? __pfx_lock_release+0x10/0x10
[  330.111957][T15242]  ? trace_lock_acquire+0x146/0x1e0
[  330.113307][T15242]  ? lock_acquire+0x2f/0xb0
[  330.114492][T15242]  ? __fget_files+0x40/0x3a0
[  330.115693][T15242]  ? __fget_files+0x206/0x3a0
[  330.116916][T15242]  security_file_ioctl+0x9b/0x240
[  330.118351][T15242]  __x64_sys_ioctl+0xb7/0x200
[  330.119581][T15242]  do_syscall_64+0xcd/0x250
[  330.120988][T15242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.122704][T15242] RIP: 0033:0x7fa36297e819
[  330.123865][T15242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.128764][T15242] RSP: 002b:00007fa3636fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  330.130918][T15242] RAX: ffffffffffffffda RBX: 00007fa362b35fa0 RCX: 00007fa36297e819
[  330.133077][T15242] RDX: 00000000200002c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  330.135126][T15242] RBP: 00007fa3636fe090 R08: 0000000000000000 R09: 0000000000000000
[  330.137163][T15242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.139229][T15242] R13: 0000000000000000 R14: 00007fa362b35fa0 R15: 00007ffe674d5228
[  330.141278][T15242]  </TASK>
[  330.144065][T15242] ERROR: Out of memory at tomoyo_realpath_from_path.
[  330.272573][ T5998] cdc_eem 10-1:4.51: probe with driver cdc_eem failed with error -71
[  330.276236][ T5998] usb 10-1: USB disconnect, device number 16
[  330.280530][ T6140] udevd[6140]: setting mode of /dev/bus/usb/010/016 to 020664 failed: No such file or directory
[  330.283379][ T6140] udevd[6140]: setting owner of /dev/bus/usb/010/016 to uid=0, gid=0 failed: No such file or directory
[  331.212885][T15281] fuse: blksize only supported for fuseblk
[  331.239304][  T831] usb 8-1: new high-speed USB device number 48 using dummy_hcd
[  331.400846][  T831] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  331.403507][  T831] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  331.405840][  T831] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.409728][T15270] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  331.413181][  T831] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  331.666588][   T56] usb 8-1: USB disconnect, device number 48
[  331.763205][ T5998] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  331.934169][ T5998] usb 5-1: Using ep0 maxpacket: 16
[  331.937325][ T5998] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  331.939468][ T5998] usb 5-1: config 4 has no interface number 0
[  331.941068][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  331.943619][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  331.946313][ T5998] usb 5-1: config 4 interface 51 has no altsetting 0
[  331.949562][ T5998] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  331.951912][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.953966][ T5998] usb 5-1: Product: syz
[  331.955075][ T5998] usb 5-1: Manufacturer: syz
[  331.956705][ T5998] usb 5-1: SerialNumber: syz
[  331.959183][T15284] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  331.961112][T15284] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  332.045323][T15279] orangefs_mount: mount request failed with -4
[  332.289893][ T5998] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -71
[  332.293295][ T5998] usb 5-1: USB disconnect, device number 33
[  332.329749][  T832] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  332.495043][ T5998] hid-generic 0005:04F3:FFF9.000F: item fetching failed at offset 0/1
[  332.497347][ T5998] hid-generic 0005:04F3:FFF9.000F: probe with driver hid-generic failed with error -22
[  332.501278][  T832] usb 11-1: too many configurations: 9, using maximum allowed: 8
[  332.504846][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.507638][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.511268][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.515263][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.517643][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.520562][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.524256][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.526332][   T39] kauditd_printk_skb: 40 callbacks suppressed
[  332.526340][   T39] audit: type=1400 audit(1732601686.258:1058): avc:  denied  { setopt } for  pid=15297 comm="syz.3.3362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  332.526640][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.529703][   T39] audit: type=1400 audit(1732601686.258:1059): avc:  denied  { write } for  pid=15297 comm="syz.3.3362" laddr=172.20.20.170 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  332.534068][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.546310][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.548706][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.551687][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.554612][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.557147][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.560156][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.568763][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.571238][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.574231][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.577968][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.580365][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.583245][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.586138][  T832] usb 11-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.588635][  T832] usb 11-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.591724][  T832] usb 11-1: config 0 interface 0 has no altsetting 0
[  332.595074][  T832] usb 11-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  332.597559][  T832] usb 11-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  332.599765][  T832] usb 11-1: Product: syz
[  332.600963][  T832] usb 11-1: Manufacturer: syz
[  332.602249][  T832] usb 11-1: SerialNumber: syz
[  332.604968][  T832] usb 11-1: config 0 descriptor??
[  332.608293][  T832] yurex 11-1:0.0: USB YUREX device now attached to Yurex #0
[  332.662872][T15309] Debayer A: =================  START STATUS  =================
[  332.665011][T15309] Debayer A: Debayer Mean Window Size: 3
[  332.668303][T15309] Debayer A: ==================  END STATUS  ==================
[  332.831797][T15315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.834174][T15315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.837448][T15315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.840389][T15315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.843042][T15315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.845642][T15315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.847957][T15315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.850178][T15315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.852494][T15315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.855934][T15315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.932204][T15320] overlayfs: failed to clone upperpath
[  332.940239][  T832] usb 11-1: USB disconnect, device number 3
[  332.943759][  T832] yurex 11-1:0.0: USB YUREX #0 now disconnected
[  332.995726][   T39] audit: type=1400 audit(1732601686.698:1060): avc:  denied  { map } for  pid=15323 comm="syz.5.3372" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  333.003961][   T39] audit: type=1400 audit(1732601686.698:1061): avc:  denied  { execute } for  pid=15323 comm="syz.5.3372" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  333.056686][   T35] usb 8-1: new full-speed USB device number 49 using dummy_hcd
[  333.230417][   T35] usb 8-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  333.232934][   T35] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.235058][   T35] usb 8-1: Product: syz
[  333.236183][   T35] usb 8-1: Manufacturer: syz
[  333.237583][   T35] usb 8-1: SerialNumber: syz
[  333.240253][   T35] usb 8-1: config 0 descriptor??
[  333.243302][   T35] snd-usb-audio 8-1:0.0: probe with driver snd-usb-audio failed with error -22
[  333.538910][T15335] nlmon0: entered allmulticast mode
[  333.961543][   T39] audit: type=1400 audit(1732601687.596:1062): avc:  denied  { create } for  pid=15341 comm="syz.5.3378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  334.044135][   T39] audit: type=1400 audit(1732601687.671:1063): avc:  denied  { getopt } for  pid=15345 comm="syz.5.3380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  334.093840][ T5998] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  334.104740][  T831] usb 11-1: new full-speed USB device number 4 using dummy_hcd
[  334.189356][   T39] audit: type=1400 audit(1732601687.802:1064): avc:  denied  { read } for  pid=15353 comm="syz.5.3384" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  334.199836][   T39] audit: type=1400 audit(1732601687.802:1065): avc:  denied  { open } for  pid=15353 comm="syz.5.3384" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  334.208233][   T39] audit: type=1400 audit(1732601687.802:1066): avc:  denied  { bind } for  pid=15353 comm="syz.5.3384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  334.218774][   T39] audit: type=1400 audit(1732601687.811:1067): avc:  denied  { ioctl } for  pid=15353 comm="syz.5.3384" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x4df9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  334.254108][ T5998] usb 5-1: Using ep0 maxpacket: 16
[  334.256693][ T5998] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  334.258807][ T5998] usb 5-1: config 4 has no interface number 0
[  334.260402][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  334.263175][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  334.266053][ T5998] usb 5-1: config 4 interface 51 has no altsetting 0
[  334.269340][ T5998] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  334.271698][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.273761][ T5998] usb 5-1: Product: syz
[  334.274863][ T5998] usb 5-1: Manufacturer: syz
[  334.277703][ T5998] usb 5-1: SerialNumber: syz
[  334.280256][T15339] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  334.282313][T15339] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  334.287965][  T831] usb 11-1: not running at top speed; connect to a high speed hub
[  334.291623][  T831] usb 11-1: config 1 interface 0 altsetting 128 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  334.295753][  T831] usb 11-1: config 1 interface 0 has no altsetting 0
[  334.301860][  T831] usb 11-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  334.305147][  T831] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.308999][  T831] usb 11-1: Product: ÑŽ
[  334.310572][  T831] usb 11-1: Manufacturer: �
[  334.312319][  T831] usb 11-1: SerialNumber: Ь
[  334.319093][T15340] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  334.374529][T15365] Unknown options in mask 5
[  334.436194][T15370] 8021q: adding VLAN 0 to HW filter on device bond4
[  334.479748][T15373] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  334.549830][  T831] usblp 11-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 128 proto 1 vid 0x0525 pid 0xA4A8
[  334.560028][  T831] usb 11-1: USB disconnect, device number 4
[  334.567514][  T831] usblp0: removed
[  334.611418][T15377] __nla_validate_parse: 71 callbacks suppressed
[  334.611433][T15377] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3390'.
[  334.616999][T15377] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3390'.
[  334.637235][ T5998] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -71
[  334.640937][ T5998] usb 5-1: USB disconnect, device number 34
[  334.715419][T15391] netpci0: tun_chr_ioctl cmd 1074025676
[  334.716900][T15391] netpci0: owner set to 0
[  334.766936][T15394] FAULT_INJECTION: forcing a failure.
[  334.766936][T15394] name failslab, interval 1, probability 0, space 0, times 0
[  334.770586][T15394] CPU: 2 UID: 0 PID: 15394 Comm: syz.6.3395 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  334.773263][T15394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  334.775994][T15394] Call Trace:
[  334.776878][T15394]  <TASK>
[  334.777685][T15394]  dump_stack_lvl+0x16c/0x1f0
[  334.778978][T15394]  should_fail_ex+0x497/0x5b0
[  334.780301][T15394]  should_failslab+0xc2/0x120
[  334.781578][T15394]  __kmalloc_cache_noprof+0x68/0x410
[  334.782980][T15394]  ? lockdep_init_map_type+0x16d/0x7d0
[  334.784408][T15394]  batadv_hash_new+0x4e/0x2e0
[  334.785647][T15394]  ? queue_delayed_work_on+0xa2/0x150
[  334.787091][T15394]  batadv_tt_init+0x278/0x350
[  334.788354][T15394]  batadv_mesh_init+0x4e3/0x9a0
[  334.789820][T15394]  batadv_softif_init_late+0xbde/0xf40
[  334.791250][T15394]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  334.792923][T15394]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  334.794517][T15394]  register_netdevice+0x672/0x1e90
[  334.795869][T15394]  ? dev_addr_mod+0x321/0x5b0
[  334.797108][T15394]  ? __pfx_register_netdevice+0x10/0x10
[  334.798584][T15394]  ? rtnl_create_link+0xa51/0xfa0
[  334.799983][T15394]  batadv_softif_newlink+0x70/0x90
[  334.801342][T15394]  rtnl_newlink+0xb88/0x1c50
[  334.802580][T15394]  ? __pfx_batadv_softif_newlink+0x10/0x10
[  334.804103][T15394]  ? __pfx_rtnl_newlink+0x10/0x10
[  334.805423][T15394]  ? __pfx___lock_acquire+0x10/0x10
[  334.806798][T15394]  ? cred_has_capability.isra.0+0x192/0x2f0
[  334.808351][T15394]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  334.810028][T15394]  ? find_held_lock+0x2d/0x110
[  334.811493][T15394]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  334.812839][T15394]  ? __pfx_lock_release+0x10/0x10
[  334.814163][T15394]  ? trace_lock_acquire+0x146/0x1e0
[  334.815530][T15394]  ? __pfx_rtnl_newlink+0x10/0x10
[  334.816848][T15394]  rtnetlink_rcv_msg+0x95b/0xea0
[  334.818144][T15394]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  334.819590][T15394]  netlink_rcv_skb+0x16b/0x440
[  334.820951][T15394]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  334.822396][T15394]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  334.823790][T15394]  ? netlink_deliver_tap+0x1ae/0xd30
[  334.825247][T15394]  netlink_unicast+0x53c/0x7f0
[  334.827005][T15394]  ? __pfx_netlink_unicast+0x10/0x10
[  334.828923][T15394]  netlink_sendmsg+0x8b8/0xd70
[  334.830651][T15394]  ? __pfx_netlink_sendmsg+0x10/0x10
[  334.832354][T15394]  ____sys_sendmsg+0xaaf/0xc90
[  334.833607][T15394]  ? copy_msghdr_from_user+0x10b/0x160
[  334.835042][T15394]  ? __pfx_____sys_sendmsg+0x10/0x10
[  334.836447][T15394]  ___sys_sendmsg+0x135/0x1e0
[  334.837678][T15394]  ? __pfx____sys_sendmsg+0x10/0x10
[  334.839053][T15394]  ? __pfx_lock_release+0x10/0x10
[  334.840367][T15394]  ? trace_lock_acquire+0x146/0x1e0
[  334.841751][T15394]  ? __fget_files+0x206/0x3a0
[  334.843108][T15394]  __sys_sendmsg+0x16e/0x220
[  334.844316][T15394]  ? __pfx___sys_sendmsg+0x10/0x10
[  334.845656][T15394]  do_syscall_64+0xcd/0x250
[  334.846858][T15394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.848393][T15394] RIP: 0033:0x7fa36297e819
[  334.849562][T15394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.854605][T15394] RSP: 002b:00007fa3636fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  334.856756][T15394] RAX: ffffffffffffffda RBX: 00007fa362b35fa0 RCX: 00007fa36297e819
[  334.858806][T15394] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  334.860853][T15394] RBP: 00007fa3636fe090 R08: 0000000000000000 R09: 0000000000000000
[  334.862898][T15394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  334.865144][T15394] R13: 0000000000000000 R14: 00007fa362b35fa0 R15: 00007ffe674d5228
[  334.867201][T15394]  </TASK>
[  334.942549][T15398] batman_adv: batadv0: Adding interface: dummy0
[  334.944295][T15398] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  334.950879][T15398] batman_adv: batadv0: Interface activated: dummy0
[  334.954848][T15398] batadv0: mtu less than device minimum
[  334.957140][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.960930][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.964314][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.967713][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.971159][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.974598][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.978036][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.981520][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  334.984890][T15398] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  335.032962][T15404] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3399'.
[  335.143808][T15415] FAULT_INJECTION: forcing a failure.
[  335.143808][T15415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.147256][T15415] CPU: 0 UID: 0 PID: 15415 Comm: syz.5.3403 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  335.149920][T15415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.152701][T15415] Call Trace:
[  335.153575][T15415]  <TASK>
[  335.154360][T15415]  dump_stack_lvl+0x16c/0x1f0
[  335.155594][T15415]  should_fail_ex+0x497/0x5b0
[  335.156829][T15415]  _copy_from_user+0x2e/0xd0
[  335.158040][T15415]  copy_folio_from_user+0xff/0x2a0
[  335.159385][T15415]  mfill_atomic_copy+0x1ba3/0x1e60
[  335.160741][T15415]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  335.162166][T15415]  ? __might_fault+0xe3/0x190
[  335.163413][T15415]  ? __might_fault+0xe3/0x190
[  335.164649][T15415]  userfaultfd_ioctl+0x1e50/0x3830
[  335.165991][T15415]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  335.167421][T15415]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  335.169108][T15415]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  335.170802][T15415]  ? __pfx_lock_release+0x10/0x10
[  335.172127][T15415]  ? selinux_file_ioctl+0x180/0x270
[  335.173486][T15415]  ? selinux_file_ioctl+0xb4/0x270
[  335.174830][T15415]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  335.176252][T15415]  ? __x64_sys_ioctl+0x190/0x200
[  335.177543][T15415]  __x64_sys_ioctl+0x190/0x200
[  335.178840][T15415]  do_syscall_64+0xcd/0x250
[  335.180035][T15415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.181589][T15415] RIP: 0033:0x7fd5e6d7e819
[  335.182765][T15415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.187720][T15415] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  335.189873][T15415] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  335.191921][T15415] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  335.193958][T15415] RBP: 00007fd5e7bc6090 R08: 0000000000000000 R09: 0000000000000000
[  335.196005][T15415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  335.198043][T15415] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  335.200103][T15415]  </TASK>
[  335.200975][    C0] vkms_vblank_simulate: vblank timer overrun
[  335.285995][T15424] netlink: 'syz.0.3407': attribute type 4 has an invalid length.
[  335.360659][T15432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3411'.
[  335.366655][T15433] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3408'.
[  335.369508][T15433] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3408'.
[  335.371923][T15433] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3408'.
[  335.374371][T15433] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3408'.
[  335.414873][T15435] warn_alloc: 2 callbacks suppressed
[  335.414883][T15435] syz.5.3412: vmalloc error: size 49152, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  335.420230][T15435] CPU: 2 UID: 0 PID: 15435 Comm: syz.5.3412 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  335.422949][T15435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  335.425718][T15435] Call Trace:
[  335.426620][T15435]  <TASK>
[  335.427409][T15435]  dump_stack_lvl+0x16c/0x1f0
[  335.428654][T15435]  warn_alloc+0x24d/0x3a0
[  335.429792][T15435]  ? __pfx_warn_alloc+0x10/0x10
[  335.431080][T15435]  ? policy_nodemask+0xea/0x4e0
[  335.432360][T15435]  ? alloc_pages_mpol_noprof+0x315/0x610
[  335.433828][T15435]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  335.435399][T15435]  ? trace_kmalloc+0x2d/0xd0
[  335.436734][T15435]  ? __pfx___might_resched+0x10/0x10
[  335.438120][T15435]  __vmalloc_node_range_noprof+0x12c0/0x1530
[  335.439693][T15435]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  335.441378][T15435]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  335.443819][T15435]  ? __pfx_lock_release+0x10/0x10
[  335.445148][T15435]  ? trace_lock_acquire+0x146/0x1e0
[  335.446525][T15435]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  335.448072][T15435]  vmalloc_noprof+0x6b/0x90
[  335.449262][T15435]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  335.450821][T15435]  hashlimit_mt_check_common+0x8b0/0x1450
[  335.452318][T15435]  hashlimit_mt_check_v1+0x2fe/0x370
[  335.453706][T15435]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  335.455244][T15435]  ? trace_contention_end+0xea/0x140
[  335.456695][T15435]  ? __mutex_unlock_slowpath+0x164/0x690
[  335.458204][T15435]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  335.459740][T15435]  xt_check_match+0x284/0xa50
[  335.460995][T15435]  ? out_of_line_wait_on_bit_timeout+0x150/0x170
[  335.462635][T15435]  ? __pfx_xt_check_match+0x10/0x10
[  335.463995][T15435]  ? pcpu_alloc_noprof+0x126/0x1680
[  335.465368][T15435]  ? xt_find_match+0x1f2/0x290
[  335.466645][T15435]  find_check_entry.constprop.0+0x325/0x9d0
[  335.468192][T15435]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  335.469861][T15435]  ? kfree+0x14f/0x4b0
[  335.470951][T15435]  ? kvfree+0x47/0x50
[  335.472012][T15435]  translate_table+0xc93/0x1710
[  335.473301][T15435]  ? __pfx_translate_table+0x10/0x10
[  335.474705][T15435]  ? __might_fault+0xe3/0x190
[  335.475956][T15435]  do_ipt_set_ctl+0x605/0xc30
[  335.477202][T15435]  ? __mutex_lock+0x1cc/0xa60
[  335.478461][T15435]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  335.479829][T15435]  ? __mutex_unlock_slowpath+0x164/0x690
[  335.481310][T15435]  ? sockopt_release_sock+0x52/0x60
[  335.482689][T15435]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  335.484272][T15435]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  335.485845][T15435]  nf_setsockopt+0x8a/0xf0
[  335.487039][T15435]  ip_setsockopt+0xcb/0xf0
[  335.488220][T15435]  udp_setsockopt+0x7d/0xd0
[  335.489421][T15435]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  335.490984][T15435]  do_sock_setsockopt+0x222/0x480
[  335.492309][T15435]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  335.493756][T15435]  ? lock_acquire+0x2f/0xb0
[  335.495061][T15435]  __sys_setsockopt+0x1a0/0x230
[  335.496350][T15435]  __x64_sys_setsockopt+0xbd/0x160
[  335.497698][T15435]  ? do_syscall_64+0x91/0x250
[  335.498962][T15435]  ? lockdep_hardirqs_on+0x7c/0x110
[  335.500331][T15435]  do_syscall_64+0xcd/0x250
[  335.501545][T15435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.503109][T15435] RIP: 0033:0x7fd5e6d7e819
[  335.504282][T15435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.509240][T15435] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  335.511408][T15435] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  335.513429][T15435] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[  335.515485][T15435] RBP: 00007fd5e7bc6090 R08: 00000000000004f8 R09: 0000000000000000
[  335.517556][T15435] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000002
[  335.519631][T15435] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  335.521699][T15435]  </TASK>
[  335.522970][T15435] Mem-Info:
[  335.523855][T15435] active_anon:14985 inactive_anon:0 isolated_anon:0
[  335.523855][T15435]  active_file:16977 inactive_file:39011 isolated_file:0
[  335.523855][T15435]  unevictable:2792 dirty:170 writeback:0
[  335.523855][T15435]  slab_reclaimable:12245 slab_unreclaimable:80510
[  335.523855][T15435]  mapped:25133 shmem:12277 pagetables:897
[  335.523855][T15435]  sec_pagetables:309 bounce:0
[  335.523855][T15435]  kernel_misc_reclaimable:0
[  335.523855][T15435]  free:427605 free_pcp:7809 free_cma:0
[  335.535472][T15435] Node 0 active_anon:53740kB inactive_anon:0kB active_file:67840kB inactive_file:155972kB unevictable:7632kB isolated(anon):0kB isolated(file):0kB mapped:100464kB dirty:672kB writeback:0kB shmem:39372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13136kB pagetables:3588kB sec_pagetables:1236kB all_unreclaimable? no
[  335.543820][T15435] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:68kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  335.553843][T15435] Node 0 DMA free:15292kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:68kB local_pcp:68kB free_cma:0kB
[  335.560812][T15435] lowmem_reserve[]: 0 1212 0 0 0
[  335.562136][T15435] Node 0 DMA32 free:137120kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:41216kB inactive_anon:0kB active_file:67840kB inactive_file:155972kB unevictable:7632kB writepending:672kB present:2080628kB managed:1269924kB mlocked:0kB bounce:0kB free_pcp:21348kB local_pcp:808kB free_cma:0kB
[  335.569872][T15435] lowmem_reserve[]: 0 0 0 0 0
[  335.571142][T15435] Node 1 Normal free:1582188kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:72kB unevictable:3536kB writepending:8kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:4712kB local_pcp:2888kB free_cma:0kB
[  335.578566][T15435] lowmem_reserve[]: 0 0 0 0 0
[  335.579867][T15435] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 0*64kB 1*128kB (U) 1*256kB (U) 1*512kB (U) 2*1024kB (U) 2*2048kB (U) 2*4096kB (U) = 15292kB
[  335.583799][T15435] Node 0 DMA32: 204*4kB (UME) 120*8kB (UME) 269*16kB (UME) 191*32kB (UM) 36*64kB (UME) 76*128kB (UME) 53*256kB (UME) 24*512kB (UME) 31*1024kB (UME) 19*2048kB (UM) 4*4096kB (UM) = 137120kB
[  335.588575][T15435] Node 1 Normal: 35*4kB (UM) 18*8kB (UME) 31*16kB (UME) 167*32kB (UME) 100*64kB (UME) 39*128kB (UME) 22*256kB (UME) 21*512kB (UME) 14*1024kB (UME) 7*2048kB (UME) 371*4096kB (UM) = 1582188kB
[  335.593471][T15435] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  335.595912][T15435] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  335.598277][T15435] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  335.600747][T15435] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  335.603174][T15435] 63584 total pagecache pages
[  335.604394][T15435] 0 pages in swap cache
[  335.605478][T15435] Free swap  = 123792kB
[  335.606578][T15435] Total swap = 124996kB
[  335.607664][T15435] 1048443 pages RAM
[  335.608664][T15435] 0 pages HighMem/MovableOnly
[  335.609900][T15435] 281641 pages reserved
[  335.610996][T15435] 0 pages cma reserved
[  335.636239][T15438] hpfs: Bad magic ... probably not HPFS
[  335.658503][T15440] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3414'.
[  335.662556][T15440] binder: BINDER_SET_CONTEXT_MGR already set
[  335.664217][T15440] binder: 15439:15440 ioctl 4018620d 200002c0 returned -16
[  335.667620][T15440] netlink: 76 bytes leftover after parsing attributes in process `syz.5.3414'.
[  335.943146][ T5998] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  335.962823][ T6013] usb 8-1: USB disconnect, device number 49
[  336.114294][ T5998] usb 10-1: Using ep0 maxpacket: 16
[  336.116844][ T5998] usb 10-1: config 4 has an invalid interface number: 51 but max is 0
[  336.119013][ T5998] usb 10-1: config 4 has no interface number 0
[  336.120637][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  336.123336][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  336.127794][ T5998] usb 10-1: config 4 interface 51 has no altsetting 0
[  336.131350][ T5998] usb 10-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  336.133883][ T5998] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.136366][ T5998] usb 10-1: Product: syz
[  336.137572][ T5998] usb 10-1: Manufacturer: syz
[  336.138911][ T5998] usb 10-1: SerialNumber: syz
[  336.141966][T15443] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  336.143956][T15443] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  336.479329][T15470] FAULT_INJECTION: forcing a failure.
[  336.479329][T15470] name failslab, interval 1, probability 0, space 0, times 0
[  336.482645][T15470] CPU: 0 UID: 0 PID: 15470 Comm: syz.0.3426 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  336.485331][T15470] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  336.488160][T15470] Call Trace:
[  336.488166][T15470]  <TASK>
[  336.488171][T15470]  dump_stack_lvl+0x16c/0x1f0
[  336.488188][T15470]  should_fail_ex+0x497/0x5b0
[  336.488204][T15470]  ? fs_reclaim_acquire+0xae/0x150
[  336.488215][T15470]  should_failslab+0xc2/0x120
[  336.494871][T15470]  __kmalloc_noprof+0xcb/0x510
[  336.494886][T15470]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  336.494902][T15470]  video_usercopy+0x1ac/0x1680
[  336.496376][ T5998] cdc_eem 10-1:4.51: probe with driver cdc_eem failed with error -71
[  336.497470][T15470]  ? __pfx___video_do_ioctl+0x10/0x10
[  336.502181][T15470]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  336.503598][ T5998] usb 10-1: USB disconnect, device number 17
[  336.503958][T15470]  ? __pfx_video_usercopy+0x10/0x10
[  336.506924][T15470]  v4l2_ioctl+0x1ba/0x250
[  336.508060][T15470]  ? __pfx_v4l2_ioctl+0x10/0x10
[  336.509344][T15470]  __x64_sys_ioctl+0x190/0x200
[  336.510611][T15470]  do_syscall_64+0xcd/0x250
[  336.511809][T15470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.513354][T15470] RIP: 0033:0x7fd598f7e819
[  336.514534][T15470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.519471][T15470] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.521648][T15470] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  336.523699][T15470] RDX: 00000000200002c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  336.525743][T15470] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  336.527795][T15470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.529857][T15470] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  336.531995][T15470]  </TASK>
[  336.533004][    C0] vkms_vblank_simulate: vblank timer overrun
[  336.620158][T15475] SELinux:  policydb magic number 0x78758c does not match expected magic number 0xf97cff8c
[  336.624975][T15475] SELinux: failed to load policy
[  336.645750][T15479] fuse: Unknown parameter '00000000000000000007ÿÿÿÿÿÿÿÿ'
[  336.755651][ T6013] usb 11-1: new high-speed USB device number 5 using dummy_hcd
[  336.916047][ T6013] usb 11-1: Using ep0 maxpacket: 32
[  336.919538][ T6013] usb 11-1: unable to get BOS descriptor or descriptor too short
[  336.922999][ T6013] usb 11-1: config 255 has an invalid interface number: 81 but max is 0
[  336.925504][ T6013] usb 11-1: config 255 has an invalid descriptor of length 147, skipping remainder of the config
[  336.928367][ T6013] usb 11-1: config 255 has no interface number 0
[  336.930004][ T6013] usb 11-1: config 255 interface 81 altsetting 3 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  336.933412][ T6013] usb 11-1: config 255 interface 81 has no altsetting 0
[  336.940362][ T6013] usb 11-1: string descriptor 0 read error: -22
[  336.942056][ T6013] usb 11-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[  336.944403][ T6013] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.112141][T15485] bridge0: port 3(veth0_to_bridge) entered blocking state
[  337.114682][T15485] bridge0: port 3(veth0_to_bridge) entered disabled state
[  337.117246][T15485] veth0_to_bridge: entered allmulticast mode
[  337.120442][T15485] veth0_to_bridge: entered promiscuous mode
[  337.122674][T15485] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  337.127704][T15485] bridge0: port 3(veth0_to_bridge) entered blocking state
[  337.130317][T15485] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  337.236468][ T6013] usb 11-1: USB disconnect, device number 5
[  337.463141][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  337.465442][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.478294][T15502] SELinux:  policydb version 626206372 does not match my version range 15-33
[  337.480802][T15502] SELinux: failed to load policy
[  338.615817][ T5998] usb 11-1: new high-speed USB device number 6 using dummy_hcd
[  338.776182][ T5998] usb 11-1: Using ep0 maxpacket: 16
[  338.779759][ T5998] usb 11-1: config 4 has an invalid interface number: 51 but max is 0
[  338.782015][ T5998] usb 11-1: config 4 has no interface number 0
[  338.783714][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  338.786300][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  338.789046][ T5998] usb 11-1: config 4 interface 51 has no altsetting 0
[  338.792755][ T5998] usb 11-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  338.795218][ T5998] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.797408][ T5998] usb 11-1: Product: syz
[  338.798771][ T5998] usb 11-1: Manufacturer: syz
[  338.800100][ T5998] usb 11-1: SerialNumber: syz
[  338.804109][T15514] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  338.806153][T15514] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  339.152076][ T5998] cdc_eem 11-1:4.51: probe with driver cdc_eem failed with error -71
[  339.156031][ T5998] usb 11-1: USB disconnect, device number 6
[  339.196066][T15524] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  339.204995][T15524] kvm: pic: level sensitive irq not supported
[  339.205382][T15524] kvm: pic: non byte read
[  339.318820][T15530] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  339.433270][   T39] kauditd_printk_skb: 33 callbacks suppressed
[  339.433281][   T39] audit: type=1400 audit(1732601692.713:1101): avc:  denied  { unmount } for  pid=12090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  339.520624][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.522436][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.524721][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.529197][T15539] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98
[  339.538411][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.541515][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.543669][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.545930][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.549200][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.551782][T15539] syzkaller0 speed is unknown, defaulting to 1000
[  339.617556][   T39] audit: type=1400 audit(1732601692.881:1102): avc:  denied  { map } for  pid=15542 comm="syz.0.3450" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  339.759874][T15550] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  339.778075][T15550] kvm: pic: level sensitive irq not supported
[  339.779051][T15550] kvm: pic: non byte read
[  339.864862][T15564] mkiss: ax0: crc mode is auto.
[  339.939032][   T39] audit: type=1400 audit(1732601693.180:1103): avc:  denied  { write } for  pid=15572 comm="syz.5.3461" name="/" dev="9p" ino=37617765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  339.947128][   T39] audit: type=1400 audit(1732601693.199:1104): avc:  denied  { add_name } for  pid=15572 comm="syz.5.3461" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  339.952918][   T39] audit: type=1400 audit(1732601693.199:1105): avc:  denied  { create } for  pid=15572 comm="syz.5.3461" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  339.958531][   T39] audit: type=1400 audit(1732601693.199:1106): avc:  denied  { associate } for  pid=15572 comm="syz.5.3461" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  339.960847][T15573] netfs: Couldn't get user pages (rc=-14)
[  339.964487][   T39] audit: type=1800 audit(1732601693.208:1107): pid=15573 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.3461" name="file0" dev="9p" ino=37617820 res=0 errno=0
[  339.977899][   T39] audit: type=1400 audit(1732601693.227:1108): avc:  denied  { ioctl } for  pid=15574 comm="syz.0.3462" path="socket:[61590]" dev="sockfs" ino=61590 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  339.984513][   T39] audit: type=1400 audit(1732601693.227:1109): avc:  denied  { bind } for  pid=15574 comm="syz.0.3462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  340.008576][T15575] kvm: user requested TSC rate below hardware speed
[  340.016185][T15575] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  340.018684][T15575] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  340.148722][T15590] FAULT_INJECTION: forcing a failure.
[  340.148722][T15590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.152208][T15590] CPU: 3 UID: 0 PID: 15590 Comm: syz.0.3468 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  340.154925][T15590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  340.158454][T15590] Call Trace:
[  340.159598][T15590]  <TASK>
[  340.160903][T15590]  dump_stack_lvl+0x16c/0x1f0
[  340.162177][T15590]  should_fail_ex+0x497/0x5b0
[  340.163504][T15590]  _copy_from_user+0x2e/0xd0
[  340.164722][T15590]  copy_msghdr_from_user+0x99/0x160
[  340.166125][T15590]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  340.167671][T15590]  ___sys_sendmsg+0xff/0x1e0
[  340.168941][T15590]  ? __pfx____sys_sendmsg+0x10/0x10
[  340.170325][T15590]  ? __pfx_lock_release+0x10/0x10
[  340.171652][T15590]  ? trace_lock_acquire+0x146/0x1e0
[  340.173054][T15590]  ? __fget_files+0x206/0x3a0
[  340.174375][T15590]  __sys_sendmsg+0x16e/0x220
[  340.175593][T15590]  ? __pfx___sys_sendmsg+0x10/0x10
[  340.176979][T15590]  do_syscall_64+0xcd/0x250
[  340.178186][T15590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.179810][T15590] RIP: 0033:0x7fd598f7e819
[  340.180991][T15590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.186232][T15590] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  340.188635][T15590] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  340.190800][T15590] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  340.192956][T15590] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  340.195125][T15590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.197180][T15590] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  340.199428][T15590]  </TASK>
[  340.251312][T15593] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  340.262461][T15593] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  340.334389][   T39] audit: type=1400 audit(1732601693.555:1110): avc:  denied  { ioctl } for  pid=15600 comm="syz.0.3473" path="socket:[60108]" dev="sockfs" ino=60108 ioctlcmd=0x942c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  340.341840][ T5998] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  340.361628][T15604] hpfs: Bad magic ... probably not HPFS
[  340.473001][T15611] __nla_validate_parse: 13 callbacks suppressed
[  340.473012][T15611] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3477'.
[  340.477146][T15611] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3477'.
[  340.519225][ T5998] usb 10-1: Using ep0 maxpacket: 16
[  340.521987][ T5998] usb 10-1: config 4 has an invalid interface number: 51 but max is 0
[  340.524143][ T5998] usb 10-1: config 4 has no interface number 0
[  340.525776][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  340.528567][ T5998] usb 10-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  340.531449][ T5998] usb 10-1: config 4 interface 51 has no altsetting 0
[  340.534795][ T5998] usb 10-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  340.537314][ T5998] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.539409][ T5998] usb 10-1: Product: syz
[  340.540753][ T5998] usb 10-1: Manufacturer: syz
[  340.541993][ T5998] usb 10-1: SerialNumber: syz
[  340.548872][T15582] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  340.550980][T15582] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  340.897335][ T5998] cdc_eem 10-1:4.51: probe with driver cdc_eem failed with error -71
[  340.902276][ T5998] usb 10-1: USB disconnect, device number 18
[  341.487984][T15632] pim6reg1: entered promiscuous mode
[  341.489445][T15632] pim6reg1: entered allmulticast mode
[  341.568878][T15635] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3481'.
[  341.571393][T15635] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3481'.
[  341.573779][T15635] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3481'.
[  341.576545][T15635] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3481'.
[  341.934823][T15646] FAULT_INJECTION: forcing a failure.
[  341.934823][T15646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.938246][T15646] CPU: 2 UID: 0 PID: 15646 Comm: syz.0.3486 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  341.940972][T15646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  341.944135][T15646] Call Trace:
[  341.945021][T15646]  <TASK>
[  341.945805][T15646]  dump_stack_lvl+0x16c/0x1f0
[  341.947054][T15646]  should_fail_ex+0x497/0x5b0
[  341.948290][T15646]  _copy_from_user+0x2e/0xd0
[  341.949485][T15646]  video_usercopy+0xeca/0x1680
[  341.950704][T15646]  ? __pfx___video_do_ioctl+0x10/0x10
[  341.952082][T15646]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  341.953805][T15646]  ? __pfx_video_usercopy+0x10/0x10
[  341.955143][T15646]  v4l2_ioctl+0x1ba/0x250
[  341.956245][T15646]  ? __pfx_v4l2_ioctl+0x10/0x10
[  341.957444][T15646]  __x64_sys_ioctl+0x190/0x200
[  341.958662][T15646]  do_syscall_64+0xcd/0x250
[  341.959816][T15646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.961317][T15646] RIP: 0033:0x7fd598f7e819
[  341.962448][T15646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.967225][T15646] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  341.969294][T15646] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  341.971252][T15646] RDX: 00000000200002c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  341.973254][T15646] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  341.975200][T15646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  341.977160][T15646] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  341.979151][T15646]  </TASK>
[  341.980023][    C2] vkms_vblank_simulate: vblank timer overrun
[  342.009774][T15648] Process accounting resumed
[  342.304074][   T35] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  342.409467][T15652] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3489'.
[  342.443058][   T35] usb 5-1: device descriptor read/64, error -71
[  342.592180][T15657] kvm: kvm [15656]: vcpu0, guest rIP: 0x19 Unhandled WRMSR(0xc1) = 0xd
[  342.595809][T15657] kvm: kvm [15656]: vcpu0, guest rIP: 0x1b Unhandled WRMSR(0xc1) = 0xd
[  342.599957][T15657] netlink: 'syz.5.3491': attribute type 39 has an invalid length.
[  342.685564][  T831] hid-generic 0005:04F3:FFF9.0010: item fetching failed at offset 0/1
[  342.688063][  T831] hid-generic 0005:04F3:FFF9.0010: probe with driver hid-generic failed with error -22
[  342.721010][ T5998] usb 11-1: new high-speed USB device number 7 using dummy_hcd
[  342.721126][   T35] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  342.728360][T15666] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.732049][T15666] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3493'.
[  342.762528][T15669] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3494'.
[  342.818021][T15673] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  342.870719][   T35] usb 5-1: device descriptor read/64, error -71
[  342.892079][ T5998] usb 11-1: Using ep0 maxpacket: 16
[  342.894770][ T5998] usb 11-1: config 4 has an invalid interface number: 51 but max is 0
[  342.896889][ T5998] usb 11-1: config 4 has no interface number 0
[  342.898520][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  342.901084][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  342.904091][ T5998] usb 11-1: config 4 interface 51 has no altsetting 0
[  342.907546][ T5998] usb 11-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  342.909949][ T5998] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.912049][ T5998] usb 11-1: Product: syz
[  342.913211][ T5998] usb 11-1: Manufacturer: syz
[  342.914839][ T5998] usb 11-1: SerialNumber: syz
[  342.921659][T15655] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  342.923634][T15655] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  342.924951][ T5319] Bluetooth: hci1: unexpected cc 0x0c58 length: 4 > 2
[  342.929218][ T5319] Bluetooth: hci1: unexpected event for opcode 0x0c58
[  342.988494][   T35] usb usb5-port1: attempt power cycle
[  343.130595][T15686] kernel profiling enabled (shift: 63)
[  343.132917][T15686] profiling shift: 63 too large
[  343.135643][T15686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3502'.
[  343.255875][ T5998] cdc_eem 11-1:4.51: probe with driver cdc_eem failed with error -71
[  343.261167][ T5998] usb 11-1: USB disconnect, device number 7
[  343.373136][   T35] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  343.394999][   T35] usb 5-1: device descriptor read/8, error -71
[  343.661793][   T35] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  343.683935][   T35] usb 5-1: device descriptor read/8, error -71
[  343.812468][   T35] usb usb5-port1: unable to enumerate USB device
[  343.843430][T15695] siw: device registration error -23
[  344.435302][T15707] binder: binder_mmap: 15706 20acc000-20ace000 bad vm_flags failed -1
[  344.538864][T15713] Mount JFS Failure: -22
[  344.540025][T15713] jfs_mount failed w/return code = -22
[  344.816366][ T5998] usb 8-1: new high-speed USB device number 50 using dummy_hcd
[  344.938225][   T39] kauditd_printk_skb: 16 callbacks suppressed
[  344.938236][   T39] audit: type=1400 audit(1732601697.867:1127): avc:  denied  { write } for  pid=15719 comm="syz.6.3517" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  344.972197][T15723] netlink: 'syz.6.3518': attribute type 1 has an invalid length.
[  344.976839][ T5998] usb 8-1: Using ep0 maxpacket: 16
[  344.979439][ T5998] usb 8-1: config 4 has an invalid interface number: 51 but max is 0
[  344.981552][ T5998] usb 8-1: config 4 has no interface number 0
[  344.983154][ T5998] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  344.989548][ T5998] usb 8-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  344.992123][ T5998] usb 8-1: config 4 interface 51 has no altsetting 0
[  345.000758][ T5998] usb 8-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  345.003135][ T5998] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.005202][ T5998] usb 8-1: Product: syz
[  345.006313][ T5998] usb 8-1: Manufacturer: syz
[  345.007546][ T5998] usb 8-1: SerialNumber: syz
[  345.010569][T15716] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  345.012531][T15716] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  345.023234][T15727] xt_hashlimit: max too large, truncated to 1048576
[  345.031821][   T39] audit: type=1400 audit(1732601697.951:1128): avc:  denied  { mounton } for  pid=15726 comm="syz.6.3520" path="/syzcgroup/unified/syz6" dev="cgroup2" ino=360 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  345.062902][   T39] audit: type=1400 audit(1732601697.979:1129): avc:  denied  { mount } for  pid=15728 comm="syz.6.3521" name="/" dev="pstore" ino=5787 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  345.348504][ T5998] cdc_eem 8-1:4.51: probe with driver cdc_eem failed with error -71
[  345.352190][ T5998] usb 8-1: USB disconnect, device number 50
[  345.375408][   T39] audit: type=1400 audit(1732601698.278:1130): avc:  denied  { create } for  pid=15733 comm="syz.0.3523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  345.376454][T15734] tipc: Started in network mode
[  345.381910][   T25] IPVS: starting estimator thread 0...
[  345.382989][T15734] tipc: Node identity ac1414aa, cluster identity 4711
[  345.385472][T15734] net_ratelimit: 10 callbacks suppressed
[  345.385480][T15734] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  345.388792][T15734] tipc: Enabled bearer <udp:s>, priority 10
[  345.440454][T15741] FAULT_INJECTION: forcing a failure.
[  345.440454][T15741] name failslab, interval 1, probability 0, space 0, times 0
[  345.443832][T15741] CPU: 0 UID: 0 PID: 15741 Comm: syz.0.3524 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  345.446506][T15741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  345.449258][T15741] Call Trace:
[  345.450132][T15741]  <TASK>
[  345.450915][T15741]  dump_stack_lvl+0x16c/0x1f0
[  345.452171][T15741]  should_fail_ex+0x497/0x5b0
[  345.453394][T15741]  ? fs_reclaim_acquire+0xae/0x150
[  345.454721][T15741]  should_failslab+0xc2/0x120
[  345.455950][T15741]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  345.457449][T15741]  ? __alloc_skb+0x2b1/0x380
[  345.458661][T15741]  __alloc_skb+0x2b1/0x380
[  345.459823][T15741]  ? __pfx___alloc_skb+0x10/0x10
[  345.461119][T15741]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  345.462706][T15741]  netlink_alloc_large_skb+0x69/0x130
[  345.464095][T15741]  netlink_sendmsg+0x689/0xd70
[  345.465347][T15741]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.466725][T15741]  ____sys_sendmsg+0xaaf/0xc90
[  345.467973][T15741]  ? copy_msghdr_from_user+0x10b/0x160
[  345.469380][T15741]  ? __pfx_____sys_sendmsg+0x10/0x10
[  345.470786][T15741]  ___sys_sendmsg+0x135/0x1e0
[  345.472038][T15741]  ? __pfx____sys_sendmsg+0x10/0x10
[  345.473388][T15741]  ? __pfx_lock_release+0x10/0x10
[  345.474710][T15741]  ? trace_lock_acquire+0x146/0x1e0
[  345.476080][T15741]  ? __fget_files+0x206/0x3a0
[  345.477313][T15741]  __sys_sendmsg+0x16e/0x220
[  345.478557][T15741]  ? __pfx___sys_sendmsg+0x10/0x10
[  345.479989][T15741]  do_syscall_64+0xcd/0x250
[  345.481220][T15741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.482883][T15741] RIP: 0033:0x7fd598f7e819
[  345.484039][T15741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.488939][T15741] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  345.491077][T15741] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  345.493755][T15741] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  345.495968][T15741] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  345.497984][T15741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.500015][T15741] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  345.502085][T15741]  </TASK>
[  345.532670][T15737] IPVS: using max 41 ests per chain, 98400 per kthread
[  345.532750][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  345.537285][   T39] audit: type=1400 audit(1732601698.428:1131): avc:  denied  { map } for  pid=15742 comm="syz.0.3525" path="/dev/bus/usb/007/001" dev="devtmpfs" ino=761 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  345.658956][   T39] audit: type=1400 audit(1732601698.531:1132): avc:  denied  { read } for  pid=5355 comm="acpid" name="event8" dev="devtmpfs" ino=3822 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  345.665478][   T39] audit: type=1400 audit(1732601698.531:1133): avc:  denied  { open } for  pid=5355 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=3822 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  345.671299][   T39] audit: type=1400 audit(1732601698.531:1134): avc:  denied  { ioctl } for  pid=5355 comm="acpid" path="/dev/input/event8" dev="devtmpfs" ino=3822 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  345.682338][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  345.735478][T15753] Malformed UNC in devname
[  345.735478][T15753] 
[  345.737736][T15753] CIFS: VFS: Malformed UNC in devname
[  345.832043][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  345.981681][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  345.997908][   T39] audit: type=1400 audit(1732601698.858:1135): avc:  denied  { append } for  pid=15764 comm="syz.6.3532" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  346.019804][T15768] Unknown options in mask 5
[  346.095704][T15777] 8021q: adding VLAN 0 to HW filter on device bond4
[  346.125502][T15789] FAULT_INJECTION: forcing a failure.
[  346.125502][T15789] name failslab, interval 1, probability 0, space 0, times 0
[  346.129054][T15789] CPU: 2 UID: 0 PID: 15789 Comm: syz.3.3540 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  346.131781][T15789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  346.134539][T15789] Call Trace:
[  346.135418][T15789]  <TASK>
[  346.136195][T15789]  dump_stack_lvl+0x16c/0x1f0
[  346.137440][T15789]  should_fail_ex+0x497/0x5b0
[  346.138681][T15789]  should_failslab+0xc2/0x120
[  346.139915][T15789]  __kmalloc_cache_noprof+0x68/0x410
[  346.141299][T15789]  ? lock_acquire+0x2f/0xb0
[  346.142499][T15789]  ? batadv_tvlv_handler_register+0x42/0x530
[  346.144059][T15789]  batadv_tvlv_handler_register+0x11d/0x530
[  346.145593][T15789]  ? __pfx_batadv_tt_tvlv_ogm_handler_v1+0x10/0x10
[  346.147270][T15789]  ? __pfx_batadv_tt_tvlv_unicast_handler_v1+0x10/0x10
[  346.149024][T15789]  batadv_tt_init+0xa0/0x350
[  346.149179][T15791] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  346.150329][T15789]  batadv_mesh_init+0x4e3/0x9a0
[  346.152392][T15791] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock
[  346.153628][T15789]  batadv_softif_init_late+0xbde/0xf40
[  346.153647][T15789]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  346.153662][T15789]  ? __pfx_batadv_softif_init_late+0x10/0x10
[  346.156738][T15791] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  346.157192][T15789]  register_netdevice+0x672/0x1e90
[  346.157209][T15789]  ? dev_addr_mod+0x321/0x5b0
[  346.157220][T15789]  ? __pfx_register_netdevice+0x10/0x10
[  346.158804][T15791] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock
[  346.160341][T15789]  ? rtnl_create_link+0xa51/0xfa0
[  346.169807][T15789]  batadv_softif_newlink+0x70/0x90
[  346.171148][T15789]  rtnl_newlink+0xb88/0x1c50
[  346.172360][T15789]  ? __pfx_batadv_softif_newlink+0x10/0x10
[  346.173871][T15789]  ? __pfx_rtnl_newlink+0x10/0x10
[  346.175191][T15789]  ? __pfx___lock_acquire+0x10/0x10
[  346.176543][T15789]  ? cred_has_capability.isra.0+0x192/0x2f0
[  346.178076][T15789]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  346.179697][T15789]  ? find_held_lock+0x2d/0x110
[  346.180964][T15789]  ? rtnetlink_rcv_msg+0x93a/0xea0
[  346.182306][T15789]  ? __pfx_lock_release+0x10/0x10
[  346.183613][T15789]  ? trace_lock_acquire+0x146/0x1e0
[  346.184846][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  346.184960][T15789]  ? __pfx_rtnl_newlink+0x10/0x10
[  346.188389][T15789]  rtnetlink_rcv_msg+0x95b/0xea0
[  346.189691][T15789]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  346.191121][T15789]  ? __pfx___lock_acquire+0x10/0x10
[  346.192477][T15789]  ? __pfx___lock_acquire+0x10/0x10
[  346.193840][T15789]  ? __pfx_sock_has_perm+0x10/0x10
[  346.195178][T15789]  ? __lock_acquire+0xcc5/0x3c40
[  346.196470][T15789]  netlink_rcv_skb+0x16b/0x440
[  346.197725][T15789]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  346.199158][T15789]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  346.200549][T15789]  ? netlink_deliver_tap+0x1ae/0xd30
[  346.201933][T15789]  netlink_unicast+0x53c/0x7f0
[  346.203194][T15789]  ? __pfx_netlink_unicast+0x10/0x10
[  346.204571][T15789]  netlink_sendmsg+0x8b8/0xd70
[  346.205828][T15789]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.207213][T15789]  ____sys_sendmsg+0xaaf/0xc90
[  346.208465][T15789]  ? copy_msghdr_from_user+0x10b/0x160
[  346.209881][T15789]  ? __pfx_____sys_sendmsg+0x10/0x10
[  346.211299][T15789]  ___sys_sendmsg+0x135/0x1e0
[  346.212538][T15789]  ? __pfx____sys_sendmsg+0x10/0x10
[  346.213905][T15789]  ? __pfx_lock_release+0x10/0x10
[  346.215405][T15789]  ? trace_lock_acquire+0x146/0x1e0
[  346.216765][T15789]  ? __fget_files+0x206/0x3a0
[  346.217989][T15789]  __sys_sendmsg+0x16e/0x220
[  346.219228][T15789]  ? __pfx___sys_sendmsg+0x10/0x10
[  346.220569][T15789]  do_syscall_64+0xcd/0x250
[  346.221758][T15789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.223293][T15789] RIP: 0033:0x7fdf23b7e819
[  346.224449][T15789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.229395][T15789] RSP: 002b:00007fdf249ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.231682][T15789] RAX: ffffffffffffffda RBX: 00007fdf23d35fa0 RCX: 00007fdf23b7e819
[  346.233764][T15789] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[  346.235837][T15789] RBP: 00007fdf249ea090 R08: 0000000000000000 R09: 0000000000000000
[  346.237902][T15789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  346.239977][T15789] R13: 0000000000000000 R14: 00007fdf23d35fa0 R15: 00007ffe9d2abfd8
[  346.242054][T15789]  </TASK>
[  346.242976][    C2] vkms_vblank_simulate: vblank timer overrun
[  346.282314][T15796] overlayfs: failed to resolve './file0': -2
[  346.323774][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  346.387893][ T5998] usb 11-1: new high-speed USB device number 8 using dummy_hcd
[  346.416289][T15801] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  346.426895][   T39] audit: type=1400 audit(1732601699.251:1136): avc:  denied  { read } for  pid=15802 comm="syz.0.3545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  346.473595][    T8] tipc: Node number set to 2886997162
[  346.558983][ T5998] usb 11-1: Using ep0 maxpacket: 16
[  346.561932][ T5998] usb 11-1: config 4 has an invalid interface number: 51 but max is 0
[  346.564066][ T5998] usb 11-1: config 4 has no interface number 0
[  346.565794][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  346.568425][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  346.571392][ T5998] usb 11-1: config 4 interface 51 has no altsetting 0
[  346.574681][ T5998] usb 11-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  346.577137][ T5998] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.579246][ T5998] usb 11-1: Product: syz
[  346.580768][ T5998] usb 11-1: Manufacturer: syz
[  346.582016][ T5998] usb 11-1: SerialNumber: syz
[  346.588655][T15788] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  346.590586][T15788] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  346.623132][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  346.911872][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  346.925499][ T5998] cdc_eem 11-1:4.51: probe with driver cdc_eem failed with error -71
[  346.929152][ T5998] usb 11-1: USB disconnect, device number 8
[  347.285993][ T5319] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  347.291225][ T5319] Bluetooth: hci1: Injecting HCI hardware error event
[  347.295985][ T5319] Bluetooth: hci1: hardware error 0x00
[  347.376259][T15824] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=770954412 (770954412 ns) > initial count (134138459 ns). Using initial count to start timer.
[  347.489075][    C0] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  348.277571][T15840] FAULT_INJECTION: forcing a failure.
[  348.277571][T15840] name failslab, interval 1, probability 0, space 0, times 0
[  348.281938][T15840] CPU: 1 UID: 0 PID: 15840 Comm: syz.0.3556 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  348.285314][T15840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.288915][T15840] Call Trace:
[  348.290049][T15840]  <TASK>
[  348.291091][T15840]  dump_stack_lvl+0x16c/0x1f0
[  348.292369][T15840]  should_fail_ex+0x497/0x5b0
[  348.293826][T15840]  ? fs_reclaim_acquire+0xae/0x150
[  348.295557][T15840]  should_failslab+0xc2/0x120
[  348.297168][T15840]  __kmalloc_noprof+0xcb/0x510
[  348.298671][T15840]  __list_lru_init+0xe8/0x4c0
[  348.299905][T15840]  alloc_super+0x909/0xbd0
[  348.301081][T15840]  ? __pfx_test_bdev_super+0x10/0x10
[  348.302827][T15840]  sget+0x11b/0x760
[  348.304128][T15840]  ? __pfx_set_bdev_super+0x10/0x10
[  348.305896][T15840]  ? __pfx_f2fs_fill_super+0x10/0x10
[  348.307694][T15840]  mount_bdev+0x108/0x2d0
[  348.309164][T15840]  ? __pfx_mount_bdev+0x10/0x10
[  348.310830][T15840]  ? __pfx_vfs_parse_fs_string+0x10/0x10
[  348.312731][T15840]  ? kasan_save_track+0x14/0x30
[  348.314387][T15840]  ? cap_capable+0x1cf/0x240
[  348.315967][T15840]  ? __pfx_f2fs_mount+0x10/0x10
[  348.317616][T15840]  legacy_get_tree+0x109/0x220
[  348.319059][T15840]  vfs_get_tree+0x8f/0x380
[  348.320225][T15840]  path_mount+0x14e6/0x1f20
[  348.321424][T15840]  ? kmem_cache_free+0x152/0x4c0
[  348.322737][T15840]  ? __pfx_path_mount+0x10/0x10
[  348.324255][T15840]  ? putname+0x13c/0x180
[  348.325702][T15840]  __x64_sys_mount+0x294/0x320
[  348.327333][T15840]  ? __pfx___x64_sys_mount+0x10/0x10
[  348.329134][T15840]  do_syscall_64+0xcd/0x250
[  348.330687][T15840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.332686][T15840] RIP: 0033:0x7fd598f7e819
[  348.334221][T15840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.340053][T15840] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  348.342237][T15840] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  348.344289][T15840] RDX: 0000000020000140 RSI: 0000000020000040 RDI: 00000000200000c0
[  348.346959][T15840] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  348.349616][T15840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.352310][T15840] R13: 0000000000000001 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  348.354685][T15840]  </TASK>
[  348.384932][T15844] FAULT_INJECTION: forcing a failure.
[  348.384932][T15844] name failslab, interval 1, probability 0, space 0, times 0
[  348.389032][T15844] CPU: 1 UID: 0 PID: 15844 Comm: syz.0.3558 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  348.391819][T15844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  348.394606][T15844] Call Trace:
[  348.395484][T15844]  <TASK>
[  348.396267][T15844]  dump_stack_lvl+0x16c/0x1f0
[  348.397506][T15844]  should_fail_ex+0x497/0x5b0
[  348.398753][T15844]  ? fs_reclaim_acquire+0xae/0x150
[  348.400095][T15844]  should_failslab+0xc2/0x120
[  348.401350][T15844]  __kmalloc_noprof+0xcb/0x510
[  348.402624][T15844]  ? d_absolute_path+0x137/0x1b0
[  348.403932][T15844]  tomoyo_encode2+0x100/0x3e0
[  348.405176][T15844]  tomoyo_encode+0x29/0x50
[  348.406364][T15844]  tomoyo_realpath_from_path+0x19d/0x720
[  348.407843][T15844]  tomoyo_path2_perm+0x2a6/0x710
[  348.409145][T15844]  ? tomoyo_path2_perm+0x298/0x710
[  348.410501][T15844]  ? __pfx_tomoyo_path2_perm+0x10/0x10
[  348.411938][T15844]  ? hlock_class+0x4e/0x130
[  348.413145][T15844]  ? current_check_refer_path+0x2be/0x710
[  348.414651][T15844]  ? __pfx_current_check_refer_path+0x10/0x10
[  348.416240][T15844]  tomoyo_path_rename+0x102/0x1b0
[  348.417567][T15844]  ? __pfx_tomoyo_path_rename+0x10/0x10
[  348.419068][T15844]  ? __d_lookup+0x266/0x4a0
[  348.420271][T15844]  ? d_lookup+0xe9/0x180
[  348.421400][T15844]  security_path_rename+0x18e/0x3c0
[  348.422785][T15844]  do_renameat2+0x7a0/0xdd0
[  348.423984][T15844]  ? __pfx_do_renameat2+0x10/0x10
[  348.425299][T15844]  ? lock_acquire+0x2f/0xb0
[  348.426511][T15844]  ? __virt_addr_valid+0x5e/0x590
[  348.427887][T15844]  ? __phys_addr_symbol+0x30/0x80
[  348.429614][T15844]  ? getname_flags.part.0+0x1c5/0x550
[  348.431312][T15844]  __x64_sys_renameat2+0xe7/0x130
[  348.432634][T15844]  do_syscall_64+0xcd/0x250
[  348.433833][T15844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.435390][T15844] RIP: 0033:0x7fd598f7e819
[  348.436567][T15844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.441549][T15844] RSP: 002b:00007fd596df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  348.443723][T15844] RAX: ffffffffffffffda RBX: 00007fd599135fa0 RCX: 00007fd598f7e819
[  348.445776][T15844] RDX: 0000000000000004 RSI: 00000000200004c0 RDI: 0000000000000006
[  348.447837][T15844] RBP: 00007fd596df6090 R08: 0000000000000000 R09: 0000000000000000
[  348.449897][T15844] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000001
[  348.452068][T15844] R13: 0000000000000000 R14: 00007fd599135fa0 R15: 00007fffdb4eaf98
[  348.454223][T15844]  </TASK>
[  348.456608][T15844] ERROR: Out of memory at tomoyo_realpath_from_path.
[  348.600842][  T832] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  348.637579][T15859] siw: device registration error -23
[  348.756515][  T832] usb 10-1: device descriptor read/64, error -71
[  348.761276][ T5998] usb 11-1: new high-speed USB device number 9 using dummy_hcd
[  348.866394][T15872] __nla_validate_parse: 2 callbacks suppressed
[  348.866405][T15872] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3568'.
[  348.872847][T15872] netlink: 'syz.0.3568': attribute type 39 has an invalid length.
[  348.896657][T15875] "syz.0.3569" (15875) uses obsolete ecb(arc4) skcipher
[  348.921614][ T5998] usb 11-1: Using ep0 maxpacket: 16
[  348.924178][ T5998] usb 11-1: config 4 has an invalid interface number: 51 but max is 0
[  348.926392][ T5998] usb 11-1: config 4 has no interface number 0
[  348.928020][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  348.930572][ T5998] usb 11-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  348.933336][ T5998] usb 11-1: config 4 interface 51 has no altsetting 0
[  348.936648][ T5998] usb 11-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  348.939047][ T5998] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.941155][ T5998] usb 11-1: Product: syz
[  348.942289][ T5998] usb 11-1: Manufacturer: syz
[  348.943660][ T5998] usb 11-1: SerialNumber: syz
[  348.946601][T15850] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  348.948562][T15850] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[  349.011908][T15879] ebt_limit: overflow, try lower: 570423552/2483027968
[  349.028457][  T832] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  349.079449][T15880] nfs: Unknown parameter '	'
[  349.087234][T15876] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3566'.
[  349.089679][T15876] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3566'.
[  349.092107][T15876] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3566'.
[  349.094806][T15876] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3566'.
[  349.167460][  T832] usb 10-1: device descriptor read/64, error -71
[  349.279058][ T5998] cdc_eem 11-1:4.51: probe with driver cdc_eem failed with error -71
[  349.282868][ T5998] usb 11-1: USB disconnect, device number 9
[  349.285276][  T832] usb usb10-port1: attempt power cycle
[  349.498926][ T5319] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  349.648525][  T832] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  349.670420][  T832] usb 10-1: device descriptor read/8, error -71
[  349.947927][  T832] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  349.970775][  T832] usb 10-1: device descriptor read/8, error -71
[  350.087113][  T832] usb usb10-port1: unable to enumerate USB device
[  350.528589][ T5998] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  350.688188][ T5998] usb 5-1: Using ep0 maxpacket: 16
[  350.690768][ T5998] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  350.693041][ T5998] usb 5-1: config 4 has no interface number 0
[  350.694754][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  350.697330][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  350.700364][ T5998] usb 5-1: config 4 interface 51 has no altsetting 0
[  350.703976][ T5998] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  350.706455][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.708772][ T5998] usb 5-1: Product: syz
[  350.709902][ T5998] usb 5-1: Manufacturer: syz
[  350.711485][ T5998] usb 5-1: SerialNumber: syz
[  350.716720][T15910] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  350.718824][T15910] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  350.980051][T15914] syzkaller1: entered promiscuous mode
[  350.982178][T15914] syzkaller1: entered allmulticast mode
[  351.046702][ T5998] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -71
[  351.050556][ T5998] usb 5-1: USB disconnect, device number 39
[  351.319696][ T5960] Bluetooth: hci3: unexpected cc 0x0c58 length: 4 > 2
[  351.322983][ T5960] Bluetooth: hci3: unexpected event for opcode 0x0c58
[  351.571322][   T39] kauditd_printk_skb: 12 callbacks suppressed
[  351.571334][   T39] audit: type=1400 audit(1732601704.068:1149): avc:  denied  { write } for  pid=15922 comm="syz.5.3583" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  351.583525][   T39] audit: type=1400 audit(1732601704.068:1150): avc:  denied  { open } for  pid=15922 comm="syz.5.3583" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  351.599383][   T39] audit: type=1326 audit(1732601704.097:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15924 comm="syz.5.3584" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd5e6d7e819 code=0x0
[  351.706988][   T39] audit: type=1400 audit(1732601704.199:1152): avc:  denied  { mount } for  pid=15926 comm="syz.0.3585" name="/" dev="autofs" ino=62903 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  351.775190][   T39] audit: type=1400 audit(1732601704.256:1153): avc:  denied  { unmount } for  pid=12090 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  351.787970][   T39] audit: type=1400 audit(1732601704.274:1154): avc:  denied  { listen } for  pid=15930 comm="syz.0.3586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  351.788177][T15931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3586'.
[  351.865799][T15936] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3588'.
[  351.865844][   T39] audit: type=1400 audit(1732601704.349:1155): avc:  denied  { nlmsg_read } for  pid=15935 comm="syz.0.3588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  351.876379][   T39] audit: type=1400 audit(1732601704.349:1156): avc:  denied  { ioctl } for  pid=15935 comm="syz.0.3588" path="socket:[62910]" dev="sockfs" ino=62910 ioctlcmd=0x9418 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  351.884159][   T39] audit: type=1400 audit(1732601704.349:1157): avc:  denied  { bind } for  pid=15935 comm="syz.0.3588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  351.916610][   T39] audit: type=1400 audit(1732601704.396:1158): avc:  denied  { create } for  pid=15937 comm="syz.0.3589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  351.964515][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.966717][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.247215][T15956] netlink: 'syz.3.3598': attribute type 1 has an invalid length.
[  352.249400][T15956] netlink: 209828 bytes leftover after parsing attributes in process `syz.3.3598'.
[  352.323123][ T5998] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  352.502969][ T5998] usb 5-1: Using ep0 maxpacket: 16
[  352.505868][ T5998] usb 5-1: config 4 has an invalid interface number: 51 but max is 0
[  352.508396][ T5998] usb 5-1: config 4 has no interface number 0
[  352.510655][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 16
[  352.514369][ T5998] usb 5-1: config 4 interface 51 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  352.517741][ T5998] usb 5-1: config 4 interface 51 has no altsetting 0
[  352.521906][ T5998] usb 5-1: New USB device found, idVendor=954f, idProduct=4199, bcdDevice= f.76
[  352.525279][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.528171][ T5998] usb 5-1: Product: syz
[  352.529769][ T5998] usb 5-1: Manufacturer: syz
[  352.531531][ T5998] usb 5-1: SerialNumber: syz
[  352.536783][T15946] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  352.539276][T15946] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  352.736267][T15979] warn_alloc: 2 callbacks suppressed
[  352.736283][T15979] syz.5.3606: vmalloc error: size 61440, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  352.742154][T15979] CPU: 3 UID: 0 PID: 15979 Comm: syz.5.3606 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  352.744931][T15979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  352.747704][T15979] Call Trace:
[  352.748591][T15979]  <TASK>
[  352.749366][T15979]  dump_stack_lvl+0x16c/0x1f0
[  352.750614][T15979]  warn_alloc+0x24d/0x3a0
[  352.751744][T15979]  ? __pfx_warn_alloc+0x10/0x10
[  352.753009][T15979]  ? policy_nodemask+0xea/0x4e0
[  352.754360][T15979]  ? alloc_pages_mpol_noprof+0x315/0x610
[  352.756301][T15979]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  352.758503][T15979]  ? trace_kmalloc+0x2d/0xd0
[  352.760214][T15979]  ? __pfx___might_resched+0x10/0x10
[  352.762178][T15979]  __vmalloc_node_range_noprof+0x12c0/0x1530
[  352.764286][T15979]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  352.765885][T15979]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  352.767928][T15979]  ? __pfx_lock_release+0x10/0x10
[  352.769336][T15979]  ? trace_lock_acquire+0x146/0x1e0
[  352.770710][T15979]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  352.772581][T15979]  vmalloc_noprof+0x6b/0x90
[  352.773795][T15979]  ? hashlimit_mt_check_common+0x8b0/0x1450
[  352.775388][T15979]  hashlimit_mt_check_common+0x8b0/0x1450
[  352.776881][T15979]  hashlimit_mt_check_v1+0x2fe/0x370
[  352.778264][T15979]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  352.779779][T15979]  ? trace_contention_end+0xea/0x140
[  352.781173][T15979]  ? __mutex_unlock_slowpath+0x164/0x690
[  352.782644][T15979]  ? __pfx_hashlimit_mt_check_v1+0x10/0x10
[  352.784159][T15979]  xt_check_match+0x284/0xa50
[  352.785387][T15979]  ? out_of_line_wait_on_bit_timeout+0x150/0x170
[  352.787036][T15979]  ? __pfx_xt_check_match+0x10/0x10
[  352.788393][T15979]  ? pcpu_alloc_noprof+0x126/0x1680
[  352.789750][T15979]  ? xt_find_match+0x1f2/0x290
[  352.791013][T15979]  find_check_entry.constprop.0+0x325/0x9d0
[  352.792556][T15979]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[  352.794236][T15979]  ? kfree+0x14f/0x4b0
[  352.795304][T15979]  ? kvfree+0x47/0x50
[  352.796356][T15979]  translate_table+0xc93/0x1710
[  352.797637][T15979]  ? __pfx_translate_table+0x10/0x10
[  352.799039][T15979]  ? __might_fault+0xe3/0x190
[  352.800280][T15979]  do_ipt_set_ctl+0x605/0xc30
[  352.801526][T15979]  ? __mutex_lock+0x1cc/0xa60
[  352.802792][T15979]  ? __pfx_do_ipt_set_ctl+0x10/0x10
[  352.804155][T15979]  ? __mutex_unlock_slowpath+0x164/0x690
[  352.805623][T15979]  ? sockopt_release_sock+0x52/0x60
[  352.806999][T15979]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  352.808568][T15979]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  352.810136][T15979]  nf_setsockopt+0x8a/0xf0
[  352.811312][T15979]  ip_setsockopt+0xcb/0xf0
[  352.812491][T15979]  udp_setsockopt+0x7d/0xd0
[  352.813688][T15979]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  352.815243][T15979]  do_sock_setsockopt+0x222/0x480
[  352.816562][T15979]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  352.818002][T15979]  ? lock_acquire+0x2f/0xb0
[  352.819204][T15979]  __sys_setsockopt+0x1a0/0x230
[  352.820495][T15979]  __x64_sys_setsockopt+0xbd/0x160
[  352.821845][T15979]  ? do_syscall_64+0x91/0x250
[  352.823086][T15979]  ? lockdep_hardirqs_on+0x7c/0x110
[  352.824557][T15979]  do_syscall_64+0xcd/0x250
[  352.825757][T15979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.827315][T15979] RIP: 0033:0x7fd5e6d7e819
[  352.828481][T15979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.833440][T15979] RSP: 002b:00007fd5e7bc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  352.835601][T15979] RAX: ffffffffffffffda RBX: 00007fd5e6f35fa0 RCX: 00007fd5e6d7e819
[  352.837655][T15979] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[  352.839703][T15979] RBP: 00007fd5e7bc6090 R08: 00000000000004f8 R09: 0000000000000000
[  352.841758][T15979] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000002
[  352.843804][T15979] R13: 0000000000000000 R14: 00007fd5e6f35fa0 R15: 00007ffea0b36688
[  352.845853][T15979]  </TASK>
[  352.848182][T15979] Mem-Info:
[  352.849057][T15979] active_anon:6210 inactive_anon:0 isolated_anon:0
[  352.849057][T15979]  active_file:16977 inactive_file:39018 isolated_file:0
[  352.849057][T15979]  unevictable:2792 dirty:151 writeback:0
[  352.849057][T15979]  slab_reclaimable:12331 slab_unreclaimable:81182
[  352.849057][T15979]  mapped:26652 shmem:3496 pagetables:886
[  352.849057][T15979]  sec_pagetables:309 bounce:0
[  352.849057][T15979]  kernel_misc_reclaimable:0
[  352.849057][T15979]  free:439813 free_pcp:3048 free_cma:0
[  352.860636][T15979] Node 0 active_anon:25444kB inactive_anon:0kB active_file:67840kB inactive_file:156000kB unevictable:7632kB isolated(anon):0kB isolated(file):0kB mapped:107160kB dirty:600kB writeback:0kB shmem:11068kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12880kB pagetables:3544kB sec_pagetables:1236kB all_unreclaimable? no
[  352.868947][T15979] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  352.876620][T15979] Node 0 DMA free:15292kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:68kB local_pcp:0kB free_cma:0kB
[  352.883536][T15979] lowmem_reserve[]: 0 1212 0 0 0
[  352.884871][T15979] Node 0 DMA32 free:157300kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:27304kB inactive_anon:0kB active_file:67840kB inactive_file:156000kB unevictable:7632kB writepending:600kB present:2080628kB managed:1269924kB mlocked:0kB bounce:0kB free_pcp:9496kB local_pcp:1080kB free_cma:0kB
[  352.892593][T15979] lowmem_reserve[]: 0 0 0 0 0
[  352.893856][T15979] Node 1 Normal free:1582940kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:72kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:3960kB local_pcp:1824kB free_cma:0kB
[  352.901361][T15979] lowmem_reserve[]: 0 0 0 0 0
[  352.902722][T15979] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 0*64kB 1*128kB (U) 1*256kB (U) 1*512kB (U) 2*1024kB (U) 2*2048kB (U) 2*4096kB (U) = 15292kB
[  352.906641][T15979] Node 0 DMA32: 100*4kB (UE) 177*8kB (UE) 306*16kB (UME) 278*32kB (UME) 204*64kB (UME) 89*128kB (UME) 58*256kB (UME) 26*512kB (UME) 27*1024kB (UME) 16*2048kB (UM) 6*4096kB (UM) = 153208kB
[  352.911477][T15979] Node 1 Normal: 33*4kB (UM) 19*8kB (UME) 38*16kB (UME) 167*32kB (UME) 100*64kB (UME) 40*128kB (UME) 22*256kB (UME) 22*512kB (UME) 14*1024kB (UME) 7*2048kB (UME) 371*4096kB (UM) = 1582940kB
[  352.916285][T15979] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  352.918749][T15979] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  352.921168][T15979] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  352.923606][T15979] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  352.925989][T15979] 61041 total pagecache pages
[  352.927247][T15979] 0 pages in swap cache
[  352.928328][T15979] Free swap  = 123792kB
[  352.929412][T15979] Total swap = 124996kB
[  352.930575][T15979] 1048443 pages RAM
[  352.931579][T15979] 0 pages HighMem/MovableOnly
[  352.932806][T15979] 281641 pages reserved
[  352.933894][T15979] 0 pages cma reserved
[  352.959422][T15981] tipc: Failed to remove unknown binding: 66,1,1/4:3218430939/3218430941
[  352.969637][T15981] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3607'.
[  353.003545][ T5998] cdc_eem 5-1:4.51: probe with driver cdc_eem failed with error -71
[  353.008741][ T5998] usb 5-1: USB disconnect, device number 40
[  353.114722][    C0] ==================================================================
[  353.117016][    C0] BUG: KASAN: slab-out-of-bounds in selinux_ip_output+0x1e0/0x1f0
[  353.119792][    C0] Read of size 8 at addr ffff888051f8aa18 by task syz.6.3609/15985
[  353.124125][    C0] 
[  353.125014][    C0] CPU: 0 UID: 0 PID: 15985 Comm: syz.6.3609 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  353.128687][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  353.131887][    C0] Call Trace:
[  353.132761][    C0]  <IRQ>
[  353.133514][    C0]  dump_stack_lvl+0x116/0x1f0
[  353.134759][    C0]  print_report+0xc3/0x620
[  353.135924][    C0]  ? __virt_addr_valid+0x5e/0x590
[  353.137227][    C0]  ? __phys_addr+0xc6/0x150
[  353.138418][    C0]  kasan_report+0xd9/0x110
[  353.139590][    C0]  ? selinux_ip_output+0x1e0/0x1f0
[  353.140941][    C0]  ? selinux_ip_output+0x1e0/0x1f0
[  353.142285][    C0]  selinux_ip_output+0x1e0/0x1f0
[  353.143575][    C0]  ? __pfx_selinux_ip_output+0x10/0x10
[  353.144990][    C0]  nf_hook_slow+0xbb/0x200
[  353.146156][    C0]  nf_hook+0x474/0x7d0
[  353.147230][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.148502][    C0]  ? __pfx_nf_hook+0x10/0x10
[  353.149714][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.151039][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.152314][    C0]  ip6_xmit+0xd44/0x2130
[  353.153425][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.154708][    C0]  ? __pfx_ip6_xmit+0x10/0x10
[  353.155931][    C0]  ? xfrm_lookup_route+0x6a/0x200
[  353.157238][    C0]  ? ip6_dst_lookup_flow+0x164/0x1d0
[  353.158616][    C0]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  353.160077][    C0]  tcp_v6_send_response+0x11d9/0x25e0
[  353.161483][    C0]  ? __pfx_tcp_v6_send_response+0x10/0x10
[  353.162967][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.164209][    C0]  tcp_v6_rcv+0x2c9c/0x3fd0
[  353.165317][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  353.166592][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  353.167948][    C0]  ? find_held_lock+0x2d/0x110
[  353.169202][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  353.170483][    C0]  ip6_protocol_deliver_rcu+0x180/0x1510
[  353.172013][    C0]  ip6_input_finish+0x14f/0x2f0
[  353.173305][    C0]  ip6_input+0xa1/0xd0
[  353.174382][    C0]  ? __pfx_ip6_input+0x10/0x10
[  353.175636][    C0]  ipv6_rcv+0x265/0x680
[  353.176720][    C0]  ? __pfx_ipv6_rcv+0x10/0x10
[  353.177945][    C0]  __netif_receive_skb_one_core+0x12e/0x1e0
[  353.179486][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  353.181156][    C0]  ? rcu_is_watching+0x12/0xc0
[  353.182415][    C0]  ? process_backlog+0x3f1/0x15f0
[  353.183725][    C0]  ? process_backlog+0x3f1/0x15f0
[  353.185040][    C0]  __netif_receive_skb+0x1d/0x160
[  353.186354][    C0]  process_backlog+0x443/0x15f0
[  353.187628][    C0]  __napi_poll.constprop.0+0xb7/0x550
[  353.189024][    C0]  net_rx_action+0xa94/0x1010
[  353.190263][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  353.191592][    C0]  ? __pfx_mark_lock+0x10/0x10
[  353.192837][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  353.194198][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  353.195548][    C0]  ? sched_clock+0x38/0x60
[  353.196742][    C0]  ? sched_clock_cpu+0x6d/0x4d0
[  353.198271][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.199539][    C0]  handle_softirqs+0x213/0x8f0
[  353.200811][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  353.202198][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[  353.203576][    C0]  ? __dev_queue_xmit+0x89b/0x43e0
[  353.204939][    C0]  do_softirq+0xb2/0xf0
[  353.206039][    C0]  </IRQ>
[  353.206827][    C0]  <TASK>
[  353.207612][    C0]  __local_bh_enable_ip+0x100/0x120
[  353.208967][    C0]  ? __dev_queue_xmit+0x89b/0x43e0
[  353.210315][    C0]  __dev_queue_xmit+0x8b0/0x43e0
[  353.211611][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  353.212923][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  353.214324][    C0]  ? hlock_class+0x4e/0x130
[  353.215515][    C0]  ? mark_lock+0xb5/0xc60
[  353.216648][    C0]  ? __pfx_mark_lock+0x10/0x10
[  353.217896][    C0]  ? find_held_lock+0x2d/0x110
[  353.219167][    C0]  ? ip6_finish_output+0x3f9/0x1360
[  353.220544][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.221864][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.223120][    C0]  ip6_finish_output2+0x1801/0x2070
[  353.224470][    C0]  ip6_finish_output+0x3f9/0x1360
[  353.225786][    C0]  ip6_output+0x1f8/0x540
[  353.226941][    C0]  ? __pfx_ip6_output+0x10/0x10
[  353.228410][    C0]  ip6_xmit+0x1234/0x2130
[  353.229538][    C0]  ? __pfx_ip6_xmit+0x10/0x10
[  353.230962][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.232439][    C0]  ? rcu_is_watching+0x12/0xc0
[  353.233703][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  353.235090][    C0]  ? __pfx_mptcp_established_options+0x10/0x10
[  353.236701][    C0]  ? inet6_csk_xmit+0x18a/0x740
[  353.237986][    C0]  inet6_csk_xmit+0x3ce/0x740
[  353.239254][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[  353.240641][    C0]  ? csum_ipv6_magic+0x296/0x310
[  353.241973][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[  353.243353][    C0]  __tcp_transmit_skb+0x1b02/0x3df0
[  353.244715][    C0]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  353.246173][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.247496][    C0]  ? ktime_get+0x206/0x300
[  353.248675][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  353.250048][    C0]  tcp_write_xmit+0x12b1/0x8560
[  353.251339][    C0]  ? tcp_current_mss+0x27e/0x500
[  353.252642][    C0]  __tcp_push_pending_frames+0xaf/0x390
[  353.254121][    C0]  tcp_send_fin+0x154/0xc70
[  353.255315][    C0]  ? __pfx_tcp_send_fin+0x10/0x10
[  353.256633][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.257894][    C0]  tcp_shutdown+0x12b/0x170
[  353.259104][    C0]  mptcp_subflow_shutdown+0x1c3/0x380
[  353.260526][    C0]  mptcp_check_send_data_fin+0x24a/0x450
[  353.262002][    C0]  __mptcp_close+0x8cb/0xb90
[  353.263229][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.264552][    C0]  ? __pfx___mptcp_close+0x10/0x10
[  353.265906][    C0]  ? __local_bh_enable_ip+0xa4/0x120
[  353.267301][    C0]  mptcp_close+0x28/0xe0
[  353.268416][    C0]  inet_release+0x13c/0x280
[  353.269623][    C0]  inet6_release+0x4f/0x70
[  353.270814][    C0]  __sock_release+0xb0/0x270
[  353.272042][    C0]  ? __pfx_sock_close+0x10/0x10
[  353.273322][    C0]  sock_close+0x1c/0x30
[  353.274420][    C0]  __fput+0x3f8/0xb60
[  353.275480][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  353.276839][    C0]  task_work_run+0x14e/0x250
[  353.278058][    C0]  ? __pfx_task_work_run+0x10/0x10
[  353.279403][    C0]  ? __pfx___do_sys_close_range+0x10/0x10
[  353.280905][    C0]  syscall_exit_to_user_mode+0x27b/0x2a0
[  353.282384][    C0]  do_syscall_64+0xda/0x250
[  353.283579][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.285126][    C0] RIP: 0033:0x7fa36297e819
[  353.286312][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.291288][    C0] RSP: 002b:00007ffe674d5388 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  353.293450][    C0] RAX: 0000000000000000 RBX: 00007fa362b37ba0 RCX: 00007fa36297e819
[  353.295512][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  353.297561][    C0] RBP: 00007fa362b37ba0 R08: 00000000000000e0 R09: 00007ffe674d567f
[  353.299666][    C0] R10: 00000000003ffd04 R11: 0000000000000246 R12: 00000000000551e7
[  353.301724][    C0] R13: 00007fa362b36080 R14: 0000000000000032 R15: ffffffffffffffff
[  353.303779][    C0]  </TASK>
[  353.304593][    C0] 
[  353.305226][    C0] The buggy address belongs to the object at ffff888051f8a9a0
[  353.305226][    C0]  which belongs to the cache tw_sock_TCPv6 of size 288
[  353.308878][    C0] The buggy address is located 120 bytes inside of
[  353.308878][    C0]  allocated 288-byte region [ffff888051f8a9a0, ffff888051f8aac0)
[  353.312504][    C0] 
[  353.313139][    C0] The buggy address belongs to the physical page:
[  353.314809][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888051f8a420 pfn:0x51f8a
[  353.317390][    C0] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  353.319604][    C0] memcg:ffff8880287bd001
[  353.320725][    C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  353.322690][    C0] page_type: f5(slab)
[  353.323737][    C0] raw: 00fff00000000040 ffff88802678b540 dead000000000122 0000000000000000
[  353.325958][    C0] raw: ffff888051f8a420 0000000080170013 00000001f5000000 ffff8880287bd001
[  353.328183][    C0] head: 00fff00000000040 ffff88802678b540 dead000000000122 0000000000000000
[  353.330425][    C0] head: ffff888051f8a420 0000000080170013 00000001f5000000 ffff8880287bd001
[  353.332667][    C0] head: 00fff00000000001 ffffea000147e281 ffffffffffffffff 0000000000000000
[  353.334909][    C0] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000
[  353.337152][    C0] page dumped because: kasan: bad access detected
[  353.338815][    C0] page_owner tracks the page as allocated
[  353.340290][    C0] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 8753, tgid 8753 (syz.1.912), ts 146886500949, free_ts 145416060070
[  353.345183][    C0]  post_alloc_hook+0x2d1/0x350
[  353.346442][    C0]  get_page_from_freelist+0xfce/0x2f80
[  353.347887][    C0]  __alloc_pages_noprof+0x223/0x25a0
[  353.349285][    C0]  alloc_pages_mpol_noprof+0x2c9/0x610
[  353.350761][    C0]  new_slab+0x2c9/0x410
[  353.351864][    C0]  ___slab_alloc+0xdac/0x1870
[  353.353098][    C0]  __slab_alloc.constprop.0+0x56/0xb0
[  353.354512][    C0]  kmem_cache_alloc_noprof+0xfa/0x3d0
[  353.355918][    C0]  inet_twsk_alloc+0x120/0x970
[  353.357180][    C0]  tcp_time_wait+0x5f/0xe10
[  353.358384][    C0]  __tcp_close+0xcaf/0xff0
[  353.359559][    C0]  tcp_close+0x28/0x120
[  353.360662][    C0]  inet_release+0x13c/0x280
[  353.361861][    C0]  inet6_release+0x4f/0x70
[  353.363048][    C0]  __sock_release+0xb0/0x270
[  353.364266][    C0]  sock_close+0x1c/0x30
[  353.365360][    C0] page last free pid 16 tgid 16 stack trace:
[  353.366933][    C0]  free_unref_page+0x661/0x1080
[  353.368211][    C0]  __folio_put+0x32a/0x450
[  353.369384][    C0]  free_page_and_swap_cache+0x249/0x2c0
[  353.370843][    C0]  tlb_remove_table_rcu+0x89/0xe0
[  353.372166][    C0]  rcu_core+0x79d/0x14d0
[  353.373285][    C0]  handle_softirqs+0x213/0x8f0
[  353.374548][    C0]  run_ksoftirqd+0x3a/0x60
[  353.375720][    C0]  smpboot_thread_fn+0x661/0xa30
[  353.377019][    C0]  kthread+0x2c1/0x3a0
[  353.378099][    C0]  ret_from_fork+0x45/0x80
[  353.379275][    C0]  ret_from_fork_asm+0x1a/0x30
[  353.380554][    C0] 
[  353.381191][    C0] Memory state around the buggy address:
[  353.382660][    C0]  ffff888051f8a900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.384742][    C0]  ffff888051f8a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.386826][    C0] >ffff888051f8aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.388894][    C0]                             ^
[  353.390172][    C0]  ffff888051f8aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.392250][    C0]  ffff888051f8ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.394345][    C0] ==================================================================
[  353.396542][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  353.398442][    C0] CPU: 0 UID: 0 PID: 15985 Comm: syz.6.3609 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0
[  353.401136][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  353.403904][    C0] Call Trace:
[  353.404782][    C0]  <IRQ>
[  353.405538][    C0]  dump_stack_lvl+0x3d/0x1f0
[  353.406755][    C0]  panic+0x71d/0x800
[  353.407791][    C0]  ? __pfx_panic+0x10/0x10
[  353.408981][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  353.410321][    C0]  check_panic_on_warn+0xab/0xb0
[  353.411615][    C0]  end_report+0x117/0x180
[  353.412752][    C0]  kasan_report+0xe9/0x110
[  353.413926][    C0]  ? selinux_ip_output+0x1e0/0x1f0
[  353.415281][    C0]  ? selinux_ip_output+0x1e0/0x1f0
[  353.416622][    C0]  selinux_ip_output+0x1e0/0x1f0
[  353.417924][    C0]  ? __pfx_selinux_ip_output+0x10/0x10
[  353.419351][    C0]  nf_hook_slow+0xbb/0x200
[  353.420531][    C0]  nf_hook+0x474/0x7d0
[  353.421601][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.422953][    C0]  ? __pfx_nf_hook+0x10/0x10
[  353.424170][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.425489][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.426771][    C0]  ip6_xmit+0xd44/0x2130
[  353.427879][    C0]  ? __pfx_dst_output+0x10/0x10
[  353.429169][    C0]  ? __pfx_ip6_xmit+0x10/0x10
[  353.430406][    C0]  ? xfrm_lookup_route+0x6a/0x200
[  353.431723][    C0]  ? ip6_dst_lookup_flow+0x164/0x1d0
[  353.433094][    C0]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  353.434559][    C0]  tcp_v6_send_response+0x11d9/0x25e0
[  353.435961][    C0]  ? __pfx_tcp_v6_send_response+0x10/0x10
[  353.437446][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.438747][    C0]  tcp_v6_rcv+0x2c9c/0x3fd0
[  353.439936][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  353.441212][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  353.442578][    C0]  ? find_held_lock+0x2d/0x110
[  353.443831][    C0]  ? __pfx_tcp_v6_rcv+0x10/0x10
[  353.445100][    C0]  ip6_protocol_deliver_rcu+0x180/0x1510
[  353.446565][    C0]  ip6_input_finish+0x14f/0x2f0
[  353.447833][    C0]  ip6_input+0xa1/0xd0
[  353.448903][    C0]  ? __pfx_ip6_input+0x10/0x10
[  353.450160][    C0]  ipv6_rcv+0x265/0x680
[  353.451251][    C0]  ? __pfx_ipv6_rcv+0x10/0x10
[  353.452478][    C0]  __netif_receive_skb_one_core+0x12e/0x1e0
[  353.454021][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  353.455692][    C0]  ? rcu_is_watching+0x12/0xc0
[  353.456951][    C0]  ? process_backlog+0x3f1/0x15f0
[  353.458270][    C0]  ? process_backlog+0x3f1/0x15f0
[  353.459598][    C0]  __netif_receive_skb+0x1d/0x160
[  353.460930][    C0]  process_backlog+0x443/0x15f0
[  353.462200][    C0]  __napi_poll.constprop.0+0xb7/0x550
[  353.463609][    C0]  net_rx_action+0xa94/0x1010
[  353.464841][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  353.466183][    C0]  ? __pfx_mark_lock+0x10/0x10
[  353.467435][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  353.468792][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  353.470159][    C0]  ? sched_clock+0x38/0x60
[  353.471336][    C0]  ? sched_clock_cpu+0x6d/0x4d0
[  353.472611][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.473861][    C0]  handle_softirqs+0x213/0x8f0
[  353.475106][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  353.476484][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[  353.477863][    C0]  ? __dev_queue_xmit+0x89b/0x43e0
[  353.479216][    C0]  do_softirq+0xb2/0xf0
[  353.480307][    C0]  </IRQ>
[  353.481092][    C0]  <TASK>
[  353.481868][    C0]  __local_bh_enable_ip+0x100/0x120
[  353.483236][    C0]  ? __dev_queue_xmit+0x89b/0x43e0
[  353.484562][    C0]  __dev_queue_xmit+0x8b0/0x43e0
[  353.485854][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  353.487178][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  353.488575][    C0]  ? hlock_class+0x4e/0x130
[  353.489788][    C0]  ? mark_lock+0xb5/0xc60
[  353.490938][    C0]  ? __pfx_mark_lock+0x10/0x10
[  353.492194][    C0]  ? find_held_lock+0x2d/0x110
[  353.493451][    C0]  ? ip6_finish_output+0x3f9/0x1360
[  353.494825][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.496144][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.497399][    C0]  ip6_finish_output2+0x1801/0x2070
[  353.498768][    C0]  ip6_finish_output+0x3f9/0x1360
[  353.500101][    C0]  ip6_output+0x1f8/0x540
[  353.501249][    C0]  ? __pfx_ip6_output+0x10/0x10
[  353.502536][    C0]  ip6_xmit+0x1234/0x2130
[  353.503675][    C0]  ? __pfx_ip6_xmit+0x10/0x10
[  353.504917][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.506382][    C0]  ? rcu_is_watching+0x12/0xc0
[  353.507643][    C0]  ? trace_lock_acquire+0x146/0x1e0
[  353.509006][    C0]  ? __pfx_mptcp_established_options+0x10/0x10
[  353.510615][    C0]  ? inet6_csk_xmit+0x18a/0x740
[  353.511894][    C0]  inet6_csk_xmit+0x3ce/0x740
[  353.513131][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[  353.514496][    C0]  ? csum_ipv6_magic+0x296/0x310
[  353.515796][    C0]  ? __pfx_inet6_csk_xmit+0x10/0x10
[  353.517171][    C0]  __tcp_transmit_skb+0x1b02/0x3df0
[  353.518539][    C0]  ? __pfx___tcp_transmit_skb+0x10/0x10
[  353.519983][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.521314][    C0]  ? ktime_get+0x206/0x300
[  353.522493][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  353.523851][    C0]  tcp_write_xmit+0x12b1/0x8560
[  353.525135][    C0]  ? tcp_current_mss+0x27e/0x500
[  353.526439][    C0]  __tcp_push_pending_frames+0xaf/0x390
[  353.527882][    C0]  tcp_send_fin+0x154/0xc70
[  353.529087][    C0]  ? __pfx_tcp_send_fin+0x10/0x10
[  353.530411][    C0]  ? mark_held_locks+0x9f/0xe0
[  353.531667][    C0]  tcp_shutdown+0x12b/0x170
[  353.532876][    C0]  mptcp_subflow_shutdown+0x1c3/0x380
[  353.534285][    C0]  mptcp_check_send_data_fin+0x24a/0x450
[  353.535756][    C0]  __mptcp_close+0x8cb/0xb90
[  353.536981][    C0]  ? __pfx_lock_release+0x10/0x10
[  353.538316][    C0]  ? __pfx___mptcp_close+0x10/0x10
[  353.539664][    C0]  ? __local_bh_enable_ip+0xa4/0x120
[  353.541064][    C0]  mptcp_close+0x28/0xe0
[  353.542191][    C0]  inet_release+0x13c/0x280
[  353.543396][    C0]  inet6_release+0x4f/0x70
[  353.544575][    C0]  __sock_release+0xb0/0x270
[  353.545793][    C0]  ? __pfx_sock_close+0x10/0x10
[  353.547081][    C0]  sock_close+0x1c/0x30
[  353.548178][    C0]  __fput+0x3f8/0xb60
[  353.549238][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  353.550607][    C0]  task_work_run+0x14e/0x250
[  353.551828][    C0]  ? __pfx_task_work_run+0x10/0x10
[  353.553175][    C0]  ? __pfx___do_sys_close_range+0x10/0x10
[  353.554673][    C0]  syscall_exit_to_user_mode+0x27b/0x2a0
[  353.556141][    C0]  do_syscall_64+0xda/0x250
[  353.557336][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.558887][    C0] RIP: 0033:0x7fa36297e819
[  353.560060][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.565042][    C0] RSP: 002b:00007ffe674d5388 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  353.567215][    C0] RAX: 0000000000000000 RBX: 00007fa362b37ba0 RCX: 00007fa36297e819
[  353.569268][    C0] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  353.571343][    C0] RBP: 00007fa362b37ba0 R08: 00000000000000e0 R09: 00007ffe674d567f
[  353.573392][    C0] R10: 00000000003ffd04 R11: 0000000000000246 R12: 00000000000551e7
[  353.575451][    C0] R13: 00007fa362b36080 R14: 0000000000000032 R15: ffffffffffffffff
[  353.577512][    C0]  </TASK>
[  353.578782][    C0] Kernel Offset: disabled
[  353.579915][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:15:10  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85106065 RDI=ffffffff9ab3da20 RBP=ffffffff9ab3d9e0 RSP=ffffc90000006db8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3530383838666666
R12=0000000000000000 R13=0000000000000064 R14=ffffffff85106000 R15=0000000000000000
RIP=ffffffff8510608f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555e745500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa3636ddd58 CR3=0000000057fca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa3629f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa362b0c488 00007fa362b0c480 00007fa362b0c478 00007fa362b0c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa36366d100 00007fa362b0c440 00007fa362b00004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa362b0c498 00007fa362b0c490 00007fa362b0c488 00007fa362b0c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc900069c0000 RBX=ffff8881070b0000 RCX=ffffffff816fa667 RDX=1ffff11020e1624d
RSI=ffffffff86533f9f RDI=0000000000000016 RBP=0000000000000080 RSP=ffffc900006b0eb8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=0000000000000000 R13=dffffc0000000000 R14=ffff8881070b1268 R15=0000000000000000
RIP=ffffffff86533fc7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa3636dcf98 CR3=0000000027e20000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865
ZMM17=a6e4db6ddf88277f 924609c048a4d792 a6e4db6ddf88277f 924609c048a4d792 a6e4db6ddf88277f 924609c048a4d792 a6e4db6ddf88277f 924609c048a4d792
ZMM18=6106f4de236f4239 57dcc1fc4fd1d421 6106f4de236f4239 57dcc1fc4fd1d421 6106f4de236f4239 57dcc1fc4fd1d421 6106f4de236f4239 57dcc1fc4fd1d421
ZMM19=1915000000000000 0000000000000005 1915000000000000 0000000000000004 1915000000000000 0000000000000003 1915000000000000 0000000000000002
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=74725ad774725ad7 74725ad774725ad7 74725ad774725ad7 74725ad774725ad7 74725ad774725ad7 74725ad774725ad7 74725ad774725ad7 74725ad774725ad7
ZMM22=6151efc56151efc5 6151efc56151efc5 6151efc56151efc5 6151efc56151efc5 6151efc56151efc5 6151efc56151efc5 6151efc56151efc5 6151efc56151efc5
ZMM23=54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52 54f1ed5254f1ed52
ZMM24=f7189060f7189060 f7189060f7189060 f7189060f7189060 f7189060f7189060 f7189060f7189060 f7189060f7189060 f7189060f7189060 f7189060f7189060
ZMM25=8623bff48623bff4 8623bff48623bff4 8623bff48623bff4 8623bff48623bff4 8623bff48623bff4 8623bff48623bff4 8623bff48623bff4 8623bff48623bff4
ZMM26=a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708 a95a9708a95a9708
ZMM27=b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547 b5f69547b5f69547
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=7d1000007d100000 7d1000007d100000 7d1000007d100000 7d1000007d100000 7d1000007d100000 7d1000007d100000 7d1000007d100000 7d1000007d100000
info registers vcpu 2

CPU#2
RAX=00000000008a87c3 RBX=0000000000000002 RCX=ffffffff8b2ecd99 RDX=0000000000000000
RSI=ffffffff8b6cdee0 RDI=ffffffff8bd1d600 RBP=ffffed1003ad4000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d506fed R10=ffff88806a837f6b R11=0000000000000000
R12=0000000000000002 R13=ffff88801d6a0000 R14=ffffffff90608b90 R15=0000000000000000
RIP=ffffffff8b2ee17f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c39eb29 CR3=000000002511c000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf23bf277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 311e2a8914a4e837 7305c97ea44d024f b067deba4b86b573 77aa9150cabc4ca2
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c9c78875de2928c8 7bbf68cb68c61a37 05eb81b0fd1a0004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c134eef027d35899 5caa1349a796e1eb b4230b63ecb568b5 1833c54362243b2e
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d796fa6ec1884b71 5204cee8fa93a654 6f4260ed2b8e32c9 09f559c21c779d04
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49a3624fda1df189 79a80ae8c1b32e6b 7d03ad7e9e9e1c32 cccaf070a4bef4b1
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b31f235108cc025b b13d38615284c2ca 97f64ac134eef027 d358995caa1349a7
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 96e1ebb4230b63ec b568b51833c54362 243b2ec9c78875de 2928c87bbf68cb68
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000000001 RBX=ffff888030190b08 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8b6ce1e0 RDI=ffffffff8bd1d600 RBP=ffffffff8e1bba80 RSP=ffffc90007087530
R8 =0000000000000007 R9 =000000000007ffff R10=0000000000000009 R11=0000000000000003
R12=ffff888030190000 R13=0000000000000001 R14=00000000ffffffff R15=0000000000000001
RIP=ffffffff8b2ebfbc RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fd5e6d62320 CR3=0000000026b80000 CR4=00352ef0
DR0=fffffffffffffffc DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555653fd290
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555653f04a0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555653fa877 00005555653fa740
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030303935 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0406004fc800236f 656469762f766564 2f01ffffffffffff ffffe7080180030e
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06060117a8001804 08000302100001ed cc08000100000208 06060117aa0b8004
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0030008000d9803 0008000d90030208 000d8003000401ed e408000100000208
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0608000dc0030008 000db8030008000d b0030008000da803 06b5b2cd9008000d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000de8030008000d e0030008000dd803 0608000dd0031fee eeabfc08000dc803
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010d8004188d82d9 8008000100000008 06060126c4040800 0de8030008000de0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030008000dd80306 08000dd0031feeee abfc08000dc80306 08000dc003000800
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0db8030008000db0 030008000da80306 b5b2cd9008000da0 030008000d980300
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08000d9003020800 0d8003000401ede4 0800010000020806 060117a800180408
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000