last executing test programs:

42.30032927s ago: executing program 3 (id=556):
r0 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000000))
r1 = accept4(r0, &(0x7f0000000040)=@ax25={{0x3, @bcast}, [@rose, @rose, @default, @netrom, @default, @bcast, @remote, @netrom]}, &(0x7f00000000c0)=0x80, 0x40000)
bind(r1, &(0x7f0000000100)=@rc={0x1f, @any, 0x2}, 0x80)
r2 = syz_open_dev$sg(&(0x7f0000000180), 0x4, 0x1)
ioctl$SCSI_IOCTL_DOORUNLOCK(r2, 0x5381) (async)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000200), 0xffffffffffffffff) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000240)=<r5=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000280)=<r6=>0x0) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=<r7=>0x0) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000300)=<r8=>0x0)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r3, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x54, r4, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r6}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r7}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x54}, 0x1, 0x0, 0x0, 0x4041}, 0x40) (async)
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
write$nci(r9, &(0x7f0000000480)=@NCI_OP_CORE_SET_CONFIG_RSP={0x0, 0x1, 0x2, 0x2, 0x1, {0x1, 0x3b, "620ae147632bc7832d5e2888b88de87ecc0c0b84687a72c4866f08a392cb5ce9a48988597fae22a7d37517910cbb288b4c920c58dd1b552d4154df"}}, 0x40)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000004c0), 0x489080, 0x0)
pwritev2(r10, &(0x7f0000000740)=[{&(0x7f0000000500)="0eeab89bf825327fc2ba29df0e3b8c6902cad73347ed578bd724fb47f57bfe9f36f63491fbe48fee739f92481731a8e30f89e4ffa73e8ce5aeb041fdd9728bb63901aacc756934b9e26968ec8d950f31d16e932831680aff4c53c8690f0e72f79eb1817a8b558546f13b8810612a4cd9f60eddbd535f42eded3ed2394bd1d5f3e3891c1eb88f", 0x86}, {&(0x7f00000005c0)="7c24b2bd47d9ed74e5a7bb0a241880472452c4123609c580d504d7e2b609278ade627d9fe59c7133d3a6d56515f40f222ac541963c971f60f15fce1ca259c86c2d69e7a4f7ac2b72c14c1dab0405c06934a2c0a60f2f168530257f8196176e83f0da8e86c8a7afe6306ff2ee9a3fa136e8113cae2d800eec971a9ad622c69b5c1d5fa2926c2d7daf8ca4eb86f0334d79e1bbc5", 0x93}, {&(0x7f0000000680)="46e9d5131f3e46564a177e001b071be52df845656010ba54be3c9c8bc001baefd43b4af841e71b897743ab09dc6a54ee8d56a2605dbc7e641df439eccab54b2894d2793917397ef9f0a79c0fa9f421d55f0e6d6af9", 0x55}, {&(0x7f0000000700)="a85e9ee5416119f80b1b4e2418fa7350b5077c284da8383b4abd", 0x1a}], 0x4, 0x6, 0x30ff, 0x18) (async)
r11 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000780), 0x94001, 0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f00000007c0), 0x101080, 0x0)
ioctl$SIOCGSKNS(r12, 0x894c, &(0x7f0000000800)={'team0\x00', 0x600}) (async)
read$FUSE(r11, &(0x7f0000000840)={0x2020, 0x0, <r13=>0x0}, 0x2020)
write$FUSE_INIT(r11, &(0x7f0000002880)={0x50, 0x0, r13, {0x7, 0x29, 0xfffffeff, 0x2004000, 0x4, 0x6b18, 0x16220b02}}, 0x50) (async)
ioctl$SG_BLKTRACESTOP(r2, 0x1275, 0x0)
sendfile(r1, r11, &(0x7f0000002900)=0x3, 0x9) (async)
r14 = epoll_create(0x6552) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000002940)={0x0, ""/256, <r15=>0x0}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r9, 0xd000943d, &(0x7f0000002b40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r16=>0x0}], 0xc, "5dab4babb31fd0"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r12, 0xd000943d, &(0x7f0000003b40)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r17=>0x0}], 0x8b, "39365bf8fb971f"}) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, &(0x7f0000004b40)={0xfff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r18=>0x0}], 0x1, "9a7ce4f76ddd59"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r14, 0xd000943d, &(0x7f00001205c0)={0x7fffffff, [{r15, r16}, {0x0, r17}, {r18}], 0x7, "a48f7622156cb5"})

42.298673855s ago: executing program 3 (id=557):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d, 0x4}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_MAP={0x24, 0xe, {0x89c0, 0x9, 0x300000, 0x1, 0x4, 0xa}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000004940)=@gcm_128={{0x304}, "8ef87ce6e549b436", "6806a5a0849cdcc1075f1192fe294130", "ebeb8148", "8f591078b42aa8a4"}, 0x28)
syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240), &(0x7f0000000140))
setsockopt$inet_tcp_int(r1, 0x6, 0x3, &(0x7f0000000000)=0x1, 0x4)

42.284429823s ago: executing program 3 (id=558):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000003bc0)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354c928c956321dd514877569805db6605ae6141151c4579bd90d94becd642f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecab1a14489c417b7f6bdaf8891f7678f2037ccced78e35ace925427bc70c2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea473213280df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc2442bc55ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce616b1b3dab94642d2768f1f32299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044bcae8c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a03ff0b3ae4bbd821684ef8356985e8f5b8d78346f428788fc374e00000c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f91243b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8a7ce4d23b8725416101a87539977c80839ca8810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fa363c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b052d4c103bf66934646cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e472c0d00009cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b11605bdc0ff69f4a70dea414fcc64c834f24b8f7495cd9ccafa1e3f652cd32709358d77a61b5c77f6c998c4d38134d43a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588505b84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78cdb6d89beb1c5fd547cd50096308ff9e824a26f25f21c44046b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424501d146f80990598817db32d7d34a098a1000000000000000000000000000000e935cfbe", 0x45d)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=@getstats={0x1c, 0x1e, 0x1}, 0x1c}}, 0x0)

42.180554364s ago: executing program 3 (id=559):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@deltaction={0x14}, 0x14}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@deltaction={0x14}, 0x14}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="662700000000000024001280090001007866726d0000000014000280040003"], 0x44}}, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000000f5ff000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r2}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r4}, 0x10)
socket$kcm(0x2, 0x1, 0x106) (async)
socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x44040)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bind$ax25(0xffffffffffffffff, 0x0, 0x0)
connect$ax25(0xffffffffffffffff, 0x0, 0x0)
sendmsg$netlink(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002b0001000000000000000000040100800c0000000000000000000000140001000100000000000000000000000000000150bb2d7f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b908000068bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec587547"], 0x114}], 0x1, 0x0, 0x0, 0x8040}, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81185a, 0x0) (async)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81185a, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000500)=ANY=[], 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000500)=ANY=[], 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x88700a, 0x0)
umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) (async)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x3)
r11 = dup(r10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000480)=ANY=[@ANYRESOCT=r7, @ANYRES64=r5, @ANYRESDEC=r6, @ANYRESOCT, @ANYRES32=r3]) (async)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f0000000480)=ANY=[@ANYRESOCT=r7, @ANYRES64=r5, @ANYRESDEC=r6, @ANYRESOCT, @ANYRES32=r3])
read$FUSE(r11, &(0x7f0000001340)={0x2020}, 0x2020)

41.960836248s ago: executing program 3 (id=560):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00') (async)
r2 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r2, &(0x7f0000000200)=ANY=[@ANYBLOB="18"], 0x10002) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9232f2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="050000000000006558", 0x2c}], 0x2)

41.780167075s ago: executing program 3 (id=561):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000004c0)={'team0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000280000002000018008000100", @ANYRES32=r3, @ANYBLOB="140002007465616d30"], 0x34}, 0x1, 0x34000}, 0x0)

41.778248256s ago: executing program 32 (id=561):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000004c0)={'team0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000280000002000018008000100", @ANYRES32=r3, @ANYBLOB="140002007465616d30"], 0x34}, 0x1, 0x34000}, 0x0)

35.454308947s ago: executing program 0 (id=708):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1df, &(0x7f00000001c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r1, 0xc83, 0x0})
io_uring_enter(r2, 0x80567, 0xfffffffe, 0x0, 0x0, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
r7 = userfaultfd(0x1)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r9, &(0x7f0000000080)={0x0, 0x2, &(0x7f0000000040)=[{&(0x7f00000000c0)="1800000039000517d25a80648c63940d0324fc600b003540", 0x18}], 0x1, 0x0, 0x0, 0x6c000000}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r8, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
socket(0xa, 0x2, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
r10 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x88602, 0x0)
r11 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
r12 = dup3(r11, r10, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r12, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r8, {0xc, 0x400}}, './file0\x00'})
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x12000, 0xffffffffffffffff, 0x7ff, 0xfffffffffffffffc, 0x4, 0x7], 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT, @ANYRESOCT=r5]}, 0xa6)
sendmsg$nl_route_sched(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newtaction={0x48, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x34, 0x1, [@m_vlan={0x30, 0x12, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x88000}, 0x4000)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(r7, 0xc020aa04, &(0x7f0000000400)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}})

35.449391483s ago: executing program 0 (id=709):
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='fd\x00')
statx(r0, 0x0, 0x1000, 0x6000, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x3ffdcf, 0x7ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_procfs(0x0, &(0x7f0000000180)='fd\x00') (async)
statx(r0, 0x0, 0x1000, 0x6000, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x3, 0x3ffdcf, 0x7ff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)

35.390799589s ago: executing program 0 (id=710):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0xd5)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0xb0}}, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x48, 0x0, 0x700, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fff}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x6}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xf3967db8b72c3726}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}]}]}, 0x48}}, 0x20000800)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b28090955f70e06d038e7ff7fc6e5539b0d650e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
mount$9p_fd(0x20000000, &(0x7f0000000340)='./file1\x00', 0x0, 0x1942060, 0x0)

35.389821647s ago: executing program 0 (id=711):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) (async, rerun: 64)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) (async)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501) (async)
close(0x4) (async)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)

35.388419356s ago: executing program 0 (id=712):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000002980), 0x82, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000280)={@broadcast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {0x0, 0x883e, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x1, "b439b1b30195ab72ebcc5c569456a93dac9b409f715a8d47a9c8905344699e43", "30622f8dbeb5f78dd23059b73a2488c6", {"8a8c2d18ad385261345aa405b14785e5", "3245bb22bbb07238b7345170336c0430"}}}}}}}, 0x0)
r1 = fanotify_init(0x1, 0x2)
fanotify_mark(r1, 0x400, 0x40000010, r0, &(0x7f0000000000)='./file0\x00')
openat$nvram(0xffffffffffffff9c, &(0x7f0000002980), 0x82, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
syz_emit_ethernet(0x86, &(0x7f0000000280)={@broadcast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {0x0, 0x883e, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x1, "b439b1b30195ab72ebcc5c569456a93dac9b409f715a8d47a9c8905344699e43", "30622f8dbeb5f78dd23059b73a2488c6", {"8a8c2d18ad385261345aa405b14785e5", "3245bb22bbb07238b7345170336c0430"}}}}}}}, 0x0) (async)
fanotify_init(0x1, 0x2) (async)
fanotify_mark(r1, 0x400, 0x40000010, r0, &(0x7f0000000000)='./file0\x00') (async)

35.200522516s ago: executing program 0 (id=713):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0xd2, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd60010100009c11fffe8000000000000000000500000000bbfe8000000000000000000000000000aa4e200e22009c90"], 0x0)

35.20033716s ago: executing program 33 (id=713):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0xd2, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd60010100009c11fffe8000000000000000000500000000bbfe8000000000000000000000000000aa4e200e22009c90"], 0x0)

12.489348569s ago: executing program 2 (id=1192):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r1, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c0001800600060086dd00"], 0x34}}, 0xc000)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000023c0)=ANY=[@ANYBLOB="3c0100001a0001000000000000000000ac14142200000000000000000000000000000000000000001500"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe80000000000000000000000000000300000000330000002001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000000000004c001400636d61632861657329"], 0x13c}}, 0x0)

12.48662922s ago: executing program 2 (id=1193):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0xd2, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd60010100009c11fffe80000000000000000000fe800000bbfe8000000000000000000000000000aa4e200e22009c90"], 0x0)

12.372209368s ago: executing program 4 (id=1197):
mprotect(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x100000f)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040f0406010d20"], 0x7)
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$PTP_ENABLE_PPS(r1, 0x40043d04, 0x1)
acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00')

12.310411112s ago: executing program 4 (id=1199):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xa4ffffff}, 0x800, 0x0, 0x3, 0x1}, 0x20)

12.309553291s ago: executing program 4 (id=1202):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
dup2(0xffffffffffffffff, r3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000580)="c4c2a99d1266b8a5008ee00f191666b8a7008ee0c744240000100000c744240201000000c7442406000000000f011424d8ea66baf80cb814bc1a87ef66bafc0c66b83e3166ef360f21ef0f01c40f20d835200000000f22d8", 0x58}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r8, &(0x7f0000000040)="e2", 0x12d8)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r7, 0xae9a)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="1803000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b50a000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$VIDIOC_QUERYCAP(r6, 0x80685600, &(0x7f0000000240))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r9, 0xffffffffffffffff, 0x0)
r10 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000140)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000400)={@val={0xa}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @igmp={{0x19, 0x4, 0x1, 0x7, 0x149, 0x65, 0x0, 0x6, 0x2, 0x0, @multicast2, @multicast1, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4, 0x1}, @rr={0x7, 0xf, 0x79, [@local, @multicast1, @loopback]}, @timestamp_prespec={0x44, 0x34, 0x13, 0x3, 0xd, [{@empty, 0x7}, {@remote, 0x80}, {@local, 0x6}, {@rand_addr=0x64010101, 0x6}, {@dev={0xac, 0x14, 0x14, 0x39}, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7fffffff}]}, @ra={0x94, 0x4}, @end]}}, {0x15, 0x4, 0x0, @rand_addr=0x64010101, "d68d24639c7c3279d695a7a9407f345c8bf19fdfe9e8a9be782d8171c4580d68d7619e19ef584e504219b50a180eafe4f773c7eff78af7a74a4d7be137992a610def3dc0d879c1ee93a4dfdc3956c3a004624b53324c33dbdd9314ca304e91c3e6f2146589cd1d4aec9f0084510abe1de5b015c123f2e0f1b9524e8b38d1984bb49ac0ceb1bd106e1a74df645bb12879f5bc368f895ff41466c10f402e21d862872c795bf60cc87f4cab48c38a213794ab823a506c54496dc1e5c08982f437256f46046fc9a3405f89bff2ae436857d8f5a16ef4204b9df11f1f1f8a4b"}}}}}}, 0x15b)

12.269556732s ago: executing program 2 (id=1205):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000004940)=@gcm_128={{0x304}, "8ef87ce6e549b436", "6806a5a0849cdcc1075f1192fe294130", "ebeb8148", "8f591078b42aa8a4"}, 0x28)
setsockopt$inet_tcp_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)

12.21032713s ago: executing program 2 (id=1206):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4)
sendmmsg(r2, &(0x7f0000008040)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000280)="0d652c1aa3b2a80e6efaff97b5b2b525e6f1124189009742b84c33acf28d600bc129e5f5f0fb1d5340df119493db9cbef9526086969356aefc3676b03d9911dae25107c76338db86b81524226b760775934d1a61100037d800000000000000000100000000000000000000000000000000000000005c263fc6f40661bd1063bc14cfbf182e173467a85d88a0d83be71a1e30bc9bd288d4f0823f4d53673dad5253df895a7530aa5a7f154456fb9f9b31fb257e216c7a73abc1a60ac8954b10ff0700004239fb8dcc41382e73f69a25b70312e2b0f93298", 0xd7}, {&(0x7f0000001a80)="6a350b9b24c7bf8fcf1e3b32b35987d4a54e5c98a3d152465c3bd15ce00e3131f6c13c816e986036f1d9ded172d36a7468877059957c5879486c3d7d202a0e6198b95280e6fa1d9ce082500aab330c10ea27af0b93128ce871f21c651b7c02e88e6b47b06d1ea05dbab8d49f855706c65c279cb2ab84ef7c1a655f9a3256c0d0ba6be26fe794ac0ea226f65a041a6db064f79b239dc5921c5e01d2790ed1b4aec34e0a225c0e8c0b472840a3c85d883b1f1edfad3d50dfbcde07d45ee1791b646e5f215e812c791a948f1c9c87f98a9423b19d196aa285381347645d77a3f0b2350ab71e3c0b59187d4c6c238dbd8eb69e4d96f1c02f7e584771739653b41abf28fd0cd6f40f5f46a93857bb6b58bfa392326c0d7a06cca769ad0edb2e4e938ca56a5385b5757e749234147e917f6b61153194b8ec8d11099c4b916e76a99db12ada31512ebc9766e46ada54aedd4a73b47bba7848554da08124e4ca3ab0d6f185cb909a70cef0771ec3083ff472634697a4a1f983a7779866ec21ae805c164726f3a3a77eca3662c1c6a84c54b22423fca3594dc0e4c860b92362772e0b0229beca24b6c6506da18b6038b130ef286073f32567615313080547c596a91b826f2c325f69aed592980811b3c6eb4285dc8e535412f238e4e0faa623af7723b884e7833734acc15182f9687edb0eb53d028c185bbee69f44349f35619145f734952c329ab052ea71a2cab68274ce2c4b39dee63414a1b729fe63a4436a027f9baaa6096b997f0b007a22dd109a45b9643af420559bd38c6aeee6d48f0cb18988bc42fd94223dcae70760f9e0e62cf74b30941faa8bbd3d97eeac77a4d86aac7db5a9c016df4008e41cbebc569724c1847c40e264336cc2154cb3ef20e94d25a45a08d4251092e4de687145bd9381ebd17fce974d3923d7447fceff44c9776213bddc4f234047de81a8e20a2e0eab3a1ced516dd5b7c85338df93a8c5532d33d7b7ccbba4938502b0cdc0dae74aedafe1df97c9e40bed9d51acfd67ace61dac133f4871c33ca79f468707f00028cae4d31c7b82a7d5f93fdeb084cce28cadc2640050973bb8cd73aa8c5ddfd829eece3354b40bdfd80032a64fa99e1464ede991ba99ff45b6411bd2be8d7f40ca648d14bf5c4322d63b054314c2873a883e366c9a45ac3e91a72da5e73a52f71cca40402609d9ee5551bb222e79d390349a47b7732da1f69e9a1c84402704331030294f0fe715ce90e50daf4ec9cc9784e6b74e2ae6936719a8ea37a781c86db268b987ba8b9c8c129da4ed7ab303b4343d1f9cfb5900e87cf6bb3d28e9a953f2a7c1d6c83897c86c95957e02cdc7d468be812ca1b9e1084586b9cb57a29ce8bac6907a6e5b6eb4273bfd9b16bae28967a703f708d23a7063d523001273a6b4009842cf0fe3a2be83216fff00aa6a672e33cc0e92e79f396e2667e16910bc7d137cd523d8f476fe9c0be07bb0d322758244713d608614748ead93caaf605d6500a772c6200eed1238ee25fbcc64b02eb7ee1c11fb429477cf978d873d7c4162493e7b38f8b2a06a2430eb61451d9ce43c14fed56c59a489413fc35dece5fb485e60e681955a62b59755c41ae7e46a6e3590ccd4f61853af4e9be687d22bda66dd3e4bf2434a3b2f3ba613d91d7c10d51f3cf075cab71fbfc9dc85ab4e7493e9e02c884f311b048ca6b98daae9a08e81be9f24", 0x4be}], 0x2}}], 0x1, 0x4044080)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x57c, 0x0, 0x1, 0xa}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="c000000019000100000000000000000000000000000000000000000000000000ffffffff0000000000000a0000000080ff01004c6a30e5ae02d00c16000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000008001f0003000000"], 0xc0}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@remote, @in6=@empty, 0x0, 0x0, 0x1, 0x0, 0xa, 0x0, 0x0, 0x6, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0xfffffffffffffffa}, {0x0, 0x9}, 0x0, 0x6e6bb0}}, 0xb8}}, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r7, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x1, @mcast2}, 0x1c, 0x0}}, {{&(0x7f00000007c0)={0xa, 0x4e24, 0x0, @mcast1, 0x10001}, 0x1c, 0x0, 0x0, &(0x7f0000000840)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x2f}}}, @flowinfo={{0x14, 0x29, 0xb, 0x401}}], 0x30}}], 0x2, 0x4040845)
ioctl(r3, 0x8b32, &(0x7f0000000040))
r8 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000040))
r9 = epoll_create(0x6)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f00000000c0)={0x1})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r8, 0x567, 0x0, 0x0, 0x0, 0x59)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)

12.080510469s ago: executing program 4 (id=1213):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901) (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r4 = fanotify_init(0x0, 0x8000)
fanotify_mark(r4, 0x249, 0x48000000, 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') (async)
fanotify_mark(r4, 0x249, 0x48000000, 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00')
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
move_mount(r5, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = open_tree(r3, &(0x7f0000000000)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x220) (async)
move_mount(r6, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x220)
sendmsg$NLBL_MGMT_C_LISTALL(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, r2, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @remote}]}, 0x30}, 0x1, 0x0, 0x0, 0x40855}, 0x40050)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x100, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x100, 0x4}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000cc0), r0)
sendmsg$IEEE802154_LLSEC_LIST_KEY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, r7, 0x325}, 0x14}}, 0x0)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0x4, 0x70bd2d, 0x25dfdbfe, {}, ["", ""]}, 0x14}}, 0x4000)

12.076828416s ago: executing program 4 (id=1215):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r0, 0x48212b8952c3affd, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x0)

11.755347367s ago: executing program 4 (id=1220):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x7, &(0x7f00000031c0)={0x1, 0x2, 0x0, 0xc})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b00)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x140048c4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x800000, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0xfe}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x4}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x4c}}, 0x0)

11.694703424s ago: executing program 34 (id=1220):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000ac0), r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x7, &(0x7f00000031c0)={0x1, 0x2, 0x0, 0xc})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b00)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x1c, r2, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DEFAULT_TYPES={0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x140048c4)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x800000, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0xfe}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x4}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x4c}}, 0x0)

11.392935854s ago: executing program 2 (id=1230):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10)
statx(r0, 0x0, 0x1000, 0x20, &(0x7f0000000040))
syz_io_uring_setup(0x1efc, &(0x7f00000002c0)={0x0, 0xcdb3, 0x10100, 0x2, 0x142}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000500)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000380)=""/197, 0xc5}], 0x1}, 0x0, 0x80002101})
r5 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
getsockname$packet(r5, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3800000055000100000000000000000007008209", @ANYRESDEC=0x0, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00001000e000030000010001000000000000000008"], 0x38}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
write(r3, &(0x7f0000000200)='~', 0xb7)

11.309726104s ago: executing program 2 (id=1234):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f00000003c0)={'syztnl2\x00', <r1=>0x0, 0x8, 0x7d7, 0x1954, 0x1, {{0x7, 0x4, 0x2, 0x1, 0x1c, 0x67, 0x0, 0x3, 0x4, 0x0, @broadcast, @remote, {[@generic={0x7, 0x5, "d8a7b6"}]}}}}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03800000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r4], 0x4c}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r7=>0x0})
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000800)=ANY=[@ANYRESOCT=r8, @ANYBLOB="16b800599bc5d00f3a9cb56dd64f33f15259a8d18cfbd154c6709e8377eb35665004bb52d95222a3d927594b5d71a340ca47c77e224f91e21ce3d3769b291c8bfb84d175e4774249f052669ac2f3d2a4ea3a90508446a698d85a9f4fde06e897c1061433ef41f82130931853ffb741b8d47069e7adeaabd420622e5894f38d05a351bf5681f7cb2eda6a633f3cccebe526d151e8780489e3b08bf00d59b575", @ANYRES8=r7], 0x68}, 0x1, 0x0, 0x0, 0x20048080}, 0x64000884)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000004c0)={'batadv_slave_1\x00', <r9=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'ip6gre0\x00', &(0x7f0000000500)={'syztnl0\x00', <r10=>0x0, 0x2f, 0x57, 0x1, 0x7f, 0x8, @mcast1, @remote, 0x700, 0x40, 0x80, 0x9}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000640)={'syztnl1\x00', &(0x7f00000005c0)={'ip6gre0\x00', <r11=>0x0, 0x2f, 0x0, 0x6, 0x0, 0x26, @ipv4={'\x00', '\xff\xff', @multicast2}, @rand_addr=' \x01\x00', 0x20, 0x7800, 0x2}})
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f00000007c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000780)={&(0x7f0000000680)={0xe4, 0x0, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x7c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x20000}, 0x0)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r13 = socket(0x2000000000000021, 0x2, 0x10000000000002)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r13, 0x84, 0x1d, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r12, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x28, r12, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40404}, 0x100)
r14 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r15=>0x0})
r16 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r16, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000200)={'veth0_to_team\x00', <r17=>0x0})
sendmmsg$inet(r16, &(0x7f0000002240)=[{{&(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r17, @local, @loopback}}}], 0x20}}], 0x1, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r14, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x54390c0bcf375477}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r17}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8084}, 0x40)
r18 = socket$inet(0x2, 0x6, 0x0)
bind$inet(r18, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x71)
connect$inet(r18, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)

2.759209012s ago: executing program 1 (id=1425):
r0 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0xe, 0x0, 0x0)

2.689157794s ago: executing program 1 (id=1435):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="a800000021000701000000000000000001"], 0xa8}}, 0x4c8d4)

2.578115169s ago: executing program 1 (id=1428):
clock_gettime(0x6, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
clock_settime(0x0, &(0x7f0000009ac0)={r0, r1+10000000})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32, @ANYBLOB="0000000002000000b70500000800000085"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001b"], 0x34}}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x11}, 0x40001}, 0x1c)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71001000400ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100fdffffff000000004400000008000300", @ANYRES32=r8, @ANYBLOB="0a001800030303030303000010005a800c0003800500070000000000"], 0x38}}, 0x0)
recvmmsg(r2, &(0x7f0000000740)=[{{&(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/143, 0x8f}, {&(0x7f0000000180)=""/58, 0x3a}, {&(0x7f00000001c0)=""/144, 0x90}, {&(0x7f0000000280)=""/238, 0xee}], 0x4, &(0x7f00000003c0)=""/168, 0xa8}, 0x9}, {{&(0x7f0000000480)=@ethernet, 0x80, &(0x7f0000000700)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000580)=""/200, 0xc8}, {&(0x7f0000000680)=""/91, 0x5b}], 0x3}}], 0x2, 0x40000023, 0x0)

2.557495165s ago: executing program 1 (id=1429):
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)

2.500239741s ago: executing program 1 (id=1430):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4)
setpgid(0x0, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOAS$CLEAR(r4, 0x3b88, &(0x7f0000000140)={0xc})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002580)="5536182daefa2fc6ee10a1b2d4e27cff3c3e628d4656f7b27979e371b15b420c01ae674ddb8fff7b2bc41e7c5927065cd32f2ff7908ef7dd74cdc82f3799ab12edbbfd0b8f6d2194d7f72aec3a136e25c7bf733436bf6cbfc94431ad053a2ec4ccac5aaada8a41ac38c0e1849e599dce84e431ac501db105b4484146b338c0ae9124877ccb8273c7fbb32603251e2d66c71398a7a715bcbe5c9d87e41af55f837e2931c4c1b6b7bbc30dfedfe6e61a39e28f66bbe56496745fbe03f6035183257edac4b0fe3087e7f3e79c2152a07341f3ae9ec68e78875b6e12b5a2a1abbcca4d7963be818a7a31290cad5a025ccd05b609c7ac49ea85d49f354c1e76091a917966665e77471005a46a195b290c01bb7ddf4709e94543471d87a0a5047d3631b00862e1e9a00c60b83371cc16ba087463122a892a1b21786fe3d450c7ba97799d88126f09a698a421242e9c67c981ebc576f57ba3df22e0071db74fa22e97b0fbe589894931a4c4e0eda8bb9533c4ce503fba218d0ae43ab4b4d0c705e04442d093ca5299ae8499c6db904bda6c68105bc2a1cd8e16067215476e573745d1e99daa73400567a9978dd7bffb21429479ace30c95afdfaebd7faf74343cd58e14ce6d2fada5a1c665049eeaa717ee681666c8b63c6d54e66df86144f85d80dcaa3ae7a13b58d5f2b607029efbbf8593afc75e0ce0a875a5fbedecb425a22624a0bb8e2fd06212a1fdafb92430d309f8f68504484fb1246f3d7b0893d3dc9d0b6c8d7476b6aea871eb4f32c283e22435fccb221484409cc28a6609dd869b99547fc81b2e517809a5b77783f9fc11b5fe584b9f64c0fec35d3db21ae30d0b8b88d722dea4a376d2a610f0a9d08b311e2ed3ef5d72d0e040e41d3dc45e5a17d740c67db88d95b18c8610fed3302aef0c3c1871ff8a5ae1908bf9668f0bc8e5867f56cc59cd303bafabde6a4034a96ba66b98a910dfaaff712673dcbf84c5354f066126068de620f08be67e6034138dd9a312f9ff197fca56a77bad46e59edfd79dfa3aee4582bfe01ce2201f6569178be7a4bdd28e495114944e538ee7b8f11e0812d9f822cd9760316809eccb9b0bbc5f0630224a1534f88600bbb2af2882562e76d149b44780380b62241829e5734fdfff1a2b3a052f3504dffe04d4632e9fef82762fe1950fbaceeb961464dfe2699f0a898fc8783cfdde45ecc3a16f052c4777beb1fddb080fc802a8cc760d1a0d4606b669e78ee9ba1ac398914ed5096850dedc513e5c71eca19d51af9075151f4ca3d8a841b7b1d205f5f3d223f7e48685daa0836f93017935ad1d942c7392667145ccc1d4700f5d8fb2fc218fd6d70357667d339a28dba3360761857b19f9f91e56a0e0281af1042a409a4e2839f3d21b73a5c352b22e4ff06e563e92c00b48e7f8bcdbbbd398c65331298f779dafe875854e301394b0faac2126138908fa8598b4f5e58ed1ac451eb0187e20077099d12d745fcff0b7fb5e8b9fa65ac617ea6c953e8786229b67a604c46810876650f919e6bc6792db22ec0be29cff94e9c24eb6e1830f890bb4b6bcd74b39060506095b99b95f2a8addfb8dfe11f47479fd23cc7c0701ae00774c430b3b9f52ab2579d47a2c2095365aa569f55a1431f93e651c01f0d67ff9337708a72e352c0e699f14bf07f9b9c056897c78edcf34ade3dfd17a04446d565fb6e7c701a237fe1a3d932371654a43b56e7f5ccdadc0f506d746c3f0047b69c0c174cbbfe092f139c09c0e2e76d9a777142813cb78174630ea8d73301e3343b94856fe610777468a9fb4518a0cf68243a4bd715e38e3431a811f962edb1306d76d89e0aad9be5800e7bebb82ccaec2382c9c114c91aee013acca2d8ddf99465e760bd185453a9eb4e5a78383094603b749c6242ad227124ef4b7ec7506b8a76f714099c954f0b2f2d427af0451a7ea3d1dbfa8a3e644c3640d397de3ce942311deb73fad3a76cba773f416314e81e70bda715b342113a18a249300b43250cb3b3aa46ecabe42d0e8c1dc4be286e539c71f0d1c0b0e1795ae7428a3887f36b79e9c76401a5dd460f45b9d8277e04c7c1e615fb33d0fbc444421f3fd0bff4e045d790610aaa2b62945e4b398024c75680b5e12235c35f5b23ddd99454fe527acad6d08fb37c35d9ecc0a8b10e2c31fac786666eb2ad499ddb7d06c7526fb1c5412f6a0df003410e69b81fe523057b6b73cdecf0e5bc4d3b87757889fe49dbdb3ec79c7eb3a868480fc87528e80400de837cccd4a6345508386ada1833f57a20c56e973569bc7821088d343e80009b7b35390975323d24e764aa6c90d3dd5fdec08ed363dc9ab57de949282994cd3858f829c7e5e9a745261383db27c9c53e9e98e109fda6cbb88649ba40b5067470d73b7471d406e5ea8041f9fa25f5b6c919aef84f7595511141e9f090ee103b20a13b22c9a88348ed6d284c0d7a58326e0c4c9626d9a5390bae2be199b201ea136a9aac76e6125db9bf58f61e6a46f8145a9df1305415989435f51529da03f09a67e3629e6f6cb6b70407d9d848f554f1a7e63602e678e62d3b41b4bf4ddda713ed2c291536d8cc12a16bde144ef56acc17778b1aa8eeeeeb60c781365b615be4435c7158d926351cdb46b89fa82acb384c7318dcb2e51db8bdb223aff2c8f36d9e6b1135ad18f7e0b9d91a76972c3140f8e21dc71422de12a4f5d08624bdaeb983619a5ff82cf788c6b8a5fbf0f78e61ae4058d6e03a3d5130646dfc13686e356a1325434caac94ced659529181561fee7ce4f7e1e7945f119ad8474ea6b00257ceb7af2d9b3f9ad5782cd986f1b097d61bf26a6c48c3ab597e4678d609f3050eec9f3bbea1bc67314407521950526e6d71e34e35392067ac84b66badc82a54bb0dc8ed2f1050711ef2d47af5252075c0441aad6900539fcc649c1b1ffc70a1cc39e0c2136c764ba718d50f4800dc29769c4bc9a2fd0f43eb6ffb717a473ccb14ccd58bd506c4e4a0f4ea1158b59b3d6bf1a2d010c456c1f099bff69add46cc60fd2d9779f603ebb943ab8eb02627ac8aebdd52f25b069f64a61e90fa9ac979cb4c6cf0ebcd070099a1a6e6a747e8989e84afe090390953f988f2dcee405086ce51b1d2d8d249f45899b4e862008d28efad8aa5abd0912fa456aa9d3a918a0dd3420d7c4b04b9e3d65c41a1548b7caeef5fbcededf64697786a0bae73d2c5352658b871c806bd150c91bbf8f4735dddee9cfd3e152b5d44cbcce912a2809760e225b9018fa498c86ccb2359cb0834bcefab92c0468522648fbefbe25cf8d82b897371b5369e8f2972502574c0a3235066969c4d5d67fc312d6631702f66a113d22063ba2ac7d9ab387ad1e115e9c98275f3e0dacd2e8f0843f24687b297bf42bca11b89c6db2fc7026d364486ef2d614bc45d5cff0758d69fd48ea06b8a97667e4d7d30bf7f1c30b62287637f50468bf144fd177fdabcbd0d12b50c9cbd052dcd66993c72f48bd6086412ed5f9af3d44dffdf7c012aadd5cf7bd3b314f236660fa1c0e4773a4e9ccc36fd130ffda59a9bf41f7fbf79e5e3333365a3ed2e7714e50805bc70bc6fd20203cacbbeecb8e01a2ce626756cdbd01c53717c2e7b56b47e21f13209c2bf2b1b251e7a93f8a085dcc61d9ae82303a962441372ff7c0b8b8ba75bbf5b861ff7ddbc9781d40c90ae467bdeddfdf949e9a8b8c9fb7db3a9323d05d15bef19ce2e7634b84ac082d50e84b66f99f34b2f852fefe67faa403e848f3de110eb1d9faefa176c3cacd20c7f87d74e858a1a7bfc2c9e895541f691f99a2b8771c8755300ee74e3d6a048b30d02ca16202ecfc207a0b29302aabc1c5b57c7d0d31d43be5cb1f7230dc238fb701e7037aa00c9b57c6fc85baccaa56754d27b975872051566187b0983d93b9ec052edf3b33f7ddab343eac6f7aed97771e708e40a4cc6797f85d91a0debd5c6169895e895f67a10685af5e0b80b0e728731cbffbff8be603469d03bd47dbca4456108c79c029af16482c5c2590c1e0673c7e943699ea107d906a3e667fe7b2afaeb489548b6a11d9862e86a0b549a42b607ffeda6e3ba0f567b63b0be6edb9098cf3a44e6864c5e99fa5f475acb57e2b7343eb7fe3e8c139b515348b188defd2d3021fd27950d822f6df5f9c93584fd95f3f88c85231943ed4d511249f96447f7903779e4d8c4a680661fe5133d415b862e668441e8077bfb827293a9eb733e914f37a19e01ad4b014ef87ed5a5817ab8123af9fd863090b8e9a50ce29cf706b2182fd79660cbdbb53ba71b750e71a21d0ed01db3335cad91d5cb4d4648f46468b6e51f63e4088386913ae6b6cbf103947c32d25a8a825118cd6ce23f53ffe3c087114700e9a5932faf3d844fc6b323b3e722ed3ed75037bd9a7fd9d256b2b9a168e66802e284853a0d6b47d39675900f02f005050425731f9c2cb329f70d7a5ce2ee256212bf8b2ba9ece0df39c58f0fbac06c4da946787abf19dadb536bddbf7e51d89f22413575e064c6482d936a89d48be159aeb5055feb0577ced6c5334411d1d58a7e6d02eca6164d90fda39685fd619269fea7f21db51f6aa6961250e03c9e00788c178dabeb68f13dea29f8cdcf30478dbca15c4519bb342ba8b201019061bf8317022dbc5673fb4ed92ef1a1dea0a1a00cb3cbca291f7ebcbec27ea5e824f04b82f5644d4368cdf8026550bc2f86b83da6a265357eb548a9eec6622204b3dcd22440fec0e12819ade4ba53b53b1e6ab906fe0cacabb9c15e8b657475a0dad62dbcb1037aa8617787abce24a0aa4cf1b5c85c030a14277832a95d8b29a4ea86fb80148ece147ce4bf386995ac28e1ad1e2072f3f4fce5c05d9bdd0af118815d6ee89aabfa3f8173e6fa59dfa4a8c1ba7641291b3c18c6ccc4c3588d56d169d397facb4e67485610cc68197b3a43fe78b9458dc47e5057d5bc6b8e3b65bf414818b65d41ed7cfd7a35fe79c9851ef39c3e059fb3dffe331a791ce75728efcd58dd9b3ed1c93b128469afa648f4f91de6e39d5bef7a0e69bdf5b2202682d857847a64b33432ea0f33bbfd1948ad0b6c66d853fef1e6c0d712b86c40f79ff4d125baebf2a4b32dfc8bed2a697f745cfeb16303b4f8e866ee0bb6a5eb6c6ce513b5cb84e2b44854c72ed0cf2e838245be8d098a6943d845f5a8c07c1036da86cab0d5be4ce29545fade4323acf2085b7645107dd12d5b3af7bb37be1b291cbd6fe297c4b4a2a23280358711be91f21305c035bf1f57467a1853c999b3fb478b11c49cfac66429a76099633a54689047d66fd8bd6eebea94fc8007d9e2765e2969608a78d0b96d6b30360e81fb9df5262c8ff15f2fd7000756d8cda1db3847d6f793bf803b159344c57b480c87702cb3d1260692a19ebdceb2e05a2fe2eb5ac5cfa76551a04795915bfaba9849a623e46ac1832157d0ea5255b5cacd4efa844b0ce5f2f0e1a9dc4fb115fce2640ec6d03c5fe15b4837bd6e6127349f2b6b0fd61c82c96531714f5b623ce4e4978c4a0c86b3c17f50acdd67d283ec934ed36ba7360a10ffeeb7864113eeaa25cccc66613e0757782381614b8da3cd0a85cef7bc384969517c920e8454a5a0f112d1653b2828e895d0614e5bf4dec0ec863432cce9337ce7c29affa7f29fff97bd54a6947cc68df8fed17850209242c1c67d0d7aced2efec4b3c006678bcb8716e8e9e40d78781fd6cc5b5522b8ed2ec8cecb677849b778c0a2a17817a3dd2278080e109906dd4e99b772d5911893fa09ade4296876921d1e009e714df7e4973ab1d2e593d88ecf2151e97ec66176549d3af66652c8377e162454ce7cc8ab34397d31978e84aea92a3c0a8106a2a31e33a8dfe942819fa1f2c1272d0f3cbd7dae820642cbc00202455ab7fb81857ef050a1965a291001874b38397ed9a8e8106dcfcdfd80d0f5d0ef0d5775e53cc5aeb1d6bc13886f8f3491cd6af5dd77ace3689fa2bf56e9b4d1e4964f8fd8f0a4a8b5d7fb678f0f3adcb4a19b5168ac5aeee6f087af15af3bde52a9be0f550b21b10ce98da70445284d9db9416732e63b6efb3ced984c0df50c11aa677f822af7ad39b8b4c0d236e4b36a00ff73587b39f917d7effbb37b95a96e350a430d544d68623c80bf2cd2d689b4dc41e8ef374c393092a2619055f268fbdcb9de494e6582be90a4798bac801bcac8389c823759860e7c9d692f41ee2a6b9624da3c09a2c8e7cdeaa100ba8ca25a737046d8bb237b9546641cfbb2eac9bbee9e125b14dfabac642e634d32151c06ceb3ddbb3d3f038ab2efdd063152270449ed5eca2655cd0016147ebbd00003eb8cd25297350afbffae43cfd9867543b81da4510850b1afaa199d0477837017e9098bf5b3973efe218a88b3d2bb172fe77278088997758fdc1dbb0b1fb6af2ab9db1ddf3e3fbd8e8dd35f918779ccba75b3cdfa317fc6e3cbeaa8b11ce2a30cc53292bcb9dc2a18ca400c674360c041c97ee6aec1448a025c6b04ae9efb3a01d31e3f897cfd5dc94dac95c88b95a26676cc6153e203535891116a5f4ebf54c71cbbe3215a04c57c7ba874a1e203bc66d8161d5b556f661244d9d405a2e6baaedd0d0e4c7e093c2ac0e5ee83b7ddf91669dd59016f7cb53d19896fcc838dc008da4a5fdc0a4fac1a6d7f49b24bcc01467df04d8a3f3181cc4e811942a53daf784b59186a17756a8f3a41ad93035a893a4ff60dd8f54a533e94cf87864169287804df3aa38dc5ce6021a06c58d48985c562a0f51d8b32879f9fb7d4a1d3d442626810f151b161b7e35f9a0b3bec05979e381140f31c03ee6f5549e6e7f116be5e87e0a9ab71ee632f837e9a0f9ad1b4979304c26bad6e84eff0b5b79b667e3d74e354d04f5b2c237102e41a1a4dcac99cbb911d9484aebe6ab2cb539a1db3e3302fb833a44a2d725e858ea9a65d43bb7661842b655c51a1ff25207956e8c6c71667c79975d69f688dfa34c59771488028e3d7500ba0cb71ae5751a51b568e67bdf2abb63838aba5e5cfbbeaf02285f6cbe58428a92a6fc25abb01f8d55ecbd7cc0ea69cdfb188b79048dbea488493681b0e70234463ca3e425d24e2ae4d800ce3adb04ce69428b5f884f8dc83392c22e456a2e195b86d717ac45003a99ae9a59c94167eb04aba3612528f94dad3360b46bc456fbb78072eb7f96418c71bec09831b0a63e83816ffde0d9909c06e765a666c2c41b20c339e0d39107311830ae9ad912f0a85f2ec5ca66a79798a568dae14f76b6d59e6c0bc0f9ebdff29c0fce58367c9705bd4323d3c3e125cdb13da6e58f3fdb2751401014e393e3fc688f04080a90430e531767a7c4f3187ccb7b90880955e766aba6091c4e8fed36482bb5a63372350dd08fe84bf5afd1a30a0f8f4de7a640fa84b9c0447073a0b39bf875d0377c8a572adefec3e033fb3dad91b22bfe22c01f23f27ab0c6a1ce19d2f4f4235281cbca15dafe50f383ba89a8c46a666b106c1ac534955df71f4c560010934fd3eb68eebd55487defa1e024f75ac30139cd190bde1dc8684936bc23a1882ae469fc4af8730d29658f996f71c219526497918e359228b55849d952f4b2996fe5f45a6cfdf87da93bfada579479b18d05c4e964c85b88a7bfc6e4f2b5d6e98e00635e8bd2ebb9eb40b99a9e9db2f688b2d94b8cc8c5fb2a1928624fa5df1c228e6499d992453772084bcd33dda984d97e3857b6fee43c6666b3206ccfe3af52debe5659dc186edd194b90309213f5c4805f454c7e57bc759377aae9727e484391486be0849c5cdfa99c5a0d0687d6afdce97a32e01d45fef015e7c869ca190219a778b91d881a7b595313fb462e5bf78260c78285d6ccf5e4c50ed56ff28e3f49912773f0a58093f259b5cf4e7f607c51a81576fa95b97bf32d0e2e3511b5d784eba29a15246a97ccf608db456cd70adacc6c31913416f24f38dec3544ac2e88c409b5ff7771d873ea8d7a1868775c8b5502273c784cf945680fb14f143140b56462cd46874ffeacde7bf329fe8369df9c4b95a42535ea56ad6fa260f5c738eb9627f890f4a34f80bf3b8fe568d44c3895029b5f9557f17469a53fe4c0d581eb29029ff162ca906cd0e4bb81138be91a254752bf849232ed7042a82cda1e14dfbfdf74a09c17a9039749c789ab0242ed2d0249231c4ad70c23c805676968bdeb96c2d8886f784ecc3e42e6493e45aa20b6e8ede65c49136c9e9414a4371e3012bf596d55315be17ea9396b1df7f82db27f0d121f8aa66c40365fa686a46f430b4cd336da0d9937d5c26284bdcc6c4e0d5a6acc1be089e1a5d6ec422ad3961fb5c5c9836466c3366e6d3f2686b19b529549cacb6252b0d7a7f5df42ea2961ac59ba0b911311ccc4d83f8611f0c4b071544236037b2863d673303a4e3d428131b07f60eb2cd507dc43503456ce829aed8254bf0b51b38008d42e445acb0effc2ab7e4bc26ad76ffba1220f2e878fe9b5de39bf4f25a9ed468cdb100008ffac6bef401df4817b23463e771a3c834c32993274689c01004eb94b89bc44257b7d2b3936caab6d86937b5bb8f705d00fb6f091711222b6dc25eeaa0e350fe484337396162c86bf7d3a1ab82591ad35d393664617041142c0f8b528e947c092f28c3142493d056bd548910615e7300f041f5d01a2f00138ae5d7849244ef9215f5c9dd874e60ca4ad883f86e71690a510831e35c24de1e0d1261172bf4a8625af958febb7b109c5ca5bfffd4342c43ad02136c6eb117b4a6ea98c07a91279731c1228b01e6be755c1c1d095d3cdfe950ac32eee77327a0e7e342ccfc13c69ab6ab113b18c1abe72d39c03e351986cb3326b8b17ada5884aa7d0a553b0d35e32b8c09f1a4106f5d675a88a1508de4a0e9c598c082ae5b229b75579e39e297b225a852e3f6a7d0990a45fdf68771991acf9b7a5c04bc21a40c57817d500e8ebc6b5919219a4110395817c92bf9eb9c623606d4d98ed68dc0b51a0278b0addce8753f86316158bb4bd6a7a0c4c72b0d17b9545695e54826021a6ac44b4de1b4ea977b20af3c47b8860b0ed29a68c1a883777097d54b162cc58edc0f4de1afbbad7c340a5cd9f2f93133cb2a4babc2a688e2ddd580ef8d9d0846c269c265ce9d978aa233c73aa11eb78d3a67f4e7a3dd035ef5a1f832ada87c7dfa377b77215f8c23b1a78e4a7faa6d0c1a4a28a0ef7b32b36bd566d8c478d0133ab43f9c2a4829624eec535234eb89a177ca8d4e9d2d422f33a24d15044822e4a4c1bca5f470b8c8fde09fb69160297218398da27f4e80dbd480782ee75cecd20ad23fdbcc1d4a0acbc63241c1e2cf1a0b12949e42f707ba06b6fdbd8f336bd72d7f96ddf9ec2b5cfcc4c8da6e1ea573e97eeaea537511ac9fd2ae78eb18cb50c13b595f8b6d65ce8c08e9028fffff6b512080dbbd3fb5e5068538c05f73254969f9727db9bff0c6aeaaf83713812499308792a7fc8318e6b2996bcd1b072641be1eb8e028cbd6b0a5f1fa13bfe35b5cd0d2ca21d9cf8ed97f724ef73ab5a99d65befa38d636f2f827d229479377f25501f3a6ece12cb095549503b2299db7806d32751d4851d62b0c6a91e2e961d475d33a8874c96df52c75bb5a0569e892743937451f75345e0351bfa334d37aa43f01ad1ff984dec164faebc713de31470db5e536a0681a042ced0f9839d9ce89259349075961985171c27c410c99458d4c25614ea1d4252293c4f85b0d2ded9ac560cfd024c19955f0f4bd47763690ba1bca88b8cc81059bb9fe82c955488523114db8c2caf8a63c0049e90ca524330b57edcf718f6a7aab0efe282079d198cc3c1294f35d1a1bf5f69a8838cfc5d4363f9ca9383f83e4f9576de3fac48866ddcde282e5e4ee3f852a063bd6423ac1fdc6201b1facd6c36609fa2faf96afc1c0b76fff27bce059ad6390fd1e3f735806ce654ed555a78ea8e59fb16ff5ac5ad183aab9de37c3d033b3018d591e7ff1a896de969f561260f797603df5fc232076ccdc2e1fe9fc789253a54af151dd50f89e777c2541591101720c893647bd4b3e6257de85251c9bcd700154e85db2a9e2c4d9d2e531a18bfaa05d16ce75f823e60416b3afebce16555536120d5f554fd13e861d74c4947a62d2d09473d8d75f03d354572b371b02e16f3976b1b0b235582ee38d938fe843b107c77c2acd88f34e1669816eb3867134b1c5fce5afad3c70f9bca972ed494577f2ba6362a6ee6b4720bd86938bb49490982a1b5ce6dd54b79f093ce27051530e1233f03d6641392d4fe7a1f7dcec8ba86d8f32f00f0ad50a29b1e17de07bd0205c0d893532c198f23656f7f5d1d9c0745b7e0b7e8afdd29c8fa1639a06039980d9a5fba11801db4e7868a9b77925a03a770aae3430b1ccbddb8bd766f51fef71ba25cf9184c9cfa6f9921d69066d09a656080f3c5fe475ccab94cdfccd76f3c7dada9236d1be861eb5fe6247ae9f97b7705bb71c375e8b98203c5bd224202c1aa714da47e0daf98fd3eca617f9a255df5dbe98a7520a1e6db9b88af893521f2ecf7fd2b08a7f3c5aeb77ebe6f52739b473840889c41315407477b82242d9a805f9aa200a129c4701d1c88ccd34871f356caf02da9937a88612a9755315914f4e8e1bf471a46c00650457cc06db168e5457fb3f9662994d901a1f58306156979aa795afacc1a7d6111cbea53e97fb71c7bbe44558fb06f8d78ee08e3678b5d218e13f79cf06f1da9f7e128647884589c487147b3edbdaffa16f9388568d3c8caa34a6b944e4f171842cdbb293474fcd5201b7440e05ddcf9e0b476773119516ef45077705e8bab5f877657205bf9eaaa7c86734b1b6c3661dfd4b9eb8590f962e17ad51b44058d558744e5b44cf9db280bff1062b2431d298064f11e7700ba4c8ece6f4df659d4880c4983db0152f1f903023672f6234620134bd5d1d888022da128a527d82e8fa1a562827a4f1592efe3b0bb78060626e8688ef3d5162afe9f1060123dbb1f93b7bdb6ad4ad6e1772bf8705cca424d9c42e4992eb5bef1ec7961bd4260d1e55e863fa9c8e0cb6d28b495fa37b5f59fd18cfcec6319288dd7363821e47ec46664e1994157319eb0d466b42fd9b5fac5ba979a9baf4f699dc539bf77852e18014074f88108b654219e4f9396696c94eb9fb9b360e59920f187029608bed76d09dd006f4033d384cd109726d51850202ba564599dbff7808591f834cc4084db29111de86a70217defa490e39c6e281650d15b1e44bb55164be0f6da58e838bf5f4d7cc2a23b818557ab1fad0fb2253c4da6af41591940b2608f6fa6bc25939ede95317ff96050bbc1f389235caa78adc0d801a56b2fb4cc41e73d5131552985b5af241722e0637f3b88e46b09ea875e5cf66f534666368ff8e46413e5ab557236134afa63478e18328d33b1a235deb2034955cdbb2bfd0e55fd885f380ae8efca1feea985a946519a712df1384f9e024efec61c30a6989aa3b5bd486366f3fccadc0add175c1cf0d2730ab97370eb47bcda4226ee140edbcd9b38b8ee913587125cb185adb4df18e80df2b0ea6e3e87dc8755fe6823ab5ee1feaebb1e6208cf3dd5ad5581f2388be92", 0x2000, 0x0)
read(r5, &(0x7f0000000440)=""/167, 0xa7)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c000140"], 0x108}}, 0x0)
close(r5)
ioctl$IOC_PR_PREEMPT_ABORT(r1, 0x401870cc, &(0x7f0000000180)={0x6, 0x6, 0x800, 0xfffffffd})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r3, &(0x7f0000000d00)=[{&(0x7f0000000c00)="89e7ee9ad6c4ad054ab2e24488ca", 0xe}], 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x18c)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0'}}]})
mkdir(&(0x7f0000000240)='./bus\x00', 0x81)
chdir(&(0x7f00000001c0)='./bus\x00')
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000200))
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r2, 0x0, r1, 0x0, 0x406f413, 0x0)

873.891432ms ago: executing program 6 (id=1467):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', <r2=>0x0})
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x200000, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r2, 0x4}}]}, 0x144}}, 0x0)

873.58883ms ago: executing program 6 (id=1469):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bind$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)

819.791955ms ago: executing program 6 (id=1471):
r0 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0)

819.569689ms ago: executing program 5 (id=1472):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)

818.021574ms ago: executing program 5 (id=1478):
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r0, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x34}}, 0x3a)

817.301954ms ago: executing program 6 (id=1479):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x3})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000040)={0x80, 0x8, 0x2, 0xfffffffc})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x1, 0x0)
mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000200)={0x73622a85, 0x20a, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000240)={0x0, 0x9750, 0x7})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x98, 0x0, &(0x7f0000003200)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1472, 0x0, 0x0, 0x0, 0xff8, 0x0, &(0x7f00000031c0)={0x30, 0x30, 0x1e}}}], 0x0, 0x0, 0x0})
dup3(r4, r2, 0x80000)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='.\x00', &(0x7f0000000200)='ocfs2\x00', 0x200800, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8924, &(0x7f0000000040)={'wlan0\x00', @broadcast})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000000000000711129000000000085000000000000009500a5050000000003b9de1c4391c24774689b3b7ff9911537a2b0f767c31150bd59d6a6cc866cb431fdfa5eda98e48201d0e77f9dc59c4de346f24f87e4577ef0341d5e8807cc7bba7d3c475944fb9cc4d673ffb9db4cc8ae1bdc6351e5c4107c5f3d2bab12d1d48287f28de9b9415aa92c5fb2a7822ce9573c43bf5822a828dd5e63983d13ec50ae5c25cfccefcf4c571421a6129e7aff5224b0ff22fb9cf0d47c1fa677607d03b665cb194c197b9d63b5be9f0a824b83e1c6db7d"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r6, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\\ \x00'})
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="090700000000000000002e0000000e0001"], 0x44}}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="a800000021000701000000000000000001"], 0xa8}}, 0x4c8d4)

67.758382ms ago: executing program 1 (id=1473):
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x6, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="02030c65420002000000ab5d71acedd7c9560385dcb1080084d7dc039806112405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x84, &(0x7f0000000080)=""/4096, &(0x7f0000001200)=0x1000)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x9, <r4=>0x0}, 0x8)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x80800})
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000110000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000001f650000000000006507000002000000070700004ced7f1be7d507470001000f75000000000000bf54000000000000070400000400f9ff2d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa1a2ba7ba030c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07f8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x6}, 0x10, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

67.670018ms ago: executing program 6 (id=1474):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r0, &(0x7f0000000240)={0x1d, 0x0, 0x2, {0x0, 0xff}}, 0x18)

67.507945ms ago: executing program 5 (id=1475):
clock_gettime(0x6, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
clock_settime(0x0, &(0x7f0000009ac0)={r0, r1+10000000})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32, @ANYBLOB="0000000002000000b70500000800000085"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d3000000000000008001b"], 0x34}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x11}, 0x40001}, 0x1c)
writev(0xffffffffffffffff, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71001000400ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

66.850348ms ago: executing program 6 (id=1476):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x840, 0x0)
ioctl$FBIO_WAITFORVSYNC(r1, 0x40044620, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
r3 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSCAUSE(r3, 0x89e1, &(0x7f0000000000))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
connect$can_bcm(r2, &(0x7f00000000c0), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
accept$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c)
sendmsg$can_bcm(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x1d, r4}, 0x10, &(0x7f0000000180)={&(0x7f0000000200)={0x4, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x84, 0x0, 0x4, 0x0, "c4f40c848d97a447"}}, 0x48}}, 0x0)
unshare(0x22020400)
r5 = eventfd(0x2)
r6 = syz_io_uring_setup(0xd7c, &(0x7f00000002c0)={0x0, 0x8009e19, 0x800, 0x3, 0x79}, &(0x7f0000000000), &(0x7f0000000040))
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
io_uring_register$IORING_REGISTER_FILES(r6, 0x2, &(0x7f0000000140)=[r7], 0x1)
read$qrtrtun(r7, &(0x7f00000004c0)=""/57, 0x39)
syz_io_uring_setup(0x7793, &(0x7f0000000440)={0x0, 0x251b9, 0x26, 0x6, 0x2d7, 0x0, r5}, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x800, 0x0, 0x3, 0x1, 0x0, 0x1}, 0x20)

321.573µs ago: executing program 5 (id=1477):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r2=>0x0})
r3 = syz_open_dev$swradio(&(0x7f0000000200), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0x98f900})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r5=>0x0})
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
ioctl$BTRFS_IOC_RM_DEV(r7, 0x5000940b, &(0x7f0000001900)={{}, "9f5e437e227c1d5c85eff5672e23dba4d906efbe40682321dad0d10b17dedc2d93b762a9820b8a9bd0071100202f3cf810b30609b815b9ae47a99ec8e2deafe09befeb50010143dade36705f15fbcd2f5fef5b97fd7634699c9c9048e6e4a7a8a7bc4db10ba8044590a3576f4432c5f59715e05e17f2e43a7f7941d24e03af086672389d0d799081a8d03f2d8cd3cb800e64355d8aa9b9a30314b125ed1c3f084d8ef51d5a69724cf323005018e541b7304493492269608ad946688344199b45fa5e014125db8fed1b48412800271bbec7fba0a9643a8af66cc161bff3be22e07105c096318fdec61677a890dabec3385452495c35ce286957abf4d181d9a9db6d1b8d09f2aa39e10648ad9d7b64db9c8af7682bc3aad55e13936e52780485c08a83e420c9b3288a82b48be223397650548ad09e5b52250a24ed488b56a03a81378a66ba86491d2ef15ba97901308055edacd19f8d26c488a8c10ee5a9bf135c75686c0369fdc8f5aaa3fb6a90a2c7e91c630641c7cb711e0dc75d60a2ce1f74032c9a76c39f5e6434e6ac1dd70ab5cf6c66b4794f898dfcf13e3290f789120ed7b0a72e40a162ea440a98717f69f6a60e4fce871bcc5a831ceded8264ef9805698a56cce595f824d235a99c2ae0dd705ffacc7c5b42a77651c0246bff5ff11fd2f92b92d758dc8236e794dca866ad957ebb145a7193656bd2c0bf1d2992e9f27e187040df9c15f5530a44d8a343181dcfae0572c31ffb4421613204da5a036bd15dd80db2d498c0c01e0c98e002fa4e188e771cd165d09bce1ade04131084e147bd0b85c754ff208c029671e0a116fdb94f314cd01f2f89b76c2d81ff6c571fb3302af31baa824a789d283c098464ed626527ad6c8c1fa2c67baf12496cd05ba07e0c884c516641251fc87e8fdfc630270a35528b7c4ea60ed2af8efc86eb50be58b7b67a93636c33629e478cc4b872fd3247a5a4750afe86d5527f5626129d635b01d9302012ea27735c31b52ae52f1a4ae86ebec9d0789e1408f89fdae943e29897daf5ebc3504790edb13fcadf00830857b63b90fcdf97e80d82f9e76efa2474d86fc4e3e0598ed211d8026b4a1a37116192aa3f27ef3bbc8d89f23e88137cd0ef2b4d520d178d628a332bf619cb6671063d473cca048121dd005602e26c54d825a8acb02be61377abb9c3d749d934911a4054f0be57cc80d3184a8a7d8419465824f7090136d26509a8e5da09e1171b5cee9df10996dde6f0a1418e45ee704685f1609417a257515dd24cc0bc24e5711d67db725c8a2f6daa1e1eca60febb8ec4bc9ba9ab3f02b84cb0be7cdbd8fc90f844dc3f1b0b2e424747069f202edb6a36b1a36c6bb4a18240e2211d102e01699cc9a5a13e1fb285d4fe00d59ee85cb4c0ac0d1c2e045f4b31df0254a955aa9611e76483e8b58f7921e43a51d8b7b12b3698579d7b40e9305a8cecef8d7d4af2fbf43c1e67fc467b5476c89b70b4a58edd4728a364f924e558b86acfafe80e494d4a6ef5c95ed7b1cd89921d15ecc49204de9623bf01ec16fd8566039861276933963c111bfda6d394d54badcac7f2a4d2fadc69e512611159765b63a74d321fb91b43f34e22970469e403e945da3ef0290fc336b1c9b4ea7fd0a33bdd5d7de86357563030e5bd355671e3d1a204e2f0f6e5bcdb92e98cc6df8bc035c71a4decdb95dccb3363ac2f394b1d169c8e09278313ef5e8994a9567f50cb6a8d82930317a23dc20e312f5195894ef278b0ad0df2e91a0ce3633e7a0364dec705c6f291074b285cc33dd70ed92d65eda567ae614d8c7ac8f01c172dc0ada8f3c4d6eaf8d1db0d619c01163cafb0b2fe8df0d84ccc2b144e088f70a3ad0aa0adca8afe8efc9b11f91b030d2cddf89253139181a6244236324510efc4630d53721e99f51c49406f920356eaf998f76dd5febcd5ffd8f77a1c6baacfb8ab974096c702d853377c3a035921ceef9a4cb5e477241d224a076e510adc85213795da1db4ac4c452d704b8e3a33ea91ead5d386a73236a2900f078117445c68ee1a482caad695fd314bd57a325f6a60de29153eb9e160a511d29fdd0105c8b6d71f2527f7b4aa66162105f8f4667b9af8c0df1159fec919f47837546466828d23e1490b175e22cb75cd5b779613d0e999222e3ec5c055b74da2f5d49cc5f623bf98aa40c5a2f7a6a629cb96d41e5e5f75c74dc822a04120a9744778163e84561ed1cdc22d8e5a751571cd526dba1445a2aedf3f95273fbe3a0ab83ffd7a4e3f0ce04d3ba9be28928d88c61fe7d48a10a89d5e2c29cfc52cb5a0ddead2ed87448585e6fb5348aed1f41416e219b126242e7432b14a6d90b69b60209ffd7e0626a8041c64cc866d6a6db9fc37afe18e52abcab2ef0a793e5024c3940a902749e81751d96be8cf9c6939cc21237fbe17f03d3ac713f49c7b67f70eb4ba8d9470c3d73a8dbd8bec001ac154c6ee009809329adb096a0136a4d375d957b7c1a951fa6a9bfbbd6fd6e62c704aa9673a219bd9fe07b2eb0ff94e19b032a8ee6023d9af755957f65812ad304c296e283748f42f6eddae47cfcfca7bba9588542b7d75ddaf4132da4bb6a358c3e73756a9468f19e06dc34673db9c4c5f307db1b6ac3518a98075e50688b8460a63667b7dd489286c71cdf2a35720751e0851b63bff024abe5190230314c89607c3027aece92937f5388474ec2b947bfd08621e718a55d42fce21fd3c48fb8c52ac593ca20babe41e3b582ff64d2c92ada4eb41479fa6f160fe3cd189ff968791935598617a20e2df8527d727bdcf7461b3e98cce4e76c3887dd08f15cdf0b3e431110edc5b830b108d1e05e1a80e4a212fa5d0ca85ba41c775f8bd164d7cd244c06792eaac3b3bd03d21a3f0a578763c78ccc0ab968a89f347335dc2a5f77f6486addb4eca83b7d98a9710d7b9b8be03eb076f2d00ffcc4f9304a6fb7a35e09dbf8e7dbba6176d9d8f528bd914cf97d1fa3c9bbc2cd3b3fb2a78dba495a6111abaa714c48796ce3ad7bf3aa65b3f06e9ff37024074f849c017b293949bfdc69eea9e25d59a5e77120b1ab2c34434720b4f3b19b8703f4708c3fab10346a1a9eccb5bcfd985cff8820f0eb6247b0736970bec56b7f04bb7c46b7701ed1ee0ba1b74c3d316d2af4e8fbf2b66a04e2c4b286e7e2885e9bfa668c6807a20d58fc3887795023ef473a437ba2f1afca6838b1305d00f8ce3822c102cf1eb8b4f137c041d6655b259d8650b7a650337559ea095d9cbf7b93494528caaa809728c0fb1435d9b4b7ec387c7c3ba5a27fa3e0dee8d19413a6fbf8e5bf2674723fdd7d37913c9d90708373299a758fe06dc9f4eaabaf57650260ca18208994cc161bf4140e27b6276bd5805d2baae1688d4f3ae5743c2a908389d370b2891ce184d538b8b3057286f4b35a366266f5e81635e17b75c263ecaa34a780eb844e66568679df85942a6e55f478a1fb5cc096e8c9f9300da6a7c117c0f9d7878f7f4143fddc11199fd876a2b4018b728925e1b580d94ffc26c2bffd3181d6ea020e22e7a68e4340f2be96a11af20b4deec3b6ca6b5508dcceb96078d94c8a27358b86b63f833d6386c41731b37c7a167685ce839b7e1c120f05faef4584b3864474bee02cedd2f34eb712d72da1674d8b382d0c7420071652cea699af5861045944a70f5eaf1f1209f271d95f3ca9fe8106c29cb0b22f5a8b99aa48dc378f90ea01614535971936b218860fc614771c02a3d3c66da367eb8ae3b0e0d47e1f819ed0cd82dcb7212ddf19df7d3bc551095c0a2a5d105128f7637c7556f4a01f3fa2b1659fc983fb477eba4fa70bbb8169d0ad0c07a38fe6ff396de631233fa85492da7ad0433b0adbb817e419812ddd85038329a707ee3ab11d100c8de2389d9cfda25f2b656d432e96191009a31902f79bad2a673afdaef834a44a1db51f62878d99d3eb2475e3d5828bb708c5c8c4bb1820fdde66a2ecae124c3f86366ee8c0cdf694a061a71fc35e3c37680a4a7daf78faeec3c2f1a059eb214f61632807e3a582ea2a6570589e8fb2f285e0d99becb74ae4617787605f7f1afb300181fdbcbdafcf879df8726120e0e4cfd6529837474a34d6af2f9076c3719419591b4d41b6933b0c8768c79dc54f9bad1950fa5b3741506163aba002b1e2b0db761174778dde39f7da57e2558503fd08ca2e4a94bf831f3f94a43f9aaed3bca06113dc1b0e9cc317fbc79e1ea560c9bbb1805b4345fb57ca0b28af46f648ab6dfcf1e06691f507feefc09140239414cfd828ab0492d5c8851ce0e3059282b354b1240487460203b0d10a734322a30a4e96571acf581472add454738a7d539377f2ad50542a6974ebaa87cc8c8688eef397c1e171f6bfac2579a19346960e3978e9d1247fadabe285521632930871c26a536e75e6b76c4d457f7e4d1747f02bcbc27b00d1683df113f4a4eaf713864caebc8b9874327c235af5ba0a81672bc03a4499d8dcbbf62a61c47212df3dd648c1bab058c889e39fbf2c9e7f1a6c6be93b058a55439fde50af1082cdba0533cc1008101ff58e507afab9f9a26dff2f4cc93049cf34a620d844c6bddaf1b324e382b4e83feebee26320cb63a328f26641ae39d101fa24038e34813c567e50d5c5d7234e0b4c70cc42285018b804cc98fb097ff7584db5f8758219083851bfd229bf00429dd5344209b740c7f9bca108d43d7e4eabbd99c2f4b5d8ef202ba2616d24a5d02263d754107cc9e538e9ac9306d13c355edf2455eb1182ccd0395fb617dc91fcd8c02cd8031d83011e7747529f7789c5f5f3709b4771bb6343cf92fef8f194972618f2660c67c6d142fd33531c831da55c666ad71c9502157d58bdae83da74b24951d79ab9ed5364dc0df07d47bbe9b2a40e4b640df52f852d0edd6ef1da1491670c9e744fc83680d23cc50073cd91f5cccd954dd808e33c6ad35ed3ff232bc881067eeb07777457349e63474e3c9df239f671f9eeea8982f168689e136aff242c493b8464f1d0214f186111b13bf8a7c5992abac41c80327e4d08c9a1b537ca9c17d0c5280a265892d7357c828ad2ec5d9c71f76a057edee6af1d7ac495bdd991f1b8f18d0fee783626745dcf5a268636c458ef53004d6b256c7db152eef9d749f1b4eceaf7f275d272bc030ac8f096741ec22098e4280644311a419125de94854e07e3392bd63efdc1233666eb9ef4eb50826741b6ef836dd9862256b444ff17431616fc9646955c0366e7177dab9931e6fdca200c0385f7e48fc2e79b1a6fa95b6a98b97d637cac64fef92ac4451572df4a9f98346d2177f5c311af20592a7a0f49c8a8cdb2fdbdc1ff2f0e33bd04a53d0c995ccbf997366274bc18f8fce6cab3da11a91b7908ad6dd451c918e55477bc179c3375849deb545c2d21b95c089d53e995a58e1632906d6c4582d20ef6ff4238a919eec8014a45fc28ff377312db0c7ed528356921f7d9056f28fe66cfd3c5f537260e4c44f6970c4a24f2a831c2a790ab07a318f57ff1f568cad2d64224ffea2a6ef4003ac79254d5c21b1b8e6bb860dbd7d9bc21b2f539fe8f1f648a422f110ca9120af66aa022806b1cbbc158b2a492e41b9c286d1a6c8cf382e9a3de3b98f1288f6316ceabc97eb3a96a84595ecf00e7a30d11fd3f371f4a6161105319e6a20a74e0b73c3f53f7facf5b6b3e753546f76f15b02eab58ef94ccc5a580d4d6665daae330467b7082f982f5f6567cc7b686b020d59526efbc6802bba0f51627e806d890a6077accc62bddba5"})
r9 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=r5, @ANYBLOB="a300000000000000"], 0x0)
listen(r6, 0x101)
r10 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r10, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r11 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r12=>0x0, &(0x7f0000000280)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r12, r13, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r11, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f00000001c0))
shutdown(r6, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r2, 0x0, &(0x7f00009cc000/0x1000)=nil, 0x1000, 0xfffffffffffffffe})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r5, 0x0, <r14=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r14, 0x0, 0x2, 0x0, 0x2000, 0x40008000, 0x149ec4})
connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @remote, 0xb7}, 0x1c)
connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x8bed, @empty, 0xe2}, 0x1c)

124.407µs ago: executing program 5 (id=1480):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bind$llc(0xffffffffffffffff, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)

0s ago: executing program 5 (id=1481):
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

missing 'lowerdir'
[   82.786786][ T5845] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[   82.848439][ T8799] tipc: Started in network mode
[   82.850161][ T8799] tipc: Node identity 42a69e441814, cluster identity 4711
[   82.852639][ T8799] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   82.861814][ T8798] tipc: Disabling bearer <eth:syzkaller0>
[   82.946829][ T5845] usb 7-1: Using ep0 maxpacket: 8
[   82.949287][ T5845] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[   82.951333][ T5845] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   82.953812][ T5845] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   82.956318][ T5845] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   82.958912][ T5845] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   82.962329][ T5845] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   82.964779][ T5845] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.038121][ T8806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.779'.
[   83.081530][ T8813] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   83.083995][ T8813] IPv6: NLM_F_CREATE should be set when creating new route
[   83.087507][ T8812] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[   83.089679][ T8812] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   83.092450][ T8812] vhci_hcd vhci_hcd.0: Device attached
[   83.171490][ T5845] usb 7-1: usb_control_msg returned -32
[   83.172983][ T5845] usbtmc 7-1:16.0: can't read capabilities
[   83.266713][   T55] vhci_hcd: vhci_device speed not set
[   83.326717][  T828] usb 9-1: new low-speed USB device number 5 using dummy_hcd
[   83.326861][   T55] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[   83.356728][ T5959] Bluetooth: hci1: command tx timeout
[   83.481778][  T828] usb 9-1: config 0 has no interfaces?
[   83.483255][  T828] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   83.485686][  T828] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.485767][ T8820] netlink: 22 bytes leftover after parsing attributes in process `syz.1.783'.
[   83.488680][  T828] usb 9-1: config 0 descriptor??
[   83.490225][ T8820] netlink: 22 bytes leftover after parsing attributes in process `syz.1.783'.
[   83.692534][ T8815] usb 45-1: recv xbuf, 0
[   83.694084][ T6325] vhci_hcd: stop threads
[   83.695249][ T6325] vhci_hcd: release socket
[   83.696490][ T6325] vhci_hcd: disconnect device
[   83.702641][  T828] usb 9-1: string descriptor 0 read error: -71
[   83.704769][  T828] usb 9-1: USB disconnect, device number 5
[   83.757599][   T55] vhci_hcd: vhci_device speed not set
[   84.033963][ T8857] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0
[   84.414290][ T8877] netlink: 'syz.1.798': attribute type 3 has an invalid length.
[   84.572663][   T39] kauditd_printk_skb: 15 callbacks suppressed
[   84.572673][   T39] audit: type=1400 audit(1732199042.662:603): avc:  denied  { create } for  pid=8891 comm="syz.1.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   85.041012][ T8913] syzkaller0: entered allmulticast mode
[   85.054388][   T39] audit: type=1326 audit(1732199043.142:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8910 comm="syz.5.803" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e1957e819 code=0x0
[   85.135733][ T8916] tipc: Enabled bearer <udp:syz1>, priority 10
[   85.154161][ T8918] __nla_validate_parse: 3 callbacks suppressed
[   85.154172][ T8918] netlink: 20 bytes leftover after parsing attributes in process `syz.4.806'.
[   85.156246][ T8919] netlink: 8 bytes leftover after parsing attributes in process `syz.5.803'.
[   85.159118][ T8918] netlink: 8 bytes leftover after parsing attributes in process `syz.4.806'.
[   85.436836][ T5959] Bluetooth: hci1: command tx timeout
[   85.597067][    T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   85.746635][    T8] usb 6-1: Using ep0 maxpacket: 16
[   85.749157][    T8] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[   85.751323][    T8] usb 6-1: config 0 has no interface number 0
[   85.752965][    T8] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   85.755843][    T8] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   85.760429][    T8] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[   85.762822][    T8] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[   85.764883][    T8] usb 6-1: Product: syz
[   85.766006][    T8] usb 6-1: SerialNumber: syz
[   85.768678][    T8] usb 6-1: config 0 descriptor??
[   85.771159][    T8] cm109 6-1:0.8: invalid payload size 0, expected 4
[   85.773704][    T8] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input14
[   85.982286][   T39] audit: type=1400 audit(1732199044.072:605): avc:  denied  { relabelfrom } for  pid=8933 comm="syz.1.808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   85.987702][   T39] audit: type=1400 audit(1732199044.072:606): avc:  denied  { relabelto } for  pid=8933 comm="syz.1.808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[   85.994749][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[   86.246677][ T5996] tipc: Node number set to 1521655364
[   86.277390][    C2] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[   86.277456][ T5956] usb 6-1: USB disconnect, device number 4
[   86.279233][    C2] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[   86.285689][ T5956] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[   86.294025][ T8983] overlayfs: conflicting lowerdir path
[   86.311868][   T39] audit: type=1400 audit(1732199044.402:607): avc:  denied  { mount } for  pid=8984 comm="syz.4.817" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   86.325518][   T39] audit: type=1400 audit(1732199044.422:608): avc:  denied  { unmount } for  pid=7996 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   86.376647][ T5996] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[   86.526687][ T5996] usb 10-1: Using ep0 maxpacket: 8
[   86.529115][ T5996] usb 10-1: config index 0 descriptor too short (expected 5924, got 36)
[   86.531331][ T5996] usb 10-1: config 250 has an invalid interface number: 228 but max is -1
[   86.533571][ T5996] usb 10-1: config 250 has 1 interface, different from the descriptor's value: 0
[   86.535991][ T5996] usb 10-1: config 250 has no interface number 0
[   86.537944][ T5996] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   86.541017][ T5996] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   86.543806][ T5996] usb 10-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   86.546525][ T5996] usb 10-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   86.549513][ T5996] usb 10-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   86.553050][ T5996] usb 10-1: config 250 interface 228 has no altsetting 0
[   86.556079][ T5996] usb 10-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   86.558645][ T5996] usb 10-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   86.560836][ T5996] usb 10-1: Product: syz
[   86.561998][ T5996] usb 10-1: SerialNumber: syz
[   86.565007][ T5996] hub 10-1:250.228: bad descriptor, ignoring hub
[   86.567037][ T5996] hub 10-1:250.228: probe with driver hub failed with error -5
[   86.767281][ T5996] usblp 10-1:250.228: usblp1: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   86.800485][ T9005] FAULT_INJECTION: forcing a failure.
[   86.800485][ T9005] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   86.803898][ T9005] CPU: 3 UID: 0 PID: 9005 Comm: syz.1.823 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   86.806545][ T9005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.809141][ T9005] Call Trace:
[   86.810032][ T9005]  <TASK>
[   86.810835][ T9005]  dump_stack_lvl+0x16c/0x1f0
[   86.812112][ T9005]  should_fail_ex+0x497/0x5b0
[   86.813362][ T9005]  _copy_from_user+0x2e/0xd0
[   86.814586][ T9005]  do_tcp_setsockopt+0x6a8/0x2660
[   86.815921][ T9005]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[   86.817361][ T9005]  ? rcu_is_watching+0x12/0xc0
[   86.817807][ T9007] netlink: 28 bytes leftover after parsing attributes in process `syz.4.824'.
[   86.818615][ T9005]  ? trace_contention_end+0xea/0x140
[   86.822338][ T9005]  ? smc_setsockopt+0x101/0xa00
[   86.823621][ T9005]  ? __pfx___mutex_lock+0x10/0x10
[   86.824945][ T9005]  ? __pfx_lock_release+0x10/0x10
[   86.826283][ T9005]  ? trace_lock_acquire+0x14a/0x1d0
[   86.827653][ T9005]  ? sock_has_perm+0x25a/0x2f0
[   86.828913][ T9005]  tcp_setsockopt+0xe2/0x100
[   86.830143][ T9005]  smc_setsockopt+0x1b4/0xa00
[   86.831381][ T9005]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   86.832923][ T9005]  ? __pfx_smc_setsockopt+0x10/0x10
[   86.834288][ T9005]  ? preempt_count_add+0x76/0x150
[   86.835617][ T9005]  ? selinux_socket_setsockopt+0x6a/0x80
[   86.837060][ T9005]  ? __pfx_smc_setsockopt+0x10/0x10
[   86.838392][ T9005]  do_sock_setsockopt+0x222/0x480
[   86.839711][ T9005]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   86.841170][ T9005]  ? lock_acquire+0x2f/0xb0
[   86.842373][ T9005]  __sys_setsockopt+0x1a0/0x230
[   86.843550][ T9005]  __x64_sys_setsockopt+0xbd/0x160
[   86.844849][ T9005]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   86.846385][ T9005]  do_syscall_64+0xcd/0x250
[   86.847522][ T9005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.849026][ T9005] RIP: 0033:0x7f652e57e819
[   86.850192][ T9005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.855047][ T9005] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   86.857225][ T9005] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[   86.859269][ T9005] RDX: 0000000000000003 RSI: 0000000000000006 RDI: 0000000000000004
[   86.861320][ T9005] RBP: 00007f652f3ef090 R08: 0000000000000004 R09: 0000000000000000
[   86.863409][ T9005] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   86.865479][ T9005] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[   86.867528][ T9005]  </TASK>
[   86.872433][ T9008] netlink: 28 bytes leftover after parsing attributes in process `syz.4.824'.
[   86.886275][ T9012] netlink: 'syz.1.825': attribute type 19 has an invalid length.
[   86.908014][ T9017] xt_hashlimit: size too large, truncated to 1048576
[   86.975504][   T39] audit: type=1400 audit(1732199045.062:609): avc:  denied  { read } for  pid=9020 comm="syz.4.828" path="socket:[25448]" dev="sockfs" ino=25448 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   86.982221][ T9020] delete_channel: no stack
[   87.019430][ T9024] cgroup: subsys name conflicts with all
[   87.126724][ T5996] usb 10-1: USB disconnect, device number 2
[   87.127745][ T9027] netlink: 16 bytes leftover after parsing attributes in process `syz.1.829'.
[   87.130672][ T9027] openvswitch: netlink: Missing key (keys=40, expected=100)
[   87.287655][ T9044] FAULT_INJECTION: forcing a failure.
[   87.287655][ T9044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.291252][ T9044] CPU: 0 UID: 0 PID: 9044 Comm: syz.1.833 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   87.294039][ T9044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.296953][ T9044] Call Trace:
[   87.297982][ T9044]  <TASK>
[   87.298735][ T9044]  dump_stack_lvl+0x16c/0x1f0
[   87.299930][ T9044]  should_fail_ex+0x497/0x5b0
[   87.301288][ T9044]  _copy_from_user+0x2e/0xd0
[   87.302650][ T9044]  copy_from_sockptr_offset.constprop.0+0x123/0x140
[   87.304466][ T9044]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[   87.306492][ T9044]  ? tcp_setsockopt+0xae/0x100
[   87.307834][ T9044]  smc_setsockopt+0x29a/0xa00
[   87.309069][ T9044]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   87.310713][ T9044]  ? __pfx_smc_setsockopt+0x10/0x10
[   87.312104][ T9044]  ? preempt_count_add+0x76/0x150
[   87.313557][ T9044]  ? selinux_socket_setsockopt+0x6a/0x80
[   87.315640][ T9044]  ? __pfx_smc_setsockopt+0x10/0x10
[   87.317569][ T9044]  do_sock_setsockopt+0x222/0x480
[   87.319437][ T9044]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   87.321446][ T9044]  ? lock_acquire+0x2f/0xb0
[   87.323113][ T9044]  __sys_setsockopt+0x1a0/0x230
[   87.324912][ T9044]  __x64_sys_setsockopt+0xbd/0x160
[   87.326367][ T9044]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   87.327963][ T9044]  do_syscall_64+0xcd/0x250
[   87.329176][ T9044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.330721][ T9044] RIP: 0033:0x7f652e57e819
[   87.331898][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.336887][ T9044] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   87.339256][ T9044] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[   87.341316][ T9044] RDX: 0000000000000003 RSI: 0000000000000006 RDI: 0000000000000004
[   87.343357][ T9044] RBP: 00007f652f3ef090 R08: 0000000000000004 R09: 0000000000000000
[   87.345409][ T9044] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   87.347459][ T9044] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[   87.349517][ T9044]  </TASK>
[   87.403364][ T9048] netlink: 'syz.4.835': attribute type 19 has an invalid length.
[   87.447568][   T39] audit: type=1400 audit(1732199045.542:610): avc:  denied  { bind } for  pid=9055 comm="syz.1.837" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   87.491859][   T39] audit: type=1400 audit(1732199045.582:611): avc:  denied  { create } for  pid=9061 comm="syz.4.839" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   87.516664][ T5959] Bluetooth: hci1: command tx timeout
[   87.831417][ T9074] FAULT_INJECTION: forcing a failure.
[   87.831417][ T9074] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.835009][ T9074] CPU: 2 UID: 0 PID: 9074 Comm: syz.4.842 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   87.838166][ T9074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   87.841203][ T9074] Call Trace:
[   87.842212][ T9074]  <TASK>
[   87.843027][ T9074]  dump_stack_lvl+0x16c/0x1f0
[   87.844376][ T9074]  should_fail_ex+0x497/0x5b0
[   87.845707][ T9074]  _copy_to_user+0x32/0xd0
[   87.847051][ T9074]  simple_read_from_buffer+0xd0/0x160
[   87.848521][ T9074]  proc_fail_nth_read+0x198/0x270
[   87.849877][ T9074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.851375][ T9074]  ? bpf_lsm_file_permission+0x9/0x10
[   87.852791][ T9074]  ? security_file_permission+0x71/0x210
[   87.854412][ T9074]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.855893][ T9074]  vfs_read+0x1df/0xbe0
[   87.857014][ T9074]  ? __fget_files+0x1fc/0x3a0
[   87.858273][ T9074]  ? __pfx___mutex_lock+0x10/0x10
[   87.859600][ T9074]  ? __pfx_vfs_read+0x10/0x10
[   87.860844][ T9074]  ? __fget_files+0x206/0x3a0
[   87.862102][ T9074]  ksys_read+0x12b/0x250
[   87.863216][ T9074]  ? __pfx_ksys_read+0x10/0x10
[   87.864476][ T9074]  ? rcu_is_watching+0x12/0xc0
[   87.865756][ T9074]  ? rcu_is_watching+0x12/0xc0
[   87.867009][ T9074]  do_syscall_64+0xcd/0x250
[   87.868264][ T9074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.869847][ T9074] RIP: 0033:0x7f275277d25c
[   87.871043][ T9074] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   87.876071][ T9074] RSP: 002b:00007f2753609030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.878243][ T9074] RAX: ffffffffffffffda RBX: 00007f2752935fa0 RCX: 00007f275277d25c
[   87.880292][ T9074] RDX: 000000000000000f RSI: 00007f27536090a0 RDI: 0000000000000005
[   87.882423][ T9074] RBP: 00007f2753609090 R08: 0000000000000000 R09: 0000000000000000
[   87.884459][ T9074] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[   87.886511][ T9074] R13: 0000000000000000 R14: 00007f2752935fa0 R15: 00007fff518a2b88
[   87.888597][ T9074]  </TASK>
[   88.102661][ T9085] netlink: 'syz.4.845': attribute type 19 has an invalid length.
[   88.137440][   T39] audit: type=1400 audit(1732199046.232:612): avc:  granted  { setsecparam } for  pid=9089 comm="syz.4.847" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[   88.140058][ T9090] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9090 comm=syz.4.847
[   88.148272][ T9090] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=9090 comm=syz.4.847
[   88.167318][ T9092] erspan1: entered promiscuous mode
[   88.474125][ T9120] netlink: 'syz.4.854': attribute type 19 has an invalid length.
[   88.558608][ T8824] usbtmc 7-1:16.0: stb usb_control_msg returned -110
[   88.562214][ T5996] usblp1: removed
[   88.566740][   T62] usb 7-1: USB disconnect, device number 7
[   88.579998][ T9137] random: crng reseeded on system resumption
[   88.625667][ T9137] netlink: 132 bytes leftover after parsing attributes in process `syz.2.858'.
[   88.766709][   T55] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[   88.856637][ T5996] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[   88.926658][   T55] usb 9-1: Using ep0 maxpacket: 32
[   88.929272][   T55] usb 9-1: config index 0 descriptor too short (expected 29220, got 36)
[   88.931444][   T55] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   88.933764][   T55] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81
[   88.936160][   T55] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   88.938751][   T55] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   88.941306][   T55] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   88.944771][   T55] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   88.947184][   T55] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.950019][   T55] usb 9-1: config 0 descriptor??
[   88.986764][ T5996] usb 10-1: device descriptor read/64, error -71
[   89.148155][ T9140] veth1_to_batadv: entered promiscuous mode
[   89.149783][ T9140] macsec1: entered promiscuous mode
[   89.154385][   T55] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   89.283317][ T9155] Bluetooth: (null): Invalid header checksum
[   89.324581][ T9163] netlink: 'syz.2.864': attribute type 19 has an invalid length.
[   89.365908][ T9168] pimreg: entered allmulticast mode
[   89.517749][ T5956] usb 9-1: USB disconnect, device number 6
[   89.519972][ T5956] usblp0: removed
[   89.543112][ T9182] netlink: 'syz.1.870': attribute type 21 has an invalid length.
[   89.578609][ T9189] netlink: 'syz.1.873': attribute type 19 has an invalid length.
[   90.055475][ T9203] netlink: 'syz.4.877': attribute type 30 has an invalid length.
[   90.064848][ T9203] netlink: 20 bytes leftover after parsing attributes in process `syz.4.877'.
[   90.099296][   T39] kauditd_printk_skb: 11 callbacks suppressed
[   90.099307][   T39] audit: type=1400 audit(1732199048.192:624): avc:  denied  { append } for  pid=9208 comm="syz.4.878" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   90.106975][   T39] audit: type=1400 audit(1732199048.192:625): avc:  denied  { read } for  pid=9208 comm="syz.4.878" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[   90.113024][   T39] audit: type=1400 audit(1732199048.192:626): avc:  denied  { open } for  pid=9208 comm="syz.4.878" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[   90.317238][ T9226] netlink: 'syz.2.883': attribute type 19 has an invalid length.
[   90.416052][   T39] audit: type=1400 audit(1732199048.502:627): avc:  denied  { append } for  pid=9248 comm="syz.2.888" name="video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[   90.471952][ T9258] netlink: 'syz.4.892': attribute type 19 has an invalid length.
[   90.512962][ T9265] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[   90.533038][   T39] audit: type=1400 audit(1732199048.622:628): avc:  denied  { ioctl } for  pid=9272 comm="syz.1.897" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 ioctlcmd=0xae83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[   90.766723][   T55] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[   90.926675][   T55] usb 9-1: Using ep0 maxpacket: 8
[   90.929362][   T55] usb 9-1: config 251 has an invalid interface number: 29 but max is 0
[   90.931875][   T55] usb 9-1: config 251 has no interface number 0
[   90.933890][   T55] usb 9-1: config 251 interface 29 altsetting 71 has an invalid descriptor for endpoint zero, skipping
[   90.937296][   T55] usb 9-1: config 251 interface 29 altsetting 71 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[   90.940378][   T55] usb 9-1: config 251 interface 29 has no altsetting 0
[   90.942491][   T55] usb 9-1: New USB device found, idVendor=054c, idProduct=0069, bcdDevice= a.8d
[   90.945663][   T55] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.065769][ T9298] netlink: 'syz.1.903': attribute type 19 has an invalid length.
[   91.083260][   T39] audit: type=1400 audit(1732199049.172:629): avc:  denied  { getopt } for  pid=9299 comm="syz.1.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   91.084612][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.904'.
[   91.218384][   T55] usb 9-1: string descriptor 0 read error: -71
[   91.220402][   T55] usb-storage 9-1:251.29: USB Mass Storage device detected
[   91.223546][   T55] usb-storage 9-1:251.29: Quirks match for vid 054c pid 0069: 1
[   91.299381][   T39] audit: type=1400 audit(1732199049.392:630): avc:  denied  { map } for  pid=9313 comm="syz.5.907" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   91.305721][   T39] audit: type=1400 audit(1732199049.392:631): avc:  denied  { execute } for  pid=9313 comm="syz.5.907" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[   91.325786][ T9319] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=33553 sclass=netlink_route_socket pid=9319 comm=syz.5.908
[   91.331772][ T9321] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   91.353370][ T9327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.911'.
[   91.358787][   T55] usb 9-1: USB disconnect, device number 7
[   91.364466][ T9331] netlink: 'syz.1.913': attribute type 19 has an invalid length.
[   91.410690][ T9339] netlink: 4 bytes leftover after parsing attributes in process `syz.2.911'.
[   91.428411][ T9343] fuse: Bad value for 'fd'
[   91.429976][ T9343] fuse: Bad value for 'fd'
[   91.431224][ T9343] fuse: Bad value for 'fd'
[   91.432479][ T9343] fuse: Bad value for 'fd'
[   91.433789][ T9343] fuse: Bad value for 'fd'
[   91.435051][ T9343] fuse: Bad value for 'fd'
[   91.436317][ T9343] fuse: Bad value for 'fd'
[   91.438276][ T9343] fuse: Bad value for 'fd'
[   91.439603][ T9343] fuse: Bad value for 'fd'
[   91.440850][ T9343] fuse: Bad value for 'fd'
[   91.442174][ T9343] fuse: Bad value for 'fd'
[   91.443472][ T9343] fuse: Bad value for 'fd'
[   91.444876][ T9343] fuse: Bad value for 'fd'
[   91.446199][ T9343] fuse: Bad value for 'fd'
[   91.447770][ T9343] fuse: Bad value for 'fd'
[   91.449032][ T9343] fuse: Bad value for 'fd'
[   91.450308][ T9343] fuse: Bad value for 'fd'
[   91.451575][ T9343] fuse: Bad value for 'fd'
[   91.452818][ T9343] fuse: Bad value for 'fd'
[   91.454165][ T9343] fuse: Bad value for 'fd'
[   91.455420][ T9343] fuse: Bad value for 'fd'
[   91.457560][ T9343] fuse: Bad value for 'fd'
[   91.458835][ T9343] fuse: Bad value for 'fd'
[   91.460076][ T9343] fuse: Bad value for 'fd'
[   91.461369][ T9343] fuse: Bad value for 'fd'
[   91.462624][ T9343] fuse: Bad value for 'fd'
[   91.463880][ T9343] fuse: Bad value for 'fd'
[   91.465207][ T9343] fuse: Bad value for 'fd'
[   91.466470][ T9343] fuse: Bad value for 'fd'
[   91.467764][ T9343] fuse: Bad value for 'fd'
[   91.469018][ T9343] fuse: Bad value for 'fd'
[   91.470268][ T9343] fuse: Bad value for 'fd'
[   91.471555][ T9343] fuse: Bad value for 'fd'
[   91.497002][   T39] audit: type=1400 audit(1732199049.592:632): avc:  denied  { ioctl } for  pid=9347 comm="syz.5.919" path="socket:[32842]" dev="sockfs" ino=32842 ioctlcmd=0x89e8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[   91.512438][ T9351] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.516816][ T9351] netlink: 20 bytes leftover after parsing attributes in process `syz.5.920'.
[   91.520545][   T39] audit: type=1400 audit(1732199049.612:633): avc:  denied  { read } for  pid=9350 comm="syz.5.920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   92.229099][ T9327] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[   92.387369][ T9396] (syz.5.935,9396,0):ocfs2_parse_options:1446 ERROR: Unrecognized mount option "$[#/[+:(" or missing value
[   92.390479][ T9396] (syz.5.935,9396,0):ocfs2_fill_super:1178 ERROR: status = -22
[   92.397931][ T9353] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   92.408822][ T9402] netlink: 20 bytes leftover after parsing attributes in process `syz.5.937'.
[   92.876750][    T8] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[   92.898032][ T5959] Bluetooth: hci0: Received unexpected HCI Event 0x00
[   92.899557][ T9438] netlink: 24 bytes leftover after parsing attributes in process `syz.4.948'.
[   93.046663][    T8] usb 10-1: Using ep0 maxpacket: 16
[   93.049354][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.049562][ T9453] gfs2: path_lookup on �6(�+�d�Q�nB�!eU��V�!�`:� 8�DSE�������	�y|YT��{-��
����,mb/ returned error -2
[   93.052160][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.052182][    T8] usb 10-1: New USB device found, idVendor=05ac, idProduct=8041, bcdDevice= 0.00
[   93.060194][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.063038][    T8] usb 10-1: config 0 descriptor??
[   93.443234][ T9475] validate_nla: 4 callbacks suppressed
[   93.443245][ T9475] netlink: 'syz.2.961': attribute type 19 has an invalid length.
[   93.463492][ T9477] netlink: 148 bytes leftover after parsing attributes in process `syz.2.962'.
[   93.467442][ T9477] netlink: 32 bytes leftover after parsing attributes in process `syz.2.962'.
[   93.657749][ T9490] ebt_limit: overflow, try lower: 570423552/2483027968
[   93.996754][ T9505] netlink: 'syz.4.971': attribute type 19 has an invalid length.
[   94.247121][ T9518] nbd: must specify a size in bytes for the device
[   94.272834][ T9522] netlink: 16 bytes leftover after parsing attributes in process `syz.4.976'.
[   94.275279][ T9522] netlink: 4 bytes leftover after parsing attributes in process `syz.4.976'.
[   94.569982][ T9539] Bluetooth: MGMT ver 1.23
[   94.674032][ T9542] netlink: 'syz.4.982': attribute type 19 has an invalid length.
[   95.285230][ T9572] netlink: 'syz.2.992': attribute type 19 has an invalid length.
[   95.465759][ T9591] xt_hashlimit: overflow, try lower: 0/0
[   95.477968][ T9591] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   95.480161][ T9595] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   95.520798][ T9602] netlink: 'syz.4.1004': attribute type 19 has an invalid length.
[   95.636193][ T5956] usb 10-1: USB disconnect, device number 5
[   95.811745][ T9624] netlink: 'syz.4.1013': attribute type 19 has an invalid length.
[   95.874815][   T39] kauditd_printk_skb: 10 callbacks suppressed
[   95.874826][   T39] audit: type=1400 audit(1732199053.962:644): avc:  denied  { listen } for  pid=9631 comm="syz.4.1015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   96.113950][ T9643] __nla_validate_parse: 2 callbacks suppressed
[   96.113960][ T9643] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1018'.
[   96.132650][ T9648] syzkaller0: entered allmulticast mode
[   96.186057][ T9650] kvm: apic: phys broadcast and lowest prio
[   96.256527][ T9656] netlink: 'syz.1.1022': attribute type 19 has an invalid length.
[   96.288689][   T39] audit: type=1400 audit(1732199054.382:645): avc:  denied  { connect } for  pid=9665 comm="syz.1.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   96.294863][   T39] audit: type=1400 audit(1732199054.382:646): avc:  denied  { getopt } for  pid=9665 comm="syz.1.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   96.341227][ T9677] FAULT_INJECTION: forcing a failure.
[   96.341227][ T9677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.344656][ T9677] CPU: 3 UID: 0 PID: 9677 Comm: syz.1.1028 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   96.347368][ T9677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.350239][ T9677] Call Trace:
[   96.351235][ T9677]  <TASK>
[   96.352029][ T9677]  dump_stack_lvl+0x16c/0x1f0
[   96.353322][ T9677]  should_fail_ex+0x497/0x5b0
[   96.354535][ T9677]  _copy_from_user+0x2e/0xd0
[   96.355722][ T9677]  do_ipv6_setsockopt+0x97d/0x4790
[   96.357100][ T9677]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[   96.358436][ T9677]  ? avc_has_perm_noaudit+0x143/0x3a0
[   96.359031][   T39] audit: type=1400 audit(1732199054.452:647): avc:  denied  { connect } for  pid=9678 comm="syz.2.1029" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   96.359827][ T9677]  ? avc_has_perm+0x11b/0x1c0
[   96.365961][ T9677]  ? __pfx_avc_has_perm+0x10/0x10
[   96.367294][ T9677]  ? rcu_is_watching+0x12/0xc0
[   96.368551][ T9677]  ? get_pid_task+0xfc/0x250
[   96.369814][ T9677]  ? __pfx_lock_release+0x10/0x10
[   96.371118][ T9677]  ? trace_lock_acquire+0x14a/0x1d0
[   96.372483][ T9677]  ? sock_has_perm+0x25a/0x2f0
[   96.373804][ T9677]  ? __pfx_sock_has_perm+0x10/0x10
[   96.375147][ T9677]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[   96.376820][ T9677]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[   96.378581][ T9677]  ? ipv6_setsockopt+0xcb/0x170
[   96.379858][ T9677]  ipv6_setsockopt+0xcb/0x170
[   96.381100][ T9677]  tcp_setsockopt+0xa4/0x100
[   96.382259][ T9677]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   96.383666][ T9677]  do_sock_setsockopt+0x222/0x480
[   96.384908][ T9677]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   96.386274][ T9677]  ? lock_acquire+0x2f/0xb0
[   96.387477][ T9677]  __sys_setsockopt+0x1a0/0x230
[   96.388758][ T9677]  __x64_sys_setsockopt+0xbd/0x160
[   96.390100][ T9677]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.391686][ T9677]  do_syscall_64+0xcd/0x250
[   96.392880][ T9677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.394440][ T9677] RIP: 0033:0x7f652e57e819
[   96.395624][ T9677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.400639][ T9677] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   96.402781][ T9677] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[   96.404823][ T9677] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[   96.406895][ T9677] RBP: 00007f652f3ef090 R08: 0000000000000020 R09: 0000000000000000
[   96.408956][ T9677] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   96.411020][ T9677] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[   96.413217][ T9677]  </TASK>
[   96.460862][ T9692] netlink: 'syz.1.1034': attribute type 19 has an invalid length.
[   96.510001][ T9697] overlayfs: failed to resolve './file1': -2
[   96.583930][ T9699] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1037'.
[   96.599340][   T39] audit: type=1400 audit(1732199054.692:648): avc:  denied  { ioctl } for  pid=9703 comm="syz.5.1039" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[   96.624009][ T9710] FAULT_INJECTION: forcing a failure.
[   96.624009][ T9710] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.627911][ T9710] CPU: 3 UID: 0 PID: 9710 Comm: syz.1.1042 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   96.630898][ T9710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.633738][ T9710] Call Trace:
[   96.634626][ T9710]  <TASK>
[   96.635409][ T9710]  dump_stack_lvl+0x16c/0x1f0
[   96.636675][ T9710]  should_fail_ex+0x497/0x5b0
[   96.637928][ T9710]  _copy_from_user+0x2e/0xd0
[   96.639147][ T9710]  ipv6_flowlabel_opt+0x234/0x2ea0
[   96.640503][ T9710]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   96.642133][ T9710]  ? rcu_is_watching+0x12/0xc0
[   96.643407][ T9710]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[   96.644867][ T9710]  ? lock_release+0x4f6/0x6f0
[   96.646129][ T9710]  ? sockopt_lock_sock+0x54/0x70
[   96.647983][ T9710]  ? sockopt_lock_sock+0x54/0x70
[   96.649333][ T9710]  ? rcu_is_watching+0x12/0xc0
[   96.650618][ T9710]  ? sockopt_lock_sock+0x54/0x70
[   96.651929][ T9710]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.653531][ T9710]  ? do_ipv6_setsockopt+0x104e/0x4790
[   96.654962][ T9710]  do_ipv6_setsockopt+0x104e/0x4790
[   96.656362][ T9710]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[   96.657847][ T9710]  ? avc_has_perm_noaudit+0x143/0x3a0
[   96.659263][ T9710]  ? avc_has_perm+0x11b/0x1c0
[   96.660511][ T9710]  ? __pfx_avc_has_perm+0x10/0x10
[   96.661854][ T9710]  ? rcu_is_watching+0x12/0xc0
[   96.663113][ T9710]  ? get_pid_task+0xfc/0x250
[   96.664328][ T9710]  ? __pfx_lock_release+0x10/0x10
[   96.665655][ T9710]  ? trace_lock_acquire+0x14a/0x1d0
[   96.667027][ T9710]  ? sock_has_perm+0x25a/0x2f0
[   96.668289][ T9710]  ? __pfx_sock_has_perm+0x10/0x10
[   96.669652][ T9710]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[   96.671341][ T9710]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[   96.673240][ T9710]  ? ipv6_setsockopt+0xcb/0x170
[   96.674553][ T9710]  ipv6_setsockopt+0xcb/0x170
[   96.675833][ T9710]  tcp_setsockopt+0xa4/0x100
[   96.677088][ T9710]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   96.678647][ T9710]  do_sock_setsockopt+0x222/0x480
[   96.679976][ T9710]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   96.681480][ T9710]  ? lock_acquire+0x2f/0xb0
[   96.682687][ T9710]  __sys_setsockopt+0x1a0/0x230
[   96.683982][ T9710]  __x64_sys_setsockopt+0xbd/0x160
[   96.685463][ T9710]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   96.687081][ T9710]  do_syscall_64+0xcd/0x250
[   96.688299][ T9710]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.689900][ T9710] RIP: 0033:0x7f652e57e819
[   96.691081][ T9710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.696094][ T9710] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   96.698283][ T9710] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[   96.700367][ T9710] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[   96.702485][ T9710] RBP: 00007f652f3ef090 R08: 0000000000000020 R09: 0000000000000000
[   96.704543][ T9710] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   96.706599][ T9710] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[   96.708740][ T9710]  </TASK>
[   96.711868][   T39] audit: type=1400 audit(1732199054.802:649): avc:  denied  { write } for  pid=5349 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   96.719094][   T39] audit: type=1400 audit(1732199054.802:650): avc:  denied  { remove_name } for  pid=5349 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   96.726540][   T39] audit: type=1400 audit(1732199054.802:651): avc:  denied  { add_name } for  pid=5349 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   96.729549][ T9716] netlink: 'syz.4.1044': attribute type 19 has an invalid length.
[   96.736522][ T9718] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1045'.
[   96.740361][ T9718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1045'.
[   96.787042][ T9722] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1045'.
[   96.861266][ T9722] netlink: 'syz.1.1045': attribute type 15 has an invalid length.
[   96.886521][   T39] audit: type=1400 audit(1732199054.972:652): avc:  denied  { write } for  pid=9731 comm="syz.5.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   96.933495][ T9739] xt_hashlimit: size too large, truncated to 1048576
[   96.953365][ T9747] FAULT_INJECTION: forcing a failure.
[   96.953365][ T9747] name failslab, interval 1, probability 0, space 0, times 1
[   96.957114][ T9747] CPU: 1 UID: 0 PID: 9747 Comm: syz.1.1055 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   96.959865][ T9747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.962658][ T9747] Call Trace:
[   96.963560][ T9747]  <TASK>
[   96.964318][ T9747]  dump_stack_lvl+0x16c/0x1f0
[   96.965580][ T9747]  should_fail_ex+0x497/0x5b0
[   96.966822][ T9747]  ? fs_reclaim_acquire+0xae/0x150
[   96.968090][ T9747]  should_failslab+0xc2/0x120
[   96.969356][ T9747]  __kmalloc_cache_noprof+0x6b/0x300
[   96.970736][ T9747]  ? fl_create+0x116/0xd50
[   96.971910][ T9747]  fl_create+0x116/0xd50
[   96.973022][ T9747]  ? up_write+0x1b2/0x520
[   96.974163][ T9747]  ? __pfx_fl_create+0x10/0x10
[   96.975417][ T9747]  ? avc_has_perm_noaudit+0x61/0x3a0
[   96.976808][ T9747]  ? __pfx_process_measurement+0x10/0x10
[   96.978276][ T9747]  ? rcu_is_watching+0x12/0xc0
[   96.979533][ T9747]  ? lock_release+0x4f6/0x6f0
[   96.980778][ T9747]  ? __might_fault+0x13b/0x190
[   96.982030][ T9747]  ? __pfx_lock_release+0x10/0x10
[   96.983332][ T9747]  ? trace_lock_acquire+0x14a/0x1d0
[   96.984673][ T9747]  ? rcu_is_watching+0x12/0xc0
[   96.985864][ T9747]  ? __might_fault+0xe3/0x190
[   96.987106][ T9747]  ? lock_acquire+0x2f/0xb0
[   96.988305][ T9747]  ? __might_fault+0xe3/0x190
[   96.989552][ T9747]  ? __might_fault+0xe3/0x190
[   96.990785][ T9747]  ipv6_flowlabel_opt+0xa84/0x2ea0
[   96.992113][ T9747]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   96.993734][ T9747]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[   96.995171][ T9747]  ? lock_release+0x4f6/0x6f0
[   96.996412][ T9747]  ? sockopt_lock_sock+0x54/0x70
[   96.997729][ T9747]  ? sockopt_lock_sock+0x54/0x70
[   96.999033][ T9747]  ? rcu_is_watching+0x12/0xc0
[   97.000293][ T9747]  ? sockopt_lock_sock+0x54/0x70
[   97.001593][ T9747]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.003141][ T9747]  ? do_ipv6_setsockopt+0x104e/0x4790
[   97.004535][ T9747]  do_ipv6_setsockopt+0x104e/0x4790
[   97.005897][ T9747]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[   97.007348][ T9747]  ? avc_has_perm_noaudit+0x143/0x3a0
[   97.008757][ T9747]  ? avc_has_perm+0x11b/0x1c0
[   97.010004][ T9747]  ? __pfx_avc_has_perm+0x10/0x10
[   97.011330][ T9747]  ? rcu_is_watching+0x12/0xc0
[   97.012591][ T9747]  ? get_pid_task+0xfc/0x250
[   97.013822][ T9747]  ? __pfx_lock_release+0x10/0x10
[   97.015136][ T9747]  ? trace_lock_acquire+0x14a/0x1d0
[   97.016502][ T9747]  ? sock_has_perm+0x25a/0x2f0
[   97.017770][ T9747]  ? __pfx_sock_has_perm+0x10/0x10
[   97.019112][ T9747]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[   97.020784][ T9747]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[   97.022528][ T9747]  ? ipv6_setsockopt+0xcb/0x170
[   97.023829][ T9747]  ipv6_setsockopt+0xcb/0x170
[   97.025054][ T9747]  tcp_setsockopt+0xa4/0x100
[   97.026278][ T9747]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   97.027817][ T9747]  do_sock_setsockopt+0x222/0x480
[   97.029137][ T9747]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   97.030571][ T9747]  ? lock_acquire+0x2f/0xb0
[   97.031776][ T9747]  __sys_setsockopt+0x1a0/0x230
[   97.033049][ T9747]  __x64_sys_setsockopt+0xbd/0x160
[   97.034395][ T9747]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.035953][ T9747]  do_syscall_64+0xcd/0x250
[   97.037152][ T9747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.038699][ T9747] RIP: 0033:0x7f652e57e819
[   97.039869][ T9747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.044845][ T9747] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   97.047015][ T9747] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[   97.049073][ T9747] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[   97.051124][ T9747] RBP: 00007f652f3ef090 R08: 0000000000000020 R09: 0000000000000000
[   97.053177][ T9747] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   97.055225][ T9747] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[   97.057302][ T9747]  </TASK>
[   97.117839][ T9759] libceph: resolve '
[   97.117839][ T9759] -&���f�Y�ǝ�a���2i�
[   97.117839][ T9759] .���?��&�*��&' (ret=-3): failed
[   97.153532][   T39] audit: type=1400 audit(1732199055.242:653): avc:  denied  { create } for  pid=9767 comm="syz.5.1062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   97.158359][ T9770] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1063'.
[   97.169417][ T9774] loop8: detected capacity change from 0 to 14
[   97.169909][ T9774] Dev loop8: unable to read RDB block 14
[   97.172932][ T9774]  loop8: unable to read partition table
[   97.172984][ T9774] loop8: partition table beyond EOD, truncated
[   97.174577][ T9774] loop_reread_partitions: partition scan of loop8 (�被x������ڬ��dƤ����ݡ�����
[   97.174577][ T9774] 
) failed (rc=-5)
[   97.192025][ T9778] FAULT_INJECTION: forcing a failure.
[   97.192025][ T9778] name failslab, interval 1, probability 0, space 0, times 0
[   97.195389][ T9778] CPU: 2 UID: 0 PID: 9778 Comm: syz.5.1065 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   97.198095][ T9778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.200886][ T9778] Call Trace:
[   97.201779][ T9778]  <TASK>
[   97.202562][ T9778]  dump_stack_lvl+0x16c/0x1f0
[   97.203818][ T9778]  should_fail_ex+0x497/0x5b0
[   97.205081][ T9778]  ? fs_reclaim_acquire+0xae/0x150
[   97.206432][ T9778]  should_failslab+0xc2/0x120
[   97.207705][ T9778]  __kmalloc_cache_noprof+0x6b/0x300
[   97.209101][ T9778]  ? ipv6_flowlabel_opt+0xacb/0x2ea0
[   97.210482][ T9778]  ipv6_flowlabel_opt+0xacb/0x2ea0
[   97.211831][ T9778]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   97.213448][ T9778]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[   97.214900][ T9778]  ? lock_release+0x4f6/0x6f0
[   97.216154][ T9778]  ? sockopt_lock_sock+0x54/0x70
[   97.217465][ T9778]  ? sockopt_lock_sock+0x54/0x70
[   97.218768][ T9778]  ? rcu_is_watching+0x12/0xc0
[   97.220029][ T9778]  ? sockopt_lock_sock+0x54/0x70
[   97.221340][ T9778]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.222928][ T9778]  ? do_ipv6_setsockopt+0x104e/0x4790
[   97.224341][ T9778]  do_ipv6_setsockopt+0x104e/0x4790
[   97.225783][ T9778]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[   97.227240][ T9778]  ? avc_has_perm_noaudit+0x143/0x3a0
[   97.228658][ T9778]  ? avc_has_perm+0x11b/0x1c0
[   97.229921][ T9778]  ? __pfx_avc_has_perm+0x10/0x10
[   97.231260][ T9778]  ? rcu_is_watching+0x12/0xc0
[   97.232518][ T9778]  ? get_pid_task+0xfc/0x250
[   97.233752][ T9778]  ? __pfx_lock_release+0x10/0x10
[   97.235078][ T9778]  ? trace_lock_acquire+0x14a/0x1d0
[   97.236494][ T9778]  ? sock_has_perm+0x25a/0x2f0
[   97.237775][ T9778]  ? __pfx_sock_has_perm+0x10/0x10
[   97.239115][ T9778]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[   97.240787][ T9778]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[   97.242566][ T9778]  ? ipv6_setsockopt+0xcb/0x170
[   97.243856][ T9778]  ipv6_setsockopt+0xcb/0x170
[   97.245105][ T9778]  tcp_setsockopt+0xa4/0x100
[   97.246334][ T9778]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   97.247893][ T9778]  do_sock_setsockopt+0x222/0x480
[   97.249224][ T9778]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   97.250682][ T9778]  ? lock_acquire+0x2f/0xb0
[   97.252255][ T9778]  __sys_setsockopt+0x1a0/0x230
[   97.253639][ T9778]  __x64_sys_setsockopt+0xbd/0x160
[   97.255066][ T9778]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   97.256775][ T9778]  do_syscall_64+0xcd/0x250
[   97.258074][ T9778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.259629][ T9778] RIP: 0033:0x7f0e1957e819
[   97.260805][ T9778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.265838][ T9778] RSP: 002b:00007f0e173f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   97.267997][ T9778] RAX: ffffffffffffffda RBX: 00007f0e19735fa0 RCX: 00007f0e1957e819
[   97.270052][ T9778] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[   97.272104][ T9778] RBP: 00007f0e173f6090 R08: 0000000000000020 R09: 0000000000000000
[   97.274162][ T9778] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   97.276247][ T9778] R13: 0000000000000000 R14: 00007f0e19735fa0 R15: 00007ffd95e9b698
[   97.278336][ T9778]  </TASK>
[   97.313365][ T9793] xt_hashlimit: size too large, truncated to 1048576
[   97.484777][ T9812] team0: entered promiscuous mode
[   97.486089][ T9812] team_slave_0: entered promiscuous mode
[   97.488338][ T9812] team_slave_1: entered promiscuous mode
[   97.490309][ T9812] 8021q: adding VLAN 0 to HW filter on device macvlan3
[   97.492345][ T9812] team0: Device macvlan3 is already an upper device of the team interface
[   97.494798][ T9812] team0: left promiscuous mode
[   97.496072][ T9812] team_slave_0: left promiscuous mode
[   97.497860][ T9812] team_slave_1: left promiscuous mode
[   97.548418][ T9816] FAULT_INJECTION: forcing a failure.
[   97.548418][ T9816] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.551725][ T9816] CPU: 2 UID: 0 PID: 9816 Comm: syz.5.1077 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   97.554391][ T9816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.557222][ T9816] Call Trace:
[   97.558101][ T9816]  <TASK>
[   97.558884][ T9816]  dump_stack_lvl+0x16c/0x1f0
[   97.560129][ T9816]  should_fail_ex+0x497/0x5b0
[   97.561377][ T9816]  _copy_to_user+0x32/0xd0
[   97.562550][ T9816]  simple_read_from_buffer+0xd0/0x160
[   97.563825][ T9816]  proc_fail_nth_read+0x198/0x270
[   97.565033][ T9816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.566442][ T9816]  ? bpf_lsm_file_permission+0x9/0x10
[   97.567850][ T9816]  ? security_file_permission+0x71/0x210
[   97.569323][ T9816]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.570684][ T9816]  vfs_read+0x1df/0xbe0
[   97.571630][ T9816]  ? __fget_files+0x1fc/0x3a0
[   97.572701][ T9816]  ? __pfx___mutex_lock+0x10/0x10
[   97.573990][ T9816]  ? __pfx_vfs_read+0x10/0x10
[   97.575224][ T9816]  ? __fget_files+0x206/0x3a0
[   97.576474][ T9816]  ksys_read+0x12b/0x250
[   97.577870][ T9816]  ? __pfx_ksys_read+0x10/0x10
[   97.579412][ T9816]  ? rcu_is_watching+0x12/0xc0
[   97.580669][ T9816]  ? rcu_is_watching+0x12/0xc0
[   97.581928][ T9816]  do_syscall_64+0xcd/0x250
[   97.583117][ T9816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.584655][ T9816] RIP: 0033:0x7f0e1957d25c
[   97.585832][ T9816] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   97.590805][ T9816] RSP: 002b:00007f0e173f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.592962][ T9816] RAX: ffffffffffffffda RBX: 00007f0e19735fa0 RCX: 00007f0e1957d25c
[   97.595014][ T9816] RDX: 000000000000000f RSI: 00007f0e173f60a0 RDI: 0000000000000004
[   97.597089][ T9816] RBP: 00007f0e173f6090 R08: 0000000000000000 R09: 0000000000000000
[   97.599168][ T9816] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[   97.601219][ T9816] R13: 0000000000000000 R14: 00007f0e19735fa0 R15: 00007ffd95e9b698
[   97.603266][ T9816]  </TASK>
[   97.633221][ T9829] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1082'.
[   97.659010][ T9833] xt_hashlimit: size too large, truncated to 1048576
[   97.725552][ T9843] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1088'.
[   97.728186][ T9843] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1088'.
[   97.944079][ T9857] netfs: Couldn't get user pages (rc=-14)
[   98.024295][ T9870] xt_hashlimit: size too large, truncated to 1048576
[   98.189738][ T9899] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1108'.
[   98.304936][ T9914] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: macvlan2
[   98.308487][ T9914] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   98.311773][ T9914] ipvlan2: entered promiscuous mode
[   98.446690][ T5995] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   98.460285][ T9924] validate_nla: 7 callbacks suppressed
[   98.460296][ T9924] netlink: 'syz.2.1117': attribute type 19 has an invalid length.
[   98.483225][ T9926] netlink: 'syz.2.1118': attribute type 39 has an invalid length.
[   98.606667][ T5995] usb 6-1: Using ep0 maxpacket: 8
[   98.609284][ T5995] usb 6-1: config index 0 descriptor too short (expected 5924, got 36)
[   98.611612][ T5995] usb 6-1: config 250 has an invalid interface number: 228 but max is -1
[   98.613896][ T5995] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0
[   98.616361][ T5995] usb 6-1: config 250 has no interface number 0
[   98.618268][ T5995] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[   98.621458][ T5995] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[   98.624258][ T5995] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[   98.627180][ T5995] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[   98.629963][ T5995] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[   98.633605][ T5995] usb 6-1: config 250 interface 228 has no altsetting 0
[   98.636480][ T5995] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[   98.639456][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[   98.641837][ T5995] usb 6-1: Product: syz
[   98.642993][ T5995] usb 6-1: SerialNumber: syz
[   98.645878][ T5995] hub 6-1:250.228: bad descriptor, ignoring hub
[   98.647871][ T5995] hub 6-1:250.228: probe with driver hub failed with error -5
[   98.676072][ T9936] 9pnet_virtio: no channels available for device syz
[   98.743309][ T9946] FAULT_INJECTION: forcing a failure.
[   98.743309][ T9946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.747289][ T9946] CPU: 1 UID: 0 PID: 9946 Comm: syz.4.1124 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   98.750112][ T9946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.753161][ T9946] Call Trace:
[   98.754096][ T9946]  <TASK>
[   98.754877][ T9946]  dump_stack_lvl+0x16c/0x1f0
[   98.756185][ T9946]  should_fail_ex+0x497/0x5b0
[   98.757509][ T9946]  _copy_from_user+0x2e/0xd0
[   98.758781][ T9946]  do_sock_getsockopt+0x5f6/0x800
[   98.760143][ T9946]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   98.761683][ T9946]  ? lock_acquire+0x2f/0xb0
[   98.762917][ T9946]  ? __fget_files+0x40/0x3a0
[   98.764153][ T9946]  ? __fget_files+0x206/0x3a0
[   98.765409][ T9946]  __sys_getsockopt+0x12f/0x260
[   98.766724][ T9946]  __x64_sys_getsockopt+0xbd/0x160
[   98.768130][ T9946]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   98.769719][ T9946]  do_syscall_64+0xcd/0x250
[   98.771035][ T9946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.773198][ T9946] RIP: 0033:0x7f275277e819
[   98.774829][ T9946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.780049][ T9946] RSP: 002b:00007f2753609038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   98.782210][ T9946] RAX: ffffffffffffffda RBX: 00007f2752935fa0 RCX: 00007f275277e819
[   98.784416][ T9946] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[   98.786477][ T9946] RBP: 00007f2753609090 R08: 0000000020000900 R09: 0000000000000000
[   98.788558][ T9946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.790652][ T9946] R13: 0000000000000000 R14: 00007f2752935fa0 R15: 00007fff518a2b88
[   98.793531][ T9946]  </TASK>
[   98.857833][ T5995] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[   99.269073][   T55] usb 6-1: USB disconnect, device number 5
[   99.271827][   T55] usblp0: removed
[   99.396641][   T55] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[   99.548483][   T55] usb 6-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[   99.551084][   T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.554253][   T55] usb 6-1: config 0 descriptor??
[   99.557519][   T55] gspca_main: sunplus-2.14.0 probing 0458:7006
[   99.722501][ T9968] xt_hashlimit: size too large, truncated to 1048576
[   99.756165][ T9971] netlink: 'syz.4.1131': attribute type 19 has an invalid length.
[   99.817480][   T55] gspca_sunplus: reg_w_riv err -71
[   99.820103][   T55] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[   99.824129][   T55] usb 6-1: USB disconnect, device number 6
[   99.840774][ T9985] FAULT_INJECTION: forcing a failure.
[   99.840774][ T9985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.844293][ T9985] CPU: 0 UID: 0 PID: 9985 Comm: syz.4.1136 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[   99.846971][ T9985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.849741][ T9985] Call Trace:
[   99.850621][ T9985]  <TASK>
[   99.851402][ T9985]  dump_stack_lvl+0x16c/0x1f0
[   99.852652][ T9985]  should_fail_ex+0x497/0x5b0
[   99.853898][ T9985]  _copy_from_user+0x2e/0xd0
[   99.855126][ T9985]  do_ip_getsockopt+0xabc/0x2720
[   99.856438][ T9985]  ? kernel_text_address+0xf0/0x100
[   99.857804][ T9985]  ? __pfx_do_ip_getsockopt+0x10/0x10
[   99.859211][ T9985]  ? _parse_integer_limit+0x17f/0x1d0
[   99.860614][ T9985]  ? rcu_is_watching+0x12/0xc0
[   99.861861][ T9985]  ? lock_release+0x4f6/0x6f0
[   99.863044][ T9985]  ? avc_has_perm_noaudit+0x119/0x3a0
[   99.864408][ T9985]  ? __pfx_lock_release+0x10/0x10
[   99.865744][ T9985]  ? trace_lock_acquire+0x14a/0x1d0
[   99.867344][ T9985]  ? lock_release+0x4f6/0x6f0
[   99.868741][ T9985]  ? avc_has_perm_noaudit+0x61/0x3a0
[   99.870144][ T9985]  ? lock_acquire+0x2f/0xb0
[   99.871347][ T9985]  ? avc_has_perm_noaudit+0x61/0x3a0
[   99.872735][ T9985]  ? avc_has_perm_noaudit+0x143/0x3a0
[   99.874149][ T9985]  ? avc_has_perm+0x11b/0x1c0
[   99.875388][ T9985]  ? __pfx_avc_has_perm+0x10/0x10
[   99.876731][ T9985]  ip_getsockopt+0x9c/0x1e0
[   99.877937][ T9985]  ? __pfx_ip_getsockopt+0x10/0x10
[   99.879279][ T9985]  ? rcu_is_watching+0x12/0xc0
[   99.880541][ T9985]  ipv6_getsockopt+0x230/0x280
[   99.881816][ T9985]  ? __pfx_ipv6_getsockopt+0x10/0x10
[   99.883209][ T9985]  ? lock_acquire+0x2f/0xb0
[   99.884401][ T9985]  ? __might_fault+0xe3/0x190
[   99.885651][ T9985]  ? __might_fault+0xe3/0x190
[   99.886903][ T9985]  udpv6_getsockopt+0x61/0xb0
[   99.888138][ T9985]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   99.889695][ T9985]  do_sock_getsockopt+0x3fe/0x800
[   99.891017][ T9985]  ? __pfx_do_sock_getsockopt+0x10/0x10
[   99.892463][ T9985]  ? lock_acquire+0x2f/0xb0
[   99.893676][ T9985]  ? __fget_files+0x40/0x3a0
[   99.894895][ T9985]  ? __fget_files+0x206/0x3a0
[   99.896147][ T9985]  __sys_getsockopt+0x12f/0x260
[   99.897437][ T9985]  __x64_sys_getsockopt+0xbd/0x160
[   99.898791][ T9985]  ? trace_irq_enable.constprop.0+0xe4/0x130
[   99.900368][ T9985]  do_syscall_64+0xcd/0x250
[   99.901576][ T9985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.903132][ T9985] RIP: 0033:0x7f275277e819
[   99.904308][ T9985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.909337][ T9985] RSP: 002b:00007f2753609038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   99.911508][ T9985] RAX: ffffffffffffffda RBX: 00007f2752935fa0 RCX: 00007f275277e819
[   99.913576][ T9985] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[   99.915644][ T9985] RBP: 00007f2753609090 R08: 0000000020000900 R09: 0000000000000000
[   99.917704][ T9985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.919762][ T9985] R13: 0000000000000000 R14: 00007f2752935fa0 R15: 00007fff518a2b88
[   99.921827][ T9985]  </TASK>
[  100.046180][ T9998] netlink: 'syz.2.1141': attribute type 19 has an invalid length.
[  100.128670][T10012] FAULT_INJECTION: forcing a failure.
[  100.128670][T10012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.132877][T10012] CPU: 3 UID: 0 PID: 10012 Comm: syz.2.1146 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  100.136370][T10012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.139184][T10012] Call Trace:
[  100.140069][T10012]  <TASK>
[  100.140972][T10012]  dump_stack_lvl+0x16c/0x1f0
[  100.142806][T10012]  should_fail_ex+0x497/0x5b0
[  100.144489][T10012]  _copy_to_user+0x32/0xd0
[  100.146110][T10012]  do_ip_getsockopt+0xb0e/0x2720
[  100.147879][T10012]  ? kernel_text_address+0xf0/0x100
[  100.149434][T10012]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  100.150920][T10012]  ? _parse_integer_limit+0x17f/0x1d0
[  100.152326][T10012]  ? rcu_is_watching+0x12/0xc0
[  100.153594][T10012]  ? lock_release+0x4f6/0x6f0
[  100.154821][T10012]  ? avc_has_perm_noaudit+0x119/0x3a0
[  100.156231][T10012]  ? __pfx_lock_release+0x10/0x10
[  100.157558][T10012]  ? trace_lock_acquire+0x14a/0x1d0
[  100.158922][T10012]  ? lock_release+0x4f6/0x6f0
[  100.160153][T10012]  ? avc_has_perm_noaudit+0x61/0x3a0
[  100.161617][T10012]  ? lock_acquire+0x2f/0xb0
[  100.162809][T10012]  ? avc_has_perm_noaudit+0x61/0x3a0
[  100.164187][T10012]  ? avc_has_perm_noaudit+0x143/0x3a0
[  100.165598][T10012]  ? avc_has_perm+0x11b/0x1c0
[  100.166831][T10012]  ? __pfx_avc_has_perm+0x10/0x10
[  100.168157][T10012]  ip_getsockopt+0x9c/0x1e0
[  100.169361][T10012]  ? __pfx_ip_getsockopt+0x10/0x10
[  100.170745][T10012]  ? rcu_is_watching+0x12/0xc0
[  100.172008][T10012]  ipv6_getsockopt+0x230/0x280
[  100.173274][T10012]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  100.174657][T10012]  ? lock_acquire+0x2f/0xb0
[  100.175924][T10012]  ? __might_fault+0xe3/0x190
[  100.177410][T10012]  ? __might_fault+0xe3/0x190
[  100.178829][T10012]  udpv6_getsockopt+0x61/0xb0
[  100.180092][T10012]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  100.181732][T10012]  do_sock_getsockopt+0x3fe/0x800
[  100.183048][T10012]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  100.184516][T10012]  ? lock_acquire+0x2f/0xb0
[  100.185720][T10012]  ? __fget_files+0x40/0x3a0
[  100.186931][T10012]  ? __fget_files+0x206/0x3a0
[  100.188156][T10012]  __sys_getsockopt+0x12f/0x260
[  100.189435][T10012]  __x64_sys_getsockopt+0xbd/0x160
[  100.190760][T10012]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  100.192617][T10012]  do_syscall_64+0xcd/0x250
[  100.193901][T10012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.196039][T10012] RIP: 0033:0x7f11d037e819
[  100.197673][T10012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.204548][T10012] RSP: 002b:00007f11d1132038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  100.207554][T10012] RAX: ffffffffffffffda RBX: 00007f11d0535fa0 RCX: 00007f11d037e819
[  100.210404][T10012] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  100.213250][T10012] RBP: 00007f11d1132090 R08: 0000000020000900 R09: 0000000000000000
[  100.216102][T10012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.218954][T10012] R13: 0000000000000000 R14: 00007f11d0535fa0 R15: 00007fffdd74a438
[  100.221707][T10012]  </TASK>
[  100.243365][T10014] xt_hashlimit: size too large, truncated to 1048576
[  100.415926][   T55] IPVS: starting estimator thread 0...
[  100.417531][T10025] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  100.420231][T10025] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  100.479288][T10030] netlink: 'syz.1.1152': attribute type 19 has an invalid length.
[  100.497549][T10032] netlink: 'syz.1.1154': attribute type 10 has an invalid length.
[  100.499672][T10033] netlink: 'syz.1.1154': attribute type 10 has an invalid length.
[  100.516800][T10026] IPVS: using max 63 ests per chain, 151200 per kthread
[  100.523705][T10040] FAULT_INJECTION: forcing a failure.
[  100.523705][T10040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.527318][T10040] CPU: 0 UID: 0 PID: 10040 Comm: syz.1.1156 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  100.529991][T10040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.532712][T10040] Call Trace:
[  100.533661][T10040]  <TASK>
[  100.534535][T10040]  dump_stack_lvl+0x16c/0x1f0
[  100.535758][T10040]  should_fail_ex+0x497/0x5b0
[  100.536990][T10040]  _copy_to_user+0x32/0xd0
[  100.538141][T10040]  do_ip_getsockopt+0x1912/0x2720
[  100.539376][T10040]  ? kernel_text_address+0xf0/0x100
[  100.540700][T10040]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  100.542251][T10040]  ? _parse_integer_limit+0x17f/0x1d0
[  100.543657][T10040]  ? rcu_is_watching+0x12/0xc0
[  100.544917][T10040]  ? lock_release+0x4f6/0x6f0
[  100.546159][T10040]  ? avc_has_perm_noaudit+0x119/0x3a0
[  100.547569][T10040]  ? __pfx_lock_release+0x10/0x10
[  100.548888][T10040]  ? trace_lock_acquire+0x14a/0x1d0
[  100.550265][T10040]  ? lock_release+0x4f6/0x6f0
[  100.551497][T10040]  ? avc_has_perm_noaudit+0x61/0x3a0
[  100.552921][T10040]  ? lock_acquire+0x2f/0xb0
[  100.554183][T10040]  ? avc_has_perm_noaudit+0x61/0x3a0
[  100.555555][T10040]  ? avc_has_perm_noaudit+0x143/0x3a0
[  100.556874][T10040]  ? avc_has_perm+0x11b/0x1c0
[  100.558056][T10040]  ? __pfx_avc_has_perm+0x10/0x10
[  100.559342][T10040]  ip_getsockopt+0x9c/0x1e0
[  100.560545][T10040]  ? __pfx_ip_getsockopt+0x10/0x10
[  100.561847][T10040]  ? rcu_is_watching+0x12/0xc0
[  100.563025][T10040]  ipv6_getsockopt+0x230/0x280
[  100.564277][T10040]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  100.565662][T10040]  ? lock_acquire+0x2f/0xb0
[  100.566846][T10040]  ? __might_fault+0xe3/0x190
[  100.568074][T10040]  ? __might_fault+0xe3/0x190
[  100.569360][T10040]  udpv6_getsockopt+0x61/0xb0
[  100.570597][T10040]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  100.572136][T10040]  do_sock_getsockopt+0x3fe/0x800
[  100.573471][T10040]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  100.574918][T10040]  ? lock_acquire+0x2f/0xb0
[  100.576123][T10040]  ? __fget_files+0x40/0x3a0
[  100.577348][T10040]  ? __fget_files+0x206/0x3a0
[  100.578585][T10040]  __sys_getsockopt+0x12f/0x260
[  100.579890][T10040]  __x64_sys_getsockopt+0xbd/0x160
[  100.581249][T10040]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  100.582809][T10040]  do_syscall_64+0xcd/0x250
[  100.584003][T10040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.585588][T10040] RIP: 0033:0x7f652e57e819
[  100.586764][T10040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.591761][T10040] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  100.593974][T10040] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[  100.596040][T10040] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003
[  100.598092][T10040] RBP: 00007f652f3ef090 R08: 0000000020000900 R09: 0000000000000000
[  100.600209][T10040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.602280][T10040] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[  100.604350][T10040]  </TASK>
[  100.767418][T10055] xt_hashlimit: size too large, truncated to 1048576
[  100.910357][T10062] netlink: 'syz.4.1164': attribute type 19 has an invalid length.
[  100.938378][   T39] kauditd_printk_skb: 18 callbacks suppressed
[  100.938393][   T39] audit: type=1800 audit(1732199059.032:672): pid=9857 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.1094" name="bus" dev="9p" ino=36701871 res=0 errno=0
[  100.946247][ T9857] syz.5.1094 (9857) used greatest stack depth: 20072 bytes left
[  100.970022][   T39] audit: type=1400 audit(1732199059.062:673): avc:  denied  { watch_mount } for  pid=10065 comm="syz.4.1166" path="/188" dev="tmpfs" ino=1004 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  101.004319][T10069] FAULT_INJECTION: forcing a failure.
[  101.004319][T10069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.008599][T10069] CPU: 1 UID: 0 PID: 10069 Comm: syz.1.1168 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  101.011214][T10069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  101.013910][T10069] Call Trace:
[  101.014788][T10069]  <TASK>
[  101.015596][T10069]  dump_stack_lvl+0x16c/0x1f0
[  101.016887][T10069]  should_fail_ex+0x497/0x5b0
[  101.018147][T10069]  _copy_to_user+0x32/0xd0
[  101.019313][T10069]  simple_read_from_buffer+0xd0/0x160
[  101.020692][T10069]  proc_fail_nth_read+0x198/0x270
[  101.022063][T10069]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.023494][T10069]  ? bpf_lsm_file_permission+0x9/0x10
[  101.024895][T10069]  ? security_file_permission+0x71/0x210
[  101.026397][T10069]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  101.027956][T10069]  vfs_read+0x1df/0xbe0
[  101.029053][T10069]  ? __fget_files+0x1fc/0x3a0
[  101.030248][T10069]  ? __pfx___mutex_lock+0x10/0x10
[  101.031612][T10069]  ? __pfx_vfs_read+0x10/0x10
[  101.032828][T10069]  ? __fget_files+0x206/0x3a0
[  101.034088][T10069]  ksys_read+0x12b/0x250
[  101.035218][T10069]  ? __pfx_ksys_read+0x10/0x10
[  101.036473][T10069]  ? rcu_is_watching+0x12/0xc0
[  101.038148][T10069]  ? rcu_is_watching+0x12/0xc0
[  101.039873][T10069]  do_syscall_64+0xcd/0x250
[  101.041520][T10069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.043635][T10069] RIP: 0033:0x7f652e57d25c
[  101.045240][T10069] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  101.052076][T10069] RSP: 002b:00007f652f3ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  101.055034][T10069] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57d25c
[  101.057700][T10069] RDX: 000000000000000f RSI: 00007f652f3ef0a0 RDI: 0000000000000004
[  101.059945][T10069] RBP: 00007f652f3ef090 R08: 0000000000000000 R09: 0000000000000000
[  101.062342][T10069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.064730][T10069] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[  101.067063][T10069]  </TASK>
[  101.068243][    C1] hpet: Lost 2 RTC interrupts
[  101.200091][   T39] audit: type=1326 audit(1732199059.292:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10079 comm="syz.4.1172" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f275277e819 code=0x0
[  101.254781][T10082] __nla_validate_parse: 66 callbacks suppressed
[  101.254793][T10082] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1172'.
[  101.420572][T10092] netlink: 'syz.2.1175': attribute type 19 has an invalid length.
[  101.476692][T10101] xt_hashlimit: size too large, truncated to 1048576
[  101.547531][T10096] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  101.551319][T10096] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1177'.
[  101.554672][T10096] unsupported nlmsg_type 40
[  101.721172][T10116] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1182'.
[  101.828234][T10129] netlink: 'syz.5.1186': attribute type 19 has an invalid length.
[  101.907812][T10145] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1192'.
[  101.910064][T10145] openvswitch: netlink: Missing key (keys=40, expected=100)
[  101.927781][T10147] xt_hashlimit: size too large, truncated to 1048576
[  101.940445][T10149] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1194'.
[  101.947051][T10149] bond2: entered promiscuous mode
[  101.950877][T10149] gretap1: entered promiscuous mode
[  101.952411][T10149] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  101.956726][T10149] bond2 (unregistering): (slave gretap1): Releasing backup interface
[  101.959312][T10149] gretap1: left promiscuous mode
[  101.961447][T10149] bond2 (unregistering): Released all slaves
[  102.017836][   T39] audit: type=1400 audit(1732199060.112:675): avc:  denied  { setopt } for  pid=10156 comm="syz.5.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  102.018343][T10156] delete_channel: no stack
[  102.037986][ T5958] Bluetooth: hci0: unexpected event for opcode 0x200d
[  102.124118][T10179] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1204'.
[  102.126807][T10179] openvswitch: netlink: Missing key (keys=40, expected=100)
[  102.168866][T10187] evm: overlay not supported
[  102.184385][   T39] audit: type=1326 audit(1732199060.272:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10186 comm="syz.2.1206" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f11d037e819 code=0x0
[  102.209235][T10193] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1209'.
[  102.212124][T10195] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[  102.237720][T10199] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1206'.
[  102.433570][T10218] xt_hashlimit: size too large, truncated to 1048576
[  102.777097][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.779416][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.781996][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.784494][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.786559][ T5959] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  102.788712][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.813602][   T39] audit: type=1400 audit(1732199060.902:677): avc:  denied  { setcurrent } for  pid=10228 comm="syz.5.1224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  102.882639][T10230] chnl_net:caif_netlink_parms(): no params data found
[  102.893310][ T5996] IPVS: starting estimator thread 0...
[  102.908655][T10243] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  102.915390][T10243] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1227'.
[  102.918848][T10243] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  102.947758][T10249] xt_hashlimit: size too large, truncated to 1048576
[  102.955724][T10230] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.958667][T10230] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.961369][T10230] bridge_slave_0: entered allmulticast mode
[  102.964117][T10230] bridge_slave_0: entered promiscuous mode
[  102.967249][T10230] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.969198][T10230] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.971071][T10230] bridge_slave_1: entered allmulticast mode
[  102.972951][T10230] bridge_slave_1: entered promiscuous mode
[  102.977361][T10244] IPVS: using max 63 ests per chain, 151200 per kthread
[  102.990783][T10230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  103.000068][T10251] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  103.003206][T10230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.024948][T10230] team0: Port device team_slave_0 added
[  103.027428][T10230] team0: Port device team_slave_1 added
[  103.050095][T10230] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.051992][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.058727][T10230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.062512][T10255] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1230'.
[  103.065133][T10230] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.067585][T10230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.074345][T10230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.094088][T10230] hsr_slave_0: entered promiscuous mode
[  103.096550][T10230] hsr_slave_1: entered promiscuous mode
[  103.100348][T10230] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.102304][T10230] Cannot create hsr debugfs directory
[  103.152699][T10230] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  103.162728][T10230] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  103.166559][T10230] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  103.172139][T10230] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  103.194823][T10230] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.204407][T10230] 8021q: adding VLAN 0 to HW filter on device team0
[  103.210675][ T6338] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.212626][ T6338] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.223291][ T6339] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.225773][ T6339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.228645][T10269] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  103.237391][T10230] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  103.291030][T10230] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.359918][T10230] veth0_vlan: entered promiscuous mode
[  103.363394][T10230] veth1_vlan: entered promiscuous mode
[  103.371469][T10230] veth0_macvtap: entered promiscuous mode
[  103.374082][T10230] veth1_macvtap: entered promiscuous mode
[  103.379431][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.382368][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.384866][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.387641][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.390169][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.392882][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.395407][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.398914][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.402249][T10230] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.406532][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.409437][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.412006][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.414741][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.417422][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.420144][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.422663][T10230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  103.425342][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.428656][T10230] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.432411][T10230] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.435565][T10230] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.439091][T10230] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.441435][T10230] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.455240][T10230] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: macvlan2
[  103.457957][T10230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.462259][ T6339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.465077][ T6339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.473371][ T6325] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.475462][ T6325] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.455413][  T829] IPVS: starting estimator thread 0...
[  104.457093][T10289] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  104.459954][T10289] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  104.547262][T10291] IPVS: using max 63 ests per chain, 151200 per kthread
[  104.588385][T10302] validate_nla: 6 callbacks suppressed
[  104.588396][T10302] netlink: 'syz.1.1240': attribute type 10 has an invalid length.
[  104.596269][   T39] audit: type=1326 audit(1732199062.682:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10295 comm="syz.6.1239" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa8fdf7e819 code=0x0
[  104.656528][T10315] SELinux:  policydb magic number 0x8 does not match expected magic number 0xf97cff8c
[  104.659344][T10315] SELinux: failed to load policy
[  104.796751][ T5958] Bluetooth: hci0: command tx timeout
[  105.537475][T10356] SELinux:  policydb magic number 0x8 does not match expected magic number 0xf97cff8c
[  105.539981][T10356] SELinux: failed to load policy
[  105.580572][T10364] netlink: 'syz.5.1262': attribute type 19 has an invalid length.
[  105.597498][T10366] xt_hashlimit: size too large, truncated to 1048576
[  105.722338][   T39] audit: type=1400 audit(1732199063.812:679): avc:  denied  { name_bind } for  pid=10382 comm="syz.1.1269" src=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1
[  105.865209][T10402] netlink: 'syz.5.1277': attribute type 19 has an invalid length.
[  105.895724][   T39] audit: type=1804 audit(1732199063.982:680): pid=10407 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.1279" name="/newroot/129/bus/file0" dev="overlay" ino=707 res=1 errno=0
[  105.962264][T10421] FAULT_INJECTION: forcing a failure.
[  105.962264][T10421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.966905][T10421] CPU: 3 UID: 0 PID: 10421 Comm: syz.5.1285 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  105.969577][T10421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.972292][T10421] Call Trace:
[  105.973159][T10421]  <TASK>
[  105.974027][T10421]  dump_stack_lvl+0x16c/0x1f0
[  105.975274][T10421]  should_fail_ex+0x497/0x5b0
[  105.976566][T10421]  _copy_from_user+0x2e/0xd0
[  105.977860][T10421]  do_ipv6_setsockopt+0x97d/0x4790
[  105.979199][T10421]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  105.980681][T10421]  ? avc_has_perm_noaudit+0x143/0x3a0
[  105.982392][T10421]  ? avc_has_perm+0x11b/0x1c0
[  105.983628][T10421]  ? __pfx_avc_has_perm+0x10/0x10
[  105.984943][T10421]  ? rcu_is_watching+0x12/0xc0
[  105.986229][T10421]  ? get_pid_task+0xfc/0x250
[  105.987517][T10421]  ? __pfx_lock_release+0x10/0x10
[  105.988835][T10421]  ? trace_lock_acquire+0x14a/0x1d0
[  105.990211][T10421]  ? sock_has_perm+0x25a/0x2f0
[  105.991526][T10421]  ? __pfx_sock_has_perm+0x10/0x10
[  105.992861][T10421]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  105.994525][T10421]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  105.996280][T10421]  ? ipv6_setsockopt+0xcb/0x170
[  105.997611][T10421]  ipv6_setsockopt+0xcb/0x170
[  105.998848][T10421]  tcp_setsockopt+0xa4/0x100
[  106.000061][T10421]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  106.001976][T10421]  do_sock_setsockopt+0x222/0x480
[  106.003768][T10421]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  106.005775][T10421]  ? lock_acquire+0x2f/0xb0
[  106.007444][T10421]  __sys_setsockopt+0x1a0/0x230
[  106.008846][T10421]  __x64_sys_setsockopt+0xbd/0x160
[  106.010203][T10421]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  106.011811][T10421]  do_syscall_64+0xcd/0x250
[  106.013004][T10421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.014538][T10421] RIP: 0033:0x7f0e1957e819
[  106.015704][T10421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.020807][T10421] RSP: 002b:00007f0e173f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  106.022991][T10421] RAX: ffffffffffffffda RBX: 00007f0e19735fa0 RCX: 00007f0e1957e819
[  106.025041][T10421] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  106.027123][T10421] RBP: 00007f0e173f6090 R08: 0000000000000020 R09: 0000000000000000
[  106.029180][T10421] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  106.031301][T10421] R13: 0000000000000000 R14: 00007f0e19735fa0 R15: 00007ffd95e9b698
[  106.033362][T10421]  </TASK>
[  106.239491][T10444] xt_hashlimit: size too large, truncated to 1048576
[  106.245827][ T6338] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.299353][ T6338] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.365271][ T6338] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.455279][ T6338] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.538933][ T6338] bridge_slave_1: left allmulticast mode
[  106.540496][ T6338] bridge_slave_1: left promiscuous mode
[  106.542157][ T6338] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.544749][ T6338] bridge_slave_0: left allmulticast mode
[  106.546309][ T6338] bridge_slave_0: left promiscuous mode
[  106.548105][ T6338] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.665341][ T6338] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.668905][ T6338] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.672372][ T6338] bond0 (unregistering): Released all slaves
[  106.675824][ T6338] bond1 (unregistering): Released all slaves
[  106.681370][T10459] netlink: 'syz.6.1300': attribute type 19 has an invalid length.
[  106.688480][T10461] netdevsim netdevsim5 netdevsim0: left promiscuous mode
[  106.690344][T10461] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  106.723561][T10473] FAULT_INJECTION: forcing a failure.
[  106.723561][T10473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.728592][T10473] CPU: 2 UID: 0 PID: 10473 Comm: syz.6.1305 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  106.731465][T10473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.734474][T10473] Call Trace:
[  106.735375][T10473]  <TASK>
[  106.736161][T10473]  dump_stack_lvl+0x16c/0x1f0
[  106.737447][T10473]  should_fail_ex+0x497/0x5b0
[  106.738702][T10473]  _copy_from_user+0x2e/0xd0
[  106.739971][T10473]  ipv6_flowlabel_opt+0x234/0x2ea0
[  106.741327][T10473]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  106.742943][T10473]  ? rcu_is_watching+0x12/0xc0
[  106.744202][T10473]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  106.745652][T10473]  ? lock_release+0x4f6/0x6f0
[  106.746891][T10473]  ? sockopt_lock_sock+0x54/0x70
[  106.748244][T10473]  ? sockopt_lock_sock+0x54/0x70
[  106.749571][T10473]  ? rcu_is_watching+0x12/0xc0
[  106.751235][T10473]  ? sockopt_lock_sock+0x54/0x70
[  106.753087][T10473]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  106.754982][T10473]  ? do_ipv6_setsockopt+0x104e/0x4790
[  106.756414][T10473]  do_ipv6_setsockopt+0x104e/0x4790
[  106.757846][T10473]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  106.759302][T10473]  ? avc_has_perm_noaudit+0x143/0x3a0
[  106.760756][T10473]  ? avc_has_perm+0x11b/0x1c0
[  106.762014][T10473]  ? __pfx_avc_has_perm+0x10/0x10
[  106.763338][T10473]  ? rcu_is_watching+0x12/0xc0
[  106.764602][T10473]  ? get_pid_task+0xfc/0x250
[  106.765858][T10473]  ? __pfx_lock_release+0x10/0x10
[  106.767327][T10473]  ? trace_lock_acquire+0x14a/0x1d0
[  106.768746][T10473]  ? sock_has_perm+0x25a/0x2f0
[  106.770009][T10473]  ? __pfx_sock_has_perm+0x10/0x10
[  106.771432][T10473]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  106.773783][T10473]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  106.775964][T10473]  ? ipv6_setsockopt+0xcb/0x170
[  106.777271][T10473]  ipv6_setsockopt+0xcb/0x170
[  106.778515][T10473]  tcp_setsockopt+0xa4/0x100
[  106.779743][T10473]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  106.781299][T10473]  do_sock_setsockopt+0x222/0x480
[  106.782627][T10473]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  106.784117][T10473]  ? lock_acquire+0x2f/0xb0
[  106.785324][T10473]  __sys_setsockopt+0x1a0/0x230
[  106.786613][T10473]  __x64_sys_setsockopt+0xbd/0x160
[  106.787972][T10473]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  106.789545][T10473]  do_syscall_64+0xcd/0x250
[  106.790756][T10473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.792317][T10473] RIP: 0033:0x7fa8fdf7e819
[  106.793854][T10473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.799629][T10473] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  106.801868][T10473] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  106.804151][T10473] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  106.806209][T10473] RBP: 00007fa8fecd1090 R08: 0000000000000020 R09: 0000000000000000
[  106.808256][T10473] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  106.810307][T10473] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  106.812363][T10473]  </TASK>
[  106.815015][ T6338] tipc: Disabling bearer <udp:syz1>
[  106.816495][ T6338] tipc: Left network mode
[  106.841832][T10487] syz.6.1307 (10487): /proc/10486/oom_adj is deprecated, please use /proc/10486/oom_score_adj instead.
[  106.877955][ T5958] Bluetooth: hci0: command tx timeout
[  106.885958][T10495] overlayfs: failed to resolve './file0': -2
[  106.944515][T10507] xt_hashlimit: size too large, truncated to 1048576
[  107.032391][ T6338] hsr_slave_0: left promiscuous mode
[  107.034907][ T6338] hsr_slave_1: left promiscuous mode
[  107.038475][ T6338] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  107.040501][ T6338] batman_adv: batadv0: Removing interface: batadv_slave_0
[  107.042810][ T6338] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  107.044835][ T6338] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.049788][ T6338] veth1_macvtap: left promiscuous mode
[  107.051299][ T6338] veth0_macvtap: left promiscuous mode
[  107.052820][ T6338] veth1_vlan: left promiscuous mode
[  107.054252][ T6338] veth0_vlan: left promiscuous mode
[  107.174759][  T829] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  107.183736][ T6338] team0 (unregistering): Port device team_slave_1 removed
[  107.200451][ T6338] team0 (unregistering): Port device team_slave_0 removed
[  107.210578][ T7093] libceph: connect (1)[c::]:6789 error -101
[  107.212702][ T7093] libceph: mon0 (1)[c::]:6789 connect error
[  107.251038][T10530] syz.1.1316[10530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.251104][T10530] syz.1.1316[10530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.255038][T10530] syz.1.1316[10530] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.306737][  T829] usb 10-1: device descriptor read/64, error -71
[  107.427092][T10550] netlink: 'syz.6.1320': attribute type 19 has an invalid length.
[  107.466890][   T55] libceph: connect (1)[c::]:6789 error -101
[  107.468519][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  107.524800][T10562] FAULT_INJECTION: forcing a failure.
[  107.524800][T10562] name failslab, interval 1, probability 0, space 0, times 0
[  107.529020][T10562] CPU: 3 UID: 0 PID: 10562 Comm: syz.6.1323 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  107.532403][T10562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.535187][T10562] Call Trace:
[  107.536117][T10562]  <TASK>
[  107.536938][T10562]  dump_stack_lvl+0x16c/0x1f0
[  107.538208][T10562]  should_fail_ex+0x497/0x5b0
[  107.539470][T10562]  ? fs_reclaim_acquire+0xae/0x150
[  107.540930][T10562]  should_failslab+0xc2/0x120
[  107.542620][T10562]  __kmalloc_cache_noprof+0x6b/0x300
[  107.544521][T10562]  ? fl_create+0x116/0xd50
[  107.545822][T10562]  fl_create+0x116/0xd50
[  107.546626][  T829] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  107.546978][T10562]  ? up_write+0x1b2/0x520
[  107.550070][T10562]  ? __pfx_fl_create+0x10/0x10
[  107.551400][T10562]  ? avc_has_perm_noaudit+0x61/0x3a0
[  107.552838][T10562]  ? __pfx_process_measurement+0x10/0x10
[  107.554352][T10562]  ? rcu_is_watching+0x12/0xc0
[  107.555684][T10562]  ? lock_release+0x4f6/0x6f0
[  107.556953][T10562]  ? __might_fault+0x13b/0x190
[  107.558174][T10562]  ? __pfx_lock_release+0x10/0x10
[  107.559518][T10562]  ? trace_lock_acquire+0x14a/0x1d0
[  107.561092][T10562]  ? rcu_is_watching+0x12/0xc0
[  107.562747][T10562]  ? __might_fault+0xe3/0x190
[  107.564113][T10562]  ? lock_acquire+0x2f/0xb0
[  107.565531][T10562]  ? __might_fault+0xe3/0x190
[  107.567095][T10562]  ? __might_fault+0xe3/0x190
[  107.568263][T10562]  ipv6_flowlabel_opt+0xa84/0x2ea0
[  107.569747][T10562]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  107.571428][T10562]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  107.572875][T10562]  ? lock_release+0x4f6/0x6f0
[  107.574133][T10562]  ? sockopt_lock_sock+0x54/0x70
[  107.575390][T10562]  ? sockopt_lock_sock+0x54/0x70
[  107.576739][T10562]  ? rcu_is_watching+0x12/0xc0
[  107.578056][T10562]  ? sockopt_lock_sock+0x54/0x70
[  107.579444][T10562]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  107.581355][T10562]  ? do_ipv6_setsockopt+0x104e/0x4790
[  107.583227][T10562]  do_ipv6_setsockopt+0x104e/0x4790
[  107.584983][T10562]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  107.586379][T10562]  ? avc_has_perm_noaudit+0x143/0x3a0
[  107.587711][T10562]  ? avc_has_perm+0x11b/0x1c0
[  107.588860][T10562]  ? __pfx_avc_has_perm+0x10/0x10
[  107.590179][T10562]  ? rcu_is_watching+0x12/0xc0
[  107.591856][T10562]  ? get_pid_task+0xfc/0x250
[  107.593214][T10562]  ? __pfx_lock_release+0x10/0x10
[  107.594466][T10562]  ? trace_lock_acquire+0x14a/0x1d0
[  107.595758][T10562]  ? sock_has_perm+0x25a/0x2f0
[  107.596958][T10562]  ? __pfx_sock_has_perm+0x10/0x10
[  107.598283][T10562]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  107.599830][T10562]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  107.602046][T10562]  ? ipv6_setsockopt+0xcb/0x170
[  107.603526][T10562]  ipv6_setsockopt+0xcb/0x170
[  107.604703][T10562]  tcp_setsockopt+0xa4/0x100
[  107.605861][T10562]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  107.607350][T10562]  do_sock_setsockopt+0x222/0x480
[  107.608615][T10562]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  107.609985][T10562]  ? lock_acquire+0x2f/0xb0
[  107.611504][T10562]  __sys_setsockopt+0x1a0/0x230
[  107.612756][T10562]  __x64_sys_setsockopt+0xbd/0x160
[  107.614027][T10562]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  107.615457][T10562]  do_syscall_64+0xcd/0x250
[  107.616648][T10562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.618209][T10562] RIP: 0033:0x7fa8fdf7e819
[  107.619374][T10562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.624360][T10562] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  107.626521][T10562] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  107.628555][T10562] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  107.630669][T10562] RBP: 00007fa8fecd1090 R08: 0000000000000020 R09: 0000000000000000
[  107.632707][T10562] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  107.634771][T10562] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  107.636834][T10562]  </TASK>
[  107.676794][  T829] usb 10-1: device descriptor read/64, error -71
[  107.782674][T10590] __nla_validate_parse: 3 callbacks suppressed
[  107.782685][T10590] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1331'.
[  107.787529][  T829] usb usb10-port1: attempt power cycle
[  107.801803][T10592] xt_hashlimit: size too large, truncated to 1048576
[  107.976895][   T55] libceph: connect (1)[c::]:6789 error -101
[  107.978594][   T55] libceph: mon0 (1)[c::]:6789 connect error
[  107.981808][T10525] ceph: No mds server is up or the cluster is laggy
[  108.063914][T10612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.067166][T10612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.069902][T10614] FAULT_INJECTION: forcing a failure.
[  108.069902][T10614] name failslab, interval 1, probability 0, space 0, times 0
[  108.073506][T10614] CPU: 1 UID: 0 PID: 10614 Comm: syz.6.1341 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  108.076213][T10614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  108.079020][T10614] Call Trace:
[  108.079896][T10614]  <TASK>
[  108.080670][T10614]  dump_stack_lvl+0x16c/0x1f0
[  108.081912][T10614]  should_fail_ex+0x497/0x5b0
[  108.083143][T10614]  ? fs_reclaim_acquire+0xae/0x150
[  108.084483][T10614]  should_failslab+0xc2/0x120
[  108.085732][T10614]  __kmalloc_cache_noprof+0x6b/0x300
[  108.087109][T10614]  ? ipv6_flowlabel_opt+0xacb/0x2ea0
[  108.088488][T10614]  ipv6_flowlabel_opt+0xacb/0x2ea0
[  108.089831][T10614]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  108.091435][T10614]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[  108.092874][T10614]  ? lock_release+0x4f6/0x6f0
[  108.094118][T10614]  ? sockopt_lock_sock+0x54/0x70
[  108.095426][T10614]  ? sockopt_lock_sock+0x54/0x70
[  108.096635][T10614]  ? rcu_is_watching+0x12/0xc0
[  108.097825][T10614]  ? sockopt_lock_sock+0x54/0x70
[  108.099126][T10614]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  108.100692][T10614]  ? do_ipv6_setsockopt+0x104e/0x4790
[  108.102101][T10614]  do_ipv6_setsockopt+0x104e/0x4790
[  108.103471][T10614]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  108.104921][T10614]  ? avc_has_perm_noaudit+0x143/0x3a0
[  108.106332][T10614]  ? avc_has_perm+0x11b/0x1c0
[  108.107573][T10614]  ? __pfx_avc_has_perm+0x10/0x10
[  108.108891][T10614]  ? rcu_is_watching+0x12/0xc0
[  108.110154][T10614]  ? get_pid_task+0xfc/0x250
[  108.111377][T10614]  ? __pfx_lock_release+0x10/0x10
[  108.112689][T10614]  ? trace_lock_acquire+0x14a/0x1d0
[  108.114067][T10614]  ? sock_has_perm+0x25a/0x2f0
[  108.115328][T10614]  ? __pfx_sock_has_perm+0x10/0x10
[  108.116690][T10614]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  108.118473][T10614]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  108.120311][T10614]  ? ipv6_setsockopt+0xcb/0x170
[  108.121644][T10614]  ipv6_setsockopt+0xcb/0x170
[  108.122886][T10614]  tcp_setsockopt+0xa4/0x100
[  108.124139][T10614]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  108.125717][T10614]  do_sock_setsockopt+0x222/0x480
[  108.127023][T10614]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  108.128450][T10614]  ? lock_acquire+0x2f/0xb0
[  108.129649][T10614]  __sys_setsockopt+0x1a0/0x230
[  108.130925][T10614]  __x64_sys_setsockopt+0xbd/0x160
[  108.132251][T10614]  ? trace_irq_enable.constprop.0+0xe4/0x130
[  108.133817][T10614]  do_syscall_64+0xcd/0x250
[  108.135006][T10614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.136553][T10614] RIP: 0033:0x7fa8fdf7e819
[  108.137729][T10614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.142665][T10614] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  108.144812][T10614] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  108.146865][T10614] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  108.148912][T10614] RBP: 00007fa8fecd1090 R08: 0000000000000020 R09: 0000000000000000
[  108.150963][T10614] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  108.153011][T10614] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  108.155045][T10614]  </TASK>
[  108.216638][  T829] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  108.238045][  T829] usb 10-1: device descriptor read/8, error -71
[  108.296683][   T55] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  108.446664][   T55] usb 6-1: Using ep0 maxpacket: 16
[  108.449327][   T55] usb 6-1: unable to get BOS descriptor or descriptor too short
[  108.451929][   T55] usb 6-1: config 253 has an invalid interface number: 254 but max is 0
[  108.454146][   T55] usb 6-1: config 253 has no interface number 0
[  108.455763][   T55] usb 6-1: config 253 interface 254 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  108.458719][   T55] usb 6-1: config 253 interface 254 has no altsetting 0
[  108.462017][   T55] usb 6-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=b6.14
[  108.464417][   T55] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.466475][   T55] usb 6-1: Product: syz
[  108.467858][   T55] usb 6-1: Manufacturer: syz
[  108.469119][   T55] usb 6-1: SerialNumber: syz
[  108.479596][  T829] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  108.507092][  T829] usb 10-1: device descriptor read/8, error -71
[  108.617856][  T829] usb usb10-port1: unable to enumerate USB device
[  108.966771][ T5958] Bluetooth: hci0: command tx timeout
[  109.189361][   T55] usb 6-1: USB disconnect, device number 7
[  109.219599][T10636] tun0: tun_chr_ioctl cmd 1074025672
[  109.221044][T10636] tun0: ignored: set checksum enabled
[  109.291704][T10645] xt_hashlimit: size too large, truncated to 1048576
[  109.525550][T10660] FAULT_INJECTION: forcing a failure.
[  109.525550][T10660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.529117][T10660] CPU: 0 UID: 0 PID: 10660 Comm: syz.1.1357 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  109.532745][T10660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.535696][T10660] Call Trace:
[  109.536572][T10660]  <TASK>
[  109.537354][T10660]  dump_stack_lvl+0x16c/0x1f0
[  109.538585][T10660]  should_fail_ex+0x497/0x5b0
[  109.539828][T10660]  _copy_to_user+0x32/0xd0
[  109.541083][T10660]  simple_read_from_buffer+0xd0/0x160
[  109.542539][T10660]  proc_fail_nth_read+0x198/0x270
[  109.543845][T10660]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.545275][T10660]  ? bpf_lsm_file_permission+0x9/0x10
[  109.546657][T10660]  ? security_file_permission+0x71/0x210
[  109.548095][T10660]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.549535][T10660]  vfs_read+0x1df/0xbe0
[  109.550639][T10660]  ? __fget_files+0x1fc/0x3a0
[  109.551887][T10660]  ? __pfx___mutex_lock+0x10/0x10
[  109.553195][T10660]  ? __pfx_vfs_read+0x10/0x10
[  109.554407][T10660]  ? __fget_files+0x206/0x3a0
[  109.555637][T10660]  ksys_read+0x12b/0x250
[  109.556730][T10660]  ? __pfx_ksys_read+0x10/0x10
[  109.557977][T10660]  ? rcu_is_watching+0x12/0xc0
[  109.559210][T10660]  ? rcu_is_watching+0x12/0xc0
[  109.560454][T10660]  do_syscall_64+0xcd/0x250
[  109.561756][T10660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.563901][T10660] RIP: 0033:0x7f652e57d25c
[  109.565373][T10660] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  109.570323][T10660] RSP: 002b:00007f652f3ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  109.572460][T10660] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57d25c
[  109.574499][T10660] RDX: 000000000000000f RSI: 00007f652f3ef0a0 RDI: 0000000000000004
[  109.576547][T10660] RBP: 00007f652f3ef090 R08: 0000000000000000 R09: 0000000000000000
[  109.578675][T10660] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001
[  109.580757][T10660] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[  109.582841][T10660]  </TASK>
[  109.698784][T10683] netlink: 'syz.1.1365': attribute type 1 has an invalid length.
[  109.794083][T10690] syz.1.1366: attempt to access beyond end of device
[  109.794083][T10690] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  109.798273][T10690] (syz.1.1366,10690,0):ocfs2_get_sector:1769 ERROR: status = -5
[  109.798833][T10689] FAULT_INJECTION: forcing a failure.
[  109.798833][T10689] name failslab, interval 1, probability 0, space 0, times 0
[  109.800281][T10690] (syz.1.1366,10690,0):ocfs2_sb_probe:749 ERROR: status = -5
[  109.803537][T10689] CPU: 3 UID: 0 PID: 10689 Comm: syz.6.1368 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  109.803554][T10689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.803560][T10689] Call Trace:
[  109.803564][T10689]  <TASK>
[  109.803568][T10689]  dump_stack_lvl+0x16c/0x1f0
[  109.805531][T10690] (syz.1.1366,10690,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  109.808192][T10689]  should_fail_ex+0x497/0x5b0
[  109.808210][T10689]  ? fs_reclaim_acquire+0xae/0x150
[  109.808222][T10689]  should_failslab+0xc2/0x120
[  109.808235][T10689]  __kmalloc_node_noprof+0xd1/0x430
[  109.808249][T10689]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  109.811491][T10690] (syz.1.1366,10690,0):ocfs2_fill_super:1178 ERROR: status = -5
[  109.811904][T10689]  __kvmalloc_node_noprof+0xad/0x1a0
[  109.827073][T10689]  seq_read_iter+0x82a/0x12b0
[  109.828339][T10689]  ? __pfx_kstrtouint+0x10/0x10
[  109.829643][T10689]  seq_read+0x39f/0x4e0
[  109.830758][T10689]  ? __pfx_seq_read+0x10/0x10
[  109.831976][T10689]  ? __pfx_lock_release+0x10/0x10
[  109.833285][T10689]  ? lock_acquire+0x2f/0xb0
[  109.834491][T10689]  ? avc_policy_seqno+0x9/0x20
[  109.835766][T10689]  ? selinux_file_permission+0x11f/0x580
[  109.837286][T10689]  ? __pfx_seq_read+0x10/0x10
[  109.838530][T10689]  proc_reg_read+0x23d/0x330
[  109.839764][T10689]  ? __pfx_proc_reg_read+0x10/0x10
[  109.841129][T10689]  vfs_read+0x1df/0xbe0
[  109.842232][T10689]  ? __fget_files+0x1fc/0x3a0
[  109.843482][T10689]  ? __pfx___mutex_lock+0x10/0x10
[  109.844818][T10689]  ? __pfx_vfs_read+0x10/0x10
[  109.846071][T10689]  ? __fget_files+0x206/0x3a0
[  109.847325][T10689]  ksys_read+0x12b/0x250
[  109.848450][T10689]  ? __pfx_ksys_read+0x10/0x10
[  109.849728][T10689]  ? rcu_is_watching+0x12/0xc0
[  109.851001][T10689]  ? rcu_is_watching+0x12/0xc0
[  109.852265][T10689]  do_syscall_64+0xcd/0x250
[  109.853472][T10689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.855034][T10689] RIP: 0033:0x7fa8fdf7e819
[  109.856222][T10689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.861324][T10689] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  109.863518][T10689] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  109.865598][T10689] RDX: 00000000000000b5 RSI: 00000000200000c0 RDI: 0000000000000003
[  109.867686][T10689] RBP: 00007fa8fecd1090 R08: 0000000000000000 R09: 0000000000000000
[  109.869771][T10689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.871839][T10689] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  109.873906][T10689]  </TASK>
[  109.978982][   T39] audit: type=1400 audit(1732199068.072:681): avc:  denied  { map } for  pid=10702 comm="syz.5.1374" path="/proc/353/net/ip_vs" dev="proc" ino=4026533205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  109.986175][   T39] audit: type=1400 audit(1732199068.072:682): avc:  denied  { execute } for  pid=10702 comm="syz.5.1374" path="/proc/353/net/ip_vs" dev="proc" ino=4026533205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  110.128163][T10727] xt_hashlimit: size too large, truncated to 1048576
[  110.466239][ T6338] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5
[  110.562820][   T39] audit: type=1400 audit(1732199068.652:683): avc:  denied  { read } for  pid=10739 comm="syz.5.1387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  110.718769][T10759] FAULT_INJECTION: forcing a failure.
[  110.718769][T10759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  110.722312][T10759] CPU: 0 UID: 0 PID: 10759 Comm: syz.1.1395 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  110.725033][T10759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.728338][T10759] Call Trace:
[  110.729406][T10759]  <TASK>
[  110.730255][T10759]  dump_stack_lvl+0x16c/0x1f0
[  110.731588][T10759]  should_fail_ex+0x497/0x5b0
[  110.732905][T10759]  _copy_to_iter+0x469/0x1560
[  110.734250][T10759]  ? __pfx__copy_to_iter+0x10/0x10
[  110.735668][T10759]  ? __virt_addr_valid+0x1a4/0x590
[  110.737062][T10759]  ? __virt_addr_valid+0x5e/0x590
[  110.738656][T10759]  ? __phys_addr_symbol+0x30/0x80
[  110.740227][T10759]  ? __check_object_size+0x488/0x710
[  110.741661][T10759]  seq_read_iter+0xd00/0x12b0
[  110.742900][T10759]  seq_read+0x39f/0x4e0
[  110.743999][T10759]  ? __pfx_seq_read+0x10/0x10
[  110.745249][T10759]  ? __pfx_lock_release+0x10/0x10
[  110.746573][T10759]  ? lock_acquire+0x2f/0xb0
[  110.747813][T10759]  ? avc_policy_seqno+0x9/0x20
[  110.749131][T10759]  ? selinux_file_permission+0x11f/0x580
[  110.750605][T10759]  ? __pfx_seq_read+0x10/0x10
[  110.751846][T10759]  proc_reg_read+0x23d/0x330
[  110.753072][T10759]  ? __pfx_proc_reg_read+0x10/0x10
[  110.754408][T10759]  vfs_read+0x1df/0xbe0
[  110.755521][T10759]  ? __fget_files+0x1fc/0x3a0
[  110.756764][T10759]  ? __pfx___mutex_lock+0x10/0x10
[  110.758089][T10759]  ? __pfx_vfs_read+0x10/0x10
[  110.759388][T10759]  ? __fget_files+0x206/0x3a0
[  110.760631][T10759]  ksys_read+0x12b/0x250
[  110.761696][T10759]  ? __pfx_ksys_read+0x10/0x10
[  110.762894][T10759]  ? rcu_is_watching+0x12/0xc0
[  110.764157][T10759]  ? rcu_is_watching+0x12/0xc0
[  110.765429][T10759]  do_syscall_64+0xcd/0x250
[  110.766632][T10759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.768181][T10759] RIP: 0033:0x7f652e57e819
[  110.769389][T10759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.774390][T10759] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  110.776570][T10759] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[  110.778664][T10759] RDX: 00000000000000b5 RSI: 00000000200000c0 RDI: 0000000000000003
[  110.780785][T10759] RBP: 00007f652f3ef090 R08: 0000000000000000 R09: 0000000000000000
[  110.782929][T10759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.784978][T10759] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[  110.787043][T10759]  </TASK>
[  110.811212][T10764] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  110.813528][T10763] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  110.915911][T10774] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1398'.
[  111.000547][T10790] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1405'.
[  111.010141][T10794] xt_hashlimit: size too large, truncated to 1048576
[  111.046866][ T5958] Bluetooth: hci0: command tx timeout
[  111.064103][T10805] netlink: 'syz.1.1405': attribute type 10 has an invalid length.
[  111.081986][T10805] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  111.089149][T10790] lo: entered promiscuous mode
[  111.093149][T10790] tunl0: entered promiscuous mode
[  111.094864][T10790] gre0: entered promiscuous mode
[  111.097389][T10790] gretap0: entered promiscuous mode
[  111.099086][T10790] erspan0: entered promiscuous mode
[  111.100687][T10790] ip_vti0: entered promiscuous mode
[  111.102399][T10790] ip6_vti0: entered promiscuous mode
[  111.104144][T10790] sit0: entered promiscuous mode
[  111.105900][T10790] ip6tnl0: entered promiscuous mode
[  111.110072][T10790] ip6gre0: entered promiscuous mode
[  111.111884][T10790] ip6gretap0: entered promiscuous mode
[  111.113618][T10790] bridge0: entered promiscuous mode
[  111.115532][T10790] vcan0: entered promiscuous mode
[  111.118000][T10790] bond0: entered promiscuous mode
[  111.119356][T10790] dummy0: entered promiscuous mode
[  111.121195][T10790] team0: entered promiscuous mode
[  111.123245][T10790] nlmon0: entered promiscuous mode
[  111.125146][T10790] caif0: entered promiscuous mode
[  111.126524][T10790] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  111.142142][T10790] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  111.149429][   T39] audit: type=1400 audit(1732199069.242:684): avc:  denied  { accept } for  pid=10784 comm="syz.5.1399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  111.154695][   T39] audit: type=1400 audit(1732199069.242:685): avc:  denied  { ioctl } for  pid=10784 comm="syz.5.1399" path="socket:[39757]" dev="sockfs" ino=39757 ioctlcmd=0xaea3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  111.195211][   T39] audit: type=1400 audit(1732199069.282:686): avc:  denied  { map } for  pid=10825 comm="syz.1.1408" path="socket:[38912]" dev="sockfs" ino=38912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  111.210946][   T39] audit: type=1400 audit(1732199069.282:687): avc:  denied  { read } for  pid=10825 comm="syz.1.1408" path="socket:[38912]" dev="sockfs" ino=38912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  111.290994][T10844] netlink: 'syz.1.1411': attribute type 4 has an invalid length.
[  111.303841][T10847] binder: 10845:10847 ioctl 404c534a 20000240 returned -22
[  111.308971][T10847] binder_alloc: 10845: binder_alloc_buf, no vma
[  111.311309][T10847] syz.5.1412: attempt to access beyond end of device
[  111.311309][T10847] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[  111.314625][T10847] (syz.5.1412,10847,3):ocfs2_get_sector:1769 ERROR: status = -5
[  111.317002][T10847] (syz.5.1412,10847,3):ocfs2_sb_probe:749 ERROR: status = -5
[  111.318955][T10847] (syz.5.1412,10847,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  111.321220][T10847] (syz.5.1412,10847,3):ocfs2_fill_super:1178 ERROR: status = -5
[  111.330436][T10847] netlink: 'syz.5.1412': attribute type 1 has an invalid length.
[  111.332480][T10847] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1412'.
[  111.387597][   T39] audit: type=1400 audit(1732199069.482:688): avc:  denied  { setopt } for  pid=10850 comm="syz.1.1414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  111.417032][T10857] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8//file0': -2
[  111.469764][T10862] FAULT_INJECTION: forcing a failure.
[  111.469764][T10862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.473166][T10862] CPU: 2 UID: 0 PID: 10862 Comm: syz.1.1419 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  111.475863][T10862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.478651][T10862] Call Trace:
[  111.479535][T10862]  <TASK>
[  111.480316][T10862]  dump_stack_lvl+0x16c/0x1f0
[  111.481592][T10862]  should_fail_ex+0x497/0x5b0
[  111.482838][T10862]  _copy_from_user+0x2e/0xd0
[  111.484052][T10862]  ucma_write+0x129/0x330
[  111.485185][T10862]  ? __pfx_ucma_write+0x10/0x10
[  111.486458][T10862]  ? bpf_lsm_file_permission+0x9/0x10
[  111.487917][T10862]  ? security_file_permission+0x71/0x210
[  111.489390][T10862]  ? __pfx_ucma_write+0x10/0x10
[  111.490662][T10862]  vfs_write+0x24c/0x1150
[  111.491792][T10862]  ? __fget_files+0x1fc/0x3a0
[  111.493025][T10862]  ? __pfx_lock_release+0x10/0x10
[  111.494334][T10862]  ? trace_lock_acquire+0x14a/0x1d0
[  111.495708][T10862]  ? __pfx_vfs_write+0x10/0x10
[  111.496951][T10862]  ? lock_acquire+0x2f/0xb0
[  111.498144][T10862]  ? __fget_files+0x40/0x3a0
[  111.499362][T10862]  ? __fget_files+0x206/0x3a0
[  111.500610][T10862]  ksys_write+0x207/0x250
[  111.501747][T10862]  ? __pfx_ksys_write+0x10/0x10
[  111.503026][T10862]  ? rcu_is_watching+0x12/0xc0
[  111.504279][T10862]  ? rcu_is_watching+0x12/0xc0
[  111.505566][T10862]  do_syscall_64+0xcd/0x250
[  111.506765][T10862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.508555][T10862] RIP: 0033:0x7f652e57e819
[  111.509738][T10862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.514730][T10862] RSP: 002b:00007f652f3ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.516896][T10862] RAX: ffffffffffffffda RBX: 00007f652e735fa0 RCX: 00007f652e57e819
[  111.518959][T10862] RDX: 0000000000000018 RSI: 0000000020000440 RDI: 0000000000000003
[  111.521010][T10862] RBP: 00007f652f3ef090 R08: 0000000000000000 R09: 0000000000000000
[  111.523045][T10862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.525099][T10862] R13: 0000000000000000 R14: 00007f652e735fa0 R15: 00007ffd849a3618
[  111.527149][T10862]  </TASK>
[  111.558041][T10866] netlink: 'syz.5.1421': attribute type 4 has an invalid length.
[  111.606233][T10874] binder: 10873:10874 ioctl 404c534a 20000240 returned -22
[  111.609100][T10874] binder_alloc: 10873: binder_alloc_buf, no vma
[  111.611859][T10874] syz.1.1424: attempt to access beyond end of device
[  111.611859][T10874] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  111.615135][T10874] (syz.1.1424,10874,3):ocfs2_get_sector:1769 ERROR: status = -5
[  111.617242][T10874] (syz.1.1424,10874,3):ocfs2_sb_probe:749 ERROR: status = -5
[  111.619174][T10874] (syz.1.1424,10874,3):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  111.621417][T10874] (syz.1.1424,10874,3):ocfs2_fill_super:1178 ERROR: status = -5
[  111.629795][T10874] netlink: 'syz.1.1424': attribute type 1 has an invalid length.
[  111.631814][T10874] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1424'.
[  111.698017][T10880] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1426'.
[  111.700498][T10880] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1426'.
[  111.725439][T10883] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1435'.
[  111.836778][T10886] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1427'.
[  111.904861][T10891] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8//file0': -2
[  111.977903][T10899] ebtables: ebtables: counters copy to user failed while replacing table
[  111.998001][T10899] ebtables: ebtables: counters copy to user failed while replacing table
[  112.001631][T10899] netlink: 'syz.5.1434': attribute type 21 has an invalid length.
[  112.004210][T10899] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1434'.
[  112.064903][T10911] bond0: (slave syz_tun): Releasing backup interface
[  112.070741][T10911] bridge_slave_0: left allmulticast mode
[  112.072758][T10911] bridge_slave_0: left promiscuous mode
[  112.076318][T10911] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.081050][T10911] bridge_slave_1: left allmulticast mode
[  112.082539][T10911] bridge_slave_1: left promiscuous mode
[  112.084036][T10911] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.088382][T10911] bond0: (slave bond_slave_0): Releasing backup interface
[  112.093496][T10911] bond0: (slave bond_slave_1): Releasing backup interface
[  112.095889][T10913] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes.
[  112.101688][T10911] team0: Port device team_slave_0 removed
[  112.106525][T10911] team0: Port device team_slave_1 removed
[  112.108414][T10911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.110389][T10911] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.112807][T10911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  112.114855][T10911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  112.129687][   T39] audit: type=1400 audit(1732199070.222:689): avc:  denied  { execute } for  pid=10912 comm="syz.6.1438" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  112.215364][T10915] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  112.739805][T10920] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes.
[  112.820790][T10925] __nla_validate_parse: 4 callbacks suppressed
[  112.820801][T10925] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1443'.
[  112.891686][T10931] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1444'.
[  112.949193][T10942] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  112.967997][T10945] bridge_slave_0: left allmulticast mode
[  112.969535][T10945] bridge_slave_0: left promiscuous mode
[  112.971032][T10945] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.973949][T10945] bridge_slave_1: left allmulticast mode
[  112.975454][T10945] bridge_slave_1: left promiscuous mode
[  112.977993][T10945] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.981207][T10945] bond0: (slave bond_slave_0): Releasing backup interface
[  112.984401][T10945] bond0: (slave bond_slave_1): Releasing backup interface
[  112.989119][T10945] team0: Port device team_slave_0 removed
[  112.992064][T10945] team0: Port device team_slave_1 removed
[  112.993821][T10945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  112.995743][T10945] batman_adv: batadv0: Removing interface: batadv_slave_0
[  112.999302][T10945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.001264][T10945] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.043704][T10948] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1453'.
[  113.060715][T10950] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.1455'.
[  113.063178][T10950] openvswitch: netlink: IP tunnel attribute has 3040 unknown bytes.
[  113.322280][T10961] FAULT_INJECTION: forcing a failure.
[  113.322280][T10961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.325970][T10961] CPU: 0 UID: 0 PID: 10961 Comm: syz.6.1460 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  113.328688][T10961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.331538][T10961] Call Trace:
[  113.332422][T10961]  <TASK>
[  113.333218][T10961]  dump_stack_lvl+0x16c/0x1f0
[  113.334452][T10961]  should_fail_ex+0x497/0x5b0
[  113.335708][T10961]  _copy_to_user+0x32/0xd0
[  113.336943][T10961]  simple_read_from_buffer+0xd0/0x160
[  113.338345][T10961]  proc_fail_nth_read+0x198/0x270
[  113.339741][T10961]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.341387][T10961]  ? bpf_lsm_file_permission+0x9/0x10
[  113.342794][T10961]  ? security_file_permission+0x71/0x210
[  113.344263][T10961]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  113.345742][T10961]  vfs_read+0x1df/0xbe0
[  113.346881][T10961]  ? __fget_files+0x1fc/0x3a0
[  113.348110][T10961]  ? __pfx___mutex_lock+0x10/0x10
[  113.349439][T10961]  ? __pfx_vfs_read+0x10/0x10
[  113.350699][T10961]  ? __fget_files+0x206/0x3a0
[  113.351937][T10961]  ksys_read+0x12b/0x250
[  113.353061][T10961]  ? __pfx_ksys_read+0x10/0x10
[  113.354309][T10961]  ? rcu_is_watching+0x12/0xc0
[  113.355577][T10961]  ? rcu_is_watching+0x12/0xc0
[  113.356864][T10961]  do_syscall_64+0xcd/0x250
[  113.358074][T10961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.359619][T10961] RIP: 0033:0x7fa8fdf7d25c
[  113.360840][T10961] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  113.365861][T10961] RSP: 002b:00007fa8fecd1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  113.368049][T10961] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7d25c
[  113.370136][T10961] RDX: 000000000000000f RSI: 00007fa8fecd10a0 RDI: 0000000000000004
[  113.372216][T10961] RBP: 00007fa8fecd1090 R08: 0000000000000000 R09: 0000000000000000
[  113.374271][T10961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.376337][T10961] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  113.378454][T10961]  </TASK>
[  113.469536][T10970] binder: 10969:10970 ioctl 404c534a 20000240 returned -22
[  113.471586][T10970] binder_alloc: 10969: binder_alloc_buf, no vma
[  113.473645][T10970] syz.6.1463: attempt to access beyond end of device
[  113.473645][T10970] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  113.477276][T10970] (syz.6.1463,10970,2):ocfs2_get_sector:1769 ERROR: status = -5
[  113.479272][T10970] (syz.6.1463,10970,2):ocfs2_sb_probe:749 ERROR: status = -5
[  113.481200][T10970] (syz.6.1463,10970,2):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  113.483448][T10970] (syz.6.1463,10970,2):ocfs2_fill_super:1178 ERROR: status = -5
[  113.494427][T10970] netlink: 'syz.6.1463': attribute type 1 has an invalid length.
[  113.496489][T10970] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1463'.
[  113.536456][T10980] rdma_rxe: rxe_newlink: failed to add bond_slave_1
[  113.599490][T10991] binder: 10990:10991 ioctl 404c534a 20000240 returned -22
[  113.602456][T10991] binder_alloc: 10990: binder_alloc_buf, no vma
[  113.605414][T10991] syz.6.1479: attempt to access beyond end of device
[  113.605414][T10991] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  113.611423][T10991] (syz.6.1479,10991,0):ocfs2_get_sector:1769 ERROR: status = -5
[  113.613459][T10991] (syz.6.1479,10991,0):ocfs2_sb_probe:749 ERROR: status = -5
[  113.615383][T10991] (syz.6.1479,10991,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  113.617757][T10991] (syz.6.1479,10991,0):ocfs2_fill_super:1178 ERROR: status = -5
[  114.345302][T10999] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.406902][   T39] audit: type=1400 audit(114.300:690): avc:  denied  { sqpoll } for  pid=11002 comm="syz.6.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  114.456631][T11003] ------------[ cut here ]------------
[  114.458282][T11003] platform vkms: [drm] vblank wait timed out on crtc 0
[  114.460568][T11003] WARNING: CPU: 1 PID: 11003 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x334/0x550
[  114.463491][T11003] Modules linked in:
[  114.464213][T11018] binder: 11017:11018 ioctl 404c534a 20000240 returned -22
[  114.464890][T11003] CPU: 1 UID: 0 PID: 11003 Comm: syz.6.1476 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  114.469913][T11018] binder_alloc: 11017: binder_alloc_buf, no vma
[  114.471875][T11003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.474547][T11018] syz.5.1484: attempt to access beyond end of device
[  114.474547][T11018] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[  114.476284][T11003] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  114.480251][T11018] (syz.5.1484,11018,0):ocfs2_get_sector:1769 ERROR: status = -5
[  114.481874][T11003] Code: 85 ed 0f 84 54 01 00 00 e8 c9 68 5f fc 4c 89 e7 e8 d1 12 87 00 89 e9 4c 89 ea 48 c7 c7 e0 a3 e7 8b 48 89 c6 e8 7d 10 20 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 9e 68 5f fc 90 48 8d 7b 08 48 b8 00
[  114.483924][T11018] (syz.5.1484,11018,0):ocfs2_sb_probe:749 ERROR: status = -5
[  114.489470][T11003] RSP: 0018:ffffc9000435fb28 EFLAGS: 00010286
[  114.491512][T11018] (syz.5.1484,11018,2):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  114.492894][T11003] RAX: 0000000000000000 RBX: ffff888024948000 RCX: ffffc9000cfe4000
[  114.492923][T11003] RDX: 0000000000080000 RSI: ffffffff814e8a56 RDI: 0000000000000001
[  114.492935][T11003] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  114.492943][T11003] R10: 0000000000000001 R11: 6d726f6674616c70 R12: ffff888106c24010
[  114.492950][T11003] R13: ffff888105fc2f80 R14: 1ffff9200086bf67 R15: 0000000000000bf0
[  114.495232][T11018] (syz.5.1484,11018,2):ocfs2_fill_super:1178 ERROR: status = -5
[  114.498059][T11003] FS:  00007fa8fecd16c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000
[  114.514592][T11003] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  114.517294][T11003] CR2: 0000001b2c41fffc CR3: 000000004effa000 CR4: 0000000000352ef0
[  114.520116][T11003] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  114.522955][T11003] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  114.525713][T11003] Call Trace:
[  114.526981][T11003]  <TASK>
[  114.528037][T11003]  ? __warn+0xea/0x3d0
[  114.529510][T11003]  ? preempt_schedule_notrace+0x62/0xe0
[  114.531502][T11003]  ? drm_wait_one_vblank+0x334/0x550
[  114.533375][T11003]  ? report_bug+0x3c0/0x580
[  114.534964][T11003]  ? handle_bug+0x54/0xa0
[  114.536506][T11003]  ? exc_invalid_op+0x17/0x50
[  114.538374][T11003]  ? asm_exc_invalid_op+0x1a/0x20
[  114.540170][T11003]  ? __warn_printk+0x1a6/0x350
[  114.541930][T11003]  ? drm_wait_one_vblank+0x334/0x550
[  114.543862][T11003]  ? drm_wait_one_vblank+0x333/0x550
[  114.545799][T11003]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  114.548119][T11003]  ? do_raw_spin_unlock+0x172/0x230
[  114.549988][T11003]  ? __pfx_autoremove_wake_function+0x10/0x10
[  114.552148][T11003]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  114.554249][T11003]  ? drm_vblank_get+0x150/0x280
[  114.556030][T11003]  drm_fb_helper_ioctl+0x156/0x1a0
[  114.557980][T11003]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  114.560103][T11003]  do_fb_ioctl+0x3d4/0x7d0
[  114.561750][T11003]  ? __pfx_do_fb_ioctl+0x10/0x10
[  114.563546][T11003]  ? do_vfs_ioctl+0x513/0x1990
[  114.565285][T11003]  ? selinux_file_ioctl+0x180/0x270
[  114.567451][T11003]  fb_ioctl+0xe5/0x150
[  114.568945][T11003]  ? __pfx_fb_ioctl+0x10/0x10
[  114.570652][T11003]  __x64_sys_ioctl+0x190/0x200
[  114.572397][T11003]  do_syscall_64+0xcd/0x250
[  114.573983][T11003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.575560][T11003] RIP: 0033:0x7fa8fdf7e819
[  114.576961][T11003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.582203][T11003] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.584333][T11003] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  114.586353][T11003] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000004
[  114.588516][T11003] RBP: 00007fa8fdff175e R08: 0000000000000000 R09: 0000000000000000
[  114.590625][T11003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  114.592731][T11003] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  114.594755][T11003]  </TASK>
[  114.595592][T11003] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  114.597661][T11003] CPU: 1 UID: 0 PID: 11003 Comm: syz.6.1476 Not tainted 6.12.0-syzkaller-03657-g43fb83c17ba2 #0
[  114.600354][T11003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.603191][T11003] Call Trace:
[  114.604271][T11003]  <TASK>
[  114.605066][T11003]  dump_stack_lvl+0x3d/0x1f0
[  114.606293][T11003]  panic+0x71d/0x800
[  114.607300][T11003]  ? __pfx_panic+0x10/0x10
[  114.608409][T11003]  ? show_trace_log_lvl+0x29d/0x3d0
[  114.609797][T11003]  ? drm_wait_one_vblank+0x334/0x550
[  114.611237][T11003]  check_panic_on_warn+0xab/0xb0
[  114.612566][T11003]  __warn+0xf6/0x3d0
[  114.613626][T11003]  ? preempt_schedule_notrace+0x62/0xe0
[  114.615073][T11003]  ? drm_wait_one_vblank+0x334/0x550
[  114.616431][T11003]  report_bug+0x3c0/0x580
[  114.617509][T11003]  handle_bug+0x54/0xa0
[  114.618619][T11003]  exc_invalid_op+0x17/0x50
[  114.619808][T11003]  asm_exc_invalid_op+0x1a/0x20
[  114.621139][T11003] RIP: 0010:drm_wait_one_vblank+0x334/0x550
[  114.622693][T11003] Code: 85 ed 0f 84 54 01 00 00 e8 c9 68 5f fc 4c 89 e7 e8 d1 12 87 00 89 e9 4c 89 ea 48 c7 c7 e0 a3 e7 8b 48 89 c6 e8 7d 10 20 fc 90 <0f> 0b 90 90 e9 0d fe ff ff e8 9e 68 5f fc 90 48 8d 7b 08 48 b8 00
[  114.627727][T11003] RSP: 0018:ffffc9000435fb28 EFLAGS: 00010286
[  114.629355][T11003] RAX: 0000000000000000 RBX: ffff888024948000 RCX: ffffc9000cfe4000
[  114.631481][T11003] RDX: 0000000000080000 RSI: ffffffff814e8a56 RDI: 0000000000000001
[  114.633551][T11003] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  114.635628][T11003] R10: 0000000000000001 R11: 6d726f6674616c70 R12: ffff888106c24010
[  114.637706][T11003] R13: ffff888105fc2f80 R14: 1ffff9200086bf67 R15: 0000000000000bf0
[  114.639773][T11003]  ? __warn_printk+0x1a6/0x350
[  114.641088][T11003]  ? drm_wait_one_vblank+0x333/0x550
[  114.642482][T11003]  ? __pfx_drm_wait_one_vblank+0x10/0x10
[  114.643939][T11003]  ? do_raw_spin_unlock+0x172/0x230
[  114.645322][T11003]  ? __pfx_autoremove_wake_function+0x10/0x10
[  114.646930][T11003]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  114.648442][T11003]  ? drm_vblank_get+0x150/0x280
[  114.649658][T11003]  drm_fb_helper_ioctl+0x156/0x1a0
[  114.651053][T11003]  ? __pfx_drm_fb_helper_ioctl+0x10/0x10
[  114.652530][T11003]  do_fb_ioctl+0x3d4/0x7d0
[  114.653725][T11003]  ? __pfx_do_fb_ioctl+0x10/0x10
[  114.655138][T11003]  ? do_vfs_ioctl+0x513/0x1990
[  114.656419][T11003]  ? selinux_file_ioctl+0x180/0x270
[  114.657798][T11003]  fb_ioctl+0xe5/0x150
[  114.658873][T11003]  ? __pfx_fb_ioctl+0x10/0x10
[  114.660056][T11003]  __x64_sys_ioctl+0x190/0x200
[  114.661658][T11003]  do_syscall_64+0xcd/0x250
[  114.663222][T11003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.665243][T11003] RIP: 0033:0x7fa8fdf7e819
[  114.666749][T11003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.672548][T11003] RSP: 002b:00007fa8fecd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  114.674734][T11003] RAX: ffffffffffffffda RBX: 00007fa8fe135fa0 RCX: 00007fa8fdf7e819
[  114.676814][T11003] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000004
[  114.678798][T11003] RBP: 00007fa8fdff175e R08: 0000000000000000 R09: 0000000000000000
[  114.680691][T11003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  114.682789][T11003] R13: 0000000000000000 R14: 00007fa8fe135fa0 R15: 00007ffe1ca5ce78
[  114.684847][T11003]  </TASK>
[  114.686131][T11003] Kernel Offset: disabled
[  114.687272][T11003] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:24:32  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff850dd7d5 RDI=ffffffff9ab0e440 RBP=ffffffff9ab0e400 RSP=ffffc900044876f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=203a7265646e6962
R12=0000000000000000 R13=0000000000000031 R14=ffffffff850dd770 R15=0000000000000000
RIP=ffffffff850dd7ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0e173f66c0 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c291e14 CR3=0000000046d4e000 CR4=00352ef0
DR0=0000000000000005 DR1=0000000000000000 DR2=0000000000000002 DR3=0000000000000800 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e1970c488 00007f0e1970c480 00007f0e1970c478 00007f0e1970c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e1a26d100 00007f0e1970c440 00007f0e1970c458 00007f0e1970c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e1970c498 00007f0e1970c490 00007f0e1970c488 00007f0e1970c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000022c9f RBX=000000000000005d RCX=ffffc9000cfe4000 RDX=0000000000080000
RSI=ffffffff816dea06 RDI=0000000000000001 RBP=1ffff9200086bef6 RSP=ffffc9000435f7a0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=3a474e494e524157
R12=0000000000000001 R13=0000000000000200 R14=ffff88804e72c880 R15=ffffc9000435f888
RIP=ffffffff816dea08 RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fa8fecd16c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b2c41fffc CR3=000000004effa000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e195f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e1a26d100 00007f0e1970c440 00007f0e1970c458 00007f0e1970c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0e1970c498 00007f0e1970c490 00007f0e1970c488 00007f0e1970c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000007 RBX=0000000000000000 RCX=ffffffff816ae0b9 RDX=0000000000000000
RSI=ffffffff8bd1e2c0 RDI=ffff8880238c8444 RBP=ffff8880238c8000 RSP=ffffc900037a7640
R8 =0000000000000000 R9 =fffffbfff20c055a R10=ffffffff90602ad7 R11=00000000000a4001
R12=ffffffff8179abf0 R13=ffffc900037a7788 R14=0000000000000000 R15=ffff8880238c8000
RIP=ffffffff81749ac5 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555869f7500 ffffffff 00c00000
GS =0000 ffff88806a800000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000555580168808 CR3=000000004a9e0000 CR4=00352ef0
DR0=0000000000000002 DR1=0000000000000000 DR2=0000000000000003 DR3=0000000000000001 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000020081 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdd7496e0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f25fb
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f2608
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f2602
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f2616
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f269c
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f11d03f277a
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 2074657365720064 656c696166202973 2528746174736c00
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 47414c46585f5346 0551405640570041 40494c4443050c56 000d514451564900
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000015647c RBX=0000000000000003 RCX=ffffffff8b282479 RDX=ffffed100d52702e
RSI=ffffffff8bd1e2c0 RDI=ffffffff8164be89 RBP=ffffed1003b5c488 RSP=ffffc900001a7e08
R8 =0000000000000000 R9 =ffffed100d52702d R10=ffff88806a93816b R11=0000000000000000
R12=0000000000000003 R13=ffff88801dae2440 R14=ffffffff90602ad0 R15=0000000000000000
RIP=ffffffff8b28385f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fbc8108e30c CR3=0000000029320000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf2d4a0
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf3aa64 000055557cf3aa60
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf2d4a0
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cfa5f8c 000055557cfa5710
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557cf3aa64 000055557cf3aa60
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000036383835 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06002fba00716573 2f646e732f766564 2f01ffffffffffff ffffe50808800332
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9803060800069003 5608000688030280 0800068003208008 0008800401c71000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800069003020400 068c030000000004 0606880368080006 00080007000c0008
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006a80300040006 a40300020006a203 0a020006a0030808 000698030785f4d8
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0174100005800401 0000020806060138 9400080005e00300 100005d003001000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 05c00302100005b0 0368100004900308 080006e003160400 06dc0310040006d8
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030a040006d00302 040006cc030c0400 06c8032ad0080006 c00318040006bc03
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10040006b8030408 0006b00312040006 ac0310040006a803 00040006a4030002
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000296c
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000