last executing test programs:

32.880570447s ago: executing program 3 (id=685):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0xc00, &(0x7f0000001180)=ANY=[@ANYBLOB='quota,usrquota_inode_hardlimit=7'])
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
unlink(&(0x7f0000000280)='./file1\x00')

32.879874991s ago: executing program 3 (id=686):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000008c0)=ANY=[], 0x8c0}, 0x1, 0x0, 0x0, 0x48810}, 0x4000)
recvmmsg$unix(r1, &(0x7f0000003bc0)=[{{0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000300)=""/74, 0x4a}], 0x1}, 0x8c0}], 0x1, 0x10041, 0x0)

32.790122691s ago: executing program 3 (id=689):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0x1f, 0x8, 0x200, &(0x7f0000000180)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000001000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413fcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949e496f2e2a3c175858575713be5ee3fff4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff4175b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a2b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6d07002ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b188cd35df2cd7963e43b7f9c03bebfb889c02f484f63520cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc589457c924abfc4d5afd22462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

32.690329356s ago: executing program 3 (id=693):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000)=0xa0, 0x4)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast2, 0x2}, 0x1c)
r3 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$int_in(r3, 0x5452, &(0x7f0000000240)=0x3)
sendmsg$kcm(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000818)
setsockopt$sock_attach_bpf(r3, 0x1, 0x7, &(0x7f0000000340), 0x4)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="170000001400030400000000000000542d"], 0x44}}, 0x0)
symlinkat(&(0x7f0000000200)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0\x00')
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x183001)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000680)={0x0, 0x0, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000340)={r8, 0x0, 0x0, 0x0, 0x1, [<r9=>0x0, <r10=>0x0], [0x0, 0x7, 0x0, 0x2], [0x0, 0x4, 0x2, 0x100000], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000040)={r10, 0x80000, <r11=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r11, 0xc00c642d, &(0x7f0000000080)={r9, 0x0, <r12=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r12})

31.808981258s ago: executing program 3 (id=724):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x5, 0x0, 0x101, 0x0})
r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
socket$inet6(0xa, 0x1, 0x84)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000580)='./file0\x00', 0x202d41, 0x0)
socket$inet(0x2, 0x801, 0x0)
pipe2(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000004c0)={&(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="090018000020", @ANYRES32, @ANYRESDEC=r2, @ANYRES32=r0, @ANYRESHEX=r3, @ANYRESOCT=r2, @ANYRESOCT, @ANYRES32=r1, @ANYBLOB="e69342e9a1c6b3a5dacb65662904c85e72fd0502c39e828c8a7eb8a68ae1f14e6af766b4384c83d8c6d56f5f6f33a255dd89e480aae8c15d6cfecfed76b01d73671d0a1e7916a49f8873a1fa5defaf41a60be6a62d0437a11222c6dbbf99e835f92e12dc31c71a1878b77763fafb40a72f994cd0d90b9972e56dd6ce9100563096f6257c70450f9790d3d40db3774de3cbe018e47bcb1016e6ae5e6dcececadc158cdde9fdd39b7b4d49b3c1d7d3c3fd15144e12a5dd85942522d6818be975dff2bd9ca3da0acdd4284debb1e577acd3443e0655731b3fdc2450404c99827a40dd", @ANYRES8=r5], 0x50)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$9p_virtio(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200), 0x800000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=vi'])
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_VERSION(r4, 0xc0189371, &(0x7f0000000280)={{0x1, 0x1, 0xfffffffffffffe32, <r7=>r3}, './file0\x00'})
io_uring_enter(r7, 0x2219, 0x207721, 0x1, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='sysfs\x00', 0x0, &(0x7f00000007c0)='usrquota')
connect$vsock_stream(r6, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
ioctl$KVM_CREATE_PIT2(r9, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2)

31.570728807s ago: executing program 3 (id=732):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x48051)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 35)

31.541171104s ago: executing program 32 (id=732):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x48051)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 35)

2.150070066s ago: executing program 4 (id=1461):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000026000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.774898825s ago: executing program 4 (id=1469):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001900010028bd7000000000000a140000000000020024000008001e000000000008000400b7674616a9e8946bb621b47275f86899df2d", @ANYRES32=0x0, @ANYBLOB], 0x2c}}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000001180)=ANY=[@ANYBLOB='quota,usrquota_inode_hardlimit=7'])
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0xb0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x10000, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x1000, 0x1)
chdir(&(0x7f00000003c0)='./bus\x00')
setxattr$trusted_overlay_redirect(&(0x7f0000000280)='./file1\x00', &(0x7f0000000340), 0x0, 0x0, 0x0)

1.774805705s ago: executing program 4 (id=1470):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x437, 0x0, 0x25dfdbfc, {}, [@IFLA_EVENT={0x8, 0x2c, 0x80000001}]}, 0x28}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x5, 0x1006, 0x8, 0xae, 0x0, 0x1, 0x20727ff}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0d00000002000000040000000640000005000000", @ANYRES32=r2], 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
write$binfmt_elf32(r0, &(0x7f00000000c0)=ANY=[@ANYRES16=r1], 0x69)
close(r0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

1.667782029s ago: executing program 4 (id=1476):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c)
syz_emit_ethernet(0xd9, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6001010000a31100fe80ffffff0700003f000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0)

1.667280875s ago: executing program 4 (id=1478):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
socket$unix(0x1, 0x1, 0x0) (async)
socket$unix(0x1, 0x1, 0x0)
r0 = socket$kcm(0x10, 0x100000000002, 0x4)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
sendmsg$kcm(r0, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180fffffdef0000883795c04a31ba377a1b2cc32b38d37400"/57, 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x3938700}, {0x0, 0x9}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x3938700}, {0x0, 0x9}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0xe8, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80481, 0x1a)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0)
linkat(r4, &(0x7f0000000280)='./file0\x00', r5, &(0x7f0000000300)='./file0\x00', 0x1000)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000800000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
syz_emit_ethernet(0x6e, &(0x7f0000000600)=ANY=[@ANYBLOB="0180c20000001704b45adbde8100000008004500005c0000000000019078ac1e0001ac1414aa05009078ac1414aa400000000000000000880000ac16140000000000441c0000000000000000000000000000000002000000000000000000860d0000000000074289b015b1000000"], 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) (async)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
socket$nl_route(0x10, 0x3, 0x0) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x1ff, 0x1, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) (async)
sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xe}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x1ff, 0x1, 0x4}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r11 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r12, {0x10, 0xf}, {}, {0x8, 0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x15625}]}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@deltaction={0x180, 0x31, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x4c, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x6c, 0x1, [{0x10, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x14, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x89b}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x54, 0x1, [{0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1000}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff0000}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xc}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7f}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000) (async)
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@deltaction={0x180, 0x31, 0x2, 0x70bd27, 0x25dfdbfe, {}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7ff}}, {0x10, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x4c, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x6, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x6c, 0x1, [{0x10, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x14, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x89b}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @TCA_ACT_TAB={0x54, 0x1, [{0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1000}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff0000}}]}, @TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xc}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7f}}, {0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001380)={0x6, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000000e00000018110057", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000007209f8ff01000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0xd8)

1.029195232s ago: executing program 0 (id=1488):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
syz_emit_ethernet(0xbf, &(0x7f0000000080)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb1, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x20, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x35}, {[@cipso={0x86, 0x77, 0x0, [{0x5, 0xc, "e256b28c04000000fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x0, 0x12, "b70812587825a3156216685f5830180d"}, {0x6, 0x7, "cfa11cab1a"}, {0x0, 0x10, "c600"/14}, {0x0, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "73bc2300ad9d19a30000000000000000"}, {0x0, 0x9, "c8f46976e79e56"}]}, @cipso={0x86, 0x6}]}}, "ee"}}}}}, 0x0)

970.365407ms ago: executing program 0 (id=1489):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000380)={0x500, 0x78, 0x3f, 0x0, 0x1, 0x3e, 0x0, 0x0, {}, {0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
getegid()
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000080)="290000001e00190f00003fffffffda060200000000e80001dd0008040d00d3107f3ac21d00050000ff", 0x29}], 0x1)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES8, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYBLOB, @ANYBLOB, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="20000000000000000100000001000000", @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="2c000000000000000100", @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32], 0x120, 0x40812}, 0x1)

920.159288ms ago: executing program 0 (id=1490):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000040)={0x30})
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0xe, 0x1)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r1, 0xc0fc4110, &(0x7f0000000040)={0x9, [0x32a5, 0x7, 0x4], [{0xc85e, 0x2, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x5, 0x1, 0x1, 0x1}, {0xffffffff, 0xa, 0x1, 0x0, 0x1, 0x1}, {0xa, 0x5, 0x0, 0x0, 0x0, 0x1}, {0x2, 0x800000, 0x1, 0x1, 0x1, 0x1}, {0xffff, 0x6, 0x1, 0x0, 0x1, 0x1}, {0x4e7, 0x6, 0x1, 0x1}, {0x8000, 0x4, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x5, 0x1, 0x1, 0x0, 0x1}, {0x0, 0x2000008, 0x1, 0x0, 0x1, 0x1}, {0xc, 0x10001, 0x0, 0x0, 0x0, 0x1}, {0x1, 0x7ff, 0x0, 0x1, 0x0, 0x1}], 0x7})
r2 = socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket(0x10, 0x803, 0x0) (async)
r4 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r4, 0xc0205648, &(0x7f0000000000)={0x9f0000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async, rerun: 32)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async, rerun: 32)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async, rerun: 64)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x4, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xffe0}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x2c}]}}]}, 0x3c}}, 0x20004055) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r7 = socket$netlink(0x10, 0x3, 0x0) (async)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000240)='nv\x00', 0x3) (async, rerun: 32)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 32)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0) (async)
close(r6) (async)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000040)={0xf0f017, 0x1}) (async)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x6}, @IFLA_BR_VLAN_DEFAULT_PVID={0x6}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000) (async)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)

920.048964ms ago: executing program 0 (id=1491):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x183001)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000680)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x1, [<r4=>0x0], [0x0, 0x7, 0x0, 0x2], [0x0, 0x4, 0x2, 0x100000], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r4, 0x0, <r5=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r5}) (fail_nth: 15)

840.706507ms ago: executing program 0 (id=1492):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x34000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

690.339106ms ago: executing program 4 (id=1496):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2000000, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r0, 0x7, &(0x7f00000003c0)={0x1, 0x0, 0xb, 0x0, 0xffffffffffffffff})
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

640.088236ms ago: executing program 1 (id=1499):
r0 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x3, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x5}, &(0x7f0000000040)=0x8) (async)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000000)={<r1=>0x0, 0x5}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000080)={r1, 0x9, 0x1, [0x7]}, 0xa)

580.620382ms ago: executing program 1 (id=1500):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x24, r1, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}}, 0x0)
syz_80211_join_ibss(&(0x7f0000000280)='wlan0\x00', &(0x7f0000000340)=@random='\r', 0x1, 0xd00000000000000)

529.360274ms ago: executing program 1 (id=1502):
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0xec, 0x4)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000040)={0x71, 0x7, 0x9, 0x5, 0x80})
r1 = openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
write(r1, &(0x7f00000000c0)="c4417d585b8dac67327d7395893914765836e5c6013ddbc3b31daea34966d5ce2f784e691157fca03c9c3340d0cf0db4cf4aca0cd827856d59139c1f95827a832dd481a2f3932d6029459312265491696c341e538a27159c8b89419654a30b02bfa02912c6120436904b933e6e290eea3a14891db5451c2ae32c2ae072f35bb81bd8149fc54282318390af6fc2be26d4133d7e46a5ad2637ea52241c704e234b763b3c3a3a2568ecd153ff4bd3e899b057e7601744db3f88eef56db79e7a2c1505d46dd65569da1151c3d668e90973489cf7abadce41449b056ae0fff3f1c90c", 0xe0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000001c0)=<r2=>0x0)
sendmsg$nfc_llcp(r0, &(0x7f0000001580)={&(0x7f0000000200)={0x27, r2, 0x0, 0x2, 0x0, 0x1, "357cf7ae07a535f1c21903de56fbf9e4d44263c562b2e619d6142dc23961bea2be621c739e47894ee0f5140a61116a060dc729ea493a9e9f683f6b86cde762", 0x20}, 0x60, &(0x7f0000001440)=[{&(0x7f0000000280)="a1463745b807e5bd6db8261ca4d3dea21f415470d532db2c3b8087be93d3c227cab264d16f5f73447234ecf1667a08212814b5c51f9925998ac8958d958bcf4d27b9", 0x42}, {&(0x7f0000000300)="a0f3360b9cccfa8cd03ce623bfb4232b7f47fa73033d7eec39ba2770eeefce548c64fe1fe5665142b157d7082bc932fdbbd70777ea0550b1bc12407ec3bfc64e074deab27a8951d6757951ef938b373ad214da8a2a3e7e82761a2eea24a351e0b931d4ef5aa1fe856f608af6ef46bce4435ab65642975c922517cadac967a18fb0f122b88e69a996e3d361259ad29441e0a8123f1ee9311bb58c1a0fb784a949cb49762cc24fa78fa4", 0xa9}, {&(0x7f00000003c0)="f44953b948ccb93e0fa201c4a3397a2a54bbed60a3f11793eca7c3f858957cd72a7f4bbb103dcb846ef602e057f08c4669a8293f05ab29964cd7835fd070f5679a8171863faa3d514a5c715fbf8ea440be962f484d6ea63c7d5bc3", 0x5b}, {&(0x7f0000000440)="635f4e0e174d15d4118a95c4e196175a7e7d7862bf26eb1f700d3a1642b47c854e65df17fdb98fa0ee1bd52a827c26de82b87b1e25ea1993eba63d2c8882354dc1af4181e69a6245cc315727af88c1c79e6d5fe2ae82b00e5014c44fa76a53ca1a79bd0c3d0137a091eb3435e0877464cd42946a72d2ea18c78dabab716ee3e8ed33c4d2dbea2ca79cd087d0ae459c4eb360198c9ba19ea69049aff77d38ee289f2ab0fd792897accdb51a4ec4dd60a0c77e18b236749e957f61ac3a1b464ac2c41d51eff0695752f8bdc9de69ddfb36ec77d10e548e1fd6a07e6a88cc170d1a2aee050b678b5b794a71209ab77973dad107d2a18e39af2af377efe9c5b0ca465b8ca33e75dfe288ffc1530e80dbf50171aa9793c61f33d342cab1b169b575ba7ac0d1e938f201185af095f8a91577a44f00cab1875d2cd3122207c791fd844707966d403ebe0fb21eb33ccac1135282747b35252a868d995069fd52b380c5a8eb5e21830d2dcaab815452433ce0257b3a08688c61c96636c07652867792de4c6df80bc7682da9f18fb192fc5c2e802367b0f28a21e33716591659d8a723beed3d47eb50c66db57830ba882d79f4531d13c3ce02dd32596b9c275719d4333dea96b6c5d5977ace54ebc1f809cc405d149d8d84f37ea05b7a0b872672744db05c5c8749655034363115be689ba381a42829e272af5432d5d2a50dc1c8295c1cc336c551255ad7056868031af1ad68ea4570b047919e19d1fa1beb691707d97171d99b2ae34fd75dfe57b1c0b492c0a60100e368fa283d9e2baea7c8185779866d0ce9823c37c70769255c7f7926518b2987c62d9d898b2db6ef9c0fffb881e3b6e2c2894d72405b9e23e52edfe9cbda432564c1e1aaf94d3ab9bb6b95f8b96673e11a1f6646f069545295a1d4029e716004e91730b181c19597ccdd1a7e927b42d3a832d92583280447b13e096168eb5d5a9d299ad3777b068df40a2f98cdbe6d96d1cf0b0415d3eb57d05d38a048980b2c2b2137a7819296e1976c6977b0294b4761605fddaa48f84a9257d5b7109b64bc7513e407eedac67bc5b5e5d492aa4352dadfebd7ecdea387c05b85a58afce3414f77889af86d85c9153d3537f82aae62c29f38faf56bc9b8e4c9d3f4020f5ee9aaaa7e716eadfd7cc1398ccba0dad1ef06efcf8684b6e89ccf418092cb545775de8b1175e7f1fbe115464429f197e7b52a04a27d6c132c7842aa8fdbad8355607956506ca6139d68d49797955e855403f64df9d4ab11a82b4fb415ab705db674abcba7c373c47b775a5c32d186e578f7722956efc133df49d4979f2ed114efbe09ce5c5fb31d786e4503f1892710d6bc7b2137c89d23fd5bdf384710be48f976ff5e30d46b4b9361a957d4cb7f94050338f28965517221487493c997f8d490fc3aec814215c1a10fa46bfff876fdd8aba8c6d952bd660a8103f22fda27afbe0721dcbc1e31587bcbdfd92fb9e375939a06240e03694d5946c11e0976950cc73ce7b51ed956707751df573e20a55e6be53310fab3a8a0c3bbe55ddd0e70c804b361b544015c565bf65d976bdcaf8e8a1cc704e5e87b4f59fefb06f4ac14360897fdbca2bc4e672f18e15ab2684d1f5cf18a5ca627c9a46b4e298829583b5f85386cf0763672d7c04ff3670b8e31dd699ff6e7036ecbdde9d8f7d383845db06d3e2410b3e21c78227b58d44f211287f7b24757419dba52415d9d25ecbc636a363a7d5dcb3015d8dcb8c675300076322a139666a5213ebf9e29037e59733ce099ee1b68a40a26e60aee258f125c133aa7392e1312056b1a09534dadcd68e3d45876d4439950cec3f4ff8c328bfc9895468fd62ce0d2f11cb04c28187a7851eea2bebb3ecc9095ff2ff0b32b96ba9fe054299c4693c9214ebb09a9b40f4ebb091be0f81718e88d6e1b8871cb316fb8b41bde934d8d30e0ffde1b51e33df6d993d0d994509fde5600196f3c303eecd7c299ca3735b69828181f14e1b44fb478ab09079b09ce14d5c7212d88b554ca320d4f8b273b77faed5b738f9174fad7e38853482b075dea5fc7befe1e3bfd741b44659842c78d1ff549f06526e8affda467e8700997c3e7b058bb15f534ba4a41b86e2c8776317741be032c6cdc20a05d2ca6d5df3d2918e5ba37f8863650e058b4d70b187157653e062fde85c5bde37002f8b0078b73c522e3894e563f36f479ba90d3970c0b3774cb1fd438d3424945910b45ee07014b1e857e5aa3fde3fa0d56f2dab144a31d02b747a3847cc38e8e2fdd8f161d89a88ac25d5f74a8ac864c94b5c4a7d26ad54f98f01e7ba1a5591e76bb3cbb506bbe895ccabef5819d216b6c2dd6fea353082baf46db8d45a6d4f99efe8080550e0d089f69fe6c1fd5f413e3913c1896bc76b49883078a65c3c59236c0b1416c3dd3514851d126fd51a9656ea41a4c10f0d83ab9c6b90512e811ab24dc6354e483dc862561d2bfd851fc1c015872cdafbf8d8c1ca7e49e1f8df6aac7f0da1dfeada34e020ef793786a517ec6cc9cbde3abf5f5cf932ecb09baad90c6f3fc1bcb5374de618287b3d4e6cf6a68b5400748282e176341267343fc9a5faff40d31623c210f5183e64968d3b97c6fa5a2ab9329400bbcae82d8fd701fdaa6450d43554fca030da66d3297d8d6c935680ba32823f4c39315aa0d4110905ba40b8a074023389944987d51079e3dee640692699c225ddb39a8f3d670faee0f0d2be914ca33e9085aa0fa07240046b54dc89ac7131e2f5bc4a812b27b6e91fe2fc48a54307e4ae5d021f4d2bcd57c79ae1554fece9d1dd23064a2b464f32a3c3548386aebee46d8542802ea44febfd344ef14980b7cacf5a63942870e8dc9a82609f47c9bc49454ae492f99f3e9bf03f953181694f99afec1919f6b8e4f4ed9d10ef7a41ace0bbdb3ceb16ac87dd6f2f65e36c3a9eb49bdcec7a96f62d18b3752d8bfd8cb2fd986d279365b2d8e3e53cddb7c8462d97edf127df0c2690931e6224585dfd5ac0ffb43b434b829ddc9d4b2b25d7e9abb8dd033ec2b33f07a49d9c2e6709716ed45d84ce26cea4435894aeb78a29612789704b818d0509450e3cffaaaf59a6be740e35a934cf0b96a074502e8dc2eb8e736a14ffd2577cab28e7592dddeb850bca9f2b9231dbb5f02bb25b3f36b5cbe06cee2d6ef9c967715f3f335ead0a46a8d26799dee5a2452855f976a0c46dcbef319f61f30b6489118f85ed2c46f69a718854b5fa4a6625c03a1ad3962218a3912792dd7b5d3955db87bf6c4ab948553674ae35093b89dbc37b5bd7eec5b0894f309c4836dd4c453d929fbcf59b31a4786716e1ea18682c05fee8d90c5a66e9759bbf52db61856e824380543a8f87a31052780ed0a11682dbb88f8b3bf03688bcba1de8e72803e73d76d8fc8aecd29d20f99ef53ba9f001ac0e5b28e02eeb8c04405a9197256b0e6df94393ff9a905d33387e8889e6239244ecd53749c5689c3abf3fc91dd6c4961d945ae8a0f2b317d82eb4347bd30bc50a07cc4de9e8006db457f3d0864315ecbf05d60303efbac7ff79f127b5341a334b50458fac7546cc7c868602290c4ca1e40956dc25321110fa7fb74961937da48d7cd46276d8b8388d77449f4725721d1ed02d072c3b6520983f7494ecc87906ad932290b18aa6322703a7b48f3481c91e773eb05b75747f6dbcb5ded855718c313ad6deae3f1be97f47c17a86128950f8a081496844241332cae6a3e5d500c3fa82732595cbe8d74cc04e9128d759fb87b945907aa631e36968855ac40dd48bc4ac964eefe7277141bcc68b6fc2a01d1a6f7378a4ddabae89acad72350cd843e24326214bc7e0cde52139a657861cb435534ef99f97c2c35d2a737b1c69596262aaef760e88ec5ec0b531e2f72f121369a7a3eab4e3596f4211dcb1f754e7594553a49d8d3d40e2417fc582b4ba3d5f41884ff03ef61bf5407abc3f46e817e35268697559f82d9f945484b72bc91018dd74d60230526dc3f31ca2d6d112db7248c13b6c4de207558d866cd39eb62fea55ecc6714dcbd15f049ead869a2179aa1f07eddf84c93153a10d1eb8da3cde831bb728032594d99d71d3fdbbc4ec38599b0374177b70f7b54ac59861f12f2adc4bb9eebddeee112f4beaf547cca2a32d66e38134662b3f811405b0bc381053022e54598bda119bafe868aeb093d7eeb61c03388fd31bc7213a48ff88e3ca6b6a8762a760b0d37b01106d301a476e18e86cb4de7ae9d6207f7d6b135a93105096d94b976a62e1160d586fba6d9ce730be11c4c09409907f6dbf9cb373d75253454298e7a4382d8a841acff84f68d84c724c16bf99c5978256b48043da061b7e2587bd511a680d0005ce4898f09a278e1a2099b2bfea30c0121bf6fd3929e6ff9a781ec44f4c08a9f6df8eae1207a8f97b3aab6c72e684884dd59a90c692e6d36db365d4131195da3bd36856805c57e16bfff0199eebdddd6704b66344d147095739b81a9052e0a19fe4bf6a753a6a25d87f6e5aa04875103822f39f847c5e6bb1a49593eca9da9aad3dc9d48911a9ac843d0522f7caf60b0ae7a9d324c32d38e7569d5c90d3f73f09ec10ece55de48e65ecfa884d2ca9aab7c16f0e58e1a15990a1b25549212bb999e802c5e76877ac15336f8a87518a6257ca1eeb1a304d044b2d953d7561b53ef90a6d1ef870bf96359878ba336c18eb7fa554664fc5759c71c58b105f31885adf8127fb60436f7dd0c077335f93546bd0bb003b802fbc3af7b1d47467a343a01233f8a8e48e014044ee1cbc517c8ceafb66950162dc44f83af38aab9b690289d8c891c9e7aeaada35d61cdb2e0b3f357e90582f72496c70bed0d5f259f149a1d083a79d4457acb94218751468725a462f165192f93b6a548bb545ef986c19c424d6d08a39a5f5f88ac9827518a5db2e4bba5c82bec5f03cc84b5518489c94837ceee555a8110b76c3eadab4c811cbac79df7482de0488c0da1fcbb8672b4dc8f6a2c6a6cafb94deb07432e6bb6450accd9fa8befdf7bb79da698cfb6498ed3a4ab068cf7ee21ef3105e5615108138d67931f9e5f2b2ec1a1d983fd97b06d71a0bdcd56ebdbdee6df93694060a255207d84a94829e8093f6472c67d19640a961b430656dd877507a5cbc72688e0812a16faee76c8046e15692ddd5b0e48f0700f5bb6ee46a3b28b74451a3146132fb694e591c6bdff32cd061e32727433b1b3503c72958c9a9d77691589385dc9ab16bcdc770d0b72b57372160ecb450612c4115bdc4639a9224d59f2721b8c62cf457a9bf67a71d208953abf09da586be801701b400dcdf16a75c3cb864e3f42669fb9833422a26ef1a52b08c056b07b8b35b912939f9bd483a5130486a7bf0dc4b85fbfa424b232967567356181f80860efdea977421d0a7944fa6ef9c84b65aa3f811e4939d929c1af659bdaaf6e917b042c28a2eef43d73141f718207d0614b18eeb6adb2e405f077f0fbb8bdd2725deebffdb107beb063ca939b6a6ef3320a3012bc32b8f9e157bab97e1f9e7da43471babcccdefed4fdd16ef0b88192cfd6a76b65a21beb9efc7aa8ccf620245f98ddaea76547caf3f610d90d91686baa796fbf003f2b98875e4df3865dcfb39104ad39fb670556ec87b9c254e1d4e30ed4c27b7babf274fdf9a5fc919c2cd21d8b6cd103b894f55c7fabf39b8dbcba0b5f3fea759e373263b87662d02babee53dd84a7f4fd08671d3986c7b25906ded51fee261e2bc3325179cb606762802e81aa0605ccc747bf11911f21ff5db30b56bb", 0x1000}], 0x4, &(0x7f0000001480)={0xd0, 0x1, 0x0, "7e5114aee10d6f73a3bae9e12eee124627308b4b42a12471d0cf3cc981b61c2c087a843dda821a211a629e52dc7f332a2374187d2ac8b988a0e7396700712b6a21b88105aedc184929a61bd189bf9ee070a690319b04da5b2b092c969fabf2ee4f32ff41776438bb8df6c985dc0d110d57c27a80156158ef8e2fd4335b82a08baacc764094b3c5571db20e8e0318baade5b035bc1aa828723009c401f1e6a0b0f01cd47fe41e326af29526896deb17c3e33f01d4205263ca7594272985c925"}, 0xd0, 0x4008800}, 0x4000000)
write(r0, &(0x7f00000015c0)="1d91ac9dd57e9f0df19a314a0365656d549ed2bed283efe3fdc624a2fc463919c7a7ccde2bd9b51ef4582b60ea913e9398f1d1114fffffc0b8b4686542911612ac8e0c36ae69f7a2bcc1055535c30ca452e1dd853dc4ec163e3c9c99263fd44cf913b912e0b4232cd5085cd33ffca5ab617e626f6af4b58662c087", 0x7b)
ioctl$sock_SIOCGIFCONF(r0, 0x8912, &(0x7f0000001680)=@req={0x28, &(0x7f0000001640)={'batadv_slave_1\x00', @ifru_map={0x43, 0x9, 0xb75, 0x1, 0xff, 0x4}}})
fsetxattr$trusted_overlay_upper(r1, &(0x7f00000016c0), &(0x7f0000001700)={0x0, 0xfb, 0x57, 0x0, 0x1, "42c0f37bea49c14d559092a1313ae237", "d8de82c7b7aa95698a3703925a8d79ac69db7dafbb88a4b22f1ccea8e9bbbc1b7946a395c82458f503d653007fa961aee1b416adf5f5da6367fa9a645bff550c6f6a"}, 0x57, 0x2)
write$sndseq(r0, &(0x7f0000001780)=[{0x2, 0x2, 0xd, 0x2, @time={0x5, 0x10001}, {0x6, 0x9}, {0x4, 0x3}, @addr={0x3, 0x4}}, {0x7, 0x0, 0x1, 0x81, @tick=0xc72, {0x96, 0x1}, {0x47, 0x8}, @quote={{0x2, 0x40}, 0x9}}, {0x2, 0x81, 0x7, 0x80, @tick=0x7, {0x4, 0x80}, {0x7, 0x1}, @queue={0x1, {0x1, 0x24cfd95c}}}, {0x7f, 0x8d, 0x1, 0x87, @time={0x13}, {0x1, 0x7}, {0x9, 0x6}, @result={0x9, 0xca1}}], 0x70)
writev(r1, &(0x7f0000001a40)=[{&(0x7f0000001800)}, {&(0x7f0000001840)="9fad28f4927e6e9a40aac77086bc379d7a5f6bc616c4f8d02b3c2fc33967f3f5eb8ae7674afcf1dc15c7d6a1f034e5e83eb09a88c68daaf7609324b2b4d213799d708476c3148ab996112da9ff7f9da9108857dbb99b41cc68b162643b9b53ba6c45411bea6d108334972a4db3808bf0c28a247946519fd5a15d24161900a31e70f5415fa86609027be616952ac06a52a8bdbe628d3706b82334b2ab22501a43521a82098ddf51b8705d8fa0d15a", 0xae}, {&(0x7f0000001900)="0ea4e22a5f8b46741328031acb0301543b66856d0863dba7b39ce33097404f73c157d7447c89b56de3805850984e6a63d179fd35b368d65c15f22fb9b1180f93956c781ea11e10c8e90f811635635674a6873ab09ac4b1964df01b40dbfddc6a2751db24af4d1683fc67e2e9cd5fcd669eb860c9ec18f84fd59edea4ed7da0eae0644ace45975538141de3105bcd0e43cfeb3022392813634827e630e814b578c03426c2d2682bf691fe80473cdbfa0b5b818b27ecf1005d1ef92f26e683773c653b9f3a08b0556bf289980ef9c2f45130890a575f875944351e9efe33b38364522064184fad1c31642de0ca6f8f609472ca", 0xf2}, {&(0x7f0000001a00)="f04f23e4b28cf988879c79c9b20e3c8bd724f6a7d2d28f28f57ce81f5be2c8ed2034485e", 0x24}], 0x4)
r3 = getpgid(0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000001a80)={0x8, 0x3ff, {0xffffffffffffffff}, {<r4=>0x0}, 0x8000})
lstat(&(0x7f0000001ac0)='./file0\x00', &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001b80)={r3, r4, r6}, 0xc)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001c40)={r0, 0x58, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000001cc0), 0xffffffffffffffff)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000001d80)={&(0x7f0000001c80)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001d40)={&(0x7f0000001d00)={0x2c, r8, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x2}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0xb8}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x550}]}, 0x2c}}, 0x4000)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000001dc0)={@local, r7}, 0x14)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000001e00)={0x9, 0x1, 0x1, 'queue1\x00', 0x1})
fcntl$getown(r0, 0x9)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000001f00)={'team0\x00', <r9=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000002840)={&(0x7f0000001ec0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000002800)={&(0x7f0000001f40)={0x8b8, 0x0, 0x0, 0x70bd2b, 0x25dfdbfb, {}, [{{0x8, 0x1, r7}, {0x168, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xa177}}}]}}, {{0x8, 0x1, r7}, {0x130, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffff9}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0xa38}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x93}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r7}, {0x4}}, {{0x8, 0x1, r9}, {0x134, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r7}}, {0x8}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xe20}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8, 0x1, r7}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xf, 0x4, 'roundrobin\x00'}}}]}}, {{0x8, 0x1, r7}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}]}}, {{0x8, 0x1, r7}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xd4}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xe}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xa}}}]}}, {{0x8, 0x1, r7}, {0x218, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xccb4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r7}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}]}}, {{0x8, 0x1, r7}, {0x7c, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r7}}}]}}]}, 0x8b8}, 0x1, 0x0, 0x0, 0x90}, 0x40)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000002880)=@gcm_128={{0x303}, "cb4793f3837098ae", "3f6dd0effe61895b40c5567b22a03067", "129138be", "4280dd2b8274baa6"}, 0x28)
read$FUSE(r0, &(0x7f00000028c0)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_ATTR(r0, &(0x7f0000004900)={0x78, 0x0, r10, {0x9, 0x1ff, 0x0, {0x3, 0xb8db, 0x7, 0x3, 0x100000000, 0x4, 0x9, 0x6, 0x101, 0x2000, 0x9, r5, r6, 0x0, 0x3}}}, 0x78)
write$FUSE_INIT(r0, &(0x7f0000004980)={0x50, 0xfffffffffffffff5, r10, {0x7, 0x2b, 0x6, 0xffffffff88014000, 0x0, 0x3, 0x2, 0x1ff, 0x0, 0x0, 0x40, 0xdc89}}, 0x50)
r11 = socket(0xa, 0xa, 0x7fffffff)
setsockopt$inet6_udp_int(r11, 0x11, 0x1, &(0x7f0000004a00)=0x4, 0x4)

528.273573ms ago: executing program 1 (id=1504):
r0 = fsopen(&(0x7f0000000300)='debugfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='uid', 0x0, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600))
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4000851)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x8}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8, 0xd, 0x2}]}, 0x30}, 0x324}, 0x0)

460.222977ms ago: executing program 1 (id=1505):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00') (async)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)) (async)
mkdir(&(0x7f0000000380)='./file1\x00', 0xa) (async)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
chdir(&(0x7f0000000080)='./file1\x00') (async)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) (async)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
pipe2$watch_queue(&(0x7f0000001180)={<r3=>0xffffffffffffffff}, 0x80) (async)
r4 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0x0)
pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r6, 0xffffffffffffffff, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r7=>r2}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r7, {0x7}}, './file1\x00'}) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) (async)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200), &(0x7f00000002c0)=@v3={0x3000000, [{0x2, 0x9}, {0x3, 0x3ff}]}, 0x18, 0x1) (async)
lsetxattr$security_ima(&(0x7f0000000280)='./file0\x00', &(0x7f0000000140), &(0x7f0000000300)=@sha1={0x1, "eb10cd001a5947af0448a6f75340a806035f6224"}, 0x15, 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) (async)
clock_adjtime(0x0, &(0x7f0000000340)={0x37db, 0x80000000002f423f, 0xfffffffffffffffc, 0x6, 0x0, 0x5, 0x0, 0x4, 0x80000000, 0x80000, 0x2, 0x2, 0x100, 0x0, 0x0, 0x2000000000000, 0x3, 0x3, 0x1, 0x4000000000200, 0x0, 0x3, 0xffffffffffffffff, 0x401, 0x37, 0x6}) (async)
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

459.075538ms ago: executing program 1 (id=1508):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000a00)=0x1, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000002c0)={0x61, 0x18, 0xfa00, {0xfffffffffffffffe, 0x0, 0x13f, 0x4}}, 0xc)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0x40383d0c, &(0x7f0000000100)={{0x9, 0x7f}, {0x9, 0x1003ff}, 0xfeffffff, 0x1})
fsopen(0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0xfffffffc)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r9, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x4008014)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x28, r4, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x28}}, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000002400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="19042dbd700000080003000100000008060000000000000000050003003900"], 0x2c}, 0x1, 0x0, 0x0, 0x200000c4}, 0xa96246c012a88596)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000002c0)={'gre0\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000300)="09000000e700140000007ef52f555f2a0c67127025c1d97bfbf788a83baa88a8", 0x20, 0x24004800, &(0x7f0000000100)={0x11, 0x88a8, r11, 0x1, 0x88, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}}, 0x14)
sendmsg$NFT_BATCH(r1, &(0x7f0000000600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELSETELEM={0x374, 0xe, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x328, 0x3, 0x0, 0x1, [{0x324, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0xc0}, @NFTA_SET_ELEM_DATA={0x138, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x37, 0x1, "79fdd47c34aacfa5afb8c04712ed30e65d1bccf0009c9c0ada78ede044fb86d9c8950840d1049337efcb6a1e20ed3ca74c0917"}, @NFTA_DATA_VALUE={0xfc, 0x1, "fbd8e37d0f9be90154d9b007556cd21d00743f89ab27511d522e38b7bab62e1e7b52044e34b04c459ae6bf42e7e7f18fa8ad704e5c3be51b4c1378330fd76ac1bf35a4a9d9f3c2e686a625bec0974e6e69a6682ba7639b77db541b89f1ff98f42d5db053ba9153a4ff3d5e45c0bd244e9f563102d886b398750358d79c70376857ec9a9459d05f8bb973e351f8c03856a2dcd14204e9eb1c070b90f5de6dd0c3f29c3abae2467952444078e258c384946e62fd97a7228fcdcdefc9ae8a1e3db3b241306a99af88fddf554ed5589c9bf78107dbf45736edb2a12b56d63765bd41a813a8832d01c0a5a5d52eb74b2120357c98d30f98df597a"}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPR={0x1d0, 0x7, 0x0, 0x1, @match={{0xa}, @val={0x1c0, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x81, 0x3, "2b37d1ed8de95c14abc4220f93368cc5990169cde0dbef9fd208b9701cc58b0ca812d34a81f6a02186456fa59c98e80bc261782b82838e893aa714238522ba6345681773d74769f8bd9514b5132eb6b3aef26d40d19d6b90adf5b810fa32c1ff6a0c5a2c52e4952040fb3eaffe1fcb8aa06e7a85118abf8ef56554bc8c"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_NAME={0x8, 0x1, 'bpf\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_MATCH_INFO={0xdc, 0x3, "845468c3bd2fb3387ac6f3d6cadb92db6dd92a3577ba095466d77efb947f58bd7e431e697968fb5079c33063654a022b7003063017151b09756b2b938aaafd1f0c8d865e7fc5713246231729e69eb6e4ddd4e8c2bfa99010e19cfc2473bf957a26e4e677bd27b9b9d3cbac132e50758d71fb908da9999e433e05317452c2b0dfcd0bd6fdedd4aa70b96196e72100b38f7d7d7ae91b4db076a02b20fb8ecc964c6fc036d644bf9827e34aec5b4140fbf0e6e253fa126fc5bc699b88d1af67adc97dc4bcad0024f1c7b4e8f01de65e5f7a8794e165dbe1fef1"}, @NFTA_MATCH_INFO={0x1f, 0x3, "ebd36dc5a5a94178cdef9c0757ba2191ec2cba2cc7e981c73a230d"}, @NFTA_MATCH_INFO={0x15, 0x3, "4f7f34898ca6a1a9d8adaaaa36b5067165"}]}}}]}]}]}, @NFT_MSG_DELFLOWTABLE={0x20, 0x18, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x2c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x24}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x100}]}, @NFT_MSG_DELOBJ={0x2c, 0x14, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELOBJ={0x12c, 0x14, 0xa, 0x301, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_OBJ_USERDATA={0x85, 0x8, "dbfd5f97f5df56ecc8cb91669202627bd66176242c2fcee54dfb8e171d2103fb482e348a3a7c4789b91d96c5677041b652c19103f030e0561ba81a27d5817d97d9f1c91f92749e6e62f7004cbe65fdefaaff4cc0d195683396b3ea5dfe36da69dac0901f02ea30aebb0fe17f44b69cdb9aac15b791e25955fab356a34b71f9acc4"}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_OBJ_USERDATA={0x81, 0x8, "396b2fd66253f11a49c3bf8739962b6f7bb42f2b19ec3345243cb187de5023296be4af98ff690c6a16c40757f8b91a7ee073872a240927b634db6f9804d91619fc6e2f2f726e43313fe64c5363f05242d3ccee97619c6debd700584add65e0a5374d1d1a8577c1932d4b4115f54a84d304696a1a9eb0980f1e969d0b74"}]}, @NFT_MSG_NEWTABLE={0x30, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x570}, 0x1, 0x0, 0x0, 0x40010}, 0x24008840)

199.363187ms ago: executing program 2 (id=1514):
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4000)
write$P9_RWALK(r0, &(0x7f0000000040)={0x23, 0x6f, 0x2, {0x2, [{0x2, 0x2, 0x2}, {0x1, 0x4, 0x7}]}}, 0x23)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x383282, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r2=>0x0)
bind$nfc_llcp(r1, &(0x7f0000000100)={0x27, r2, 0x0, 0x4, 0x81, 0x4, "78edf9d2bd5b6e2909ba1ac5d1e69e60eac88321998f404a22eb1d6cc6dd1323f8be7dcfbba08529f9d27d62f933b1d39d56c751f764c3cb3bd641af0d7d0f", 0x1b}, 0x60)
sendmsg$inet(r1, &(0x7f0000000800)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000740)=[{&(0x7f00000001c0)="7c33c5", 0x3}, {&(0x7f0000000200)="55d72fa87713f031ed0a19e9f2c45f56b66062424479e0b81e9f15e7e8719450138c240ba6bff5cb5e11a0870a834a881713c74235e209b30fca61828258437802506275b9eabac3be845655abcde15a352f1604496a9a348481d04f6b8c040e4692aafb941092301a83ec1631702e0c7ddf586aa811d52f1f69ae14aba869e61d6c22b5a56ea001a388a8858b0c292e180886ccdce1d0fbe09d45498f14a246ac8f7055be5ff68508b56a502e34bfdc68da", 0xb2}, {&(0x7f00000002c0)="05a8f8a6e7b3945128abf8875f06b939642cd583b591aa1c4ff03bb1adfb4846be85be1e98c7b87295ac42910aaf42ba1429c5612e5413eca2be5ec0ad816ec08ce865a8c101a2ac", 0x48}, {&(0x7f0000000340)="95703e2075aea7fb27c6caad36b480edcf7f3f43a12db988b0255c9dc6805ed36cb7e8ecd25c7d153be42286812ed6fe7168d6acf286ffbbab71c562e84541b6fd20ab36257355d607a3a5e8c306028d475d108c481af4a68e218b7a69df6550f44266eef5ef3ebca9c5b04a62457f96997b8e3cb1ead87df9a714b16304b03ee920d2b54f992d94690652f78c76", 0x8e}, {&(0x7f0000000400)="20c65a7aa4d2aa6401d1ba34dd75c91968bbdf4ff99c847cd2a1c09bd21d065d9c4d574acf6ec8b5e49bdd2b82075e0fd90ff3659dd56516eb2d0f5c59afd15fa2329db7020811be5aa9f3361c1f15966d48eb0ada633b", 0x57}, {&(0x7f0000000480)="9370f44ce6be318290bba80efc82bc9d7d1d", 0x12}, {&(0x7f00000004c0)="2fa64be258890f09fe37024cc5976bd75473836218342b77b6c74cf4a60932e2e6033013e0f8f40a8015e828d99cc20de0e9c77838d334013c531aab3f28442116d9cbbc50be57e05442d2659ebf931833ed6c84ff582498da83d66b69b1b85865770688a0384be2b1a80b7e3ec9361bb05684ab68d5a85d5bbeac99bbf7959323be8634", 0x84}, {&(0x7f0000000580)="378e9a2e1e35ad8cc752b1630897584c3c5fcb88d54fcfefe8b9ba9680443568902fba567d881538aaf82f6d044aea2d20064d210c4d9fe063980797e167dc00884ca1fbcd4e598e843e6843b7043bcdf5cec5ffd9b7c53fcd3e8158d80b5703ac9967e035ff5f4b381d1c3924ccdad643d9f27ba1a7123bf8752f8740f0b12d16b2ec0dccb2dc83265e06b994e70181b5f1b2cc54747090f3375a2cbcc64509af2c487268449745e390e14b76d266b613a347cd5b", 0xb5}, {&(0x7f0000000640)="53178f2c828d6199952f9067064efd8604ce98478c48392400a256e57eb3094d2888710ee232a7544c5ea5310d20ea9f88d7a5baa7b55ac1fc080d46d1fe9c9ca2d298425707e5eae3417d442ec892f506fcf96a79bbfc6261a954fd176476648ae7fde7887ced2f54df05b34cdb525d3645c947de9a39dcf7b2ba35bf5ded662ced5e1e62f488a6d7e6b7988451cd367adf274449cc4059f93060535ed1ff9878a5111d935131d036fb21bc8b509d2e96ed05dbd37dde0268ad6b211413752864a1d9fc891e685f53167ab31774c5189895c286d1105e7ae3fb4dc9384e", 0xde}], 0x9}, 0x400c000)
r3 = accept4$bt_l2cap(r1, &(0x7f0000000840)={0x1f, 0x0, @none}, &(0x7f0000000880)=0xe, 0x81800)
sendfile(r1, r3, &(0x7f00000008c0)=0x9, 0x7a)
ioctl$USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, &(0x7f0000000900)=0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000001bc0)={0xff, 0x0, &(0x7f0000001b00)=[{&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000001940)=""/184, 0xb8}, {&(0x7f0000001a00)=""/170, 0xaa}, {&(0x7f0000001ac0)=""/17, 0x11}], &(0x7f0000001b40)=[0x1, 0xfffffffffffffffd, 0xfffffffffffffb2d, 0x8, 0x1544, 0x10, 0x9, 0x3, 0x8], 0x4}, 0x20)
listen(r1, 0x5)
ioctl$USBDEVFS_RESET(r1, 0x5514)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000001c40), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000001d00)={&(0x7f0000001c00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001c80)={0x3c, r5, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40018}, 0x4000001)
read$FUSE(r1, &(0x7f0000001d40)={0x2020, 0x0, <r6=>0x0}, 0x2020)
r7 = openat$null(0xffffffffffffff9c, &(0x7f0000003d80), 0x2200, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000003e40)={r1, 0x58, &(0x7f0000003dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000003e80)={r7, r8, 0x25, 0x0, @val=@perf_event={0x8000000000000000}}, 0x18)
write$FUSE_STATFS(r1, &(0x7f0000003ec0)={0x60, 0x0, r6, {{0x101, 0x7fffffff, 0x0, 0x3, 0x8, 0x6, 0x5, 0xbfc1}}}, 0x60)
pipe2$watch_queue(&(0x7f0000003f40)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x80)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r9, 0xc0bc5351, &(0x7f0000003f80)={0x0, 0x2, 'client1\x00', 0x3, "0d7fb270d1cf1923", "bcd8cfedcf08d8e577712e070a1726d855ec172a55e48c18d7772f2b35ae5619", 0x2, 0xfffffffc})
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000004040)={<r10=>0x0, 0x8}, &(0x7f0000004080)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r9, 0x84, 0x6, &(0x7f00000040c0)={<r11=>r10, @in={{0x2, 0x4e21, @private=0xa010102}}}, &(0x7f0000004180)=0x84)
bind$rxrpc(r9, &(0x7f00000041c0)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x24)
poll(&(0x7f0000004200)=[{r7, 0xa088}], 0x1, 0x3)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000004280)={0x6, &(0x7f0000004240)=[{0x3, 0x9, 0x1}, {0xc5, 0x3, 0xf, 0x1}, {0x2, 0x4, 0x3, 0x2}, {0x4, 0x0, 0x0, 0x8}, {0x2, 0xbb, 0x8}, {0xe, 0x1, 0x9, 0x400}]}, 0x10)
r12 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r12, 0x84, 0x23, &(0x7f00000042c0)={0x0, 0x8}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r9, 0x84, 0x75, &(0x7f0000004300)={r11, 0x10}, 0x8)

120.536775ms ago: executing program 2 (id=1515):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000444}, 0xfffffffffffff000)

120.337491ms ago: executing program 2 (id=1516):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x6558000000000000, 0x4004}, 0x0)

69.321773ms ago: executing program 2 (id=1517):
r0 = socket$inet(0x2, 0x1, 0x0)
sendto$inet(r0, 0x0, 0xe803, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
shutdown(r0, 0x1)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001500010000000000000000000e"], 0x14}}, 0x0)
getsockopt$inet_tcp_int(r1, 0x6, 0x12, &(0x7f0000000000), &(0x7f0000000040)=0x4)
splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x2)

69.168028ms ago: executing program 2 (id=1518):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend', 0x101a02, 0x0)
sendfile(r2, r2, 0x0, 0x9)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00c1000000000000000100f9dbdf2500000300220000f418aea500"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x2404c0d0)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r0, 0x0)
listen(r1, 0x5)
listen(r0, 0x0)

424.845µs ago: executing program 2 (id=1519):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r3 = add_key(&(0x7f0000000a40)='asymmetric\x00', 0x0, &(0x7f0000000900)="0000000000000002ff69000000000001000000c000000002000200861fa72e5b01504104bfeacdd5a9007d167c71e3b8a93aa64d957a68cc61c833020a6da8881fb79e110483bfadf224a22c76ecc7a56843a85f7df51293b64411d85e99c89ec4149cf0eb84ef8f0f07342db3b0e5a5647b7bed1fbf069ca713670adf7d9fb6d2600fd9c1981fe9f095cfe9b9fe1e1e34f6096bf02543747b2c792890f07c0da0fa25e6101062e6c9176a70e41698814a213711764f88495994cfd8a57c1e13f6b5298e7ab3a27e3c5300d86aa4359002a8ad3d07a023bfb58dde34d58536633c27887d67999b00094461000093a1a48a790b715673b4b0ab81c81bf36527f109ba5332e9cb93", 0x107, 0xfffffffffffffff9)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r5 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_security(0x11, r5, &(0x7f00000003c0)=""/143, 0x8f)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f00000002c0)={r5, 0x64, 0x35}, &(0x7f00000006c0)=ANY=[@ANYBLOB="656e633d6f61657020686173683d626c616b6532622d3235402d67656e65726963000000000000000000000000000000000000000000000000009112b8d526f528d1d28a09c1785c0000001cef00e8838cc335de63e1341ab90000000000000000000000000000000000818069bc0412473bf09825dc72c2d949931eabe7a8554449f767dfaad7dca8b365cca37a9d221903fc2b0d11c209add5e917f19c21921c5c55f333eda9e751940a5b2acdea67610ebc77ff833ab46caba32484d5a08da31fa391a7ac382158057aef40d2ebad15fe3dbf82e347ea8de13e675fcbae331a606399d617dab9b7cfbecdc1b130aa21c78f51b518076f01fc5b5f85ec02650505ca366089bc053d5f79750df09069fa64cb2d9241015f986cc86355bbc8b97fb61fabf5ed78f28997600697ce9465037d71bda6edc23765867d747f9038a0cde3ff5b042e6ed7dfd3f1237f96d749fc3bf2650abe23733a84023544dfbef97562148858725daf6b284fa06be32afc73fbb8662b969dcd741b7bb7b24f07a2acc9467809dede7c36bfdfba9a6402f6e76a355a3110df7c44"], &(0x7f0000000500)="d8d60ee351901ca05c0cef421ad786dae5a5332b988921c805adec643bdae6b9606c5dccb433257618bd0e15024488554de1b8819dc97b8f1aacb41c686d833d10de9a0dc7deadcfb469d120ba0aeac158e42b2fc96eaa8663539df6ea21f2c9abab224e", &(0x7f0000000480)=""/53)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0x4000, 0x100000001})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000e3006249364ae431fe4f771a17a8e73591959c3ea1158f1c9b28f4b4f7cb72fcd83aa55b2613829676918767e5e4005ff59301c3"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x10, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000000800000000000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300000f2e4aed6b098b8efc99a2ee", @ANYRESOCT=r3, @ANYBLOB="000000850000006a000000950000000000000000000000000000040000000000", @ANYBLOB="6c7f69e5bb27e7d2d6f029471ec645e37095c46a1fb7b8a917dd28d02827801ada5d0b2cebe212311657315583"], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r6}, 0xc)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000280)=0xffff1000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
close(r7)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0900000006000000008000000400000000000000", @ANYRES32=r2, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000a000000000000000000000000006ab5dbeedfa095c51882896ebbc8f573d031641be9059540c035d24fa7519394e35f29473198cb188d3bb20e4fada9d81b2400df464171ddbba9e8c66465123785cc09df257a4439e7f1e78fd9dce8b26fbc01e0c7555cf220d72de041370bf286394afde5a8da8f575b4afd68f7f354a15746a6b95e73c1ab51c0354f852d576159884c93a98ba4f89ead8df7c4ff0b20848f3ee5dab8cee2a47ec951ea050000000000"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000007000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r8}, 0x10)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001400010000000000ff94"], 0x59}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r9 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r9)
r10 = socket$igmp(0x2, 0x3, 0x2)
sendmmsg$inet(r10, &(0x7f00000053c0)=[{{&(0x7f0000000ac0)={0x2, 0x4e21, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="580000000000000000000000070000008628000000030510"], 0x70}}], 0x1, 0x40094)
syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000200)="baf80c66b83c74fd8566efbafc0c66b81f29000066ef66b9d30800000f3265650f01c867660fc7b11dc40000f20f080f01c30f32baf80c66b808d3108466efbafc0cb85950efbaf80c66b89090f98666efbafc0cb85c35ef0f01c4", 0x5b}], 0x1, 0x0, &(0x7f0000000100), 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)

0s ago: executing program 0 (id=1520):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84) (async)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) (async)
rseq(&(0x7f00000006c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x24, 0x24, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$lock(r5, 0x6, &(0x7f0000000380)={0x1, 0x0, 0x200, 0x2}) (async)
syz_emit_ethernet(0x52, &(0x7f0000000740)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a3705", 0x2, 0x2c, 0x0, @remote, @local, {[@routing={0x84, 0x0, 0x0, 0x7}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) (async)
fcntl$lock(r5, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x5})
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r6, 0x6, 0x3, &(0x7f0000000000)=0x6, 0x4)
fcntl$lock(r5, 0x26, &(0x7f0000000080))
fcntl$lock(r5, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3}) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e502000000000080000007008300", @ANYRES32, @ANYBLOB="200001", @ANYRES32=0x0, @ANYBLOB="000000f1a0"], 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r8, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c7c4b08000b3c0dc11800804cd9d7590000000000000000000079", @ANYRES16=r9, @ANYBLOB="08002abd7000ffdbdf254f00000018007a8014000200c0eee1e2db02c7d4c9384c81e225bea83c007a8024000100b5434e59372339489161901f9b06569fb4b841ff427b5a5e3e964aee1f5181431400010080ce5def66a53ff953fba8a8fc1d940b44007a80240001000d06e3abdab601ab8bc61b77adad7cc41a270d4f9dd122435c89032afa518fae14000100bc09e0f6c1d8fff1e5585ab2e0c10086080004000500000040007a800c00030017a372ced4f8131e14000200b26ba8cabc253ef9260891c457869fcb08000400fcffffff14000100148c5fb91260d020b6d85dd9df2b65c0"], 0xec}, 0x1, 0x0, 0x0, 0x24000880}, 0x40080)
r10 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r10, 0x400455c8, 0x1) (async)
ioctl$TIOCSETD(r10, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000000)=0xdb) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
shutdown(0xffffffffffffffff, 0x1)
sendmsg$inet_sctp(r0, &(0x7f0000000480)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYRES8=r4], 0x9)

kernel console output (not intermixed with test programs):

  __x64_sys_ioctl+0x18e/0x210
[   88.530027][ T7942]  do_syscall_64+0xcd/0x4e0
[   88.530042][ T7942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.530054][ T7942] RIP: 0033:0x7fc1e878eba9
[   88.530063][ T7942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.530073][ T7942] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.530083][ T7942] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[   88.530089][ T7942] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   88.530095][ T7942] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[   88.530101][ T7942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   88.530107][ T7942] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[   88.530120][ T7942]  </TASK>
[   88.634565][   T61] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   88.723343][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   88.875267][   T10] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[   88.877839][   T10] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[   88.880874][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[   88.884961][   T10] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   88.887694][   T10] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[   88.890202][   T10] usb 6-1: Product: syz
[   88.891494][   T10] usb 6-1: Manufacturer: syz
[   88.892939][   T10] usb 6-1: SerialNumber: syz
[   88.895807][   T10] usb 6-1: config 0 descriptor??
[   88.899136][   T10] hub 6-1:0.0: bad descriptor, ignoring hub
[   88.900987][   T10] hub 6-1:0.0: probe with driver hub failed with error -5
[   88.905499][   T10] usb 6-1: selecting invalid altsetting 0
[   89.225078][ T7989] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2050 sclass=netlink_tcpdiag_socket pid=7989 comm=syz.2.731
[   89.232612][ T7989] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=7989 comm=syz.2.731
[   89.411153][ T5974] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.415456][ T5974] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.419328][ T5974] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.425504][ T5974] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.429075][ T5974] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.457202][ T7996] lo speed is unknown, defaulting to 1000
[   89.494144][ T7929] usb 6-1: reset high-speed USB device number 4 using dummy_hcd
[   89.498059][ T7929] usb 6-1: device reset changed ep0 maxpacket size!
[   89.502251][   T29] usb 6-1: USB disconnect, device number 4
[   89.579665][ T7996] chnl_net:caif_netlink_parms(): no params data found
[   89.653272][ T7996] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.656025][ T7996] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.658721][ T7996] bridge_slave_0: entered allmulticast mode
[   89.661608][ T7996] bridge_slave_0: entered promiscuous mode
[   89.667316][ T7996] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.669597][ T7996] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.671820][ T7996] bridge_slave_1: entered allmulticast mode
[   89.673225][   T29] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   89.675425][ T7996] bridge_slave_1: entered promiscuous mode
[   89.704718][ T5974] Bluetooth: hci3: ISO packet too small
[   89.723326][ T7996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.730078][ T7996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.774993][ T7996] team0: Port device team_slave_0 added
[   89.779111][ T7996] team0: Port device team_slave_1 added
[   89.822064][ T7996] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.825090][ T7996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.826805][   T29] usb 6-1: Using ep0 maxpacket: 8
[   89.835457][ T7996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.841789][ T7996] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.844965][ T7996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.846074][ T7929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.852928][ T7996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.861480][ T7929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.870040][   T29] usb 6-1: unable to get BOS descriptor or descriptor too short
[   89.875303][   T29] usb 6-1: unable to read config index 0 descriptor/start: -71
[   89.878192][   T29] usb 6-1: can't read configurations, error -71
[   89.914152][ T7996] hsr_slave_0: entered promiscuous mode
[   89.916462][ T7996] hsr_slave_1: entered promiscuous mode
[   89.919303][ T7996] debugfs: 'hsr0' already exists in 'hsr'
[   89.921261][ T7996] Cannot create hsr debugfs directory
[   90.042408][ T7996] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   90.047755][ T7996] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   90.051965][ T7996] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   90.057268][ T7996] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   90.071594][ T7996] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.073913][ T7996] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.076303][ T7996] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.078526][ T7996] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.096775][ T1148] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.101731][ T1148] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.135395][ T8038] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=8038 comm=syz.2.743
[   90.139685][ T7996] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.149339][ T7996] 8021q: adding VLAN 0 to HW filter on device team0
[   90.154546][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.156857][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.168655][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.171096][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.183593][ T6055] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   90.278280][ T7996] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.290413][ T8049] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   90.293160][ T8049] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   90.336568][ T6055] usb 5-1: not running at top speed; connect to a high speed hub
[   90.343250][ T6055] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   90.347745][ T6055] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   90.352167][ T6055] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[   90.358061][ T6055] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   90.362850][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.365939][ T6055] usb 5-1: Product: ᰁ
[   90.367342][ T6055] usb 5-1: Manufacturer: ㋀돥̹긕쨺샧쨦喝刾ꀸ졳✬䙪倂㈍井祹䵋뤳晩휟吼윈陒ⱡ꼸澦ो辮唖뇸䱏歫퐈犚轼䌍钏㠹踟韵飊灕웅㝁ð̤য롑췑ۤ浯䎜殚㈔췽勺찅޲氎忍䉔㚄肢ꮿ楨ब簢㨝䡬럡ಣ㌸䪱搮겓ꠛര⇠㭾⋭鉧裴䣌豹齊釠䋲湀ፆ坎੓㑦꿁ഢﲲ丗㤏
[   90.383098][ T6055] usb 5-1: SerialNumber: syz
[   90.386428][ T8027] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   90.402036][ T7996] veth0_vlan: entered promiscuous mode
[   90.409350][ T7996] veth1_vlan: entered promiscuous mode
[   90.423204][ T7996] veth0_macvtap: entered promiscuous mode
[   90.428306][ T7996] veth1_macvtap: entered promiscuous mode
[   90.452403][ T7996] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.460119][ T7996] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.464129][ T8059] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[   90.467005][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.470105][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.470099][   T46] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.472309][   T13] Bluetooth: hci4: Frame reassembly failed (-84)
[   90.479089][   T46] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.482849][   T46] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.518418][ T6371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.520877][ T6371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.534261][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.536854][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.602990][ T8077] FAULT_INJECTION: forcing a failure.
[   90.602990][ T8077] name failslab, interval 1, probability 0, space 0, times 0
[   90.607693][ T8077] CPU: 0 UID: 0 PID: 8077 Comm: syz.4.753 Not tainted syzkaller #0 PREEMPT(full) 
[   90.607707][ T8077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   90.607713][ T8077] Call Trace:
[   90.607717][ T8077]  <TASK>
[   90.607721][ T8077]  dump_stack_lvl+0x16c/0x1f0
[   90.607738][ T8077]  should_fail_ex+0x512/0x640
[   90.607754][ T8077]  should_failslab+0xc2/0x120
[   90.607766][ T8077]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   90.607778][ T8077]  ? skb_clone+0x190/0x3f0
[   90.607793][ T8077]  skb_clone+0x190/0x3f0
[   90.607806][ T8077]  netlink_deliver_tap+0xabd/0xd30
[   90.607823][ T8077]  netlink_unicast+0x71f/0x870
[   90.607838][ T8077]  ? __pfx_netlink_unicast+0x10/0x10
[   90.607850][ T8077]  ? __pfx_rtnl_bridge_setlink+0x10/0x10
[   90.607867][ T8077]  netlink_ack+0x696/0xb80
[   90.607885][ T8077]  netlink_rcv_skb+0x332/0x420
[   90.607898][ T8077]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   90.607913][ T8077]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   90.607931][ T8077]  ? netlink_deliver_tap+0x1ae/0xd30
[   90.607948][ T8077]  netlink_unicast+0x5a7/0x870
[   90.607964][ T8077]  ? __pfx_netlink_unicast+0x10/0x10
[   90.607978][ T8077]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   90.607995][ T8077]  netlink_sendmsg+0x8d1/0xdd0
[   90.608011][ T8077]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.608029][ T8077]  ____sys_sendmsg+0xa95/0xc70
[   90.608046][ T8077]  ? copy_msghdr_from_user+0x10a/0x160
[   90.608058][ T8077]  ? __pfx_____sys_sendmsg+0x10/0x10
[   90.608080][ T8077]  ___sys_sendmsg+0x134/0x1d0
[   90.608093][ T8077]  ? __pfx____sys_sendmsg+0x10/0x10
[   90.608122][ T8077]  __sys_sendmsg+0x16d/0x220
[   90.608134][ T8077]  ? __pfx___sys_sendmsg+0x10/0x10
[   90.608156][ T8077]  do_syscall_64+0xcd/0x4e0
[   90.608170][ T8077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.608181][ T8077] RIP: 0033:0x7f3de098eba9
[   90.608189][ T8077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.608204][ T8077] RSP: 002b:00007f3de17b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.608214][ T8077] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098eba9
[   90.608221][ T8077] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[   90.608227][ T8077] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[   90.608232][ T8077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.608238][ T8077] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[   90.608251][ T8077]  </TASK>
[   90.717029][ T6055] cdc_ncm 5-1:1.0: bind() failure
[   90.725723][ T6055] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[   90.728383][ T6055] cdc_ncm 5-1:1.1: bind() failure
[   90.744015][ T6055] usb 5-1: USB disconnect, device number 4
[   90.851611][ T8096] input: syz0 as /devices/virtual/input/input8
[   91.003331][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[   91.156466][ T8104] netlink: 'syz.4.765': attribute type 1 has an invalid length.
[   91.159874][ T8105] netlink: 'syz.4.765': attribute type 1 has an invalid length.
[   91.221799][ T8131] tipc: Started in network mode
[   91.229395][ T8131] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[   91.234842][ T8131] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   91.486102][ T5977] Bluetooth: hci1: command tx timeout
[   91.556855][ T8165] binder: 8164:8165 unknown command 0
[   91.558594][ T8165] binder: 8164:8165 ioctl c0306201 200000000080 returned -22
[   91.627546][ T8172] comedi comedi3: comedi_config --init_data is deprecated
[   91.632307][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   91.636871][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   91.639709][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   91.742070][ T8172] infiniband syz2: set active
[   91.742475][   T10] vxcan1 speed is unknown, defaulting to 1000
[   91.744674][ T8172] infiniband syz2: added vxcan1
[   91.769372][ T8172] RDS/IB: syz2: added
[   91.771077][ T8172] smc: adding ib device syz2 with port count 1
[   91.773267][ T8172] smc:    ib device syz2 port 1 has pnetid 
[   91.776072][ T6055] vxcan1 speed is unknown, defaulting to 1000
[   91.778338][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   91.860099][   T40] kauditd_printk_skb: 49 callbacks suppressed
[   91.860110][   T40] audit: type=1400 audit(1757843211.680:608): avc:  denied  { mount } for  pid=8179 comm="syz.1.788" name="/" dev="pstore" ino=5451 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[   91.864106][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   91.969070][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   92.091336][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   92.131675][   T40] audit: type=1400 audit(1757843211.950:609): avc:  denied  { append } for  pid=8189 comm="syz.1.791" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[   92.211770][ T8172] vxcan1 speed is unknown, defaulting to 1000
[   92.359958][ T8196] tmpfs: Unknown parameter 'usrquota_i'
[   92.430728][   T40] audit: type=1400 audit(1757843212.250:610): avc:  denied  { write } for  pid=8199 comm="syz.4.795" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.440029][   T40] audit: type=1400 audit(1757843212.250:611): avc:  denied  { open } for  pid=8199 comm="syz.4.795" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.449287][   T40] audit: type=1400 audit(1757843212.250:612): avc:  denied  { read } for  pid=8199 comm="syz.4.795" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   92.456326][   T40] audit: type=1800 audit(1757843212.260:613): pid=8200 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.795" name="/" dev="9p" ino=2 res=0 errno=0
[   92.523288][ T5974] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   92.523563][ T5977] Bluetooth: hci4: command 0x1003 tx timeout
[   92.548110][ T8203] binder: 8202:8203 unknown command 0
[   92.549952][ T8203] binder: 8202:8203 ioctl c0306201 200000000080 returned -22
[   92.587596][   T40] audit: type=1400 audit(1757843212.410:614): avc:  denied  { append } for  pid=8206 comm="syz.4.798" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   92.693878][ T8220] netlink: 'syz.4.801': attribute type 21 has an invalid length.
[   92.696982][ T8220] IPv6: NLM_F_CREATE should be specified when creating new route
[   92.700445][   T40] audit: type=1400 audit(1757843212.520:615): avc:  denied  { create } for  pid=8219 comm="syz.4.801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   92.729142][ T8222] tmpfs: Unknown parameter 'usrquota_i'
[   92.821789][ T8230] FAULT_INJECTION: forcing a failure.
[   92.821789][ T8230] name failslab, interval 1, probability 0, space 0, times 0
[   92.826412][ T8230] CPU: 1 UID: 0 PID: 8230 Comm: syz.4.806 Not tainted syzkaller #0 PREEMPT(full) 
[   92.826436][ T8230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   92.826445][ T8230] Call Trace:
[   92.826452][ T8230]  <TASK>
[   92.826458][ T8230]  dump_stack_lvl+0x16c/0x1f0
[   92.826483][ T8230]  should_fail_ex+0x512/0x640
[   92.826504][ T8230]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   92.826524][ T8230]  should_failslab+0xc2/0x120
[   92.826544][ T8230]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   92.826561][ T8230]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   92.826587][ T8230]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[   92.826618][ T8230]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[   92.826646][ T8230]  ? _raw_spin_unlock+0x28/0x50
[   92.826668][ T8230]  mmu_topup_memory_caches+0x25/0x170
[   92.826689][ T8230]  kvm_mmu_load+0xd6/0x23c0
[   92.826707][ T8230]  ? kvm_apic_has_interrupt+0x106/0x1f0
[   92.826726][ T8230]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   92.826744][ T8230]  ? vmx_get_rflags+0x100/0x420
[   92.826766][ T8230]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[   92.826788][ T8230]  ? __pfx_kvm_mmu_load+0x10/0x10
[   92.826805][ T8230]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   92.826832][ T8230]  ? kvm_check_and_inject_events+0x71c/0x1310
[   92.826861][ T8230]  vcpu_run+0x35a3/0x55a0
[   92.826893][ T8230]  ? __lock_acquire+0xb97/0x1ce0
[   92.826927][ T8230]  ? __pfx_vcpu_run+0x10/0x10
[   92.826955][ T8230]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[   92.826978][ T8230]  ? __local_bh_enable_ip+0xa4/0x120
[   92.827005][ T8230]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   92.827029][ T8230]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   92.827061][ T8230]  kvm_vcpu_ioctl+0x5eb/0x1690
[   92.827087][ T8230]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.827111][ T8230]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   92.827132][ T8230]  ? do_vfs_ioctl+0x128/0x14f0
[   92.827157][ T8230]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   92.827181][ T8230]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   92.827216][ T8230]  ? hook_file_ioctl_common+0x145/0x410
[   92.827241][ T8230]  ? selinux_file_ioctl+0x180/0x270
[   92.827264][ T8230]  ? selinux_file_ioctl+0xb4/0x270
[   92.827290][ T8230]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   92.827314][ T8230]  __x64_sys_ioctl+0x18e/0x210
[   92.827341][ T8230]  do_syscall_64+0xcd/0x4e0
[   92.827367][ T8230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.827384][ T8230] RIP: 0033:0x7f3de098eba9
[   92.827398][ T8230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.827415][ T8230] RSP: 002b:00007f3de17b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.827432][ T8230] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098eba9
[   92.827443][ T8230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   92.827452][ T8230] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[   92.827464][ T8230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   92.827473][ T8230] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[   92.827497][ T8230]  </TASK>
[   93.035969][ T8234] __nla_validate_parse: 5 callbacks suppressed
[   93.035985][ T8234] netlink: 16 bytes leftover after parsing attributes in process `syz.4.807'.
[   93.137173][ T8242] netlink: 'syz.1.811': attribute type 2 has an invalid length.
[   93.140375][ T8242] netlink: 68 bytes leftover after parsing attributes in process `syz.1.811'.
[   93.226038][ T8251] tmpfs: Unknown parameter 'usrquota_i'
[   93.328010][ T8260] openvswitch: netlink: Flow key attr not present in new flow.
[   93.463778][ T8274] FAULT_INJECTION: forcing a failure.
[   93.463778][ T8274] name failslab, interval 1, probability 0, space 0, times 0
[   93.467692][ T8274] CPU: 2 UID: 0 PID: 8274 Comm: syz.2.823 Not tainted syzkaller #0 PREEMPT(full) 
[   93.467706][ T8274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.467713][ T8274] Call Trace:
[   93.467716][ T8274]  <TASK>
[   93.467720][ T8274]  dump_stack_lvl+0x16c/0x1f0
[   93.467737][ T8274]  should_fail_ex+0x512/0x640
[   93.467751][ T8274]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   93.467764][ T8274]  should_failslab+0xc2/0x120
[   93.467776][ T8274]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   93.467787][ T8274]  ? mm_alloc+0x1c/0xc0
[   93.467802][ T8274]  mm_alloc+0x1c/0xc0
[   93.467815][ T8274]  alloc_bprm+0x2af/0x710
[   93.467827][ T8274]  do_execveat_common.isra.0+0x1ce/0x610
[   93.467841][ T8274]  __x64_sys_execve+0x8e/0xb0
[   93.467852][ T8274]  do_syscall_64+0xcd/0x4e0
[   93.467867][ T8274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.467881][ T8274] RIP: 0033:0x7fc1e878eba9
[   93.467889][ T8274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.467899][ T8274] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   93.467909][ T8274] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[   93.467916][ T8274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[   93.467922][ T8274] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[   93.467928][ T8274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.467933][ T8274] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[   93.467946][ T8274]  </TASK>
[   93.563360][ T5974] Bluetooth: hci1: command tx timeout
[   94.038643][ T8287] tmpfs: Unknown parameter 'usrquota_inode_har'
[   94.529427][   T40] audit: type=1400 audit(1757843214.350:616): avc:  denied  { unlink } for  pid=5979 comm="syz-executor" name="file0" dev="tmpfs" ino=1142 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   94.549663][   T40] audit: type=1400 audit(1757843214.370:617): avc:  denied  { connect } for  pid=8292 comm="syz.0.828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   94.655658][ T8297] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   94.655658][ T8297] The task syz.0.828 (8297) triggered the difference, watch for misbehavior.
[   94.675805][ T8299] FAULT_INJECTION: forcing a failure.
[   94.675805][ T8299] name failslab, interval 1, probability 0, space 0, times 0
[   94.681132][ T8299] CPU: 2 UID: 0 PID: 8299 Comm: syz.4.830 Not tainted syzkaller #0 PREEMPT(full) 
[   94.681156][ T8299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   94.681165][ T8299] Call Trace:
[   94.681172][ T8299]  <TASK>
[   94.681180][ T8299]  dump_stack_lvl+0x16c/0x1f0
[   94.681207][ T8299]  should_fail_ex+0x512/0x640
[   94.681230][ T8299]  ? __kmalloc_noprof+0xbf/0x510
[   94.681250][ T8299]  ? ip_options_get+0xad/0x4d0
[   94.681271][ T8299]  should_failslab+0xc2/0x120
[   94.681293][ T8299]  __kmalloc_noprof+0xd2/0x510
[   94.681309][ T8299]  ? __pfx_tomoyo_supervisor+0x10/0x10
[   94.681333][ T8299]  ip_options_get+0xad/0x4d0
[   94.681352][ T8299]  ? is_bpf_text_address+0x94/0x1a0
[   94.681375][ T8299]  ? __pfx_ip_options_get+0x10/0x10
[   94.681397][ T8299]  ? snprintf+0xc7/0x100
[   94.681424][ T8299]  ip_cmsg_send+0x94c/0xb90
[   94.681458][ T8299]  raw_sendmsg+0x8a9/0x37e0
[   94.681484][ T8299]  ? avc_has_perm_noaudit+0x117/0x3b0
[   94.681504][ T8299]  ? __pfx_raw_sendmsg+0x10/0x10
[   94.681524][ T8299]  ? avc_has_perm_noaudit+0x149/0x3b0
[   94.681545][ T8299]  ? avc_has_perm+0x144/0x1f0
[   94.681576][ T8299]  ? sock_has_perm+0x259/0x2f0
[   94.681612][ T8299]  ? __pfx_raw_sendmsg+0x10/0x10
[   94.681631][ T8299]  inet_sendmsg+0x11c/0x140
[   94.681649][ T8299]  ____sys_sendmsg+0x973/0xc70
[   94.681678][ T8299]  ? __pfx_____sys_sendmsg+0x10/0x10
[   94.681707][ T8299]  ? __pfx__kstrtoull+0x10/0x10
[   94.681732][ T8299]  ___sys_sendmsg+0x134/0x1d0
[   94.681754][ T8299]  ? __pfx____sys_sendmsg+0x10/0x10
[   94.681787][ T8299]  ? find_held_lock+0x2b/0x80
[   94.681824][ T8299]  __sys_sendmmsg+0x200/0x420
[   94.681850][ T8299]  ? __pfx___sys_sendmmsg+0x10/0x10
[   94.681880][ T8299]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   94.681919][ T8299]  ? fput+0x9b/0xd0
[   94.681942][ T8299]  ? ksys_write+0x1ac/0x250
[   94.681960][ T8299]  ? __pfx_ksys_write+0x10/0x10
[   94.681982][ T8299]  __x64_sys_sendmmsg+0x9c/0x100
[   94.682015][ T8299]  ? lockdep_hardirqs_on+0x7c/0x110
[   94.682037][ T8299]  do_syscall_64+0xcd/0x4e0
[   94.682061][ T8299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.682079][ T8299] RIP: 0033:0x7f3de098eba9
[   94.682093][ T8299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.682110][ T8299] RSP: 002b:00007f3de17b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   94.682127][ T8299] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098eba9
[   94.682138][ T8299] RDX: 0000000000000001 RSI: 00002000000053c0 RDI: 0000000000000003
[   94.682148][ T8299] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[   94.682157][ T8299] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   94.682166][ T8299] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[   94.682190][ T8299]  </TASK>
[   95.247330][ T8319] tmpfs: Unknown parameter 'usrquota_inode_har'
[   95.333570][   T61] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[   95.483210][   T61] usb 9-1: Using ep0 maxpacket: 16
[   95.489058][   T61] usb 9-1: config 1 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 83, changing to 10
[   95.493265][   T61] usb 9-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   95.498633][   T61] usb 9-1: config 1 interface 0 has no altsetting 0
[   95.504324][   T61] usb 9-1: New USB device found, idVendor=1b1c, idProduct=0a75, bcdDevice= 0.40
[   95.509161][   T61] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.511307][ T8324] (unnamed net_device) (uninitialized): (slave veth1_to_bond): Device is not bonding slave
[   95.512675][   T61] usb 9-1: Product: Џ
[   95.516289][ T8324] (unnamed net_device) (uninitialized): option active_slave: invalid value (veth1_to_bond)
[   95.517890][   T61] usb 9-1: SerialNumber: ཰嗵虀낛仗踖⍗ꏘיּ국鄦痎쑑䈉姬⫫涄︘⡶뤙禛闘㾎ﯻࣩ홨褶ƣ媨㦧姶啧쐲핛걽ʵ묽쫇Ⓛ俨욛⢓繟熫謹폗割㵄ബ嘊刯짰馑찤ﶲ즏ꍫ幈篈﹨䢑ヽ蠤ᗸ麮迶՜Ἡ锃┣⫁嘭
[   95.653527][ T5977] Bluetooth: hci1: command tx timeout
[   95.759989][   T61] usbhid 9-1:1.0: can't add hid device: -71
[   95.762297][   T61] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[   95.769815][ T8347] tmpfs: Unknown parameter 'usrquota_inode_har'
[   95.770630][   T61] usb 9-1: USB disconnect, device number 2
[   95.938002][   T59] wlan0: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[   95.969726][ T8367] tmpfs: Unknown parameter 'usrquota_inode_hardlim'
[   96.031132][ T8370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.856'.
[   96.102415][ T8376] netlink: 12 bytes leftover after parsing attributes in process `syz.4.858'.
[   96.331958][ T8394] tmpfs: Unknown parameter 'usrquota_inode_hardlim'
[   96.493779][   T53] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   96.574917][ T8411] 8021q: adding VLAN 0 to HW filter on device bond2
[   96.614888][ T8416] tmpfs: Unknown parameter 'usrquota_inode_hardlim'
[   96.684110][ T8424] batman_adv: batadv0: Adding interface: gretap1
[   96.688586][ T8424] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[   96.700435][ T8428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.877'.
[   96.792183][ T8440] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   96.821313][ T8442] FAULT_INJECTION: forcing a failure.
[   96.821313][ T8442] name failslab, interval 1, probability 0, space 0, times 0
[   96.825489][ T8444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.885'.
[   96.827140][ T8442] CPU: 2 UID: 0 PID: 8442 Comm: syz.2.884 Not tainted syzkaller #0 PREEMPT(full) 
[   96.827155][ T8442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.827162][ T8442] Call Trace:
[   96.827166][ T8442]  <TASK>
[   96.827170][ T8442]  dump_stack_lvl+0x16c/0x1f0
[   96.827211][ T8442]  should_fail_ex+0x512/0x640
[   96.827232][ T8442]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   96.827246][ T8442]  should_failslab+0xc2/0x120
[   96.827258][ T8442]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   96.827269][ T8442]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   96.827285][ T8442]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[   96.827300][ T8442]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[   96.827319][ T8442]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[   96.827340][ T8442]  mmu_topup_memory_caches+0x25/0x170
[   96.827353][ T8442]  kvm_mmu_load+0xd6/0x23c0
[   96.827364][ T8442]  ? kvm_apic_has_interrupt+0x106/0x1f0
[   96.827376][ T8442]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   96.827388][ T8442]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[   96.827404][ T8442]  ? __pfx_kvm_guest_time_update+0x10/0x10
[   96.827417][ T8442]  ? __pfx_kvm_mmu_load+0x10/0x10
[   96.827428][ T8442]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   96.827445][ T8442]  ? kvm_check_and_inject_events+0x71c/0x1310
[   96.827463][ T8442]  vcpu_run+0x35a3/0x55a0
[   96.827479][ T8442]  ? __lock_acquire+0xb97/0x1ce0
[   96.827499][ T8442]  ? __pfx_vcpu_run+0x10/0x10
[   96.827516][ T8442]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[   96.827531][ T8442]  ? __local_bh_enable_ip+0xa4/0x120
[   96.827547][ T8442]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   96.827562][ T8442]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   96.827582][ T8442]  kvm_vcpu_ioctl+0x5eb/0x1690
[   96.827597][ T8442]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   96.827611][ T8442]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   96.827625][ T8442]  ? do_vfs_ioctl+0x128/0x14f0
[   96.827641][ T8442]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   96.827657][ T8442]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   96.827678][ T8442]  ? hook_file_ioctl_common+0x145/0x410
[   96.827692][ T8442]  ? selinux_file_ioctl+0x180/0x270
[   96.827706][ T8442]  ? selinux_file_ioctl+0xb4/0x270
[   96.827721][ T8442]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   96.827735][ T8442]  __x64_sys_ioctl+0x18e/0x210
[   96.827752][ T8442]  do_syscall_64+0xcd/0x4e0
[   96.827773][ T8442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.827784][ T8442] RIP: 0033:0x7fc1e878eba9
[   96.827793][ T8442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.827803][ T8442] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   96.827813][ T8442] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[   96.827820][ T8442] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   96.827826][ T8442] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[   96.827831][ T8442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   96.827837][ T8442] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[   96.827850][ T8442]  </TASK>
[   96.893409][   T53] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   96.895268][ T8444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.885'.
[   96.972856][ T8444] bridge0: entered promiscuous mode
[   97.012739][ T8459] netlink: 12 bytes leftover after parsing attributes in process `syz.1.889'.
[   97.120595][ T8469] netlink: 20 bytes leftover after parsing attributes in process `syz.2.893'.
[   97.164029][ T8473] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   97.253270][   T40] kauditd_printk_skb: 11 callbacks suppressed
[   97.253284][   T40] audit: type=1400 audit(1757843217.070:629): avc:  denied  { bind } for  pid=8470 comm="syz.0.894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   97.272219][ T8481] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   97.275158][ T8481] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   97.280703][ T8481] vhci_hcd vhci_hcd.0: Device attached
[   97.284773][ T8485] vhci_hcd: connection closed
[   97.286305][   T80] vhci_hcd: stop threads
[   97.289586][   T80] vhci_hcd: release socket
[   97.291125][   T80] vhci_hcd: disconnect device
[   97.315369][ T8489] dlm: no locking on control device
[   97.323665][ T5974] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   97.323822][ T5977] Bluetooth: hci0: command 0x0c1a tx timeout
[   97.328042][ T8490] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551615)
[   97.332566][ T8490] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[   97.339101][   T40] audit: type=1400 audit(1757843217.160:630): avc:  denied  { create } for  pid=8474 comm="syz.4.896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   97.347019][   T40] audit: type=1400 audit(1757843217.170:631): avc:  denied  { getopt } for  pid=8474 comm="syz.4.896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   97.671946][ T8507] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   97.723302][ T5977] Bluetooth: hci1: command tx timeout
[   97.793742][   T40] audit: type=1400 audit(1757843217.620:632): avc:  denied  { append } for  pid=8510 comm="syz.2.908" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   97.865281][ T8515] FAULT_INJECTION: forcing a failure.
[   97.865281][ T8515] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.871039][ T8515] CPU: 3 UID: 0 PID: 8515 Comm: syz.1.910 Not tainted syzkaller #0 PREEMPT(full) 
[   97.871063][ T8515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.871072][ T8515] Call Trace:
[   97.871080][ T8515]  <TASK>
[   97.871087][ T8515]  dump_stack_lvl+0x16c/0x1f0
[   97.871114][ T8515]  should_fail_ex+0x512/0x640
[   97.871141][ T8515]  _copy_from_user+0x2e/0xd0
[   97.871167][ T8515]  wext_handle_ioctl+0xc2/0x2a0
[   97.871191][ T8515]  ? __pfx_wext_handle_ioctl+0x10/0x10
[   97.871217][ T8515]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   97.871245][ T8515]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   97.871277][ T8515]  sock_ioctl+0x3a1/0x6b0
[   97.871295][ T8515]  ? __pfx_sock_ioctl+0x10/0x10
[   97.871310][ T8515]  ? hook_file_ioctl_common+0x145/0x410
[   97.871335][ T8515]  ? selinux_file_ioctl+0x180/0x270
[   97.871360][ T8515]  ? selinux_file_ioctl+0xb4/0x270
[   97.871389][ T8515]  ? __pfx_sock_ioctl+0x10/0x10
[   97.871410][ T8515]  __x64_sys_ioctl+0x18e/0x210
[   97.871438][ T8515]  do_syscall_64+0xcd/0x4e0
[   97.871462][ T8515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.871480][ T8515] RIP: 0033:0x7fac0518eba9
[   97.871495][ T8515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.871513][ T8515] RSP: 002b:00007fac060f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.871529][ T8515] RAX: ffffffffffffffda RBX: 00007fac053d5fa0 RCX: 00007fac0518eba9
[   97.871540][ T8515] RDX: 0000200000000040 RSI: 0000000000008b2c RDI: 0000000000000004
[   97.871558][ T8515] RBP: 00007fac060f5090 R08: 0000000000000000 R09: 0000000000000000
[   97.871569][ T8515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.871580][ T8515] R13: 00007fac053d6038 R14: 00007fac053d5fa0 R15: 00007ffc16b12178
[   97.871603][ T8515]  </TASK>
[   98.048337][ T8525] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   98.051668][ T8525] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   98.075372][ T8527] syz.1.914(8527): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[   98.081090][ T8531] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   98.152541][ T8546] netlink: 492 bytes leftover after parsing attributes in process `syz.0.922'.
[   98.187263][ T8550] FAULT_INJECTION: forcing a failure.
[   98.187263][ T8550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.191785][ T8550] CPU: 1 UID: 0 PID: 8550 Comm: syz.1.923 Not tainted syzkaller #0 PREEMPT(full) 
[   98.191800][ T8550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   98.191806][ T8550] Call Trace:
[   98.191810][ T8550]  <TASK>
[   98.191814][ T8550]  dump_stack_lvl+0x16c/0x1f0
[   98.191831][ T8550]  should_fail_ex+0x512/0x640
[   98.191847][ T8550]  _copy_to_user+0x32/0xd0
[   98.191863][ T8550]  simple_read_from_buffer+0xcb/0x170
[   98.191876][ T8550]  proc_fail_nth_read+0x197/0x240
[   98.191889][ T8550]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   98.191902][ T8550]  ? rw_verify_area+0xcf/0x6c0
[   98.191918][ T8550]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   98.191931][ T8550]  vfs_read+0x1e4/0xcf0
[   98.191943][ T8550]  ? __pfx___mutex_lock+0x10/0x10
[   98.191957][ T8550]  ? __pfx_vfs_read+0x10/0x10
[   98.191971][ T8550]  ? __fget_files+0x20e/0x3c0
[   98.191987][ T8550]  ksys_read+0x12a/0x250
[   98.191997][ T8550]  ? __pfx_ksys_read+0x10/0x10
[   98.192012][ T8550]  do_syscall_64+0xcd/0x4e0
[   98.192026][ T8550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.192037][ T8550] RIP: 0033:0x7fac0518d5bc
[   98.192046][ T8550] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   98.192056][ T8550] RSP: 002b:00007fac060f5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   98.192071][ T8550] RAX: ffffffffffffffda RBX: 00007fac053d5fa0 RCX: 00007fac0518d5bc
[   98.192078][ T8550] RDX: 000000000000000f RSI: 00007fac060f50a0 RDI: 0000000000000005
[   98.192084][ T8550] RBP: 00007fac060f5090 R08: 0000000000000000 R09: 0000000000000000
[   98.192090][ T8550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.192096][ T8550] R13: 00007fac053d6038 R14: 00007fac053d5fa0 R15: 00007ffc16b12178
[   98.192109][ T8550]  </TASK>
[   98.256590][   T40] audit: type=1400 audit(1757843218.080:633): avc:  denied  { listen } for  pid=8557 comm="syz.4.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   98.267267][   T40] audit: type=1400 audit(1757843218.080:634): avc:  denied  { connect } for  pid=8557 comm="syz.4.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   98.314872][ T8561] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   98.441157][ T8591] netlink: 'syz.1.937': attribute type 2 has an invalid length.
[   98.441183][ T8591] netlink: 'syz.1.937': attribute type 1 has an invalid length.
[   98.442887][ T8591] batman_adv: batadv0: Adding interface: dummy0
[   98.442897][ T8591] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   98.442915][ T8591] batman_adv: batadv0: Interface activated: dummy0
[   98.453529][   T40] audit: type=1400 audit(1757843218.270:635): avc:  denied  { ioctl } for  pid=8589 comm="syz.1.937" path="socket:[25496]" dev="sockfs" ino=25496 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   98.469643][ T8591] batadv0: mtu less than device minimum
[   98.479915][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.480968][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.481737][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.494165][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.495187][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.496179][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.497228][ T8591] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[   98.508236][ T8592] netlink: 16 bytes leftover after parsing attributes in process `syz.4.938'.
[   98.538466][ T8599] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[   98.601633][ T8609] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[   98.602671][   T40] audit: type=1400 audit(1757843218.420:636): avc:  denied  { open } for  pid=8600 comm="syz.2.940" path="/dev/ttyq8" dev="devtmpfs" ino=391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   98.622667][   T40] audit: type=1400 audit(1757843218.440:637): avc:  denied  { write } for  pid=8600 comm="syz.2.940" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   98.624756][   T40] audit: type=1400 audit(1757843218.440:638): avc:  denied  { open } for  pid=8600 comm="syz.2.940" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   98.692042][ T8628] kAFS: unable to lookup cell '/,c��L'
[   98.699836][ T8631] binder: 8629:8631 unknown command 0
[   98.701663][ T8631] binder: 8629:8631 ioctl c0306201 200000000080 returned -22
[   98.784513][ T8645] netlink: 'syz.1.957': attribute type 29 has an invalid length.
[   98.792045][ T8645] netlink: 'syz.1.957': attribute type 29 has an invalid length.
[   98.799232][ T8645] netlink: 12 bytes leftover after parsing attributes in process `syz.1.957'.
[   98.950246][ T8664] binder: 8660:8664 unknown command 0
[   98.952181][ T8664] binder: 8660:8664 ioctl c0306201 200000000080 returned -22
[   99.077393][ T8682] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[   99.104808][ T8682] 9pnet: Could not find request transport: vi
[   99.152132][ T8687] FAULT_INJECTION: forcing a failure.
[   99.152132][ T8687] name failslab, interval 1, probability 0, space 0, times 0
[   99.158118][ T8687] CPU: 1 UID: 0 PID: 8687 Comm: syz.0.975 Not tainted syzkaller #0 PREEMPT(full) 
[   99.158132][ T8687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.158139][ T8687] Call Trace:
[   99.158143][ T8687]  <TASK>
[   99.158147][ T8687]  dump_stack_lvl+0x16c/0x1f0
[   99.158164][ T8687]  should_fail_ex+0x512/0x640
[   99.158177][ T8687]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   99.158190][ T8687]  should_failslab+0xc2/0x120
[   99.158203][ T8687]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   99.158213][ T8687]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[   99.158229][ T8687]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[   99.158247][ T8687]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[   99.158263][ T8687]  ? _raw_spin_unlock+0x28/0x50
[   99.158276][ T8687]  mmu_topup_memory_caches+0x25/0x170
[   99.158288][ T8687]  kvm_mmu_load+0xd6/0x23c0
[   99.158298][ T8687]  ? kvm_apic_has_interrupt+0x106/0x1f0
[   99.158310][ T8687]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[   99.158321][ T8687]  ? vmx_get_rflags+0x100/0x420
[   99.158336][ T8687]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[   99.158350][ T8687]  ? __pfx_kvm_mmu_load+0x10/0x10
[   99.158359][ T8687]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[   99.158376][ T8687]  ? kvm_check_and_inject_events+0x71c/0x1310
[   99.158393][ T8687]  vcpu_run+0x35a3/0x55a0
[   99.158407][ T8687]  ? __lock_acquire+0xb97/0x1ce0
[   99.158427][ T8687]  ? __pfx_vcpu_run+0x10/0x10
[   99.158443][ T8687]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[   99.158456][ T8687]  ? __local_bh_enable_ip+0xa4/0x120
[   99.158472][ T8687]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   99.158486][ T8687]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[   99.158505][ T8687]  kvm_vcpu_ioctl+0x5eb/0x1690
[   99.158520][ T8687]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   99.158534][ T8687]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   99.158547][ T8687]  ? do_vfs_ioctl+0x128/0x14f0
[   99.158563][ T8687]  ? __pfx_do_vfs_ioctl+0x10/0x10
[   99.158579][ T8687]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   99.158600][ T8687]  ? hook_file_ioctl_common+0x145/0x410
[   99.158614][ T8687]  ? selinux_file_ioctl+0x180/0x270
[   99.158628][ T8687]  ? selinux_file_ioctl+0xb4/0x270
[   99.158644][ T8687]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   99.158658][ T8687]  __x64_sys_ioctl+0x18e/0x210
[   99.158674][ T8687]  do_syscall_64+0xcd/0x4e0
[   99.158689][ T8687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.158699][ T8687] RIP: 0033:0x7f76a918eba9
[   99.158707][ T8687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.158717][ T8687] RSP: 002b:00007f76aa015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   99.158728][ T8687] RAX: ffffffffffffffda RBX: 00007f76a93d5fa0 RCX: 00007f76a918eba9
[   99.158734][ T8687] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[   99.158740][ T8687] RBP: 00007f76aa015090 R08: 0000000000000000 R09: 0000000000000000
[   99.158746][ T8687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   99.158751][ T8687] R13: 00007f76a93d6038 R14: 00007f76a93d5fa0 R15: 00007fff4e5ebac8
[   99.158764][ T8687]  </TASK>
[   99.313200][ T1457] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[   99.323815][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   99.326770][   T59] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   99.350317][ T8693] netlink: 16 bytes leftover after parsing attributes in process `syz.0.976'.
[   99.366276][   T10] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   99.388477][ T8695] lo speed is unknown, defaulting to 1000
[   99.391395][ T8695] vxcan1 speed is unknown, defaulting to 1000
[   99.454802][ T1457] usb 7-1: device descriptor read/64, error -71
[   99.595636][ T8707] overlayfs: failed to resolve './file0': -2
[   99.666458][  T837] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[   99.713400][ T1457] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[   99.724842][ T8720] netlink: 36 bytes leftover after parsing attributes in process `syz.0.984'.
[   99.759192][ T8724] capability: warning: `syz.1.990' uses 32-bit capabilities (legacy support in use)
[   99.763822][ T8724] futex_wake_op: syz.1.990 tries to shift op by 32; fix this program
[   99.766209][ T8726] FAULT_INJECTION: forcing a failure.
[   99.766209][ T8726] name failslab, interval 1, probability 0, space 0, times 0
[   99.771247][ T8726] CPU: 1 UID: 0 PID: 8726 Comm: syz.4.991 Not tainted syzkaller #0 PREEMPT(full) 
[   99.771261][ T8726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   99.771267][ T8726] Call Trace:
[   99.771271][ T8726]  <TASK>
[   99.771276][ T8726]  dump_stack_lvl+0x16c/0x1f0
[   99.771292][ T8726]  should_fail_ex+0x512/0x640
[   99.771306][ T8726]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   99.771319][ T8726]  should_failslab+0xc2/0x120
[   99.771330][ T8726]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   99.771341][ T8726]  ? vm_area_alloc+0x1f/0x160
[   99.771359][ T8726]  vm_area_alloc+0x1f/0x160
[   99.771374][ T8726]  create_init_stack_vma+0x29/0x700
[   99.771389][ T8726]  alloc_bprm+0x420/0x710
[   99.771402][ T8726]  do_execveat_common.isra.0+0x1ce/0x610
[   99.771415][ T8726]  __x64_sys_execve+0x8e/0xb0
[   99.771427][ T8726]  do_syscall_64+0xcd/0x4e0
[   99.771441][ T8726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.771452][ T8726] RIP: 0033:0x7f3de098eba9
[   99.771460][ T8726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.771470][ T8726] RSP: 002b:00007f3de17b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   99.771480][ T8726] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098eba9
[   99.771487][ T8726] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[   99.771493][ T8726] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[   99.771499][ T8726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.771504][ T8726] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[   99.771517][ T8726]  </TASK>
[   99.853687][ T1457] usb 7-1: device descriptor read/64, error -71
[   99.862818][ T8733] overlayfs: failed to resolve './file0': -2
[   99.964236][ T1457] usb usb7-port1: attempt power cycle
[  100.147666][ T8741] fuseblk: Bad value for 'rootmode'
[  100.150660][ T8741] netlink: 68 bytes leftover after parsing attributes in process `syz.4.995'.
[  100.209031][ T8742] netlink: 4 bytes leftover after parsing attributes in process `syz.4.995'.
[  100.240862][ T8742] batadv_slave_0: entered promiscuous mode
[  100.244835][ T8742] batadv_slave_0: left promiscuous mode
[  100.303245][ T1457] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  100.323498][ T1457] usb 7-1: device descriptor read/8, error -71
[  100.363378][  T837] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  100.564929][ T1457] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  100.594758][ T1457] usb 7-1: device descriptor read/8, error -71
[  100.683733][ T8752] FAULT_INJECTION: forcing a failure.
[  100.683733][ T8752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.690495][ T8752] CPU: 1 UID: 0 PID: 8752 Comm: syz.1.999 Not tainted syzkaller #0 PREEMPT(full) 
[  100.690517][ T8752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.690527][ T8752] Call Trace:
[  100.690534][ T8752]  <TASK>
[  100.690540][ T8752]  dump_stack_lvl+0x16c/0x1f0
[  100.690568][ T8752]  should_fail_ex+0x512/0x640
[  100.690593][ T8752]  _copy_to_user+0x32/0xd0
[  100.690634][ T8752]  simple_read_from_buffer+0xcb/0x170
[  100.690655][ T8752]  proc_fail_nth_read+0x197/0x240
[  100.690678][ T8752]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.690700][ T8752]  ? rw_verify_area+0xcf/0x6c0
[  100.690725][ T8752]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.690746][ T8752]  vfs_read+0x1e4/0xcf0
[  100.690765][ T8752]  ? __pfx___mutex_lock+0x10/0x10
[  100.690785][ T8752]  ? __pfx_vfs_read+0x10/0x10
[  100.690809][ T8752]  ? __fget_files+0x20e/0x3c0
[  100.690836][ T8752]  ksys_read+0x12a/0x250
[  100.690854][ T8752]  ? __pfx_ksys_read+0x10/0x10
[  100.690876][ T8752]  do_syscall_64+0xcd/0x4e0
[  100.690905][ T8752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.690923][ T8752] RIP: 0033:0x7fac0518d5bc
[  100.690934][ T8752] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  100.690951][ T8752] RSP: 002b:00007fac060f5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.690969][ T8752] RAX: ffffffffffffffda RBX: 00007fac053d5fa0 RCX: 00007fac0518d5bc
[  100.690980][ T8752] RDX: 000000000000000f RSI: 00007fac060f50a0 RDI: 0000000000000004
[  100.690990][ T8752] RBP: 00007fac060f5090 R08: 0000000000000000 R09: 0000000000000000
[  100.690998][ T8752] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  100.691008][ T8752] R13: 00007fac053d6038 R14: 00007fac053d5fa0 R15: 00007ffc16b12178
[  100.691033][ T8752]  </TASK>
[  100.704699][ T1457] usb usb7-port1: unable to enumerate USB device
[  100.884390][ T8759] overlayfs: failed to resolve './file0': -2
[  101.027853][ T8774] block device autoloading is deprecated and will be removed.
[  101.215392][ T8791] netlink: 'syz.4.1014': attribute type 21 has an invalid length.
[  101.218049][ T8791] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1014'.
[  101.429391][ T8811] netlink: 'syz.1.1024': attribute type 7 has an invalid length.
[  101.441180][ T8811] : entered promiscuous mode
[  101.459090][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.461563][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.490330][ T8815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1026'.
[  101.666411][ T8823] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  101.666482][ T8818] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  101.833464][   T29] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  101.879265][ T8849] netlink: 'syz.4.1038': attribute type 29 has an invalid length.
[  102.102067][ T8858] overlayfs: failed to resolve './file1': -2
[  102.384039][   T40] kauditd_printk_skb: 11 callbacks suppressed
[  102.384055][   T40] audit: type=1326 audit(1757843222.210:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8873 comm="syz.0.1047" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76a918eba9 code=0x0
[  102.411775][ T8880] overlayfs: failed to resolve './file1': -2
[  102.412476][ T8878] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1049'.
[  102.442082][   T40] audit: type=1400 audit(1757843222.260:651): avc:  denied  { wake_alarm } for  pid=8881 comm="syz.1.1051" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  102.493501][ T8886] netlink: 'syz.1.1051': attribute type 1 has an invalid length.
[  102.508148][ T8886] 8021q: adding VLAN 0 to HW filter on device bond1
[  102.512059][   T40] audit: type=1400 audit(1757843222.330:652): avc:  denied  { setopt } for  pid=8888 comm="syz.2.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  102.516457][ T8882] vlan2: entered allmulticast mode
[  102.519558][ T8882] batadv0: entered allmulticast mode
[  102.523907][ T8882] bond1: (slave vlan2): making interface the new active one
[  102.527089][ T8882] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  102.580956][   T40] audit: type=1400 audit(1757843222.400:653): avc:  denied  { ioctl } for  pid=8898 comm="syz.2.1056" path="socket:[30771]" dev="sockfs" ino=30771 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  102.581020][ T8899] @: renamed from vlan0 (while UP)
[  102.612158][   T40] audit: type=1400 audit(1757843222.430:654): avc:  denied  { getopt } for  pid=8900 comm="syz.1.1057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  102.637540][ T8905] overlayfs: failed to resolve './file1': -2
[  102.637895][ T8903] FAULT_INJECTION: forcing a failure.
[  102.637895][ T8903] name failslab, interval 1, probability 0, space 0, times 0
[  102.644078][ T8903] CPU: 3 UID: 0 PID: 8903 Comm: syz.2.1058 Not tainted syzkaller #0 PREEMPT(full) 
[  102.644092][ T8903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.644099][ T8903] Call Trace:
[  102.644103][ T8903]  <TASK>
[  102.644107][ T8903]  dump_stack_lvl+0x16c/0x1f0
[  102.644124][ T8903]  should_fail_ex+0x512/0x640
[  102.644137][ T8903]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  102.644167][ T8903]  should_failslab+0xc2/0x120
[  102.644179][ T8903]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  102.644189][ T8903]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  102.644205][ T8903]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  102.644219][ T8903]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  102.644237][ T8903]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  102.644256][ T8903]  mmu_topup_memory_caches+0x25/0x170
[  102.644268][ T8903]  kvm_mmu_load+0xd6/0x23c0
[  102.644279][ T8903]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  102.644290][ T8903]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  102.644302][ T8903]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  102.644317][ T8903]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  102.644330][ T8903]  ? __pfx_kvm_mmu_load+0x10/0x10
[  102.644339][ T8903]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  102.644356][ T8903]  ? kvm_check_and_inject_events+0x71c/0x1310
[  102.644373][ T8903]  vcpu_run+0x35a3/0x55a0
[  102.644410][ T8903]  ? __lock_acquire+0xb97/0x1ce0
[  102.644434][ T8903]  ? __pfx_vcpu_run+0x10/0x10
[  102.644450][ T8903]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  102.644468][ T8903]  ? __local_bh_enable_ip+0xa4/0x120
[  102.644491][ T8903]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  102.644511][ T8903]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  102.644530][ T8903]  kvm_vcpu_ioctl+0x5eb/0x1690
[  102.644545][ T8903]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.644559][ T8903]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  102.644572][ T8903]  ? do_vfs_ioctl+0x128/0x14f0
[  102.644588][ T8903]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  102.644604][ T8903]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  102.644624][ T8903]  ? hook_file_ioctl_common+0x145/0x410
[  102.644639][ T8903]  ? selinux_file_ioctl+0x180/0x270
[  102.644653][ T8903]  ? selinux_file_ioctl+0xb4/0x270
[  102.644668][ T8903]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  102.644685][ T8903]  __x64_sys_ioctl+0x18e/0x210
[  102.644707][ T8903]  do_syscall_64+0xcd/0x4e0
[  102.644730][ T8903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.644746][ T8903] RIP: 0033:0x7fc1e878eba9
[  102.644757][ T8903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.644771][ T8903] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.644786][ T8903] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[  102.644795][ T8903] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  102.644804][ T8903] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[  102.644813][ T8903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.644822][ T8903] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[  102.644840][ T8903]  </TASK>
[  102.789970][ T8910] netlink: 'syz.1.1061': attribute type 7 has an invalid length.
[  102.794186][ T8910] netlink: 'syz.1.1061': attribute type 8 has an invalid length.
[  102.805211][ T8910] ip6gretap0: entered promiscuous mode
[  102.807562][ T8910] batadv_slave_1: entered promiscuous mode
[  102.809906][ T8910] erspan0: entered promiscuous mode
[  102.843372][  T838] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  102.866690][   T40] audit: type=1400 audit(1757843222.690:655): avc:  denied  { read } for  pid=8915 comm="syz.1.1064" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  102.874399][   T40] audit: type=1400 audit(1757843222.690:656): avc:  denied  { open } for  pid=8915 comm="syz.1.1064" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  103.030264][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  103.033676][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  103.036428][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  103.039193][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.143624][ T8948] FAULT_INJECTION: forcing a failure.
[  103.143624][ T8948] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.147781][ T8948] CPU: 1 UID: 0 PID: 8948 Comm: syz.4.1078 Not tainted syzkaller #0 PREEMPT(full) 
[  103.147795][ T8948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.147801][ T8948] Call Trace:
[  103.147805][ T8948]  <TASK>
[  103.147813][ T8948]  dump_stack_lvl+0x16c/0x1f0
[  103.147830][ T8948]  should_fail_ex+0x512/0x640
[  103.147846][ T8948]  _copy_to_user+0x32/0xd0
[  103.147863][ T8948]  simple_read_from_buffer+0xcb/0x170
[  103.147875][ T8948]  proc_fail_nth_read+0x197/0x240
[  103.147888][ T8948]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  103.147901][ T8948]  ? rw_verify_area+0xcf/0x6c0
[  103.147917][ T8948]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  103.147928][ T8948]  vfs_read+0x1e4/0xcf0
[  103.147941][ T8948]  ? __pfx___mutex_lock+0x10/0x10
[  103.147955][ T8948]  ? __pfx_vfs_read+0x10/0x10
[  103.147968][ T8948]  ? __fget_files+0x20e/0x3c0
[  103.147984][ T8948]  ksys_read+0x12a/0x250
[  103.147997][ T8948]  ? __pfx_ksys_read+0x10/0x10
[  103.148014][ T8948]  ? fput+0x9b/0xd0
[  103.148041][ T8948]  do_syscall_64+0xcd/0x4e0
[  103.148065][ T8948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.148084][ T8948] RIP: 0033:0x7f3de098d5bc
[  103.148097][ T8948] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  103.148113][ T8948] RSP: 002b:00007f3de17b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  103.148129][ T8948] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098d5bc
[  103.148140][ T8948] RDX: 000000000000000f RSI: 00007f3de17b70a0 RDI: 0000000000000003
[  103.148151][ T8948] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[  103.148160][ T8948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.148166][ T8948] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[  103.148180][ T8948]  </TASK>
[  103.235876][ T8954] __nla_validate_parse: 4 callbacks suppressed
[  103.235887][ T8954] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1080'.
[  103.243437][ T8954] afs: Unknown parameter 'flock?local'
[  103.245862][   T40] audit: type=1400 audit(1757843223.070:657): avc:  denied  { setopt } for  pid=8955 comm="syz.0.1081" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  103.278204][ T8963] net_ratelimit: 15 callbacks suppressed
[  103.278215][ T8963] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  103.282437][ T8963] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  103.284307][ T8965] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1084'.
[  103.288281][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'.
[  103.310947][ T8965] mac80211_hwsim hwsim8 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  103.319931][ T8965] overlay: Unknown parameter '/'
[  103.326254][ T8965] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1084'.
[  103.330013][ T8965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1084'.
[  103.357322][   T40] audit: type=1400 audit(1757843223.180:658): avc:  denied  { ioctl } for  pid=8974 comm="syz.1.1087" path="socket:[29262]" dev="sockfs" ino=29262 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  103.384543][ T8980] netlink: 492 bytes leftover after parsing attributes in process `syz.2.1089'.
[  103.385257][ T8979] netlink: 22 bytes leftover after parsing attributes in process `syz.1.1090'.
[  103.475614][ T8993] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1094'.
[  103.578765][ T9000] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  103.614955][   T40] audit: type=1400 audit(1757843223.440:659): avc:  denied  { create } for  pid=9004 comm="syz.1.1100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  103.633228][ T6371] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  103.672336][ T9010] tls_set_device_offload_rx: netdev not found
[  103.723199][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  103.766929][ T9034] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1103'.
[  103.843682][ T9038] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  103.890108][ T9040] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1106'.
[  104.301211][ T9070] binder: 9069:9070 unknown command 0
[  104.302906][ T9070] binder: 9069:9070 ioctl c0306201 200000000080 returned -22
[  104.324144][ T9066] netlink: 'syz.4.1117': attribute type 1 has an invalid length.
[  104.331141][ T9075] comedi: No check for data length of config insn id 16387 is implemented
[  104.334771][ T9075] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  104.338210][ T9075] comedi: Assuming n=15 is correct
[  104.523663][ T9090] overlayfs: workdir and upperdir must reside under the same mount
[  104.639803][   T60] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  104.649562][ T9098] overlayfs: missing 'lowerdir'
[  104.677954][ T9102] binder: 9100:9102 unknown command 0
[  104.680101][ T9102] binder: 9100:9102 ioctl c0306201 200000000080 returned -22
[  104.704073][ T9105] netlink: 'syz.1.1134': attribute type 4 has an invalid length.
[  104.743893][ T6371] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  104.797020][   T60] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  104.799815][   T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.802273][   T60] usb 7-1: Product: syz
[  104.813157][   T60] usb 7-1: Manufacturer: syz
[  104.814726][   T60] usb 7-1: SerialNumber: syz
[  105.034047][   T60] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  105.037800][   T60] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  105.041177][   T60] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  105.547105][   T60] lan78xx 7-1:1.0: probe with driver lan78xx failed with error -71
[  105.553944][   T60] usb 7-1: USB disconnect, device number 7
[  105.593475][ T9112] IPv6: NLM_F_CREATE should be specified when creating new route
[  105.644072][   T13] wlan1: Trigger new scan to find an IBSS to join
[  105.737316][ T9124] overlayfs: missing 'lowerdir'
[  105.738095][ T9120] kvm: user requested TSC rate below hardware speed
[  105.802517][ T9127] FAULT_INJECTION: forcing a failure.
[  105.802517][ T9127] name failslab, interval 1, probability 0, space 0, times 0
[  105.807028][ T9127] CPU: 1 UID: 0 PID: 9127 Comm: syz.0.1142 Not tainted syzkaller #0 PREEMPT(full) 
[  105.807043][ T9127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  105.807049][ T9127] Call Trace:
[  105.807053][ T9127]  <TASK>
[  105.807058][ T9127]  dump_stack_lvl+0x16c/0x1f0
[  105.807074][ T9127]  should_fail_ex+0x512/0x640
[  105.807088][ T9127]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  105.807101][ T9127]  should_failslab+0xc2/0x120
[  105.807114][ T9127]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  105.807124][ T9127]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  105.807140][ T9127]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  105.807158][ T9127]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  105.807174][ T9127]  ? _raw_spin_unlock+0x28/0x50
[  105.807187][ T9127]  mmu_topup_memory_caches+0x25/0x170
[  105.807200][ T9127]  kvm_mmu_load+0xd6/0x23c0
[  105.807210][ T9127]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  105.807221][ T9127]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  105.807233][ T9127]  ? vmx_get_rflags+0x100/0x420
[  105.807246][ T9127]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  105.807260][ T9127]  ? __pfx_kvm_mmu_load+0x10/0x10
[  105.807270][ T9127]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  105.807286][ T9127]  ? kvm_check_and_inject_events+0x71c/0x1310
[  105.807304][ T9127]  vcpu_run+0x35a3/0x55a0
[  105.807318][ T9127]  ? __lock_acquire+0xb97/0x1ce0
[  105.807338][ T9127]  ? __pfx_vcpu_run+0x10/0x10
[  105.807354][ T9127]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  105.807367][ T9127]  ? __local_bh_enable_ip+0xa4/0x120
[  105.807383][ T9127]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  105.807397][ T9127]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  105.807415][ T9127]  kvm_vcpu_ioctl+0x5eb/0x1690
[  105.807430][ T9127]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  105.807444][ T9127]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  105.807458][ T9127]  ? do_vfs_ioctl+0x128/0x14f0
[  105.807474][ T9127]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  105.807490][ T9127]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  105.807511][ T9127]  ? hook_file_ioctl_common+0x145/0x410
[  105.807525][ T9127]  ? selinux_file_ioctl+0x180/0x270
[  105.807539][ T9127]  ? selinux_file_ioctl+0xb4/0x270
[  105.807555][ T9127]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  105.807568][ T9127]  __x64_sys_ioctl+0x18e/0x210
[  105.807585][ T9127]  do_syscall_64+0xcd/0x4e0
[  105.807600][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.807610][ T9127] RIP: 0033:0x7f76a918eba9
[  105.807619][ T9127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.807629][ T9127] RSP: 002b:00007f76aa015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  105.807639][ T9127] RAX: ffffffffffffffda RBX: 00007f76a93d5fa0 RCX: 00007f76a918eba9
[  105.807646][ T9127] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  105.807652][ T9127] RBP: 00007f76aa015090 R08: 0000000000000000 R09: 0000000000000000
[  105.807658][ T9127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  105.807663][ T9127] R13: 00007f76a93d6038 R14: 00007f76a93d5fa0 R15: 00007fff4e5ebac8
[  105.807677][ T9127]  </TASK>
[  105.851226][ T9133] ubi31: attaching mtd0
[  105.863596][   T13] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  105.873851][ T9133] ubi31: scanning is finished
[  105.924671][ T9133] ubi31: empty MTD device detected
[  106.080662][ T9144] IPVS: set_ctl: invalid protocol: 0 100.1.0.255:20000
[  106.087024][ T9133] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  106.089433][ T9133] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  106.091708][ T9133] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  106.094084][ T9133] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  106.094487][ T9145] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  106.096469][ T9133] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  106.104881][ T9145] CIFS mount error: No usable UNC path provided in device string!
[  106.104881][ T9145] 
[  106.107361][ T9133] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  106.110343][ T9145] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  106.112852][ T9133] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2060314809
[  106.119344][ T9133] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  106.123416][ T9147] ubi31: background thread "ubi_bgt31d" started, PID 9147
[  106.163409][ T9153] overlayfs: missing 'lowerdir'
[  106.235673][ T9156] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  106.282596][ T9167] FAULT_INJECTION: forcing a failure.
[  106.282596][ T9167] name failslab, interval 1, probability 0, space 0, times 0
[  106.287433][ T9167] CPU: 2 UID: 0 PID: 9167 Comm: syz.2.1158 Not tainted syzkaller #0 PREEMPT(full) 
[  106.287448][ T9167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  106.287454][ T9167] Call Trace:
[  106.287458][ T9167]  <TASK>
[  106.287462][ T9167]  dump_stack_lvl+0x16c/0x1f0
[  106.287501][ T9167]  should_fail_ex+0x512/0x640
[  106.287522][ T9167]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  106.287534][ T9167]  should_failslab+0xc2/0x120
[  106.287559][ T9167]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  106.287571][ T9167]  ? mas_alloc_nodes+0x18b/0x8b0
[  106.287584][ T9167]  mas_alloc_nodes+0x18b/0x8b0
[  106.287598][ T9167]  mas_node_count_gfp+0x105/0x130
[  106.287611][ T9167]  mas_preallocate+0x7e0/0xde0
[  106.287628][ T9167]  ? __pfx_mas_preallocate+0x10/0x10
[  106.287647][ T9167]  ? find_held_lock+0x2b/0x80
[  106.287666][ T9167]  ? avc_has_perm_noaudit+0x117/0x3b0
[  106.287686][ T9167]  vma_link+0x135/0x6a0
[  106.287703][ T9167]  ? __pfx_vma_link+0x10/0x10
[  106.287717][ T9167]  ? selinux_vm_enough_memory+0x12a/0x190
[  106.287752][ T9167]  insert_vm_struct+0xf4/0x2d0
[  106.287768][ T9167]  create_init_stack_vma+0x2da/0x700
[  106.287782][ T9167]  alloc_bprm+0x420/0x710
[  106.287794][ T9167]  do_execveat_common.isra.0+0x1ce/0x610
[  106.287808][ T9167]  __x64_sys_execve+0x8e/0xb0
[  106.287820][ T9167]  do_syscall_64+0xcd/0x4e0
[  106.287843][ T9167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.287854][ T9167] RIP: 0033:0x7fc1e878eba9
[  106.287863][ T9167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.287873][ T9167] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  106.287883][ T9167] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[  106.287889][ T9167] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  106.287895][ T9167] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[  106.287901][ T9167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.287907][ T9167] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[  106.287920][ T9167]  </TASK>
[  106.297647][ T9166] loop2: detected capacity change from 0 to 7
[  106.369779][ T5968] Dev loop2: unable to read RDB block 7
[  106.371600][ T5968]  loop2: AHDI p1 p2 p3
[  106.373810][ T5968] loop2: partition table partially beyond EOD, truncated
[  106.377407][ T5968] loop2: p1 start 1601398130 is beyond EOD, truncated
[  106.379916][ T5968] loop2: p2 start 1702059890 is beyond EOD, truncated
[  106.385403][ T9166] Dev loop2: unable to read RDB block 7
[  106.387164][ T9166]  loop2: AHDI p1 p2 p3
[  106.388496][ T9166] loop2: partition table partially beyond EOD, truncated
[  106.390747][ T9166] loop2: p1 start 1601398130 is beyond EOD, truncated
[  106.392863][ T9166] loop2: p2 start 1702059890 is beyond EOD, truncated
[  106.466516][ T9179] overlayfs: missing 'lowerdir'
[  106.983810][   T59] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  107.055387][ T9198] overlayfs: missing 'lowerdir'
[  107.338064][ T9222] overlayfs: missing 'lowerdir'
[  107.362380][ T9224] openvswitch: netlink: Duplicate or invalid key (type 0).
[  107.365237][ T9224] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  107.429659][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.438763][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.441236][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.517690][ T9245] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  107.520498][ T9245] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  107.871429][ T9274] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  107.874923][ T9274] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  107.906426][ T9276] Invalid source name
[  107.907730][ T9276] UBIFS error (pid: 9276): cannot open "ubifs", error -22
[  108.103628][   T13] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  109.031416][ T9292] __nla_validate_parse: 4 callbacks suppressed
[  109.031427][ T9292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'.
[  109.036966][ T9294] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  109.039715][ T9294] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  109.109538][ T9304] program syz.4.1217 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.193302][ T9315] FAULT_INJECTION: forcing a failure.
[  109.193302][ T9315] name failslab, interval 1, probability 0, space 0, times 0
[  109.197365][ T9315] CPU: 0 UID: 0 PID: 9315 Comm: syz.0.1221 Not tainted syzkaller #0 PREEMPT(full) 
[  109.197380][ T9315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.197387][ T9315] Call Trace:
[  109.197391][ T9315]  <TASK>
[  109.197396][ T9315]  dump_stack_lvl+0x16c/0x1f0
[  109.197413][ T9315]  should_fail_ex+0x512/0x640
[  109.197427][ T9315]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  109.197440][ T9315]  should_failslab+0xc2/0x120
[  109.197453][ T9315]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  109.197463][ T9315]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  109.197478][ T9315]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  109.197492][ T9315]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  109.197510][ T9315]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  109.197530][ T9315]  mmu_topup_memory_caches+0x25/0x170
[  109.197542][ T9315]  kvm_mmu_load+0xd6/0x23c0
[  109.197553][ T9315]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  109.197564][ T9315]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  109.197577][ T9315]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  109.197591][ T9315]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  109.197604][ T9315]  ? __pfx_kvm_mmu_load+0x10/0x10
[  109.197614][ T9315]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  109.197630][ T9315]  ? kvm_check_and_inject_events+0x71c/0x1310
[  109.197647][ T9315]  vcpu_run+0x35a3/0x55a0
[  109.197661][ T9315]  ? __lock_acquire+0xb97/0x1ce0
[  109.197681][ T9315]  ? __pfx_vcpu_run+0x10/0x10
[  109.197697][ T9315]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  109.197711][ T9315]  ? __local_bh_enable_ip+0xa4/0x120
[  109.197727][ T9315]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  109.197741][ T9315]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  109.197763][ T9315]  kvm_vcpu_ioctl+0x5eb/0x1690
[  109.197779][ T9315]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  109.197793][ T9315]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  109.197806][ T9315]  ? do_vfs_ioctl+0x128/0x14f0
[  109.197822][ T9315]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  109.197839][ T9315]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  109.197860][ T9315]  ? hook_file_ioctl_common+0x145/0x410
[  109.197874][ T9315]  ? selinux_file_ioctl+0x180/0x270
[  109.197889][ T9315]  ? selinux_file_ioctl+0xb4/0x270
[  109.197904][ T9315]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  109.197918][ T9315]  __x64_sys_ioctl+0x18e/0x210
[  109.197935][ T9315]  do_syscall_64+0xcd/0x4e0
[  109.197950][ T9315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.197960][ T9315] RIP: 0033:0x7f76a918eba9
[  109.197969][ T9315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.197979][ T9315] RSP: 002b:00007f76aa015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  109.197990][ T9315] RAX: ffffffffffffffda RBX: 00007f76a93d5fa0 RCX: 00007f76a918eba9
[  109.197996][ T9315] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  109.198002][ T9315] RBP: 00007f76aa015090 R08: 0000000000000000 R09: 0000000000000000
[  109.198008][ T9315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  109.198014][ T9315] R13: 00007f76a93d6038 R14: 00007f76a93d5fa0 R15: 00007fff4e5ebac8
[  109.198027][ T9315]  </TASK>
[  109.201358][ T9318] overlayfs: missing 'lowerdir'
[  109.214263][ T9320] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1223'.
[  109.233888][   T13] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  109.271239][ T9323] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1224'.
[  109.397163][   T40] kauditd_printk_skb: 22 callbacks suppressed
[  109.397173][   T40] audit: type=1400 audit(1757843229.220:682): avc:  denied  { getopt } for  pid=9328 comm="syz.4.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  109.464924][   T40] audit: type=1400 audit(1757843229.290:683): avc:  denied  { read } for  pid=9337 comm="syz.0.1230" path="socket:[35957]" dev="sockfs" ino=35957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  109.469884][ T9330] kvm: kvm [9328]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x5407
[  109.476578][ T9330] kvm: kvm [9328]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x5b07
[  109.508910][ T9340] program syz.4.1227 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.517569][   T40] audit: type=1400 audit(1757843229.340:684): avc:  denied  { setopt } for  pid=9328 comm="syz.4.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  109.565004][   T59] wlan1: Trigger new scan to find an IBSS to join
[  109.589290][ T9347] overlayfs: missing 'lowerdir'
[  109.599085][ T9349] netlink: 'syz.2.1234': attribute type 1 has an invalid length.
[  109.601558][ T9349] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1234'.
[  109.604995][ T9349] netlink: 'syz.2.1234': attribute type 1 has an invalid length.
[  109.608166][ T9349] netlink: 'syz.2.1234': attribute type 2 has an invalid length.
[  109.669552][ T9352] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  109.812784][   T40] audit: type=1400 audit(1757843229.630:685): avc:  denied  { write } for  pid=9362 comm="syz.4.1240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  109.833323][ T1457] usb 5-1: new low-speed USB device number 5 using dummy_hcd
[  109.971822][ T9368] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  109.973967][ T9368] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  109.985403][ T1457] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  109.988715][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  109.992958][ T1457] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.000939][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.007332][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.014514][ T1457] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  110.017615][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  110.019422][ T9371] overlayfs: missing 'lowerdir'
[  110.021940][ T1457] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.022892][   T40] audit: type=1400 audit(1757843229.840:686): avc:  denied  { map } for  pid=9372 comm="syz.4.1244" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  110.022935][   T40] audit: type=1400 audit(1757843229.840:687): avc:  denied  { execute } for  pid=9372 comm="syz.4.1244" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  110.046807][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.050539][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.055379][ T1457] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  110.057741][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  110.061201][ T1457] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  110.065958][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  110.070529][ T1457] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  110.078916][ T1457] usb 5-1: string descriptor 0 read error: -22
[  110.081783][ T1457] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  110.085814][ T1457] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.119798][ T9379] syzkaller1: entered promiscuous mode
[  110.121600][ T9379] syzkaller1: entered allmulticast mode
[  110.122055][ T9381] netlink: 492 bytes leftover after parsing attributes in process `syz.4.1248'.
[  110.122404][ T1457] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  110.187254][ T9385] qrtr: Invalid version 0
[  110.269212][ T9392] overlayfs: missing 'workdir'
[  110.359436][   T40] audit: type=1400 audit(1757843230.180:688): avc:  denied  { map } for  pid=9399 comm="syz.1.1257" path="socket:[36134]" dev="sockfs" ino=36134 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  110.366915][   T40] audit: type=1400 audit(1757843230.180:689): avc:  denied  { accept } for  pid=9399 comm="syz.1.1257" path="socket:[36134]" dev="sockfs" ino=36134 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  110.403881][   T13] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  110.535011][   T59] wlan1: Creating new IBSS network, BSSID 4e:59:e0:b2:75:6c
[  110.560933][ T9432] tipc: Enabled bearer <udp:syz0>, priority 10
[  110.612501][ T9439] overlayfs: missing 'workdir'
[  110.632034][ T9440] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1265'.
[  110.719433][   T40] audit: type=1800 audit(1757843230.540:690): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.1270" name="file1" dev="overlay" ino=1752 res=0 errno=0
[  110.786919][ T9462] overlayfs: missing 'workdir'
[  110.787290][ T9460] input: syz1 as /devices/virtual/input/input9
[  110.859625][ T9468] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  110.863686][   T40] audit: type=1400 audit(1757843230.680:691): avc:  denied  { relabelto } for  pid=9467 comm="syz.4.1277" name="152" dev="tmpfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  110.928244][ T9476] binder: 9475:9476 unknown command 0
[  110.928262][ T9476] binder: 9475:9476 ioctl c0306201 200000000080 returned -22
[  110.995905][ T9479] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  110.995963][ T9479] block device autoloading is deprecated and will be removed.
[  111.363438][ T9511] binder: 9510:9511 unknown command 0
[  111.365697][ T9511] binder: 9510:9511 ioctl c0306201 200000000080 returned -22
[  111.374678][ T5972] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  111.499089][   T24] IPVS: starting estimator thread 0...
[  111.501729][ T9521] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1300'.
[  111.507213][ T9521] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1300'.
[  111.511159][ T9521] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1300'.
[  111.515887][ T9521] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1300'.
[  111.520384][ T9521] IPVS: rr: SCTP 172.20.20.187:0 - no destination available
[  111.523184][ T5972] usb 7-1: Using ep0 maxpacket: 8
[  111.527359][ T5972] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  111.529927][ T5972] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  111.533447][ T5972] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  111.533722][ T9521] netlink: 'syz.1.1300': attribute type 4 has an invalid length.
[  111.536713][ T5972] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  111.543283][   T12] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  111.543614][ T5972] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  111.553364][ T5972] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  111.556215][ T5972] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.583253][ T9522] IPVS: using max 45 ests per chain, 108000 per kthread
[  111.633207][  T838] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  111.693128][  T837] tipc: Node number set to 4269801488
[  111.763752][ T5972] usb 7-1: GET_CAPABILITIES returned 0
[  111.765582][ T5972] usbtmc 7-1:16.0: can't read capabilities
[  111.784372][  T838] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  111.787946][  T838] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  111.791350][  T838] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  111.794468][  T838] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  111.798477][  T838] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  111.801320][  T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.808948][  T838] usb 9-1: config 0 descriptor??
[  112.072563][   T24] usb 7-1: USB disconnect, device number 8
[  112.123470][ T6059] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  112.223175][  T838] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  112.236885][  T838] plantronics 0003:047F:FFFF.0002: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  112.275503][ T6059] usb 6-1: Using ep0 maxpacket: 8
[  112.279239][ T6059] usb 6-1: config 2 interface 0 has no altsetting 0
[  112.279352][ T9493] netlink: 'syz.2.1287': attribute type 30 has an invalid length.
[  112.283745][ T6059] usb 6-1: New USB device found, idVendor=04e2, idProduct=1412, bcdDevice=ca.10
[  112.284467][ T9493] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  112.286784][ T6059] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.289596][ T9493] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  112.292055][ T6059] usb 6-1: Product: syz
[  112.296721][ T6059] usb 6-1: Manufacturer: syz
[  112.298256][ T6059] usb 6-1: SerialNumber: syz
[  112.427003][ T9513] kernel read not supported for file /policy (pid: 9513 comm: syz.4.1297)
[  112.431629][  T838] usb 9-1: USB disconnect, device number 3
[  112.479140][ T5972] usb 5-1: USB disconnect, device number 5
[  112.519924][ T6059] usb 6-1: USB disconnect, device number 7
[  112.536051][ T9536] warn_alloc: 1 callbacks suppressed
[  112.536066][ T9536] syz.0.1305: vmalloc error: size 28672, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  112.545673][ T9536] CPU: 1 UID: 0 PID: 9536 Comm: syz.0.1305 Not tainted syzkaller #0 PREEMPT(full) 
[  112.545695][ T9536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.545705][ T9536] Call Trace:
[  112.545710][ T9536]  <TASK>
[  112.545718][ T9536]  dump_stack_lvl+0x16c/0x1f0
[  112.545769][ T9536]  warn_alloc+0x248/0x3a0
[  112.545796][ T9536]  ? __pfx_warn_alloc+0x10/0x10
[  112.545816][ T9536]  ? alloc_pages_mpol+0x25a/0x550
[  112.545838][ T9536]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  112.545866][ T9536]  __vmalloc_node_range_noprof+0x11d4/0x14b0
[  112.545900][ T9536]  ? vhost_task_create+0x1d2/0x2e0
[  112.545923][ T9536]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  112.545956][ T9536]  ? vhost_task_create+0x1d2/0x2e0
[  112.545973][ T9536]  __vmalloc_node_noprof+0xad/0xf0
[  112.545996][ T9536]  ? vhost_task_create+0x1d2/0x2e0
[  112.546016][ T9536]  copy_process+0x2c70/0x7690
[  112.546054][ T9536]  ? __pfx_copy_process+0x10/0x10
[  112.546083][ T9536]  ? lockdep_init_map_type+0x5c/0x280
[  112.546101][ T9536]  ? lockdep_init_map_type+0x5c/0x280
[  112.546116][ T9536]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  112.546138][ T9536]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  112.546165][ T9536]  vhost_task_create+0x1d2/0x2e0
[  112.546181][ T9536]  ? __pfx_vhost_task_create+0x10/0x10
[  112.546205][ T9536]  ? __pfx_vhost_task_fn+0x10/0x10
[  112.546225][ T9536]  kvm_mmu_post_init_vm+0x1b7/0x380
[  112.546238][ T9536]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  112.546252][ T9536]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  112.546269][ T9536]  kvm_vcpu_ioctl+0x5eb/0x1690
[  112.546284][ T9536]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  112.546298][ T9536]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  112.546311][ T9536]  ? do_vfs_ioctl+0x128/0x14f0
[  112.546327][ T9536]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  112.546342][ T9536]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  112.546363][ T9536]  ? hook_file_ioctl_common+0x145/0x410
[  112.546377][ T9536]  ? selinux_file_ioctl+0x180/0x270
[  112.546391][ T9536]  ? selinux_file_ioctl+0xb4/0x270
[  112.546407][ T9536]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  112.546421][ T9536]  __x64_sys_ioctl+0x18e/0x210
[  112.546437][ T9536]  do_syscall_64+0xcd/0x4e0
[  112.546460][ T9536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.546471][ T9536] RIP: 0033:0x7f76a918eba9
[  112.546479][ T9536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.546489][ T9536] RSP: 002b:00007f76aa015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  112.546499][ T9536] RAX: ffffffffffffffda RBX: 00007f76a93d5fa0 RCX: 00007f76a918eba9
[  112.546505][ T9536] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  112.546511][ T9536] RBP: 00007f76aa015090 R08: 0000000000000000 R09: 0000000000000000
[  112.546517][ T9536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  112.546522][ T9536] R13: 00007f76a93d6038 R14: 00007f76a93d5fa0 R15: 00007fff4e5ebac8
[  112.546535][ T9536]  </TASK>
[  112.546539][ T9536] Mem-Info:
[  112.662026][ T9536] active_anon:16873 inactive_anon:26 isolated_anon:0
[  112.662026][ T9536]  active_file:3402 inactive_file:54444 isolated_file:0
[  112.662026][ T9536]  unevictable:1768 dirty:36 writeback:0
[  112.662026][ T9536]  slab_reclaimable:12309 slab_unreclaimable:109657
[  112.662026][ T9536]  mapped:31452 shmem:7945 pagetables:1193
[  112.662026][ T9536]  sec_pagetables:317 bounce:0
[  112.662026][ T9536]  kernel_misc_reclaimable:0
[  112.662026][ T9536]  free:409008 free_pcp:9310 free_cma:0
[  112.673958][ T6371] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  112.676778][ T9536] Node 0 active_anon:67444kB inactive_anon:104kB active_file:13608kB inactive_file:217580kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:125808kB dirty:140kB writeback:0kB shmem:28180kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13456kB pagetables:4656kB sec_pagetables:1268kB all_unreclaimable? no Balloon:0kB
[  112.690918][ T9536] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:208kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  112.700560][ T9536] Node 0 DMA free:7168kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  112.709703][ T9536] lowmem_reserve[]: 0 1233 1233 1233 1233
[  112.711633][ T9536] Node 0 DMA32 free:83892kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:67444kB inactive_anon:104kB active_file:13608kB inactive_file:217580kB unevictable:3536kB writepending:152kB present:2080628kB managed:1263424kB mlocked:0kB bounce:0kB free_pcp:33156kB local_pcp:4676kB free_cma:0kB
[  112.721838][ T9536] lowmem_reserve[]: 0 0 0 0 0
[  112.723860][ T9536] Node 1 Normal free:1545876kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:3048kB local_pcp:0kB free_cma:0kB
[  112.734143][ T9536] lowmem_reserve[]: 0 0 0 0 0
[  112.735638][ T9536] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 1*4096kB (M) = 7168kB
[  112.739592][ T9536] Node 0 DMA32: 636*4kB (UME) 231*8kB (UME) 312*16kB (UME) 143*32kB (UME) 153*64kB (UME) 74*128kB (UME) 42*256kB (UME) 18*512kB (UME) 10*1024kB (UME) 10*2048kB (UM) 0*4096kB = 83912kB
[  112.745379][ T9536] Node 1 Normal: 3*4kB (ME) 9*8kB (ME) 10*16kB (ME) 163*32kB (UME) 79*64kB (UME) 19*128kB (UME) 6*256kB (U) 5*512kB (UME) 1*1024kB (U) 0*2048kB 373*4096kB (UM) = 1545876kB
[  112.751792][ T9536] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  112.754852][ T9536] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  112.758427][ T9536] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  112.761737][ T9536] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  112.765462][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  112.769797][ T9536] 65773 total pagecache pages
[  112.771298][ T9536] 0 pages in swap cache
[  112.772631][ T9536] Free swap  = 124996kB
[  112.774075][ T9536] Total swap = 124996kB
[  112.775425][ T9536] 1048443 pages RAM
[  112.776705][ T9536] 0 pages HighMem/MovableOnly
[  112.778223][ T9536] 283274 pages reserved
[  112.779514][ T9536] 0 pages cma reserved
[  112.875218][ T9541] MINIX-fs: blocksize too small for device
[  112.930717][ T9546] netlink: 'syz.2.1309': attribute type 3 has an invalid length.
[  113.225821][ T9566] FAULT_INJECTION: forcing a failure.
[  113.225821][ T9566] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  113.230195][ T9566] CPU: 2 UID: 0 PID: 9566 Comm: syz.2.1318 Not tainted syzkaller #0 PREEMPT(full) 
[  113.230215][ T9566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.230224][ T9566] Call Trace:
[  113.230230][ T9566]  <TASK>
[  113.230236][ T9566]  dump_stack_lvl+0x16c/0x1f0
[  113.230282][ T9566]  should_fail_ex+0x512/0x640
[  113.230309][ T9566]  should_fail_alloc_page+0xe7/0x130
[  113.230323][ T9566]  prepare_alloc_pages+0x3c2/0x610
[  113.230339][ T9566]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  113.230352][ T9566]  ? is_bpf_text_address+0x8a/0x1a0
[  113.230364][ T9566]  ? bpf_ksym_find+0x127/0x1c0
[  113.230377][ T9566]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  113.230393][ T9566]  ? is_bpf_text_address+0x94/0x1a0
[  113.230404][ T9566]  ? kernel_text_address+0x8d/0x100
[  113.230415][ T9566]  ? __lock_acquire+0x62e/0x1ce0
[  113.230432][ T9566]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  113.230442][ T9566]  ? unwind_get_return_address+0x59/0xa0
[  113.230460][ T9566]  ? stack_trace_save+0x8e/0xc0
[  113.230474][ T9566]  ? __pfx_stack_trace_save+0x10/0x10
[  113.230488][ T9566]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  113.230501][ T9566]  ? policy_nodemask+0xea/0x4e0
[  113.230515][ T9566]  alloc_pages_mpol+0x1fb/0x550
[  113.230528][ T9566]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  113.230543][ T9566]  alloc_pages_noprof+0x131/0x390
[  113.230556][ T9566]  __pud_alloc+0x3b/0x750
[  113.230571][ T9566]  __handle_mm_fault+0x13de/0x2a50
[  113.230588][ T9566]  ? mt_find+0x3ef/0xa30
[  113.230603][ T9566]  ? __pfx___handle_mm_fault+0x10/0x10
[  113.230630][ T9566]  handle_mm_fault+0x589/0xd10
[  113.230648][ T9566]  __get_user_pages+0x551/0x34a0
[  113.230665][ T9566]  ? __pfx_validate_mm+0x10/0x10
[  113.230676][ T9566]  ? __pfx___get_user_pages+0x10/0x10
[  113.230694][ T9566]  get_user_pages_remote+0x243/0xab0
[  113.230710][ T9566]  ? __pfx_get_user_pages_remote+0x10/0x10
[  113.230723][ T9566]  ? __pfx_vma_link+0x10/0x10
[  113.230732][ T9566]  ? selinux_vm_enough_memory+0x12a/0x190
[  113.230757][ T9566]  get_arg_page+0xf4/0x310
[  113.230768][ T9566]  ? __pfx_get_arg_page+0x10/0x10
[  113.230778][ T9566]  ? up_write+0x1b2/0x520
[  113.230791][ T9566]  copy_string_kernel+0x182/0x520
[  113.230804][ T9566]  do_execveat_common.isra.0+0x2ed/0x610
[  113.230818][ T9566]  __x64_sys_execve+0x8e/0xb0
[  113.230829][ T9566]  do_syscall_64+0xcd/0x4e0
[  113.230851][ T9566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.230861][ T9566] RIP: 0033:0x7fc1e878eba9
[  113.230870][ T9566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.230880][ T9566] RSP: 002b:00007fc1e967e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  113.230896][ T9566] RAX: ffffffffffffffda RBX: 00007fc1e89d5fa0 RCX: 00007fc1e878eba9
[  113.230903][ T9566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  113.230908][ T9566] RBP: 00007fc1e967e090 R08: 0000000000000000 R09: 0000000000000000
[  113.230914][ T9566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  113.230920][ T9566] R13: 00007fc1e89d6038 R14: 00007fc1e89d5fa0 R15: 00007ffc146389f8
[  113.230933][ T9566]  </TASK>
[  113.333444][ T9580] trusted_key: encrypted_key: keylen parameter is missing
[  113.633217][  T838] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  113.793655][   T13] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  113.803273][  T838] usb 9-1: Using ep0 maxpacket: 16
[  113.806403][  T838] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  113.811205][  T838] usb 9-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  113.814437][  T838] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.817707][  T838] usb 9-1: Product: syz
[  113.819026][  T838] usb 9-1: Manufacturer: syz
[  113.820573][  T838] usb 9-1: SerialNumber: syz
[  113.823415][  T838] usb 9-1: config 0 descriptor??
[  113.827326][  T838] hub 9-1:0.0: bad descriptor, ignoring hub
[  113.829211][  T838] hub 9-1:0.0: probe with driver hub failed with error -5
[  113.833282][  T838] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  114.033976][ T9609] kvm: kvm [9608]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  114.038184][ T9609] kvm: kvm [9608]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  114.129879][ T6059] usb 9-1: USB disconnect, device number 4
[  114.301746][ T9639] program syz.1.1347 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.354679][ T9645] __nla_validate_parse: 1 callbacks suppressed
[  114.354696][ T9645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1349'.
[  114.367048][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  114.369498][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  114.391526][ T9655] 9pnet: Could not find request transport: vP�SV���J�=)irti��xA�g�r%[�UT�JB�:2<bm\���+���0���<��w�
[  114.412977][   T40] kauditd_printk_skb: 44 callbacks suppressed
[  114.412988][   T40] audit: type=1400 audit(1757843234.230:736): avc:  denied  { append } for  pid=9651 comm="syz.0.1353" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  114.412993][ T9660] netlink: 'syz.4.1357': attribute type 1 has an invalid length.
[  114.428098][   T40] audit: type=1400 audit(1757843234.230:737): avc:  denied  { ioctl } for  pid=9659 comm="syz.4.1357" path="socket:[36512]" dev="sockfs" ino=36512 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  114.441646][ T9660] bond1: (slave geneve2): making interface the new active one
[  114.445274][ T9660] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  114.448059][   T46] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  114.450899][   T46] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  114.450962][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1357'.
[  114.485242][   T12] smc: removing ib device syz2
[  114.488888][ T1457] vxcan1 speed is unknown, defaulting to 1000
[  114.488903][ T6371] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  114.490797][ T1457] syz2: Port: 1 Link DOWN
[  114.495021][ T6369] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  114.507958][ T9669] loop6: detected capacity change from 0 to 64
[  114.521685][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.526397][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.529267][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.532015][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.535382][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  114.576184][ T9674] syzkaller1: entered promiscuous mode
[  114.577937][ T9674] syzkaller1: entered allmulticast mode
[  114.579214][ T9669] bpf: Bad value for 'uid'
[  114.913927][   T46] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  115.099433][ T9679] netlink: 'syz.4.1363': attribute type 39 has an invalid length.
[  115.228193][   T40] audit: type=1326 audit(1757843235.050:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9651 comm="syz.0.1353" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76a918eba9 code=0x7fc00000
[  115.298031][   T40] audit: type=1400 audit(1757843235.120:739): avc:  denied  { remount } for  pid=9684 comm="syz.4.1366" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  115.298112][ T9685] tmpfs: Cannot change global quota limit on remount
[  115.310214][   T40] audit: type=1400 audit(1757843235.130:740): avc:  denied  { getopt } for  pid=9684 comm="syz.4.1366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  115.452799][   T40] audit: type=1400 audit(1757843235.270:741): avc:  denied  { relabelfrom } for  pid=9699 comm="syz.4.1373" name="" dev="pipefs" ino=37990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  115.511312][ T9709] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1375'.
[  115.630659][ T9723] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1381'.
[  115.675515][   T40] audit: type=1400 audit(1757843235.500:742): avc:  denied  { map } for  pid=9724 comm="syz.0.1383" path="/dev/vcs3" dev="devtmpfs" ino=2865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  115.685161][   T40] audit: type=1400 audit(1757843235.500:743): avc:  denied  { execute } for  pid=9724 comm="syz.0.1383" path="/dev/vcs3" dev="devtmpfs" ino=2865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  115.714874][ T9728] FAULT_INJECTION: forcing a failure.
[  115.714874][ T9728] name failslab, interval 1, probability 0, space 0, times 0
[  115.720205][ T9728] CPU: 0 UID: 0 PID: 9728 Comm: syz.4.1382 Not tainted syzkaller #0 PREEMPT(full) 
[  115.720227][ T9728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.720238][ T9728] Call Trace:
[  115.720243][ T9728]  <TASK>
[  115.720251][ T9728]  dump_stack_lvl+0x16c/0x1f0
[  115.720326][ T9728]  should_fail_ex+0x512/0x640
[  115.720357][ T9728]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  115.720379][ T9728]  should_failslab+0xc2/0x120
[  115.720399][ T9728]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  115.720416][ T9728]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  115.720441][ T9728]  ? kvm_hv_setup_tsc_page+0x29a/0x8d0
[  115.720465][ T9728]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  115.720495][ T9728]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  115.720529][ T9728]  mmu_topup_memory_caches+0x25/0x170
[  115.720550][ T9728]  kvm_mmu_load+0xd6/0x23c0
[  115.720568][ T9728]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  115.720587][ T9728]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  115.720608][ T9728]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  115.720632][ T9728]  ? __pfx_kvm_guest_time_update+0x10/0x10
[  115.720653][ T9728]  ? __pfx_kvm_mmu_load+0x10/0x10
[  115.720670][ T9728]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  115.720696][ T9728]  ? kvm_check_and_inject_events+0x71c/0x1310
[  115.720725][ T9728]  vcpu_run+0x35a3/0x55a0
[  115.720750][ T9728]  ? __lock_acquire+0xb97/0x1ce0
[  115.720783][ T9728]  ? __pfx_vcpu_run+0x10/0x10
[  115.720810][ T9728]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  115.720833][ T9728]  ? __local_bh_enable_ip+0xa4/0x120
[  115.720860][ T9728]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  115.720883][ T9728]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  115.720914][ T9728]  kvm_vcpu_ioctl+0x5eb/0x1690
[  115.720947][ T9728]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  115.720969][ T9728]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  115.720992][ T9728]  ? do_vfs_ioctl+0x128/0x14f0
[  115.721019][ T9728]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  115.721045][ T9728]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  115.721081][ T9728]  ? hook_file_ioctl_common+0x145/0x410
[  115.721107][ T9728]  ? selinux_file_ioctl+0x180/0x270
[  115.721130][ T9728]  ? selinux_file_ioctl+0xb4/0x270
[  115.721155][ T9728]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  115.721179][ T9728]  __x64_sys_ioctl+0x18e/0x210
[  115.721206][ T9728]  do_syscall_64+0xcd/0x4e0
[  115.721240][ T9728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.721257][ T9728] RIP: 0033:0x7f3de098eba9
[  115.721271][ T9728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.721287][ T9728] RSP: 002b:00007f3de17b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  115.721304][ T9728] RAX: ffffffffffffffda RBX: 00007f3de0bd5fa0 RCX: 00007f3de098eba9
[  115.721315][ T9728] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  115.721325][ T9728] RBP: 00007f3de17b7090 R08: 0000000000000000 R09: 0000000000000000
[  115.721335][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  115.721345][ T9728] R13: 00007f3de0bd6038 R14: 00007f3de0bd5fa0 R15: 00007ffd4bce5d18
[  115.721369][ T9728]  </TASK>
[  115.838978][ T9736] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.844307][ T9736] batadv0: mtu less than device minimum
[  115.847664][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.852927][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.858308][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.861980][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.866960][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.872184][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.877638][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.882947][ T9736] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-272)
[  115.946795][ T9736] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.954282][ T9736] batadv_slave_1 (unregistering): left promiscuous mode
[  116.508345][   T40] audit: type=1400 audit(1757843236.330:744): avc:  denied  { bind } for  pid=9743 comm="syz.4.1389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  117.029989][ T9792] netlink: 492 bytes leftover after parsing attributes in process `syz.4.1407'.
[  117.096142][ T9798] usb usb8: usbfs: process 9798 (syz.4.1410) did not claim interface 0 before use
[  117.480407][ T9833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1418'.
[  117.486122][ T9834] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1418'.
[  117.569262][ T9839] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  117.570801][ T9837] syz.1.1419 (9837): /proc/9836/oom_adj is deprecated, please use /proc/9836/oom_score_adj instead.
[  117.620565][ T9837] kvm: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc1) = 0x1
[  117.623918][ T9837] kvm: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0xc2) = 0x1
[  117.649977][ T9837] kvm: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0xbe702112
[  117.654349][ T9847] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1422'.
[  117.680388][ T9837] kvm: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x186) = 0x1
[  117.683737][ T9837] kvm: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x187) = 0x1
[  117.700989][ T9837] kvm_intel: kvm [9836]: vcpu0, guest rIP: 0x9131 Unhandled WRMSR(0x1d9) = 0x1
[  117.720083][   T40] audit: type=1400 audit(1757843237.540:745): avc:  denied  { ioctl } for  pid=9863 comm="syz.2.1427" path="/dev/ptyq9" dev="devtmpfs" ino=136 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  117.727981][ T9865] sg_write: data in/out 10438218/1 bytes for SCSI command 0x6b-- guessing data in;
[  117.727981][ T9865]    program syz.2.1427 not setting count and/or reply_len properly
[  117.799936][ T9872] ubi: mtd0 is already attached to ubi31
[  117.882731][ T9880] binder: 9878:9880 unknown command 0
[  117.891116][ T9880] binder: 9878:9880 ioctl c0306201 200000000080 returned -22
[  118.103215][ T9897] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1442'.
[  118.172439][ T9903] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  118.176945][ T9903] block device autoloading is deprecated and will be removed.
[  118.222105][ T9905] kvm: kvm [9904]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x7
[  118.225895][ T9905] kvm: kvm [9904]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x7
[  118.325081][ T9918] binder: 9917:9918 unknown command 0
[  118.326802][ T9918] binder: 9917:9918 ioctl c0306201 200000000080 returned -22
[  118.357576][ T9920] netlink: 'syz.1.1450': attribute type 28 has an invalid length.
[  118.360343][ T9920] netlink: 'syz.1.1450': attribute type 3 has an invalid length.
[  118.362791][ T9920] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1450'.
[  118.392192][ T9923] bond0: entered promiscuous mode
[  118.394626][ T9923] bond_slave_0: entered promiscuous mode
[  118.397077][ T9923] bond_slave_1: entered promiscuous mode
[  118.400568][ T9923] batadv0: entered promiscuous mode
[  118.404578][ T9923] 8021q: adding VLAN 0 to HW filter on device hsr2
[  118.409454][ T9923] bond0: left promiscuous mode
[  118.411566][ T9923] bond_slave_0: left promiscuous mode
[  118.414764][ T9923] bond_slave_1: left promiscuous mode
[  118.417610][ T9923] batadv0: left promiscuous mode
[  118.504363][ T9932] FAULT_INJECTION: forcing a failure.
[  118.504363][ T9932] name failslab, interval 1, probability 0, space 0, times 0
[  118.508501][ T9932] CPU: 1 UID: 0 PID: 9932 Comm: syz.0.1456 Not tainted syzkaller #0 PREEMPT(full) 
[  118.508515][ T9932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.508521][ T9932] Call Trace:
[  118.508525][ T9932]  <TASK>
[  118.508529][ T9932]  dump_stack_lvl+0x16c/0x1f0
[  118.508566][ T9932]  should_fail_ex+0x512/0x640
[  118.508585][ T9932]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  118.508598][ T9932]  should_failslab+0xc2/0x120
[  118.508611][ T9932]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  118.508620][ T9932]  ? __kvm_mmu_topup_memory_cache+0x450/0x600
[  118.508637][ T9932]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  118.508655][ T9932]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  118.508674][ T9932]  mmu_topup_memory_caches+0x25/0x170
[  118.508686][ T9932]  kvm_mmu_load+0xd6/0x23c0
[  118.508696][ T9932]  ? kvm_apic_has_interrupt+0x106/0x1f0
[  118.508708][ T9932]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  118.508718][ T9932]  ? _raw_read_unlock+0x3e/0x50
[  118.508737][ T9932]  ? vmx_set_apic_access_page_addr+0x1a0/0x900
[  118.508749][ T9932]  ? kvm_apic_accept_pic_intr+0xe8/0x1a0
[  118.508764][ T9932]  ? __pfx_kvm_mmu_load+0x10/0x10
[  118.508773][ T9932]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  118.508790][ T9932]  ? kvm_check_and_inject_events+0x71c/0x1310
[  118.508807][ T9932]  vcpu_run+0x35a3/0x55a0
[  118.508821][ T9932]  ? __lock_acquire+0xb97/0x1ce0
[  118.508841][ T9932]  ? __pfx_vcpu_run+0x10/0x10
[  118.508856][ T9932]  ? fpu_swap_kvm_fpstate+0x1be/0x410
[  118.508870][ T9932]  ? __local_bh_enable_ip+0xa4/0x120
[  118.508886][ T9932]  ? kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  118.508906][ T9932]  kvm_arch_vcpu_ioctl_run+0x1023/0x1980
[  118.508925][ T9932]  kvm_vcpu_ioctl+0x5eb/0x1690
[  118.508940][ T9932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.508954][ T9932]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.508967][ T9932]  ? do_vfs_ioctl+0x128/0x14f0
[  118.508983][ T9932]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  118.508999][ T9932]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  118.509019][ T9932]  ? hook_file_ioctl_common+0x145/0x410
[  118.509034][ T9932]  ? selinux_file_ioctl+0x180/0x270
[  118.509048][ T9932]  ? selinux_file_ioctl+0xb4/0x270
[  118.509063][ T9932]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  118.509077][ T9932]  __x64_sys_ioctl+0x18e/0x210
[  118.509094][ T9932]  do_syscall_64+0xcd/0x4e0
[  118.509108][ T9932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.509118][ T9932] RIP: 0033:0x7f76a918eba9
[  118.509127][ T9932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.509137][ T9932] RSP: 002b:00007f76aa015038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  118.509147][ T9932] RAX: ffffffffffffffda RBX: 00007f76a93d5fa0 RCX: 00007f76a918eba9
[  118.509153][ T9932] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  118.509159][ T9932] RBP: 00007f76aa015090 R08: 0000000000000000 R09: 0000000000000000
[  118.509165][ T9932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.509171][ T9932] R13: 00007f76a93d6038 R14: 00007f76a93d5fa0 R15: 00007fff4e5ebac8
[  118.509184][ T9932]  </TASK>
[  118.890509][ T9959] netlink: 'syz.0.1466': attribute type 1 has an invalid length.
[  118.893039][ T9959] netlink: 'syz.0.1466': attribute type 1 has an invalid length.
[  118.923942][ T9963] FAULT_INJECTION: forcing a failure.
[  118.923942][ T9963] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  118.928115][ T9963] CPU: 0 UID: 0 PID: 9963 Comm: syz.1.1468 Not tainted syzkaller #0 PREEMPT(full) 
[  118.928129][ T9963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  118.928135][ T9963] Call Trace:
[  118.928139][ T9963]  <TASK>
[  118.928143][ T9963]  dump_stack_lvl+0x16c/0x1f0
[  118.928178][ T9963]  should_fail_ex+0x512/0x640
[  118.928200][ T9963]  should_fail_alloc_page+0xe7/0x130
[  118.928214][ T9963]  prepare_alloc_pages+0x3c2/0x610
[  118.928248][ T9963]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  118.928265][ T9963]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  118.928277][ T9963]  ? is_bpf_text_address+0x8a/0x1a0
[  118.928289][ T9963]  ? bpf_ksym_find+0x127/0x1c0
[  118.928302][ T9963]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  118.928317][ T9963]  ? is_bpf_text_address+0x94/0x1a0
[  118.928328][ T9963]  ? kernel_text_address+0x8d/0x100
[  118.928340][ T9963]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  118.928351][ T9963]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  118.928363][ T9963]  ? look_up_lock_class+0x6b/0x150
[  118.928389][ T9963]  ? __lock_acquire+0xb97/0x1ce0
[  118.928405][ T9963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  118.928418][ T9963]  ? policy_nodemask+0xea/0x4e0
[  118.928431][ T9963]  alloc_pages_mpol+0x1fb/0x550
[  118.928443][ T9963]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  118.928455][ T9963]  ? do_raw_spin_lock+0x12c/0x2b0
[  118.928466][ T9963]  ? find_held_lock+0x2b/0x80
[  118.928480][ T9963]  alloc_pages_noprof+0x131/0x390
[  118.928493][ T9963]  __pmd_alloc+0x3b/0x930
[  118.928506][ T9963]  ? __pud_alloc+0x526/0x750
[  118.928520][ T9963]  __handle_mm_fault+0xa06/0x2a50
[  118.928540][ T9963]  ? __pfx___handle_mm_fault+0x10/0x10
[  118.928566][ T9963]  handle_mm_fault+0x589/0xd10
[  118.928584][ T9963]  __get_user_pages+0x551/0x34a0
[  118.928601][ T9963]  ? __pfx_validate_mm+0x10/0x10
[  118.928612][ T9963]  ? __pfx___get_user_pages+0x10/0x10
[  118.928629][ T9963]  get_user_pages_remote+0x243/0xab0
[  118.928645][ T9963]  ? __pfx_get_user_pages_remote+0x10/0x10
[  118.928662][ T9963]  ? __pfx_vma_link+0x10/0x10
[  118.928671][ T9963]  ? selinux_vm_enough_memory+0x12a/0x190
[  118.928692][ T9963]  get_arg_page+0xf4/0x310
[  118.928702][ T9963]  ? __pfx_get_arg_page+0x10/0x10
[  118.928712][ T9963]  ? up_write+0x1b2/0x520
[  118.928725][ T9963]  copy_string_kernel+0x182/0x520
[  118.928738][ T9963]  do_execveat_common.isra.0+0x2ed/0x610
[  118.928752][ T9963]  __x64_sys_execve+0x8e/0xb0
[  118.928763][ T9963]  do_syscall_64+0xcd/0x4e0
[  118.928778][ T9963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.928788][ T9963] RIP: 0033:0x7fac0518eba9
[  118.928797][ T9963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.928808][ T9963] RSP: 002b:00007fac060f5038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  118.928824][ T9963] RAX: ffffffffffffffda RBX: 00007fac053d5fa0 RCX: 00007fac0518eba9
[  118.928830][ T9963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  118.928836][ T9963] RBP: 00007fac060f5090 R08: 0000000000000000 R09: 0000000000000000
[  118.928842][ T9963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  118.928848][ T9963] R13: 00007fac053d6038 R14: 00007fac053d5fa0 R15: 00007ffc16b12178
[  118.928861][ T9963]  </TASK>
[  119.060554][ T9966] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  119.064029][ T9966] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  119.173492][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  119.994708][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  119.994723][   T40] audit: type=1400 audit(1757843239.820:752): avc:  denied  { firmware_load } for  pid=10028 comm="syz.1.1493" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  120.009814][T10029] syz.1.1493 (10029) used greatest stack depth: 19752 bytes left
[  120.100923][T10034] __nla_validate_parse: 5 callbacks suppressed
[  120.100940][T10034] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1495'.
[  120.131290][   T40] audit: type=1400 audit(1757843239.950:753): avc:  denied  { lock } for  pid=10036 comm="syz.4.1496" path="/227/file0/cpuset.effective_cpus" dev="9p" ino=71827935 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  120.241787][   T59] wlan0: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  120.371573][T10064] loop6: detected capacity change from 0 to 64
[  120.383610][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  120.387608][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  120.391422][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  120.396330][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  120.400186][ T7087] Buffer I/O error on dev loop6, logical block 0, async page read
[  120.475487][T10073] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1511'.
[  120.478416][T10073] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1511'.
[  120.543693][   T46] net_ratelimit: 17 callbacks suppressed
[  120.543705][   T46] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-272); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  120.770983][   T40] audit: type=1400 audit(1757843240.590:754): avc:  denied  { listen } for  pid=10089 comm="syz.2.1518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  120.884804][T10098] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000021: 0000 [#1] SMP KASAN NOPTI
[  120.888339][T10098] KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]
[  120.891558][T10098] CPU: 2 UID: 0 PID: 10098 Comm: syz.0.1520 Not tainted syzkaller #0 PREEMPT(full) 
[  120.895530][T10098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  120.898837][T10098] RIP: 0010:bcsp_recv+0x10a/0x17f0
[  120.900446][T10098] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 aa b5 40 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8
[  120.906355][T10098] RSP: 0018:ffffc90003e97bf0 EFLAGS: 00010293
[  120.908234][T10098] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff887ae8da
[  120.910683][T10098] RDX: ffff88803958c880 RSI: ffffffff887ae926 RDI: 0000000000000005
[  120.913141][T10098] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  120.915562][T10098] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90003e97d88
[  120.918003][T10098] R13: ffffc90003e97d88 R14: 0000000000000001 R15: ffff888032495c00
[  120.920426][T10098] FS:  00007f76a9fd36c0(0000) GS:ffff8880d68b4000(0000) knlGS:0000000000000000
[  120.923137][T10098] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  120.925112][T10098] CR2: 00002000000031c0 CR3: 000000002ad35000 CR4: 0000000000352ef0
[  120.927438][T10098] Call Trace:
[  120.928453][T10098]  <TASK>
[  120.929357][T10098]  ? __pfx_bcsp_recv+0x10/0x10
[  120.930791][T10098]  hci_uart_tty_receive+0x254/0x7e0
[  120.932401][T10098]  ? __pfx_hci_uart_tty_receive+0x10/0x10
[  120.934133][T10098]  tty_ioctl+0x580/0x1680
[  120.935464][T10098]  ? __pfx_tty_ioctl+0x10/0x10
[  120.936987][T10098]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  120.939110][T10098]  ? hook_file_ioctl_common+0x145/0x410
[  120.940841][T10098]  ? selinux_file_ioctl+0x180/0x270
[  120.942477][T10098]  ? selinux_file_ioctl+0xb4/0x270
[  120.944075][T10098]  ? __pfx_tty_ioctl+0x10/0x10
[  120.945573][T10098]  __x64_sys_ioctl+0x18e/0x210
[  120.947074][T10098]  do_syscall_64+0xcd/0x4e0
[  120.948507][T10098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.950342][T10098] RIP: 0033:0x7f76a918eba9
[  120.951938][T10098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.957821][T10098] RSP: 002b:00007f76a9fd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  120.960387][T10098] RAX: ffffffffffffffda RBX: 00007f76a93d6180 RCX: 00007f76a918eba9
[  120.962825][T10098] RDX: 0000200000000000 RSI: 0000000000005412 RDI: 000000000000000d
[  120.965256][T10098] RBP: 00007f76a9211e19 R08: 0000000000000000 R09: 0000000000000000
[  120.967677][T10098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  120.970132][T10098] R13: 00007f76a93d6218 R14: 00007f76a93d6180 R15: 00007fff4e5ebac8
[  120.972584][T10098]  </TASK>
[  120.973569][T10098] Modules linked in:
[  120.975192][T10098] ---[ end trace 0000000000000000 ]---
[  120.976801][   T40] audit: type=1400 audit(1757843240.800:755): avc:  denied  { read } for  pid=5364 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  120.977230][T10098] RIP: 0010:bcsp_recv+0x10a/0x17f0
[  120.983843][   T40] audit: type=1400 audit(1757843240.800:756): avc:  denied  { search } for  pid=5364 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  120.985222][T10098] Code: 18 48 c1 e8 03 48 01 e8 48 89 04 24 48 8d 83 78 01 00 00 48 89 44 24 28 48 c1 e8 03 48 89 44 24 08 e8 aa b5 40 f9 48 8b 04 24 <80> 38 00 0f 85 d1 12 00 00 4c 8b ab 08 01 00 00 31 ff 4c 89 ee e8
[  120.985235][T10098] RSP: 0018:ffffc90003e97bf0 EFLAGS: 00010293
[  120.992952][   T40] audit: type=1400 audit(1757843240.800:757): avc:  denied  { add_name } for  pid=5364 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  120.999137][T10098] 
[  121.001501][   T40] audit: type=1400 audit(1757843240.800:758): avc:  denied  { create } for  pid=5364 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  121.008030][T10098] RAX: dffffc0000000021 RBX: 0000000000000000 RCX: ffffffff887ae8da
[  121.009019][   T40] audit: type=1400 audit(1757843240.800:759): avc:  denied  { append open } for  pid=5364 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  121.015583][T10098] RDX: ffff88803958c880 RSI: ffffffff887ae926 RDI: 0000000000000005
[  121.015609][T10098] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000
[  121.015615][T10098] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90003e97d88
[  121.015622][T10098] R13: ffffc90003e97d88 R14: 0000000000000001 R15: ffff888032495c00
[  121.015628][T10098] FS:  00007f76a9fd36c0(0000) GS:ffff8880d68b4000(0000) knlGS:0000000000000000
[  121.018278][   T40] audit: type=1400 audit(1757843240.800:760): avc:  denied  { getattr } for  pid=5364 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  121.025210][T10098] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.025221][T10098] CR2: 00002000000031c0 CR3: 000000002ad35000 CR4: 0000000000352ef0
[  121.025229][T10098] Kernel panic - not syncing: Fatal exception
[  121.025947][T10098] Kernel Offset: disabled

VM DIAGNOSIS:
09:47:20  Registers:
info registers vcpu 0

CPU#0
RAX=000000000007fd64 RBX=0000000000000000 RCX=ffffffff8b94bb49 RDX=ffffed100d486656
RSI=ffffffff8c163280 RDI=ffffffff81914111 RBP=fffffbfff1c52ef8 RSP=ffffffff8e207e08
R8 =0000000000000000 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e2977c0 R14=ffffffff90ab7090 R15=0000000000000000
RIP=ffffffff8b94a68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66b4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f76a9174940 CR3=0000000025015000 CR4=00352ef0
DR0=0000000000000007 DR1=0000000000000000 DR2=000000000000000a DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000054 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd4bce6226
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd4bce6226 00007ffd4bce622c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0a12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0ba74a8 00007f3de0ba74a0 00007f3de0ba7498 00007f3de0ba7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de170d100 00007f3de0ba7460 00007f3de0ba0004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3de0ba74b8 00007f3de0ba74b0 00007f3de0ba74a8 00007f3de0ba74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000008d524 RBX=0000000000000001 RCX=ffffffff8b94bb49 RDX=ffffed100d4a6656
RSI=ffffffff8c163280 RDI=ffffffff81914111 RBP=ffffed1003bd7488 RSP=ffffc90000177df8
R8 =0000000000000000 R9 =ffffed100d4a6655 R10=ffff88806a5332ab R11=0000000000000000
R12=0000000000000001 R13=ffff88801deba440 R14=ffffffff90ab7090 R15=0000000000000000
RIP=ffffffff8b94a68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67b4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fff4e5eaf40 CR3=0000000021d14000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 657106b536aaaaad d8a9a1a68c89347f
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc16b12686
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc16b12686 00007ffc16b1268c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fac05212fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1916d904986fdb34 b62709242a8773e0 7e1ab9f85707c416 6a0c69ff98afe46b
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 740b9d961e0f98b0 9e1a6a6904d3844a f515414b2d930004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 dd4a5800d7eb6d9c 6197eeccd34252f0 63534ce63f31436e 722f2f6efc1916d9
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c4acf9714ba356b3 fa5559e291b715ac 9adb9cb6447fe10f bbae30ea021f90c0
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 da69da36fe5deab3 96336895d1c04cff aaeffd65be4c00f7 626e9e74921fc9f1
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d9977d81d5271aa8 1b56e030f00391c1 52b6417067c5961d b989477c3a8a342e
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 48fb03211d178efb 4de5ce2f2c247661 d67b6202926691cb c8ec56dff5975ffd
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8564ba35 RDI=ffffffff9b1160e0 RBP=ffffffff9b1160a0 RSP=ffffc90003e97560
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043
R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b1160a0 R15=ffffffff8564b9d0
RIP=ffffffff8564ba5f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f76a9fd36c0 ffffffff 00c00000
GS =0000 ffff8880d68b4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00002000000031c0 CR3=000000002ad35000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4e5ebfd6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4e5ebfd6 00007fff4e5ebfdc
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9212fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a93a74a8 00007f76a93a74a0 00007f76a93a7498 00007f76a93a7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9f0d100 00007f76a93a7460 00007f76a93a7478 00007f76a93a74c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a93a74b8 00007f76a93a74b0 00007f76a93a74a8 00007f76a93a74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000005919c RBX=0000000000000003 RCX=ffffffff8b94bb49 RDX=ffffed100d4e6656
RSI=ffffffff8c163280 RDI=ffffffff81914111 RBP=ffffed1003bda000 RSP=ffffc90000197df8
R8 =0000000000000000 R9 =ffffed100d4e6655 R10=ffff88806a7332ab R11=0000000000000000
R12=0000000000000003 R13=ffff88801ded0000 R14=ffffffff90ab7090 R15=0000000000000000
RIP=ffffffff8b94a68f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b4000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c37c836 CR3=000000002ad35000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01462a7f4bf88114 f759664ff2f028a7
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f64c7c9e17b6fa7 88bf631694fd78fd
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9371b37e650187d4 bc3da46fa679ab76
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 316036375ddcd61c 29eab94174a2059c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000a600
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3be7fe001e3a3000 00004a5a00004a5d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0992200ed59e600 c1698600b90fc000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 fbf7fe0000004a59 00004a5900004a59
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004a62 013b690000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b33f83d9ecb1e593 1e94ce0782a16b02
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 96ab9bbd53d4af3b d2343c57b9dee741
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a93a74a8 00007f76a93a74a0 00007f76a93a7498 00007f76a93a7470
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a9f0d100 00007f76a93a7460 00007f76a93a7478 00007f76a93a74c0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f76a93a74b8 00007f76a93a74b0 00007f76a93a74a8 00007f76a93a74a0
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c0652bdfd95dd8b6 20d06012b95f8c14 00010014fffffffc 00040008cb9f8657
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c4910826f93e25bc caa86bb200020014 1e13f8d4ce72a317 0003000c807a0040
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000500040008 8600c1e0b25a58e5 f1ffd8c1f6e009bc 00010014ae8f51fa
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a03895c4322d19d 4f0d271ac47cadad 771bc68bab01b6da abe3060d00010024
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000