last executing test programs:

16.129978422s ago: executing program 3 (id=1452):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000200)={0x0, 0x2, 0x1})

16.127810972s ago: executing program 3 (id=1453):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x17, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0x14, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0xc}, @NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0x401}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008018}, 0x4010080)

16.03119777s ago: executing program 3 (id=1454):
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)
syz_emit_ethernet(0x86, &(0x7f00000001c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@noop]}}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x61, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x2f, 0x9, @dev={0xac, 0x14, 0x14, 0x10}, @remote, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@rand_addr=0x86dd}, {@remote}, {@dev={0xac, 0x14, 0x14, 0xa}}, {@rand_addr, 0x8}, {@empty}, {@loopback}, {@local, 0x4}, {@multicast1}]}]}}}}}}}, 0x0)
r1 = socket(0x2, 0x2, 0x1)
bind$unix(r1, &(0x7f0000000000)=@abs, 0x6e)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
preadv(r2, &(0x7f0000000180)=[{&(0x7f0000000880)=""/175, 0xaf}, {&(0x7f0000000280)=""/186, 0xba}], 0x2, 0x8, 0x2081)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x28801, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000020000000200000000700000003000000"], &(0x7f0000001fc0)=""/4124, 0x3f, 0x101c, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="ce", 0x1}], 0x1)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
close(r6)

15.899145931s ago: executing program 3 (id=1458):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x4f2556ecc655cf69, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0) (async)
execve(&(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000980)={[&(0x7f00000005c0)='syz1\x00']})

15.849851547s ago: executing program 3 (id=1460):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) (async)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0) (async)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x13, 0x8, 0x8, 0x0, 0x8, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
writev(r1, &(0x7f0000001340)=[{&(0x7f0000001e80)="094343483c6b10e8d1f49bfb95c03fe2c916bab5305046447781ff5554c9be2ab892c11010686df720415521866db615de6ca80ce6a57c925cac36bc821434ef0927d2dc2c2fe5d9de50b3033ec1ad407b4c46fc8e5588fc446c063dda02549f62b500b5a45e30a77cee2aaf1d46141a1d68efe42d03925fbd4833b802cc6bf7cadf92e04d71be46ded1fef85a088b61e346e0d6b98c9dc1a880c9e4d9691fa5d19eb51b822d192a162dc8baf33f228d29090508526c29a18fc9744999d196ea2cd6097b2e927e007c891f2e80797f4f1bd32466b3cbb2ee62e9a65bfc418c63ec75c070d81449c09a078d983ba31d7780cd3c9ee75387a9510429b864cf007b48dbed8b72c6aad70806d98c8950440111db974816b79a88d673d051268323906d3463962508b1a9d9734b89b9980e4302f76b03beeb7e27bee9236c08dd2c4726d13afae0c7d6cd0ef28525a3be7b0ad98c0a01e5f8c3134cbc27b539b4be7d772737f0f54ffa8950a556a9388b7b4b4e81e944b63d84dd91a02106ca2653aea55dc55b25f2d7de7ec1e6f18b7d3d878e24260d83ce641a60ab9721b5d8c9ff828df59aa374eeda84a51a18ea1a93865b769b33d2b8ac06148c170a17ac846515cc7bfe5f61fde86776f72741b5d6d5df7be6c6205cd5f4c2139fde2a05b9dafff068ba3f957a90b46707e08277a098405faec5bbb90c7ebed2d79f8a5770780a86df6474cd37e7930f2c21838346559ce184fd64a8c4cc367b9d1f2cea52b81b5dc910b07cf564fddb338822a91895690668c5301157383851d525f73c258fe54b0d7768b0744e43a7b8e4d5ad5d88480095303633275de4d02ea664bdd8844e1dd4476cf6e19508e8b8bd767997889432dd68413b93720b50faaa72f6b633de0f91faac2435a51ee6c1a873803b321b4d6aab00a285338bb57e6806c06d46ae6101533c68a7436a14afd5e26219444cc98983ef2b7133478ae3f41b3fbaf63b5b2c3f92035f29f43e3b35502cc6a2ce05b0a801f2c0bb319a2ff9f4acaca1b5715b3437dea3b3c6c10bf9e7b6669c21dfc72146dc5622107d4ce049a21c7136f67a30f2d4e322ac878dcadface49a820f8e32d09d6ec7b10858c5f31a6e722ca55db28fe3a9415655a91d99ac396e8b40c47ddb636a584ea3372fcaae0d040a297640d979d2f13fc6ea10c814b3a55c21e9f5cbf05ac6536c5f1cb4d528a564358b07f7e00b2f63bd5db8f7a9bfe95fe566eaff077eb708d839de41990a04bdf8c90270f2e56ce656d9b4428039b82b4a1350e62b4bf48e4253ca86a0c8620355474b73d76f932611db212781ca46d2b962e64c007bf4ff92c9e98aa1df916c83b97fd2eab5c2d89d331b80968a0977259fe27c17e0f0c91645065ba4da6c009361d69bd9d13f7d178cbb7731333bc5db7fde029cf9045f5ee2c0d1b0b5e82916796a9635b7dac82b9637fbdd2877e7d22a4de89fdbf8aec491a5776412fa66fd0eee93ce86d53ea82f997bc9f04dee136c7d0f64d86c54f534d3225387395ff3fa031256f31ec05583b9a76a464e63b8ee32fae5f890c416657468388dbe2b3c865ec202d8eed57f8ee39ffa2ac587e932f0b0bbad41aa01dd8aa24a61db4729f51666f56c7b933c605b88592f730b25bdfa14c82a1dbebb7bd1f0680f1f0439c17c015a798f9b46272878e329106299867e7e9a35536454b740df00051863a701cfdc2d9583dcb74f4062212974c449ebfbbb665dc113d347a51236ca6919081f4c07b2bcffd78bbeb88797d7f5ba6a3f6178200d5df4fb80927be478e19cc62ebc47a9df63180e33c523eaf401b2b39a69960868fe65ac1fb176b5d364d31311bd5048c8cf37eaf9e2d13e07e00017a510e1548ab7706da22346276aa5bf4947a45cb2189f2d60ee1b8989efa819271541e06979049c0c35cd5cc3dc7d44dee9e106dd08a41752e145214dd20fceba6e57fb31c989f62e4582fd0d6d576be49cc2d459fd0496541e7736dcb8ed1b0ba6d17ad14dba1fca6c2b0a955e399d81669774e6b96ae3a9cc44e6a40e6c41ee2f8d6d5b20cdfbfa62dbfda1898e45eea07d5f89c99911c10daee99fea65feca9100d75be59e5c159691d96c25e76c8d4c5ceda0d24317ed878a264ceef6b32c59067853a64b412b5544584ff9db4b01b5b239e8b4336ecf1ca714462b4b9bffad7abcc39ddff6e2f7bd66037c61856c336d544cca419b98c79f4801be4a8a73f68ed4303991e67cf15487abaa077461ed40e9b39307cffd291954796230803e27494055b777fd0f21c0cb3f7219bf9392ab779744412f324331aa853bc34f6e2bd180e2d6b668a9f759a93448380cdca902258207073225c7c04bed5b5b6ad761ab27acc552faca2841cabe1518e1160fb9276def0e0fa283139650e3c2f28bb4607d6c767e81491d347d736239a9c74cf18f4549f64d8ade02d62866107778de51390ccb749aee4baff84a7a318ef3e0f8f543d778dabd711eea08e0310c2a88602417be91fe93be78f3356bf33075a95a61f2e242926953ce27815f5b74d180344c6e3c1888260ffca71a5f8ef29cce8aa851477a96462259de907740aa7167eed3b10ddd15e33ed9d6136ad753aabffd409130111ca43578eb5ea16471b3c36661f61088024f90a4fecd5bfff7aefa6ef21fb9cf8630d544abc04124cc5afc28b3e096a9ed4fe4bae67de90ed7602b7c1a49b20da1628cc997b0154850b2ec8a56b0397875d5490de8b6931aa4b17bbe5e3f4cf3b2e9e5b2cbb9672f3ff658ef22a0718c1b456fe0d772ce28a0db6dbb3e85118ed1628f3f824f8331f4171e482359cf3f24920cdb0f437fd1f5133bb2aa371162c8b966828bb138963d35c45bc943fdf64246e87bb348427db273c2fc47de82a23acad8a41c01a2ace15f0217b581bfde3cf444516fb10fa54a154fdfbe16074dda95d5f99b91805d58849ca5e68df0a3902dd7fcc60477e4cef7cd548fa6f525cb9d6e6425c5091e04adb03851e7dd723d72e98dc8e439ec662765fc4e152a7f581ff6a4eb2918f6fea429b73190ffafb17dee3b482721c69000c751757e213242b5ef2dbba5c87381cdef00ad54da988a92b6137442b889a93df2d63eeab709759eef9e874be71359ccfabc1315b74903d4a9b1f13dd326c2d1a2cf8766e2a0be5f761a6513361d96ccadee9d143b7a37c8bb3873ca888f0e9d1a44ca2a610265ec5358c96b9feaa957bf625f70890b2cf0fb3040a1c919ad4deeecc8b9510d99c6597fcc970a350966d33f68be5d03ec58ff55187f3b4b742e51925cff780c681bf71a7ad6c1871e286689ec898aa13c2544ce4316c30f51397c91e9bd06ca60014bc105a735840f5658f26c4d37f3b98915619a91b83993ae07112a33296fdb9041100f2740aebde75cb26a8b2eb2a6681c9dbf4ab80b92cc2fd109780a95f5d3d7cccbc067cc37f8ee9b03825c3715818ec540257d1c1d41cb3092dd66f73cbf0aa27115a72a3d6da353cd4e72ba580543ed6be24bdec2543beddccce53d7ad819557132619f80bffa56af1e10d0f0a3195d974f220d7ec248c8374f22dddcc39153e98812d941fa2871f404a2d7d7aefa3c0f5c85449b25151ea2ab633bf412a3c6eaa8d00910053c108d3a456c5209a731f29abfab10772111c47a4c2e657b9881a59bb02f62937674ec2c3f9d9f75f6065ef9a8b79b5adb11c0fdeb535aa2a8d0807cac0044169446d5e6b44911497dff0a4724e8f7d1529fd0eef072be912e31633c3e9a9896c5bc93e911666420e2b1c21fcd8ac30dc61ac872d908477b61b72f3fa8118f2e72155ff91c9bc3cdd09ed143a435c3044c7e41f8a827d484e6b48a494382c9ce791c176f50a36a254dd287ab020e51a369f269f7cdcada4eaa2f1684d94983eb0b6d7edb7c96bb6813617c92f9f2a048106fd5d1505286dfd0d40360c3a4db6ec3f51c12e7ac6f93d70695a212bc1634d1665bac0d1876c64d8188f670df1196e1283459f566109ec49403bdce92dab2d4c47770da04ccc9230d4428b85678be65bf2600f484f721b40b4b2e2bbecd7dd8419f4e2ea489f3cdc072fee4510e5abc3b814909184455d3e9724a95594d32025d0026f44d106ac84a96157c2e4fca10bb5e2ef1dccbbde646b19e87b2c8ea2922bc0bf57a815b3b5c8784a7ecb32996b2a45313152e8c4aa5cdf24efa4a0cc05cd365c37c9c0e8fd54506c7b38c1cf7b8cc79ec61b1e9e680454383d730d0dfa45040de2b34ac365cfac85abff5ad55d47d98a97432f6ec6a79ce8f6b16b2bd14e68971726a9335df21e45e30ea8ee314f2320866d315a411fa807ce1e6a79e55d3830a246c7a36491c3dcc4f29ba889eb5cd67651eb9b3b864d3d533344c84bdf51997703f29f335c7645d4f52d40984e38740caa8e526bb5c66363718c1869c0e48ddd14889749d945e076db9f6eecd4641250653832fdd1df7427f7623795ee7e585fe2be71bbd914253a55f8a43909746934657b79bbae555c18da571dcd535aa5d5657633f8ce262cdea463f5e154efba995ef786299562f3b42468f3a56b090a76eb8d65dca217af39210df53954388afd4c51a0d9a1c6aeebe85debbc7a6bcebaaf3df1b49bc83dd1c6df58d738d61a6424c165df87cc8531dccbcc81e4756a0f1ef93ad1ca922df1f9a89c81c0e022434403a310622c61a2235360d240c9a59ddebb9c92f5b3d0246af5fc4b5c42327744ab94cbdf51e4c1df293adf195839741b4c9e8ca3c3d1d591f3fb9029872b053d8528b70c8c057fd986343de5634dac6aa78ba2a1b200a11a5dcb7a3aff6f54d651f900a40a61a1ea18b5c4979535a9bcda005b8d38dd75316574cadb8dc4c969cef7c1f7a60d52d58344fbb00724a5f0f7ac4e0e39dab394b0a3002d52a2f54770b6e8aba0d219b671e81fd637d9f3288bc38d4983a80499d03cabca0b9a8ebc48cbfcf14b6d440c5133d53bc37d6bf3f8d64a3af99993d89959919f69898b668da26cde74436a6069617497e83db279d8773e47d23b50746636f6c715b6ccf7d3a387b0ef71c2a2b5ae59c82d27ec142cf10770dea7aa63e2cefd99ef8fc0bc6d13a0f72de1533178f0414f6a24f5b20811647864fde42cb48682b893ff7ca37a1336299cca9330cdc549f8c09e51be60e32ac5526f1418c7b7736105e9baedc4e89b4aa9801f0b943318a26b91b61c79b69ad480cf644d829291117e0b978558159698ba9c00ba09a1542c7504c8bbf90254384d7b0270261b83343413df2453635214619d5c4fad2a73f4ab3fc77deeca902e8c27ada9156ebc73f8983f3b6b79955ccdabaf76c1662b1a126b7d4d3e0495111675c33cb09a3d4994f7d2d76db4849f970273eaf656acfc453eeef1aa766082fb52e7ce565ac66442818cb9fff21c913b865fc9681b91ffc18ca25a6da045af5018a2d0a7ef0282431a643dc4f692ce2fca9ff85faf4969689a3f0eae21bf79350fb8328a40291769ce59b727e7a9210d96caafe9466af812a30e65de5bddc8578eb43bdd4f963a2b03d2555181555727049267899a083d16a3b8668a57de4f2addfb1507df9f6ad4d2e661a14595ecb942ae9d7851bbf95af226e413e4b95a6a802df4b5a9dadb477a325de4a01ed04dbd4488b46400e671d08e76bff605141502b7aa1b1755735400061976ef6e9a903e01b65ee9f641b99245093bb6f6de3a32ed0", 0xfd0}, {&(0x7f00000010c0)="10e3e45aa087d8d3b904940102ff613d5ad9a5048eb166a91910c942504047d2ac5ffaf0e6d140f319c67b3a32941e14ea2e2e400cca11af033bc9f6021940ee811452c48223e562f7b5c5e0b30d6d01d80beefaae209661cc", 0x59}, {&(0x7f0000001140)}, {0x0}], 0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb34902, 0x1000006, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
fadvise64(r1, 0x18, 0x0, 0x4)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0) (async)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x28, &(0x7f0000000240)={[{}]})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) (async)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={@dev={0xfe, 0x80, '\x00', 0x4}}) (async)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r5, 0x6, 0xd, 0x0, 0x0) (async)
sendto$rxrpc(r3, &(0x7f00000002c0)="deb3e1edcb9f29092a8978791d3f4ec675052d653a5a0568d12cdd511b80fa22589ba817eec6e66774d9fa373c20afbe174a70846b0a96a7044f73560b2eb002185fabbd14a3402e061d06ce4a8953b705704903a1b7039a80f1e8f444d3fd218d467a", 0x63, 0x800, &(0x7f0000000340)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e23, @loopback}}, 0x24)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=@framed={{0x56, 0xa, 0x0, 0x0, 0x0, 0x79, 0x11, 0x30}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)
getsockopt$inet6_mptcp_buf(r5, 0x11c, 0x3, &(0x7f0000000100)=""/222, &(0x7f0000000000)=0x61637876) (async)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000000200), &(0x7f0000000280)='./file0\x00', 0x8, 0x3)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x10001, 0x5, 0x8})

15.670754786s ago: executing program 3 (id=1462):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x4800)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r2, r3, 0x6d05, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f0000000080)=0x4a810da0, 0x4)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

11.290403285s ago: executing program 2 (id=1559):
r0 = io_uring_setup(0xdac, &(0x7f0000000180)={0x0, 0x0, 0x40, 0x0, 0x368})
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
bind$bt_hci(r1, &(0x7f0000000000)={0x27, 0x4}, 0x6)
sendmmsg$unix(r1, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0xfdef}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=ANY=[@ANYBLOB="f0000000100033060000000000000000fc000000000000000000000000000000ffffffff00000000000000000000000000004000070080010000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032000000fe80000000000000000000000000000b23030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000100000000000000000000000000000000000000080000000000000029bd7000000000000a0001000000000000000000"], 0xf0}}, 0x0)

11.220720099s ago: executing program 2 (id=1560):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x52}}, 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x24, 0x0, 0x0)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000000240), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000000000)={0x8, 0x1, 0x9, 0x10000, @vifc_lcl_addr=@local, @multicast2}, 0x10)
close(0x3)

11.150788116s ago: executing program 1 (id=1562):
socket$netlink(0x10, 0x3, 0x10) (async)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e0574646545399459300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) (async)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fbdbdf25250000000e0001006e657464657673696d0000000f0002006e0574646545399459300000"], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)={0x38, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x38}}, 0x880) (async)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000140)={0x38, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x38}}, 0x880)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r4, 0x300, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x3}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x342c0a95}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x8}, @ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x2}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x80}]}, 0x3c}}, 0x4000)

11.150618051s ago: executing program 1 (id=1563):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000024c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000014c00000008000300", @ANYRES32=r3], 0x2c}, 0x1, 0x0, 0x0, 0x4810}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, &(0x7f0000000400), 0x0}, 0x50)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x5, &(0x7f0000000200)={0x0, 0x2, 0x1})

11.070972802s ago: executing program 1 (id=1564):
r0 = socket$alg(0x26, 0x5, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) (async)
r1 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0xffff, 0x1, 0x100002cb}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000500)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) (async, rerun: 64)
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) (rerun: 64)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58) (async)
r4 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x357}, &(0x7f0000000080)=<r5=>0x0, &(0x7f0000000d80)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (async)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x42, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, {0x2}})
io_uring_enter(r4, 0x47bc, 0x2, 0x0, 0x0, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x50, 0x0, '.\x00'}}) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x4, 0xb, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r8}, 0x10) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x5, 0x4, 0x32315852, 0x2, 0x6, 0x46, 0x2, 0x3, 0x1, 0x7, 0x0, 0x7}})
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='cifs\x00', 0x0, &(0x7f0000000080)='gid=0,no9\xe1\x12 \x91\xfdP\x83\x0e\xb9G!8\xb0\x89\x99\x81\x02\x85\x1cE\b\x9f\x0f8-\xf6\xa4 \x99\x8d\x1d\x8a\xc7\xc5\x96\xe8Ee\xd5\xac\x18,\x9d\tIr\xdd\\\x95\x9eu}\x06ib\x88\x8c\x9d\xde\xeaT0;\xb4\x1f\x8cm\x15y\xb4[Gc\xaf\xee#\xcf>Qk\xcf\xfc\x12bY\xfc&\x93\xe0\xcc#\x93w\x84@/VV\xbc\x0eL\xeb~1\x832\xa7\xf7l\x1b\xffh<y\xde\b\xaf\x1a\xf0\xd5M\xc8v\xf7\xab\x17\x19^\x167 !\x14\x05J\xd0>\x96O\x84h\x1b\'\x15\xae\xc8\xfbrK1\x1b\x82\\kU{!\x8fe\xbd\xfa\xf3\xac\xdc\x9a7\xbb\xdf\xdf\n\xc4U\xfa\x15\x03e\xe2[\xa6\xd3\xce%\b#s\x05\x00\x00\xc0\x03\x84\x0e\xc3\x0e\xce\x1e\xe4\xc8\xd4s\xd8\xe4W\x8a\x18j\xc4S\xbf\xc9\xcc1\x87\xa0\f\x91/\x8b\a\xdd\x1bj\xff\xae\xfcJM\x9b\xc3\xe6q\xc1T\x19\xa9,\xef\x8ax\xbb\x18\xe7\x99\xff\x10\x15S\x19\'?\xfbt/\x86\xc6\xd3\xb2c\xc4*\x06\x05NT\xaa_\x9f\xda8\xc8\xc6\x8d\x87Yk\xa1\x83\x9f\x86.[\x83\xdf&\x13\xcc\xb9\x01`D7R\xb7o\xa1\x1e\xffD#\t\x18i\xed\xa4<\x9c\x02\x00\x82\xbd\x93\x9e+\x03\xc6w?\x83\x05\x0e\xf3TB]\xc0V\x1b\xf3\xfe\xe1s1r\xcb\xbc9\x19#3k\xd4#r\x9e=C\xd6k\xf8\xb9S\xb3\xf4\x84\xd8)\x17L\xeb\xf4\xf3iW\xe6\x9b\x8a\x13\x01\x0ej\x88X\xfe\xf7e;\xdd\xe1\xfc\x9c\x8a\xae>=n\xb3\x12\x7f\x94\x19~\x93\x92xK\x9b\x9e\xa6\x9e\x16v\"e\xe80\xa3%oS\xb4\xad\xb1\xb6\xe0\xef\x1fy\xf2\x1aN\xd7\xee\\*6\xa6\x8e\x84 \xc5\xc0\xd4/\x0eVg\xc1\xd9\xcb\xdc\xc7p\xef\x17\xfc\xc2\xef\xb9\x03\b*\x1c\xc6\xe8\x9a\xe0o\xba\x1d {%\x904\xa2\x8f\xed\xca%Z\x1a#\xddA7\x1b\xdf\xd5]')
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00000000000000000000000001000000000000000df04c7b92663f01f4e607aacfa5b257a647c3effc0c48d4d1953f59c56fcb9db3f5017811fe3725fd35c960f35f5d5effea7e1a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r9, <r10=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)='%pi6   \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{r10}, &(0x7f0000000740), &(0x7f0000000780)='%pI4   \x00'}, 0x20) (async)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="13000000100000000200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000086e0697124a857080000000000000000"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000000000000000000bf91000000000000b70200000000000085000000c2000000b700000000000000950000000000000000000000000000000002bbc0e995c9a7b9ff448e76ccacfbe61bff23a49bbf4b5ffe59db9a524e5913bc97b1c703bd05d7917ead30f98525b3a661a540e1db78ca5259ae30c2535fb148c7f685924f8e5bcf677e34334cf71cae29abbbdda5d683e839d7cb5546bf7b02be7c70dd3066d03b59879b055714f1121629878ca4560b5797c47a14446ca637601df646b3bac4941e07509a2d4d3c008d2b48782888db1fcc5b27d3d06fc690c1d0a6a12d8be098eecb8bbc2445d0ca1be29262b1"], &(0x7f0000000040)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x11, &(0x7f0000000940)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x4000, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, r12, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r13 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$CDROMREADAUDIO(r13, 0x530e, &(0x7f00000003c0)={@lba=0x1, 0x1, 0x42, &(0x7f0000000340)=""/66})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) (async, rerun: 64)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x0) (rerun: 64)

11.070706746s ago: executing program 2 (id=1565):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r3, 0x1, 0x21, &(0x7f00000006c0)=0x2, 0x4)
setsockopt$sock_int(r3, 0x1, 0x12, &(0x7f0000000140)=0xffff0000, 0x4)
mkdir(&(0x7f0000000280)='./file0\x00', 0x54)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000006380)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0x4047b013}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc0046686, 0x0)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x44, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x5, 0x13}}}}, [@NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x6f}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5b}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x400}, 0x0)

10.951155849s ago: executing program 2 (id=1566):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x0, '\x00', [{0xfffffffd, 0x32fc, 0x1, 0x0, 0x9, 0x4}, {0x2, 0x33fe, 0x6, 0x2, 0x10000000000, 0x35}], ['\x00', '\x00']})
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r0)

10.950825362s ago: executing program 1 (id=1567):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, &(0x7f0000000040)=""/247, 0x26, 0xf7, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r1 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_misc(r1, &(0x7f0000000400)="35d0242be6cf91f7911eb018218505c2144f85c463099bc1618527b929", 0x1d)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000000400)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x6e24, @empty}}, 0x24)
listen(r3, 0x0)
listen(r3, 0x401)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB="7fe9ffff00"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="040000000500000001000000000000000000d8f2a20211806d76baa5"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000800)={r4, &(0x7f00000005c0)="11a7b990bdd6f0663680abaf8385f4fb9b2a54a303afcb9b6f85e4ae407565f03fef3edf128cdbba98c1fe3ec6c41a67af103c8928440c3486c98a323c249cf2da75ff0a92b4962afb848d8160ca3cb4bb837c78a3f1a452a65f4f6d9c024a9ce9cf0af40cdaf8f1317aa84c15e78274ab6838e7c994897f6457f3c148b96688e85f23044f73a39322b273752e1081493c08e3520bad43d5e2aca43e2913d6c65ead9ce93407d745f91506526885910e6b30cd33", &(0x7f0000000180)=""/34}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r2, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001000), 0x8, 0x0, 0x8, 0xd, 0x0}}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000880)={{0x1, 0x1, 0x18, <r6=>r4}, './file0\x00'})
syz_genetlink_get_family_id$mptcp(&(0x7f0000000840), r6)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xf, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r8, &(0x7f0000000300), 0x0}, 0x20)
syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r9=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x100, 0x70bd26, 0x40000000, {0x0, 0x0, 0x0, 0x0, 0x6b506, 0x6}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x44000000)

10.937875665s ago: executing program 2 (id=1568):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x5, &(0x7f0000000200)={0x0, 0x2, 0x1, 0x1000000})

10.891113487s ago: executing program 1 (id=1569):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xb7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\a\x00\x00\x00\x00\x00\x00\x00\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r1, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r1, 0x0)
madvise(&(0x7f0000382000/0x13000)=nil, 0x13000, 0x15)
lseek(r1, 0x0, 0x4)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
fcntl$addseals(r1, 0x409, 0x2)
r3 = memfd_create(&(0x7f0000000080)='\x00', 0x3)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f00000000c0)={r3, 0x1, 0x1000000, 0x100000000})
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0xf5, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="6c000000020601000600000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000240007800c00028008000140000003000c000180080001400000000a080006401c02000005000500020000000500010006"], 0x6c}}, 0x40000)

10.878363293s ago: executing program 2 (id=1571):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c) (async)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271f, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6(0xa, 0x2, 0x2)
r3 = socket(0x2, 0x80805, 0x0)
sysfs$1(0x3, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e20, 0x80, @private1, 0x2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000000)={r4, 0x9, 0x9, 0x2}, &(0x7f0000000040)=0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="29000000000001000000001f000000000a8000000005e65e455dcf9b15059ad45afe0000211dd890fad154362c6c2cfc49a105e784a01c244e7b6f6ba87d91c58100aaf1f14e45acae17c0f6c5cf01e46bf9e2a595b554dff1efdc50f0d23938d269fd65c0bb218af69ef0cabedeae50106c963bfd6076480596c7c5e835b8b81cfc8ba85c927ab623cbf7985e79f6bb2affdf8451cb6aa261f2e43141c109b13c4e4344afc6ec989d0cde44337cf45ba5ea79720fd7212b80dc147d083a9e0fcc55d714030518cb18df7b4c3799dd581926d3018b46892a903ff7ae114b48469fc7d78f44f6639f7eacac894702159c590836d7368256d1b780edb9d53b6b59eb076d53e1d8db96420938d1cc9536b8c9a2613afed632c1ec122c5eeda1bd42a289"], 0x24}}, 0x0) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000009400000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
socket$inet6(0xa, 0x3, 0x5) (async)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x4}, @mcast2, [0xffffff00, 0xff], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x21, 0x0, 0x4, 0x2}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x0, 'SYNPROXY\x00', 0x0, {0x0, 0x81, 0x5}}}, {{@uncond, 0x0, 0x358, 0x388}, @unspec=@CT2={0x0, 'CT\x00', 0x2, {0x4, 0xf0, 0x8, 0xa63, 'snmp\x00', 'syz0\x00', {0x835c}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0xffffffffffffff03)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r7, 0x4000) (async)
close(r7)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4ea3, 0x0, @loopback}, 0x1c) (async)
r8 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r8, &(0x7f0000000300)={{0x6, @rose}, [@default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
write$input_event(r8, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/binder1\x00', 0x800, 0x0) (async)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

10.801082551s ago: executing program 0 (id=1573):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x40, 0x0, 0x0, 0x3334}, {0x20, 0x1, 0xff, 0xfffff038}, {0x6, 0xc0, 0x0, 0x5}]}, 0x10)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0x9ffc)

10.750954455s ago: executing program 0 (id=1574):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xa0}}, 0x0)

10.750770345s ago: executing program 1 (id=1575):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0) (async)
r2 = semget$private(0x0, 0x20000000102, 0x0)
semop(r2, &(0x7f0000000380)=[{0x2, 0xffff}], 0x1)
semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000000100)=[0x81]) (async)
semtimedop(r2, &(0x7f0000000000)=[{}, {}], 0x2, 0x0)
semctl$IPC_RMID(r2, 0x0, 0x10)
semop(r2, &(0x7f0000000000)=[{0x1, 0x9, 0x1000}, {0x1, 0x7, 0x400}, {0x2, 0x7, 0x1800}, {0x0, 0xd3, 0x1800}, {0x1, 0x957, 0x1800}], 0x5)

10.746083761s ago: executing program 0 (id=1576):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="40000000fdffff7f0000020017007f835ce69f36df874a00000c00020001000001040000ff00080003000fde0f000000000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x404801a}, 0x4010080)

10.680877594s ago: executing program 0 (id=1577):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000030000000000000000", @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="020000000100"/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000240), 0xfff, r1}, 0x38) (async)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x6, r1}, 0x38) (async)
r2 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x800)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000380)={"00000004", 0x3, 0x5, 0x2, 0x0, 0x0, 'c\x00', '\x00\x00\x00@', "0300", "f3fd8000", ["8b09a907edff220aac00", "c2fed600ddff9aabeab0cbc7", '\x00', "0000000b0400"]}) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000000f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000000)='GPL\x00', 0xffffbe52, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0xa042, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x409, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, 0x2c40}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MODE={0x5, 0x4, 0x1}]}}}]}, 0x44}}, 0x4004090) (async, rerun: 64)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106) (rerun: 64)
setsockopt$inet_int(r6, 0x0, 0x18, &(0x7f0000000140)=0xffffffff, 0x4) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) (async, rerun: 32)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) (rerun: 32)
getsockopt$llc_int(r8, 0x10c, 0x2, &(0x7f0000000300), &(0x7f00000002c0)=0x4) (async, rerun: 64)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213) (rerun: 64)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001a00010000000000000000000a000000000000000000000008001f"], 0x24}, 0x1, 0x0, 0x0, 0x4048890}, 0x0) (async)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
munmap(&(0x7f0000ba0000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) (async, rerun: 64)
syz_clone(0x4200000, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 64)

10.680588267s ago: executing program 0 (id=1578):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x22, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f0000828000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000e2f000/0x4000)=nil) (async, rerun: 64)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r2 = syz_open_dev$usbmon(&(0x7f0000000080), 0x7fff, 0x30400) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01)
writev(r1, &(0x7f0000000380)=[{&(0x7f0000000540)="550cd95a753c2ed25610f9d409b7ac175540045d09cc86393adf80a31358af294f4b6ca0d5f6615bb7577871e5674a19e4ef28b6433fa0422dcebe12b2e1d39bb428d5797b797a87e42ac2ffc485b0fb2bd1a4212485d14dfbbb2ec020ef06a663b2b258303b1b1755790cb581f341109fff1b67eee1742a3547c64505adacca7f5d9de4b6a2e6c55a4ddf42ddf01ff5baaf56372c1b68fada59d9952b6fffed831b0146c5f52734f8ab75", 0xab}, {&(0x7f0000000600)="a4645f4cdcddcf16f5693cf9ca6a3f9477caf13bdaa13e41e74e9470d0c9825f4fc2ff3fb82bbb3a6b2db8463c03897cee8bb2bfb9b25ea88cb9ef3febfb7924f1d405a4fa99fcb1f261d8a09b314d8010b3b2e1c38e47a1fddc0364ceb659a13a96c8fd74626e471df5160331a46d2087db00e6a798f559abe540f033b71b9af5d915c032fa0f672b18262c1043b955c5b480effad7d300fe671b411232eb32d507bb3bfb315e2acddb7722c7074102e55335266aea0a050411c525e44c9adbaf1cc8ec1b572e1c513956a24b2a0d465bf7724eb9ec0e59252647bb1bce64b16fa77b67126848d68f1e2609900282230bec6664588f58652544c16b", 0xfc}, {&(0x7f0000000240)="ca1aa7d7a2d6caa36c2bc8e046a75c6cc9afd68dfacd995d243147e46e6383100a82d33fc59c2b7ed39ead137595f7d4a4434038ebfcdd7f4c29e013eef7ac8e3160683aaaed9b2ad87028cfc4", 0x4d}, {&(0x7f0000000700)="1e373617c31aee7f48df54e7b88eebc017d2a093583cd721e320c90f6c5ddd466328aa8985f18094b6520bde3f9abd639bd4f6227f5796e2d2e5438f1f455a0c259a292f2d2cfb9f7f6acd856a3bd3179e46acf83cf90104b6d08aec7e34b3a05cde2b149596706e8dfd23eb71f6d0beee193a93398373b6903f3ff045c8f8a54905fe68358df14e8f770991cf14309158603fe69a05fd2baf9c53f506ceceaf", 0xa0}, {&(0x7f0000000140)="d051e18de1c25e7349e9095588321f36bd0b867d152ab320fff02bbd6a54717d5989fb", 0x23}], 0x5)
fcntl$dupfd(r2, 0x0, r3) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})

10.601173581s ago: executing program 0 (id=1579):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x24, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x10}]}}}]}], {0x14, 0x10}}, 0xa8}}, 0x0)

0s ago: executing program 32 (id=1462):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x4800)
pipe2(&(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r2, r3, 0x6d05, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r4, 0x10e, 0x8, &(0x7f0000000080)=0x4a810da0, 0x4)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

kernel console output (not intermixed with test programs):

 UNC path provided in device string!
[   86.732575][ T8127] binder: 8126:8127 ioctl c04c6100 200000000040 returned -22
[   86.761261][ T8129] xt_hashlimit: size too large, truncated to 1048576
[   86.861539][  T835] usb 7-1: Using ep0 maxpacket: 8
[   86.865429][  T835] usb 7-1: config 0 has an invalid interface number: 186 but max is 0
[   86.868326][  T835] usb 7-1: config 0 has no interface number 0
[   86.870567][  T835] usb 7-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[   86.874217][  T835] usb 7-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[   86.877957][  T835] usb 7-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[   86.881661][  T835] usb 7-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[   86.889069][  T835] usb 7-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[   86.892143][  T835] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.894731][  T835] usb 7-1: Product: syz
[   86.896117][  T835] usb 7-1: Manufacturer: syz
[   86.897658][  T835] usb 7-1: SerialNumber: syz
[   86.901106][  T835] usb 7-1: config 0 descriptor??
[   87.109828][  T835] iowarrior 7-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[   87.116484][  T835] usb 7-1: USB disconnect, device number 8
[   87.384018][ T5287] Bluetooth: hci0: unexpected event for opcode 0x1009
[   87.386401][ T5287] Bluetooth: hci0: unexpected event for opcode 0x1009
[   87.427672][ T8155] binder: 8147:8155 ioctl c0306201 200000000240 returned -11
[   87.696300][ T8160] __nla_validate_parse: 13 callbacks suppressed
[   87.696317][ T8160] netlink: 112 bytes leftover after parsing attributes in process `syz.2.686'.
[   88.335599][ T8186] hashlimit_mt_check_common: 1 callbacks suppressed
[   88.335616][ T8186] xt_hashlimit: size too large, truncated to 1048576
[   88.348987][ T8189] ptrace attach of "/syz-executor exec"[5941] was attempted by "/syz-executor exec"[8189]
[   88.394323][ T8194] netlink: 112 bytes leftover after parsing attributes in process `syz.0.695'.
[   88.723457][ T8215] netlink: 448 bytes leftover after parsing attributes in process `syz.2.703'.
[   88.727243][ T8215] netlink: 36 bytes leftover after parsing attributes in process `syz.2.703'.
[   88.780157][   T40] kauditd_printk_skb: 13 callbacks suppressed
[   88.780169][   T40] audit: type=1326 audit(1747742229.321:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8217 comm="syz.2.704" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff96618e969 code=0x0
[   88.924696][ T8221] xt_hashlimit: size too large, truncated to 1048576
[   88.978451][ T8224] netlink: 28 bytes leftover after parsing attributes in process `syz.1.705'.
[   88.982604][ T8224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.705'.
[   88.991996][ T8224] ip6gretap0: entered promiscuous mode
[   88.995722][ T8224] syz_tun: entered promiscuous mode
[   88.998670][ T8224] gretap0: entered promiscuous mode
[   89.011531][ T8224] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[   89.014725][ T8224] Cannot create hsr debugfs directory
[   89.017090][ T8224] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[   89.021567][ T8224] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[   89.025733][ T8224] hsr1: Interlink (gretap0) is not up; please bring it up to get a fully working HSR network
[   89.083690][   T40] audit: type=1400 audit(1747742229.631:482): avc:  denied  { unmount } for  pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   89.331578][ T5934] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[   89.433136][ T8239] netlink: 28 bytes leftover after parsing attributes in process `syz.3.710'.
[   89.481592][ T5934] usb 6-1: Using ep0 maxpacket: 16
[   89.485679][ T5934] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.490005][ T5934] usb 6-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[   89.494051][ T5934] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.501959][ T5934] usb 6-1: config 0 descriptor??
[   89.915218][ T5934] kye 0003:0458:5016.0003: control desc unexpectedly large
[   89.924010][ T5934] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5016.0003/input/input9
[   90.002951][ T5934] input: HID 0458:5016 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5016.0003/input/input10
[   90.006337][ T8252] netlink: 4 bytes leftover after parsing attributes in process `syz.0.714'.
[   90.048360][   T40] audit: type=1400 audit(1747742230.591:483): avc:  denied  { watch watch_reads } for  pid=8253 comm="syz.0.715" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=3080 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   90.088767][ T5934] kye 0003:0458:5016.0003: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.1-1/input0
[   90.114188][ T8256] xt_hashlimit: size too large, truncated to 1048576
[   90.124758][ T5934] usb 6-1: USB disconnect, device number 6
[   90.172379][ T8260] netlink: 28 bytes leftover after parsing attributes in process `syz.2.716'.
[   90.175296][ T8260] validate_nla: 23 callbacks suppressed
[   90.175305][ T8260] netlink: 'syz.2.716': attribute type 7 has an invalid length.
[   90.176493][ T8257] fido_id[8257]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb6/report_descriptor': No such file or directory
[   90.177101][ T8260] netlink: 'syz.2.716': attribute type 8 has an invalid length.
[   90.177112][ T8260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.716'.
[   90.203812][ T8260] ip6gretap0: entered promiscuous mode
[   90.207253][ T8260] syz_tun: entered promiscuous mode
[   90.210030][ T8260] gretap0: entered promiscuous mode
[   90.214484][ T8260] hsr2: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[   90.217875][ T8260] hsr2: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[   90.220938][ T8260] hsr2: Interlink (gretap0) is not up; please bring it up to get a fully working HSR network
[   90.253645][   T40] audit: type=1400 audit(1747742230.801:484): avc:  denied  { accept } for  pid=8261 comm="syz.2.717" path="socket:[16383]" dev="sockfs" ino=16383 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   90.304460][ T8269] cgroup: release_agent respecified
[   90.307830][ T8269] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37146 sclass=netlink_route_socket pid=8269 comm=syz.0.719
[   90.342557][ T8267] binder: 8266:8267 ioctl c01064c1 200000000580 returned -22
[   90.346911][   T40] audit: type=1400 audit(1747742230.891:485): avc:  denied  { listen } for  pid=8266 comm="syz.2.718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   90.353969][   T40] audit: type=1400 audit(1747742230.891:486): avc:  denied  { accept } for  pid=8266 comm="syz.2.718" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   90.455240][ T8285] 
: renamed from bond0
[   90.484155][ T8289] xt_hashlimit: size too large, truncated to 1048576
[   90.540102][ T8297] netlink: 'syz.2.725': attribute type 7 has an invalid length.
[   90.551506][ T8297] netlink: 'syz.2.725': attribute type 8 has an invalid length.
[   90.785922][ T8313] 9pnet: p9_errstr2errno: server reported unknown error tio,ignoreqv,
[   91.254663][ T8319] misc userio: No port type given on /dev/userio
[   91.333158][   T40] audit: type=1400 audit(1747742231.881:487): avc:  denied  { create } for  pid=8323 comm="syz.3.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   91.339867][   T40] audit: type=1400 audit(1747742231.881:488): avc:  denied  { getopt } for  pid=8323 comm="syz.3.732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[   91.488404][   T40] audit: type=1326 audit(1747742232.031:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8309 comm="syz.2.729" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff96618e969 code=0x7fc00000
[   91.498178][   T40] audit: type=1400 audit(1747742232.041:490): avc:  denied  { bind } for  pid=8328 comm="syz.3.734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   91.592223][ T8336] xt_hashlimit: size too large, truncated to 1048576
[   91.651690][ T8345] netlink: 'syz.1.737': attribute type 7 has an invalid length.
[   91.654246][ T8345] netlink: 'syz.1.737': attribute type 8 has an invalid length.
[   91.734050][ T8357] tmpfs: Unknown parameter 'hug/
[   91.734050][ T8357] '
[   91.977378][ T8385] nbd2: detected capacity change from 0 to 4294967296
[   92.029235][ T8399] netlink: 'syz.0.756': attribute type 11 has an invalid length.
[   92.068779][ T8385] block nbd2: shutting down sockets
[   92.071303][    C3] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.074409][    C3] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.077588][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.081974][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.085447][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.089251][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.092832][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.096724][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.100156][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.104905][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.108737][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.112748][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.116154][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.119924][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.123477][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.127197][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.130588][ T6243] ldm_validate_partition_table(): Disk read failed.
[   92.133756][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.137471][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.140872][ T6243] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.144815][ T6243] Buffer I/O error on dev nbd2, logical block 0, async page read
[   92.148425][ T6243] Dev nbd2: unable to read RDB block 0
[   92.151312][ T6243]  nbd2: unable to read partition table
[   92.162224][ T6243] ldm_validate_partition_table(): Disk read failed.
[   92.165275][ T6243] Dev nbd2: unable to read RDB block 0
[   92.167403][ T6243]  nbd2: unable to read partition table
[   92.268731][ T8415] overlayfs: failed to verify upper root origin
[   92.802701][ T8429] syz_tun (unregistering): left promiscuous mode
[   92.874288][ T8438] __nla_validate_parse: 10 callbacks suppressed
[   92.874305][ T8438] netlink: 40 bytes leftover after parsing attributes in process `syz.3.772'.
[   93.022543][ T8446] ufs: Invalid option: "ЊÒI¸&Ҥ݌DÆè_Îø{Ù€ì“RØä7hîôi_–…Û‚²æ
[   93.022543][ T8446] ¢è‹ñ
[   93.022543][ T8446] ’õy•øh„ÒJEFAm[ ¼baó^›Ð"“±…‹" or missing value
[   93.031053][ T8446] ufs: wrong mount options
[   93.094309][ T5940] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   93.098870][ T5940] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   93.102766][ T5940] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   93.106423][ T5940] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   93.110308][ T5940] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   93.152377][ T8454] netlink: 60 bytes leftover after parsing attributes in process `syz.3.776'.
[   93.225442][ T8450] chnl_net:caif_netlink_parms(): no params data found
[   93.303950][ T8450] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.306571][ T8450] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.308916][ T8450] bridge_slave_0: entered allmulticast mode
[   93.311688][ T8450] bridge_slave_0: entered promiscuous mode
[   93.314818][ T8450] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.317079][ T8450] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.319362][ T8450] bridge_slave_1: entered allmulticast mode
[   93.322075][ T8450] bridge_slave_1: entered promiscuous mode
[   93.355324][ T8450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.359899][ T8450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.422191][ T8450] team0: Port device team_slave_0 added
[   93.433970][ T8450] team0: Port device team_slave_1 added
[   93.468039][ T8450] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.470245][ T8450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.478695][ T8450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.483683][ T8450] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.486280][ T8450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.495107][ T8450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.531236][ T8474] overlayfs: failed to resolve './bus': -2
[   93.547393][ T8450] hsr_slave_0: entered promiscuous mode
[   93.549989][ T8450] hsr_slave_1: entered promiscuous mode
[   93.553690][ T8450] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   93.556523][ T8450] Cannot create hsr debugfs directory
[   93.597170][ T8481] xt_hashlimit: size too large, truncated to 1048576
[   93.652545][ T8483] netlink: 28 bytes leftover after parsing attributes in process `syz.3.782'.
[   93.655872][ T8483] netlink: 'syz.3.782': attribute type 7 has an invalid length.
[   93.658467][ T8483] netlink: 'syz.3.782': attribute type 8 has an invalid length.
[   93.660987][ T8483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.782'.
[   93.668401][ T8483] ip6gretap0: entered promiscuous mode
[   93.670792][ T8483] syz_tun: entered promiscuous mode
[   93.673114][ T8483] gretap0: entered promiscuous mode
[   93.675377][ T8483] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[   93.678589][ T8483] Cannot create hsr debugfs directory
[   93.680495][ T8483] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[   93.684060][ T8483] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[   93.687410][ T8483] hsr1: Interlink (gretap0) is not up; please bring it up to get a fully working HSR network
[   93.829159][ T8485] xt_hashlimit: size too large, truncated to 1048576
[   93.881216][ T8487] FAULT_INJECTION: forcing a failure.
[   93.881216][ T8487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.886586][ T8487] CPU: 0 UID: 0 PID: 8487 Comm: syz.3.783 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[   93.886607][ T8487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.886617][ T8487] Call Trace:
[   93.886622][ T8487]  <TASK>
[   93.886629][ T8487]  dump_stack_lvl+0x16c/0x1f0
[   93.886677][ T8487]  should_fail_ex+0x512/0x640
[   93.886712][ T8487]  _copy_from_user+0x2e/0xd0
[   93.886733][ T8487]  copy_msghdr_from_user+0x98/0x160
[   93.886746][ T8487]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   93.886765][ T8487]  ___sys_sendmsg+0xfe/0x1d0
[   93.886777][ T8487]  ? __pfx____sys_sendmsg+0x10/0x10
[   93.886805][ T8487]  __sys_sendmsg+0x16d/0x220
[   93.886817][ T8487]  ? __pfx___sys_sendmsg+0x10/0x10
[   93.886834][ T8487]  ? rcu_is_watching+0x12/0xc0
[   93.886851][ T8487]  do_syscall_64+0xcd/0x260
[   93.886870][ T8487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.886886][ T8487] RIP: 0033:0x7f2e1338e969
[   93.886900][ T8487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.886917][ T8487] RSP: 002b:00007f2e141a3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   93.886941][ T8487] RAX: ffffffffffffffda RBX: 00007f2e135b6080 RCX: 00007f2e1338e969
[   93.886953][ T8487] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[   93.886962][ T8487] RBP: 00007f2e141a3090 R08: 0000000000000000 R09: 0000000000000000
[   93.886972][ T8487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.886981][ T8487] R13: 0000000000000000 R14: 00007f2e135b6080 R15: 00007fffba680518
[   93.886995][ T8487]  </TASK>
[   94.013860][ T8489] xt_CT: No such helper "pptp"
[   94.034651][ T8450] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   94.040730][ T8450] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   94.058424][ T8450] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   94.065262][ T8450] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   94.106368][ T8498] netlink: 8 bytes leftover after parsing attributes in process `syz.3.787'.
[   94.134694][ T8450] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.155671][ T8450] 8021q: adding VLAN 0 to HW filter on device team0
[   94.168830][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.171940][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.182050][ T8046] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.184495][ T8046] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.324967][ T8450] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.357470][ T8513] syzkaller1: entered promiscuous mode
[   94.359243][ T8513] syzkaller1: entered allmulticast mode
[   94.364127][ T8450] veth0_vlan: entered promiscuous mode
[   94.384306][ T8450] veth1_vlan: entered promiscuous mode
[   94.408770][ T8450] veth0_macvtap: entered promiscuous mode
[   94.415208][ T8450] veth1_macvtap: entered promiscuous mode
[   94.426308][ T8450] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.434749][ T8450] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.444684][ T8450] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.448053][ T8450] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.451998][ T8450] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.454857][ T8450] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.505908][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.510967][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.520528][ T8515] xt_hashlimit: size too large, truncated to 1048576
[   94.529236][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.532684][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.543208][   T40] kauditd_printk_skb: 16 callbacks suppressed
[   94.543218][   T40] audit: type=1400 audit(1747742235.081:507): avc:  denied  { mounton } for  pid=8450 comm="syz-executor" path="/syzkaller.ejFs0V/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   94.557427][   T40] audit: type=1400 audit(1747742235.101:508): avc:  denied  { mounton } for  pid=8450 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   94.573876][ T8517] netlink: 28 bytes leftover after parsing attributes in process `syz.2.792'.
[   94.577211][ T8517] netlink: 'syz.2.792': attribute type 7 has an invalid length.
[   94.580516][ T8517] netlink: 4 bytes leftover after parsing attributes in process `syz.2.792'.
[   94.794772][   T40] audit: type=1400 audit(1747742235.341:509): avc:  denied  { remove_name } for  pid=8527 comm="syz.2.794" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   94.800123][ T8528] program syz.2.794 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.806155][   T40] audit: type=1400 audit(1747742235.341:510): avc:  denied  { unlink } for  pid=8527 comm="syz.2.794" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   94.861594][ T5934] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[   94.871702][   T40] audit: type=1326 audit(1747742235.411:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8387 comm="syz.0.756" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff384d8e969 code=0x7fc00000
[   95.012930][ T5934] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.016047][ T5934] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[   95.019735][ T5934] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.028504][ T5934] usb 6-1: config 0 descriptor??
[   95.037359][ T5934] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[   95.047878][ T8540] overlayfs: failed to resolve './file0': -2
[   95.080970][ T8544] overlay: Unknown parameter 'appraise_type'
[   95.085568][ T8544] overlay: Bad value for 'nfs_export'
[   95.152599][ T5940] Bluetooth: hci2: command tx timeout
[   95.176483][   T40] audit: type=1400 audit(1747742235.721:512): avc:  denied  { ioctl } for  pid=8550 comm="syz.0.803" path="socket:[18344]" dev="sockfs" ino=18344 ioctlcmd=0x662a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   95.186525][   T40] audit: type=1400 audit(1747742235.721:513): avc:  denied  { accept } for  pid=8550 comm="syz.0.803" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   95.213394][   T40] audit: type=1400 audit(1747742235.761:514): avc:  denied  { create } for  pid=8555 comm="syz.3.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   95.234847][ T8558] 9pnet: Could not find request transport: #•òÕfdno=0x0000000000000003
[   95.252074][ T5993] usb 6-1: USB disconnect, device number 7
[   95.278492][   T40] audit: type=1400 audit(1747742235.821:515): avc:  denied  { getopt } for  pid=8555 comm="syz.3.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[   95.298374][ T5973] hid-generic 000B:000D:0CCB.0004: item fetching failed at offset 3/56
[   95.301336][ T5973] hid-generic 000B:000D:0CCB.0004: probe with driver hid-generic failed with error -22
[   95.550491][ T8582] validate_nla: 1 callbacks suppressed
[   95.550503][ T8582] netlink: 'syz.3.813': attribute type 4 has an invalid length.
[   95.652958][ T8591] trusted_key: encrypted_key: key user:syz not found
[   95.706512][   T40] audit: type=1400 audit(1747742236.251:516): avc:  denied  { listen } for  pid=8596 comm="syz.1.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   95.875953][ T8628] xt_hashlimit: size too large, truncated to 1048576
[   95.951521][ T8638] netlink: 36 bytes leftover after parsing attributes in process `syz.2.828'.
[   95.953057][ T8631] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8631 comm=syz.0.829
[   96.078411][ T8654] netlink: 36 bytes leftover after parsing attributes in process `syz.0.837'.
[   96.176651][ T8656] netlink: 12 bytes leftover after parsing attributes in process `syz.3.838'.
[   96.232472][ T8667] xt_hashlimit: size too large, truncated to 1048576
[   96.286061][ T8669] FAULT_INJECTION: forcing a failure.
[   96.286061][ T8669] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   96.292082][ T8669] CPU: 1 UID: 0 PID: 8669 Comm: syz.3.841 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[   96.292108][ T8669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.292127][ T8669] Call Trace:
[   96.292133][ T8669]  <TASK>
[   96.292140][ T8669]  dump_stack_lvl+0x16c/0x1f0
[   96.292189][ T8669]  should_fail_ex+0x512/0x640
[   96.292224][ T8669]  _copy_from_iter+0x2a4/0x15b0
[   96.292252][ T8669]  ? __alloc_skb+0x200/0x380
[   96.292272][ T8669]  ? __pfx__copy_from_iter+0x10/0x10
[   96.292300][ T8669]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   96.292331][ T8669]  netlink_sendmsg+0x829/0xdd0
[   96.292357][ T8669]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.292405][ T8669]  ____sys_sendmsg+0xa95/0xc70
[   96.292433][ T8669]  ? copy_msghdr_from_user+0x10a/0x160
[   96.292453][ T8669]  ? __pfx_____sys_sendmsg+0x10/0x10
[   96.292490][ T8669]  ___sys_sendmsg+0x134/0x1d0
[   96.292511][ T8669]  ? __pfx____sys_sendmsg+0x10/0x10
[   96.292563][ T8669]  __sys_sendmsg+0x16d/0x220
[   96.292584][ T8669]  ? __pfx___sys_sendmsg+0x10/0x10
[   96.292621][ T8669]  do_syscall_64+0xcd/0x260
[   96.292649][ T8669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.292667][ T8669] RIP: 0033:0x7f2e1338e969
[   96.292681][ T8669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.292698][ T8669] RSP: 002b:00007f2e141a3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.292715][ T8669] RAX: ffffffffffffffda RBX: 00007f2e135b6080 RCX: 00007f2e1338e969
[   96.292727][ T8669] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[   96.292737][ T8669] RBP: 00007f2e141a3090 R08: 0000000000000000 R09: 0000000000000000
[   96.292747][ T8669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.292758][ T8669] R13: 0000000000000000 R14: 00007f2e135b6080 R15: 00007fffba680518
[   96.292783][ T8669]  </TASK>
[   96.424000][ T8673] netlink: 'syz.3.843': attribute type 12 has an invalid length.
[   96.481603][ T5973] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[   96.580763][ T8680] netlink: 'syz.3.846': attribute type 29 has an invalid length.
[   96.653463][ T5973] usb 6-1: Using ep0 maxpacket: 8
[   96.656314][ T8687] netlink: 'syz.3.847': attribute type 7 has an invalid length.
[   96.656556][ T5973] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[   96.658632][ T8687] netlink: 'syz.3.847': attribute type 8 has an invalid length.
[   96.661320][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   96.666346][ T8687] bridge0: entered promiscuous mode
[   96.667302][ T5973] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   96.673204][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   96.673238][ T8687] bridge0: left promiscuous mode
[   96.677291][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   96.686665][ T5973] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[   96.689101][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   96.692982][ T5973] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   96.696851][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   96.700489][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   96.705561][ T5973] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[   96.709101][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[   96.713483][ T5973] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   96.717654][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   96.721303][ T5973] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   96.727781][ T5973] usb 6-1: string descriptor 0 read error: -22
[   96.730023][ T5973] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   96.733065][ T5973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.740975][ T5973] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[   96.942543][ T8716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.946620][ T8716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.222168][ T5940] Bluetooth: hci2: command tx timeout
[   97.461360][ T8743] netlink: 'syz.2.860': attribute type 5 has an invalid length.
[   98.562768][ T8765] __nla_validate_parse: 6 callbacks suppressed
[   98.562783][ T8765] netlink: 12 bytes leftover after parsing attributes in process `syz.3.866'.
[   98.625377][ T8767] netlink: 'syz.3.867': attribute type 29 has an invalid length.
[   98.982433][   T64] usb 6-1: USB disconnect, device number 8
[   99.301816][ T5940] Bluetooth: hci2: command tx timeout
[   99.372577][ T8788] xt_hashlimit: size too large, truncated to 1048576
[   99.623280][ T8800] netlink: 32 bytes leftover after parsing attributes in process `syz.3.879'.
[   99.912935][ T5934] usb 8-1: new full-speed USB device number 9 using dummy_hcd
[   99.925431][ T8823] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'.
[   99.929764][ T8822] netlink: 8 bytes leftover after parsing attributes in process `syz.0.886'.
[   99.942767][ T8822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.886'.
[   99.973966][ T8830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.889'.
[   99.977128][ T8830] batman_adv: batadv0: Removing interface: dummy0
[   99.982232][ T8830] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.985994][ T8830] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.996636][ T8832] netlink: 12 bytes leftover after parsing attributes in process `syz.1.890'.
[  100.033863][ T8835] netlink: 'syz.1.891': attribute type 6 has an invalid length.
[  100.073663][ T5934] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.078055][ T5934] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[  100.082282][ T5934] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  100.086200][ T5934] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.092430][ T5934] usb 8-1: config 0 descriptor??
[  100.097194][ T5934] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  100.100083][ T5934] dvb-usb: bulk message failed: -22 (3/0)
[  100.107812][ T5934] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  100.112498][ T5934] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  100.115491][ T5934] usb 8-1: media controller created
[  100.120488][ T5934] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  100.135577][ T5934] dvb-usb: bulk message failed: -22 (6/0)
[  100.135679][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  100.135690][   T40] audit: type=1400 audit(1747742240.681:529): avc:  denied  { bind } for  pid=8838 comm="syz.0.892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  100.137466][ T5934] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  100.142082][ T5934] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input12
[  100.158170][ T5934] dvb-usb: schedule remote query interval to 150 msecs.
[  100.161465][ T5934] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  100.215136][   T40] audit: type=1400 audit(1747742240.761:530): avc:  denied  { mount } for  pid=8844 comm="syz.0.895" name="/" dev="bdev" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bdev_t tclass=filesystem permissive=1
[  100.233562][ T8849] netlink: 830 bytes leftover after parsing attributes in process `syz.1.896'.
[  100.321557][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  100.325597][ T5934] dvb-usb: error while querying for an remote control event.
[  100.472385][ T8871] netlink: 'syz.0.902': attribute type 142 has an invalid length.
[  100.491541][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  100.493533][ T5934] dvb-usb: error while querying for an remote control event.
[  100.528656][ T8874] netlink: 76 bytes leftover after parsing attributes in process `syz.2.901'.
[  100.547902][ T8868] ALSA: mixer_oss: invalid index 40000
[  100.597930][ T8885] xt_hashlimit: size too large, truncated to 1048576
[  100.606842][ T8887] xt_hashlimit: size too large, truncated to 1048576
[  100.623750][   T40] audit: type=1400 audit(1747742241.171:531): avc:  denied  { getopt } for  pid=8888 comm="syz.0.909" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  100.642259][ T8890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.909'.
[  100.649801][ T8893] netlink: 'syz.2.907': attribute type 7 has an invalid length.
[  100.661512][ T8893] netlink: 'syz.2.907': attribute type 8 has an invalid length.
[  100.661533][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  100.666152][ T5934] dvb-usb: error while querying for an remote control event.
[  100.671695][ T8893] FAULT_INJECTION: forcing a failure.
[  100.671695][ T8893] name failslab, interval 1, probability 0, space 0, times 0
[  100.673054][ T8894] netlink: 'syz.1.908': attribute type 7 has an invalid length.
[  100.677902][ T8893] CPU: 2 UID: 0 PID: 8893 Comm: syz.2.907 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  100.677925][ T8893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  100.677936][ T8893] Call Trace:
[  100.677942][ T8893]  <TASK>
[  100.677949][ T8893]  dump_stack_lvl+0x16c/0x1f0
[  100.677981][ T8893]  should_fail_ex+0x512/0x640
[  100.678007][ T8893]  ? __kvmalloc_node_noprof+0x122/0x600
[  100.678039][ T8893]  should_failslab+0xc2/0x120
[  100.678058][ T8893]  __kvmalloc_node_noprof+0x135/0x600
[  100.678101][ T8893]  ? lockdep_init_map_type+0x5c/0x280
[  100.678117][ T8893]  ? alloc_netdev_mqs+0xcf8/0x1570
[  100.678144][ T8893]  ? alloc_netdev_mqs+0xcf8/0x1570
[  100.678163][ T8893]  alloc_netdev_mqs+0xcf8/0x1570
[  100.678191][ T8893]  rtnl_create_link+0xc10/0xfa0
[  100.678217][ T8893]  rtnl_newlink+0xb69/0x2000
[  100.678248][ T8893]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.678266][ T8893]  ? find_held_lock+0x2b/0x80
[  100.678289][ T8893]  ? avc_has_perm_noaudit+0x117/0x3b0
[  100.678313][ T8893]  ? avc_has_perm_noaudit+0x149/0x3b0
[  100.678359][ T8893]  ? find_held_lock+0x2b/0x80
[  100.678379][ T8893]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.678398][ T8893]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.678416][ T8893]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  100.678438][ T8893]  ? __pfx_rtnl_newlink+0x10/0x10
[  100.678459][ T8893]  rtnetlink_rcv_msg+0x95b/0xe90
[  100.678484][ T8893]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.678503][ T8893]  ? __pfx_avc_has_perm+0x10/0x10
[  100.678536][ T8893]  netlink_rcv_skb+0x16a/0x440
[  100.678558][ T8893]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  100.678581][ T8893]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  100.678621][ T8893]  ? netlink_deliver_tap+0x1ae/0xd30
[  100.678648][ T8893]  netlink_unicast+0x53d/0x7f0
[  100.678673][ T8893]  ? __pfx_netlink_unicast+0x10/0x10
[  100.678705][ T8893]  netlink_sendmsg+0x8d1/0xdd0
[  100.678733][ T8893]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.678768][ T8893]  ____sys_sendmsg+0xa95/0xc70
[  100.678792][ T8893]  ? copy_msghdr_from_user+0x10a/0x160
[  100.678815][ T8893]  ? __pfx_____sys_sendmsg+0x10/0x10
[  100.678846][ T8893]  ___sys_sendmsg+0x134/0x1d0
[  100.678862][ T8893]  ? __pfx____sys_sendmsg+0x10/0x10
[  100.678915][ T8893]  __sys_sendmsg+0x16d/0x220
[  100.678935][ T8893]  ? __pfx___sys_sendmsg+0x10/0x10
[  100.678961][ T8893]  ? rcu_is_watching+0x12/0xc0
[  100.678989][ T8893]  do_syscall_64+0xcd/0x260
[  100.679017][ T8893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.679035][ T8893] RIP: 0033:0x7ff96618e969
[  100.679049][ T8893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.679065][ T8893] RSP: 002b:00007ff966f99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.679081][ T8893] RAX: ffffffffffffffda RBX: 00007ff9663b6080 RCX: 00007ff96618e969
[  100.679092][ T8893] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  100.679104][ T8893] RBP: 00007ff966f99090 R08: 0000000000000000 R09: 0000000000000000
[  100.679114][ T8893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.679125][ T8893] R13: 0000000000000000 R14: 00007ff9663b6080 R15: 00007ffd43d6d088
[  100.679152][ T8893]  </TASK>
[  100.742144][ T5940] Bluetooth: hci3: command tx timeout
[  100.744626][ T8894] netlink: 'syz.1.908': attribute type 8 has an invalid length.
[  100.788836][ T8894] ip6gretap0: entered promiscuous mode
[  100.791283][ T8894] syz_tun: entered promiscuous mode
[  100.793442][ T8894] gretap0: entered promiscuous mode
[  100.795474][ T8894] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  100.797837][ T8894] Cannot create hsr debugfs directory
[  100.831660][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  100.833656][ T5934] dvb-usb: error while querying for an remote control event.
[  100.993175][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  100.995193][ T5934] dvb-usb: error while querying for an remote control event.
[  101.117636][   T40] audit: type=1800 audit(1747742241.661:532): pid=8921 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=set_data cause=unavailable-hash-algorithm comm="syz.0.918" name="/newroot/292/file0" dev="tmpfs" ino=1570 res=0 errno=0
[  101.140829][ T8916] netlink: 'syz.1.916': attribute type 1 has an invalid length.
[  101.144288][ T8927] openvswitch: netlink: IP tunnel TTL not specified.
[  101.146912][ T8927] xt_hashlimit: size too large, truncated to 1048576
[  101.151518][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.153965][ T5934] dvb-usb: error while querying for an remote control event.
[  101.157812][ T8916] 8021q: adding VLAN 0 to HW filter on device batadv1
[  101.163955][ T8916] bond1: (slave batadv1): Enslaving as a backup interface with an up link
[  101.169164][ T8916] bond1 (unregistering): (slave batadv1): Releasing backup interface
[  101.173830][ T8916] bond1 (unregistering): Released all slaves
[  101.199017][ T8930] netlink: 'syz.0.919': attribute type 4 has an invalid length.
[  101.202340][ T8930] netlink: 'syz.0.919': attribute type 7 has an invalid length.
[  101.204734][ T8930] netlink: 'syz.0.919': attribute type 8 has an invalid length.
[  101.209834][ T8930] ip6gretap0: entered promiscuous mode
[  101.212145][ T8930] syz_tun: entered promiscuous mode
[  101.214378][ T8930] gretap0: entered promiscuous mode
[  101.216236][ T8930] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  101.218489][ T8930] Cannot create hsr debugfs directory
[  101.220124][ T8930] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[  101.225166][ T8930] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[  101.228143][ T8930] hsr1: Interlink (gretap0) is not up; please bring it up to get a fully working HSR network
[  101.292484][ T8935] xt_hashlimit: size too large, truncated to 1048576
[  101.312299][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.314279][ T5934] dvb-usb: error while querying for an remote control event.
[  101.345441][ T8940] netlink: 'syz.0.921': attribute type 7 has an invalid length.
[  101.348577][ T8940] netlink: 'syz.0.921': attribute type 8 has an invalid length.
[  101.391680][ T5940] Bluetooth: hci2: command tx timeout
[  101.397515][   T40] audit: type=1400 audit(1747742241.941:533): avc:  denied  { read } for  pid=8943 comm="syz.1.925" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  101.472400][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.475611][ T5934] dvb-usb: error while querying for an remote control event.
[  101.507223][ T8955] xt_hashlimit: size too large, truncated to 1048576
[  101.631491][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.633966][ T5934] dvb-usb: error while querying for an remote control event.
[  101.678576][ T8959] syz_tun (unregistering): left promiscuous mode
[  101.763789][   T40] audit: type=1400 audit(1747742242.311:534): avc:  denied  { ioctl } for  pid=8961 comm="syz.2.930" path="socket:[20183]" dev="sockfs" ino=20183 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  101.791512][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.793900][ T5934] dvb-usb: error while querying for an remote control event.
[  101.830146][ T8046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.830230][ T8967] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  101.832931][ T8046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.961474][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  101.963561][ T5934] dvb-usb: error while querying for an remote control event.
[  102.131751][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  102.133751][ T5934] dvb-usb: error while querying for an remote control event.
[  102.301530][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  102.303461][ T5934] dvb-usb: error while querying for an remote control event.
[  102.326358][   T40] audit: type=1400 audit(1747742242.871:535): avc:  denied  { append } for  pid=8977 comm="syz.1.936" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  102.380236][ T8978] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  102.413971][   T40] audit: type=1400 audit(1747742242.961:536): avc:  denied  { mount } for  pid=8982 comm="syz.2.938" name="/" dev="9p" ino=35913832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  102.463047][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  102.466067][ T5934] dvb-usb: error while querying for an remote control event.
[  102.576769][   T40] audit: type=1400 audit(1747742243.121:537): avc:  denied  { unmount } for  pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  102.621658][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  102.627530][ T5934] dvb-usb: error while querying for an remote control event.
[  102.673491][   T40] audit: type=1400 audit(1747742243.221:538): avc:  denied  { listen } for  pid=8998 comm="syz.1.941" lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  102.741987][ T9006] xt_hashlimit: size too large, truncated to 1048576
[  102.781553][ T5934] dvb-usb: bulk message failed: -22 (1/0)
[  102.784826][ T5934] dvb-usb: error while querying for an remote control event.
[  102.795577][   T64] usb 8-1: USB disconnect, device number 9
[  102.797011][ T9015] FAULT_INJECTION: forcing a failure.
[  102.797011][ T9015] name failslab, interval 1, probability 0, space 0, times 0
[  102.803047][ T9015] CPU: 0 UID: 0 PID: 9015 Comm: syz.2.942 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  102.803070][ T9015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  102.803081][ T9015] Call Trace:
[  102.803088][ T9015]  <TASK>
[  102.803095][ T9015]  dump_stack_lvl+0x16c/0x1f0
[  102.803126][ T9015]  should_fail_ex+0x512/0x640
[  102.803149][ T9015]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  102.803178][ T9015]  should_failslab+0xc2/0x120
[  102.803198][ T9015]  __kmalloc_cache_noprof+0x6a/0x3e0
[  102.803224][ T9015]  ? alloc_netdev_mqs+0xf3a/0x1570
[  102.803246][ T9015]  ? kasan_save_track+0x14/0x30
[  102.803265][ T9015]  alloc_netdev_mqs+0xf3a/0x1570
[  102.803292][ T9015]  rtnl_create_link+0xc10/0xfa0
[  102.803317][ T9015]  rtnl_newlink+0xb69/0x2000
[  102.803346][ T9015]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.803365][ T9015]  ? find_held_lock+0x2b/0x80
[  102.803388][ T9015]  ? avc_has_perm_noaudit+0x117/0x3b0
[  102.803411][ T9015]  ? avc_has_perm_noaudit+0x149/0x3b0
[  102.803455][ T9015]  ? find_held_lock+0x2b/0x80
[  102.803475][ T9015]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.803493][ T9015]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.803511][ T9015]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  102.803533][ T9015]  ? __pfx_rtnl_newlink+0x10/0x10
[  102.803554][ T9015]  rtnetlink_rcv_msg+0x95b/0xe90
[  102.803577][ T9015]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  102.803596][ T9015]  ? __pfx_avc_has_perm+0x10/0x10
[  102.803626][ T9015]  netlink_rcv_skb+0x16a/0x440
[  102.803649][ T9015]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  102.803671][ T9015]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  102.803710][ T9015]  ? netlink_deliver_tap+0x1ae/0xd30
[  102.803736][ T9015]  netlink_unicast+0x53d/0x7f0
[  102.803762][ T9015]  ? __pfx_netlink_unicast+0x10/0x10
[  102.803799][ T9015]  netlink_sendmsg+0x8d1/0xdd0
[  102.803826][ T9015]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.803859][ T9015]  ____sys_sendmsg+0xa95/0xc70
[  102.803886][ T9015]  ? copy_msghdr_from_user+0x10a/0x160
[  102.803905][ T9015]  ? __pfx_____sys_sendmsg+0x10/0x10
[  102.803958][ T9015]  ___sys_sendmsg+0x134/0x1d0
[  102.803979][ T9015]  ? __pfx____sys_sendmsg+0x10/0x10
[  102.804030][ T9015]  __sys_sendmsg+0x16d/0x220
[  102.804049][ T9015]  ? __pfx___sys_sendmsg+0x10/0x10
[  102.804085][ T9015]  do_syscall_64+0xcd/0x260
[  102.804112][ T9015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.804131][ T9015] RIP: 0033:0x7ff96618e969
[  102.804144][ T9015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.804159][ T9015] RSP: 002b:00007ff966f99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.804176][ T9015] RAX: ffffffffffffffda RBX: 00007ff9663b6080 RCX: 00007ff96618e969
[  102.804186][ T9015] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  102.804197][ T9015] RBP: 00007ff966f99090 R08: 0000000000000000 R09: 0000000000000000
[  102.804207][ T9015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  102.804216][ T9015] R13: 0000000000000000 R14: 00007ff9663b6080 R15: 00007ffd43d6d088
[  102.804241][ T9015]  </TASK>
[  102.931855][   T64] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  102.941887][ T9028] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  102.947299][ T9020] 9pnet_virtio: no channels available for device syz
[  103.017424][ T9041] openvswitch: netlink: IP tunnel dst address not specified
[  103.029224][ T9046] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  103.055974][ T9043] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.058876][ T9043] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.106396][ T9057] xt_hashlimit: size too large, truncated to 1048576
[  103.129745][ T9043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  103.144092][ T9043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  103.218882][ T9043] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.222710][ T9043] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.226570][ T9043] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.229626][ T9043] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.264150][ T9061] FAULT_INJECTION: forcing a failure.
[  103.264150][ T9061] name failslab, interval 1, probability 0, space 0, times 0
[  103.269348][ T9061] CPU: 0 UID: 0 PID: 9061 Comm: syz.2.958 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  103.269362][ T9061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  103.269369][ T9061] Call Trace:
[  103.269373][ T9061]  <TASK>
[  103.269378][ T9061]  dump_stack_lvl+0x16c/0x1f0
[  103.269398][ T9061]  should_fail_ex+0x512/0x640
[  103.269414][ T9061]  ? __kvmalloc_node_noprof+0x122/0x600
[  103.269433][ T9061]  should_failslab+0xc2/0x120
[  103.269446][ T9061]  __kvmalloc_node_noprof+0x135/0x600
[  103.269464][ T9061]  ? alloc_netdev_mqs+0xfbe/0x1570
[  103.269481][ T9061]  ? alloc_netdev_mqs+0xfbe/0x1570
[  103.269493][ T9061]  alloc_netdev_mqs+0xfbe/0x1570
[  103.269509][ T9061]  rtnl_create_link+0xc10/0xfa0
[  103.269524][ T9061]  rtnl_newlink+0xb69/0x2000
[  103.269541][ T9061]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.269553][ T9061]  ? find_held_lock+0x2b/0x80
[  103.269567][ T9061]  ? avc_has_perm_noaudit+0x117/0x3b0
[  103.269605][ T9061]  ? avc_has_perm_noaudit+0x149/0x3b0
[  103.269635][ T9061]  ? find_held_lock+0x2b/0x80
[  103.269647][ T9061]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.269659][ T9061]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.269671][ T9061]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  103.269684][ T9061]  ? __pfx_rtnl_newlink+0x10/0x10
[  103.269697][ T9061]  rtnetlink_rcv_msg+0x95b/0xe90
[  103.269711][ T9061]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  103.269724][ T9061]  ? __pfx_avc_has_perm+0x10/0x10
[  103.269741][ T9061]  netlink_rcv_skb+0x16a/0x440
[  103.269756][ T9061]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  103.269770][ T9061]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  103.269792][ T9061]  ? netlink_deliver_tap+0x1ae/0xd30
[  103.269810][ T9061]  netlink_unicast+0x53d/0x7f0
[  103.269826][ T9061]  ? __pfx_netlink_unicast+0x10/0x10
[  103.269844][ T9061]  netlink_sendmsg+0x8d1/0xdd0
[  103.269861][ T9061]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.269880][ T9061]  ____sys_sendmsg+0xa95/0xc70
[  103.269897][ T9061]  ? copy_msghdr_from_user+0x10a/0x160
[  103.269910][ T9061]  ? __pfx_____sys_sendmsg+0x10/0x10
[  103.269932][ T9061]  ___sys_sendmsg+0x134/0x1d0
[  103.269945][ T9061]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.269975][ T9061]  __sys_sendmsg+0x16d/0x220
[  103.269987][ T9061]  ? __pfx___sys_sendmsg+0x10/0x10
[  103.270004][ T9061]  ? rcu_is_watching+0x12/0xc0
[  103.270022][ T9061]  do_syscall_64+0xcd/0x260
[  103.270039][ T9061]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.270055][ T9061] RIP: 0033:0x7ff96618e969
[  103.270064][ T9061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.270075][ T9061] RSP: 002b:00007ff966f78038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.270086][ T9061] RAX: ffffffffffffffda RBX: 00007ff9663b6160 RCX: 00007ff96618e969
[  103.270093][ T9061] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  103.270099][ T9061] RBP: 00007ff966f78090 R08: 0000000000000000 R09: 0000000000000000
[  103.270105][ T9061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.270111][ T9061] R13: 0000000000000000 R14: 00007ff9663b6160 R15: 00007ffd43d6d088
[  103.270125][ T9061]  </TASK>
[  103.806316][ T9117] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  103.904355][ T9122] Bluetooth: (null): Invalid header checksum
[  104.050908][ T9126] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=9126 comm=syz.3.979
[  104.407557][ T9134] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  104.434123][ T9134] 8021q: adding VLAN 0 to HW filter on device bond1
[  104.438653][ T9134] bond0: (slave bond1): Enslaving as an active interface with an up link
[  104.636932][ T9147] xt_connbytes: Forcing CT accounting to be enabled
[  104.640559][ T9147] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  104.647144][ T9147] afs: Unknown parameter 'dynúk6£jD»”·^¯ñÁqõKí¥M¢¡êÏ«5GE}Òçr_'
[  105.146451][ T9209] __nla_validate_parse: 142 callbacks suppressed
[  105.146467][ T9209] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1008'.
[  105.265358][ T9222] ntfs3(sr0): Primary boot signature is not NTFS.
[  105.267883][ T9222] ntfs3(sr0): try to read out of volume at offset 0xf800
[  105.300883][ T9228] xt_hashlimit: size too large, truncated to 1048576
[  105.362228][ T9234] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1015'.
[  105.365087][ T9234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1015'.
[  105.492423][ T9248] xt_hashlimit: size too large, truncated to 1048576
[  105.549609][ T9257] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1020'.
[  105.556421][ T9257] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1020'.
[  105.570089][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  105.570098][   T40] audit: type=1400 audit(1747742246.111:547): avc:  denied  { getopt } for  pid=9258 comm="syz.2.1023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  105.573896][ T9259] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1023'.
[  105.581779][ T9259] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1023'.
[  105.697148][ T9273] xt_hashlimit: size too large, truncated to 1048576
[  105.748769][ T9277] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1028'.
[  105.753189][ T9277] validate_nla: 10 callbacks suppressed
[  105.753202][ T9277] netlink: 'syz.3.1028': attribute type 7 has an invalid length.
[  105.758964][ T9277] netlink: 'syz.3.1028': attribute type 8 has an invalid length.
[  105.762493][ T9277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1028'.
[  105.788641][ T9281] xt_hashlimit: size too large, truncated to 1048576
[  105.841883][ T9286] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1031'.
[  105.845967][ T9286] netlink: 'syz.2.1031': attribute type 7 has an invalid length.
[  105.849544][ T9286] netlink: 'syz.2.1031': attribute type 8 has an invalid length.
[  105.950298][ T9299] xt_hashlimit: size too large, truncated to 1048576
[  106.008123][ T9302] netlink: 'syz.0.1037': attribute type 7 has an invalid length.
[  106.012575][ T9302] netlink: 'syz.0.1037': attribute type 8 has an invalid length.
[  106.035877][ T9308] xt_ipcomp: unknown flags 12
[  106.098608][ T9316] xt_hashlimit: size too large, truncated to 1048576
[  106.163064][ T9321] netlink: 'syz.2.1042': attribute type 7 has an invalid length.
[  106.166555][ T9321] netlink: 'syz.2.1042': attribute type 8 has an invalid length.
[  106.207548][ T9326] Bluetooth: MGMT ver 1.23
[  106.411955][ T9331] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode broadcast(3)
[  106.567428][   T40] audit: type=1400 audit(1747742247.111:548): avc:  denied  { watch watch_reads } for  pid=9344 comm="syz.2.1052" path="/proc/734" dev="proc" ino=24224 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  106.604529][ T9348] xt_hashlimit: size too large, truncated to 1048576
[  106.629543][ T9353] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3 sclass=netlink_route_socket pid=9353 comm=syz.0.1055
[  106.664741][ T9356] netlink: 'syz.2.1053': attribute type 7 has an invalid length.
[  106.668367][ T9356] netlink: 'syz.2.1053': attribute type 8 has an invalid length.
[  107.419819][   T40] audit: type=1400 audit(1747742247.961:549): avc:  denied  { read } for  pid=9368 comm="syz.3.1059" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  107.429454][   T40] audit: type=1400 audit(1747742247.961:550): avc:  denied  { open } for  pid=9368 comm="syz.3.1059" path="/253/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  107.430472][ T9370] block device autoloading is deprecated and will be removed.
[  107.446349][   T40] audit: type=1400 audit(1747742247.991:551): avc:  denied  { ioctl } for  pid=9368 comm="syz.3.1059" path="/253/file0/file0" dev="fuse" ino=64 ioctlcmd=0x921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  107.484097][ T9372] xt_hashlimit: size too large, truncated to 1048576
[  107.519488][ T9377] overlayfs: failed to clone upperpath
[  107.536051][ T9378] FAULT_INJECTION: forcing a failure.
[  107.536051][ T9378] name failslab, interval 1, probability 0, space 0, times 0
[  107.540330][ T9378] CPU: 0 UID: 0 PID: 9378 Comm: syz.1.1060 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  107.540351][ T9378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.540362][ T9378] Call Trace:
[  107.540368][ T9378]  <TASK>
[  107.540375][ T9378]  dump_stack_lvl+0x16c/0x1f0
[  107.540420][ T9378]  should_fail_ex+0x512/0x640
[  107.540447][ T9378]  ? __kmalloc_noprof+0xbf/0x510
[  107.540460][ T9378]  ? ethnl_default_notify+0x1a7/0x940
[  107.540472][ T9378]  should_failslab+0xc2/0x120
[  107.540485][ T9378]  __kmalloc_noprof+0xd2/0x510
[  107.540495][ T9378]  ? __pfx_vxlan_netdevice_event+0x10/0x10
[  107.540514][ T9378]  ? __pfx_ethnl_default_notify+0x10/0x10
[  107.540527][ T9378]  ethnl_default_notify+0x1a7/0x940
[  107.540555][ T9378]  ? __pfx_ethnl_default_notify+0x10/0x10
[  107.540568][ T9378]  ? __pfx_ip6_route_dev_notify+0x10/0x10
[  107.540586][ T9378]  ? __netdev_update_features+0x1199/0x1b70
[  107.540599][ T9378]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  107.540613][ T9378]  ? __pfx_ethnl_default_notify+0x10/0x10
[  107.540625][ T9378]  ethtool_notify+0xc2/0x200
[  107.540638][ T9378]  ethnl_netdev_event+0x10a/0x190
[  107.540650][ T9378]  notifier_call_chain+0xbc/0x410
[  107.540665][ T9378]  ? __pfx_ethnl_netdev_event+0x10/0x10
[  107.540679][ T9378]  call_netdevice_notifiers_info+0xbe/0x140
[  107.540696][ T9378]  netdev_update_features+0xca/0xe0
[  107.540709][ T9378]  ? __pfx_netdev_update_features+0x10/0x10
[  107.540724][ T9378]  ? kasan_save_track+0x14/0x30
[  107.540733][ T9378]  ? hsr_port_get_hsr+0x9a/0xd0
[  107.540744][ T9378]  hsr_add_port+0x548/0x870
[  107.540756][ T9378]  ? do_init_timer+0xc9/0x110
[  107.540771][ T9378]  hsr_dev_finalize+0x4bd/0xbe0
[  107.540787][ T9378]  hsr_newlink+0x46e/0xa00
[  107.540805][ T9378]  ? __pfx_hsr_newlink+0x10/0x10
[  107.540818][ T9378]  ? rtnl_create_link+0xa52/0xfa0
[  107.540831][ T9378]  ? __pfx_hsr_newlink+0x10/0x10
[  107.540844][ T9378]  rtnl_newlink+0xc45/0x2000
[  107.540862][ T9378]  ? __pfx_rtnl_newlink+0x10/0x10
[  107.540874][ T9378]  ? find_held_lock+0x2b/0x80
[  107.540887][ T9378]  ? avc_has_perm_noaudit+0x117/0x3b0
[  107.540902][ T9378]  ? avc_has_perm_noaudit+0x149/0x3b0
[  107.540926][ T9378]  ? find_held_lock+0x2b/0x80
[  107.540939][ T9378]  ? __pfx_rtnl_newlink+0x10/0x10
[  107.540950][ T9378]  ? __pfx_rtnl_newlink+0x10/0x10
[  107.540962][ T9378]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  107.540975][ T9378]  ? __pfx_rtnl_newlink+0x10/0x10
[  107.540988][ T9378]  rtnetlink_rcv_msg+0x95b/0xe90
[  107.541002][ T9378]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  107.541014][ T9378]  ? __pfx_avc_has_perm+0x10/0x10
[  107.541032][ T9378]  netlink_rcv_skb+0x16a/0x440
[  107.541047][ T9378]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  107.541062][ T9378]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  107.541084][ T9378]  ? netlink_deliver_tap+0x1ae/0xd30
[  107.541100][ T9378]  netlink_unicast+0x53d/0x7f0
[  107.541116][ T9378]  ? __pfx_netlink_unicast+0x10/0x10
[  107.541134][ T9378]  netlink_sendmsg+0x8d1/0xdd0
[  107.541151][ T9378]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.541170][ T9378]  ____sys_sendmsg+0xa95/0xc70
[  107.541187][ T9378]  ? copy_msghdr_from_user+0x10a/0x160
[  107.541199][ T9378]  ? __pfx_____sys_sendmsg+0x10/0x10
[  107.541222][ T9378]  ___sys_sendmsg+0x134/0x1d0
[  107.541235][ T9378]  ? __pfx____sys_sendmsg+0x10/0x10
[  107.541266][ T9378]  __sys_sendmsg+0x16d/0x220
[  107.541278][ T9378]  ? __pfx___sys_sendmsg+0x10/0x10
[  107.541295][ T9378]  ? rcu_is_watching+0x12/0xc0
[  107.541312][ T9378]  do_syscall_64+0xcd/0x260
[  107.541330][ T9378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.541342][ T9378] RIP: 0033:0x7fe97698e969
[  107.541351][ T9378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.541365][ T9378] RSP: 002b:00007fe977797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.541380][ T9378] RAX: ffffffffffffffda RBX: 00007fe976bb6080 RCX: 00007fe97698e969
[  107.541404][ T9378] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  107.541410][ T9378] RBP: 00007fe977797090 R08: 0000000000000000 R09: 0000000000000000
[  107.541417][ T9378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  107.541423][ T9378] R13: 0000000000000000 R14: 00007fe976bb6080 R15: 00007ffd84cfd7f8
[  107.541437][ T9378]  </TASK>
[  107.544549][ T9380] program syz.3.1063 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.664202][ T9389] xt_hashlimit: size too large, truncated to 1048576
[  107.790399][ T9399] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  107.797087][ T9399] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  107.843410][ T9404] cgroup: none used incorrectly
[  107.845234][ T9404] cgroup: none used incorrectly
[  107.846978][ T9404] cgroup: none used incorrectly
[  107.848777][ T9404] cgroup: none used incorrectly
[  107.850515][ T9404] cgroup: none used incorrectly
[  108.041126][ T9423] IPv6: syztnl0: Disabled Multicast RS
[  108.697054][ T9431] xt_hashlimit: size too large, truncated to 1048576
[  108.883243][ T9438] netfs: Couldn't get user pages (rc=-14)
[  108.977701][   T40] audit: type=1400 audit(1747742249.521:552): avc:  denied  { map } for  pid=9447 comm="syz.0.1082" path="socket:[23341]" dev="sockfs" ino=23341 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  108.987132][   T40] audit: type=1400 audit(1747742249.521:553): avc:  denied  { read } for  pid=9447 comm="syz.0.1082" path="socket:[23341]" dev="sockfs" ino=23341 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  109.447885][ T9480] input: syz0 as /devices/virtual/input/input14
[  109.605273][ T9489] program syz.2.1095 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  109.803838][   T40] audit: type=1400 audit(1747742250.351:554): avc:  denied  { ioctl } for  pid=9499 comm="syz.0.1099" path="socket:[23388]" dev="sockfs" ino=23388 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  109.813156][ T9500] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  109.877114][   T40] audit: type=1400 audit(1747742250.421:555): avc:  denied  { mounton } for  pid=9494 comm="syz.2.1097" path="/272/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  109.887097][ T9508] 9p: Unknown access argument 18446744073709551615: -34
[  110.184654][ T9541] __nla_validate_parse: 42 callbacks suppressed
[  110.184673][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1113'.
[  110.191302][ T9541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1113'.
[  110.224973][ T9545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1115'.
[  110.330178][ T9517] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: mode dependency failed, not supported in mode broadcast(3)
[  110.334513][   T40] audit: type=1400 audit(1747742250.881:556): avc:  denied  { shutdown } for  pid=9550 comm="syz.1.1117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  110.426060][ T9549] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1118'.
[  110.497217][ T9573] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1124'.
[  110.589906][ T9588] vlan2: entered promiscuous mode
[  110.591938][ T9588] vlan2: entered allmulticast mode
[  110.593632][ T9588] hsr_slave_1: entered allmulticast mode
[  110.662558][ T9598] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1131'.
[  110.668789][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  110.668800][   T40] audit: type=1400 audit(1747742251.211:558): avc:  denied  { mount } for  pid=9597 comm="syz.3.1131" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  110.681445][   T40] audit: type=1400 audit(1747742251.221:559): avc:  denied  { unmount } for  pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  110.987463][   T40] audit: type=1107 audit(1747742251.531:560): pid=9628 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='©
[  110.987463][   T40] Ó,¸'
[  111.009976][   T40] audit: type=1400 audit(1747742251.551:561): avc:  denied  { create } for  pid=9625 comm="syz.1.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  111.148453][ T9640] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  111.186331][ T9642] validate_nla: 14 callbacks suppressed
[  111.186349][ T9642] netlink: 'syz.0.1144': attribute type 10 has an invalid length.
[  111.192787][ T9642] veth0_vlan: left promiscuous mode
[  111.198221][ T9642] veth0_vlan: entered promiscuous mode
[  111.203068][ T9642] team0: Device veth0_vlan failed to register rx_handler
[  112.092614][ T9706] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1161'.
[  112.110372][ T8045] bridge_slave_1: left allmulticast mode
[  112.113090][ T8045] bridge_slave_1: left promiscuous mode
[  112.116334][ T8045] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.120720][ T8045] bridge_slave_0: left allmulticast mode
[  112.124608][ T8045] bridge_slave_0: left promiscuous mode
[  112.126725][ T8045] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.153871][ T8045] ip6gretap0 (unregistering): left promiscuous mode
[  112.233470][ T8045] gretap0 (unregistering): left promiscuous mode
[  112.289341][ T8045] team0: Port device geneve0 removed
[  112.738884][ T8045] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.745792][ T8045] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.750515][ T8045] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  112.754941][ T8045] bond0 (unregistering): Released all slaves
[  112.858524][ T9734] hashlimit_mt_check_common: 1 callbacks suppressed
[  112.858542][ T9734] xt_hashlimit: size too large, truncated to 1048576
[  112.980254][   T40] audit: type=1400 audit(1747742253.521:562): avc:  denied  { load_policy } for  pid=9746 comm="syz.1.1174" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  112.980507][ T9747] SELinux:  policydb string length 14080 does not match expected length 8
[  112.993806][ T9747] SELinux: failed to load policy
[  113.047849][ T9757] overlay: filesystem on ./bus not supported as upperdir
[  113.133217][ T9765] xt_hashlimit: size too large, truncated to 1048576
[  113.160459][ T9768] xt_hashlimit: size too large, truncated to 1048576
[  113.191203][ T9770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1180'.
[  113.194160][ T9770] netlink: 'syz.1.1180': attribute type 7 has an invalid length.
[  113.196645][ T9770] netlink: 'syz.1.1180': attribute type 8 has an invalid length.
[  113.199087][ T9770] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1180'.
[  113.204470][ T9770] FAULT_INJECTION: forcing a failure.
[  113.204470][ T9770] name failslab, interval 1, probability 0, space 0, times 0
[  113.208631][ T9770] CPU: 0 UID: 0 PID: 9770 Comm: syz.1.1180 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  113.208645][ T9770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.208653][ T9770] Call Trace:
[  113.208657][ T9770]  <TASK>
[  113.208661][ T9770]  dump_stack_lvl+0x16c/0x1f0
[  113.208681][ T9770]  should_fail_ex+0x512/0x640
[  113.208696][ T9770]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  113.208715][ T9770]  should_failslab+0xc2/0x120
[  113.208727][ T9770]  __kmalloc_cache_noprof+0x6a/0x3e0
[  113.208743][ T9770]  ? device_add+0xccc/0x1a70
[  113.208760][ T9770]  device_add+0xccc/0x1a70
[  113.208773][ T9770]  ? dev_set_name+0xc7/0x100
[  113.208792][ T9770]  ? __pfx_dev_set_name+0x10/0x10
[  113.208807][ T9770]  ? __pfx_device_add+0x10/0x10
[  113.208821][ T9770]  ? lockdep_init_map_type+0x5c/0x280
[  113.208832][ T9770]  ? __init_waitqueue_head+0xca/0x150
[  113.208848][ T9770]  netdev_register_kobject+0x182/0x3a0
[  113.208866][ T9770]  register_netdevice+0x13dc/0x2270
[  113.208883][ T9770]  ? __pfx_register_netdevice+0x10/0x10
[  113.208899][ T9770]  ? hsr_add_port+0x57e/0x870
[  113.208914][ T9770]  hsr_dev_finalize+0x6cb/0xbe0
[  113.208930][ T9770]  hsr_newlink+0x46e/0xa00
[  113.208943][ T9770]  ? __pfx_hsr_newlink+0x10/0x10
[  113.208956][ T9770]  ? rtnl_create_link+0xa52/0xfa0
[  113.208969][ T9770]  ? __pfx_hsr_newlink+0x10/0x10
[  113.208982][ T9770]  rtnl_newlink+0xc45/0x2000
[  113.209000][ T9770]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.209011][ T9770]  ? find_held_lock+0x2b/0x80
[  113.209024][ T9770]  ? avc_has_perm_noaudit+0x117/0x3b0
[  113.209039][ T9770]  ? avc_has_perm_noaudit+0x149/0x3b0
[  113.209063][ T9770]  ? find_held_lock+0x2b/0x80
[  113.209075][ T9770]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.209087][ T9770]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.209099][ T9770]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  113.209112][ T9770]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.209125][ T9770]  rtnetlink_rcv_msg+0x95b/0xe90
[  113.209139][ T9770]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.209151][ T9770]  ? __pfx_avc_has_perm+0x10/0x10
[  113.209169][ T9770]  netlink_rcv_skb+0x16a/0x440
[  113.209183][ T9770]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.209197][ T9770]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  113.209219][ T9770]  ? netlink_deliver_tap+0x1ae/0xd30
[  113.209235][ T9770]  netlink_unicast+0x53d/0x7f0
[  113.209251][ T9770]  ? __pfx_netlink_unicast+0x10/0x10
[  113.209269][ T9770]  netlink_sendmsg+0x8d1/0xdd0
[  113.209285][ T9770]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.209305][ T9770]  ____sys_sendmsg+0xa95/0xc70
[  113.209322][ T9770]  ? copy_msghdr_from_user+0x10a/0x160
[  113.209334][ T9770]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.209356][ T9770]  ___sys_sendmsg+0x134/0x1d0
[  113.209369][ T9770]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.209399][ T9770]  __sys_sendmsg+0x16d/0x220
[  113.209411][ T9770]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.209428][ T9770]  ? rcu_is_watching+0x12/0xc0
[  113.209445][ T9770]  do_syscall_64+0xcd/0x260
[  113.209462][ T9770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.209473][ T9770] RIP: 0033:0x7fe97698e969
[  113.209483][ T9770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.209511][ T9770] RSP: 002b:00007fe977797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.209522][ T9770] RAX: ffffffffffffffda RBX: 00007fe976bb6080 RCX: 00007fe97698e969
[  113.209529][ T9770] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  113.209535][ T9770] RBP: 00007fe977797090 R08: 0000000000000000 R09: 0000000000000000
[  113.209541][ T9770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  113.209547][ T9770] R13: 0000000000000000 R14: 00007fe976bb6080 R15: 00007ffd84cfd7f8
[  113.209562][ T9770]  </TASK>
[  113.350577][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.445967][ T9789] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1188'.
[  113.514967][ T9793] xt_hashlimit: size too large, truncated to 1048576
[  113.599290][ T9801] xt_CT: You must specify a L4 protocol and not use inversions on it
[  113.628215][ T9805] xt_hashlimit: size too large, truncated to 1048576
[  113.679887][ T9811] netlink: 'syz.1.1195': attribute type 7 has an invalid length.
[  113.681983][ T9806] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  113.682913][ T9811] netlink: 'syz.1.1195': attribute type 8 has an invalid length.
[  113.700881][ T9811] FAULT_INJECTION: forcing a failure.
[  113.700881][ T9811] name failslab, interval 1, probability 0, space 0, times 0
[  113.708195][ T9811] CPU: 3 UID: 0 PID: 9811 Comm: syz.1.1195 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  113.708215][ T9811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.708224][ T9811] Call Trace:
[  113.708229][ T9811]  <TASK>
[  113.708235][ T9811]  dump_stack_lvl+0x16c/0x1f0
[  113.708260][ T9811]  should_fail_ex+0x512/0x640
[  113.708279][ T9811]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  113.708297][ T9811]  should_failslab+0xc2/0x120
[  113.708313][ T9811]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  113.708327][ T9811]  ? find_held_lock+0x2b/0x80
[  113.708344][ T9811]  ? kstrdup_const+0x63/0x80
[  113.708362][ T9811]  kstrdup+0x53/0x100
[  113.708378][ T9811]  kstrdup_const+0x63/0x80
[  113.708393][ T9811]  __kernfs_new_node+0x9b/0x8a0
[  113.708410][ T9811]  ? __pfx___kernfs_new_node+0x10/0x10
[  113.708430][ T9811]  ? find_held_lock+0x2b/0x80
[  113.708446][ T9811]  ? kernfs_root+0xee/0x2a0
[  113.708465][ T9811]  kernfs_new_node+0x13c/0x1e0
[  113.708481][ T9811]  ? net_ns_get_ownership+0xf8/0x1b0
[  113.708500][ T9811]  kernfs_create_dir_ns+0x4c/0x1a0
[  113.708520][ T9811]  sysfs_create_dir_ns+0x13a/0x2b0
[  113.708534][ T9811]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  113.708546][ T9811]  ? find_held_lock+0x2b/0x80
[  113.708565][ T9811]  ? net_namespace+0x12/0x50
[  113.708581][ T9811]  ? device_namespace+0x76/0xa0
[  113.708601][ T9811]  kobject_add_internal+0x2c4/0x9b0
[  113.708618][ T9811]  kobject_add+0x16e/0x240
[  113.708630][ T9811]  ? __pfx_kobject_add+0x10/0x10
[  113.708644][ T9811]  ? get_device_parent+0x1c5/0x4e0
[  113.708661][ T9811]  ? kobject_put+0xab/0x5a0
[  113.708683][ T9811]  ? device_add+0xbff/0x1a70
[  113.708703][ T9811]  device_add+0x288/0x1a70
[  113.708721][ T9811]  ? __pfx_dev_set_name+0x10/0x10
[  113.708741][ T9811]  ? __pfx_device_add+0x10/0x10
[  113.708759][ T9811]  ? lockdep_init_map_type+0x5c/0x280
[  113.708773][ T9811]  ? __init_waitqueue_head+0xca/0x150
[  113.708793][ T9811]  netdev_register_kobject+0x182/0x3a0
[  113.708815][ T9811]  register_netdevice+0x13dc/0x2270
[  113.708836][ T9811]  ? __pfx_register_netdevice+0x10/0x10
[  113.708856][ T9811]  ? hsr_add_port+0x57e/0x870
[  113.708875][ T9811]  hsr_dev_finalize+0x6cb/0xbe0
[  113.708895][ T9811]  hsr_newlink+0x46e/0xa00
[  113.708912][ T9811]  ? __pfx_hsr_newlink+0x10/0x10
[  113.708929][ T9811]  ? rtnl_create_link+0xa52/0xfa0
[  113.708946][ T9811]  ? __pfx_hsr_newlink+0x10/0x10
[  113.708963][ T9811]  rtnl_newlink+0xc45/0x2000
[  113.708989][ T9811]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.709004][ T9811]  ? find_held_lock+0x2b/0x80
[  113.709021][ T9811]  ? avc_has_perm_noaudit+0x117/0x3b0
[  113.709040][ T9811]  ? avc_has_perm_noaudit+0x149/0x3b0
[  113.709074][ T9811]  ? find_held_lock+0x2b/0x80
[  113.709089][ T9811]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.709104][ T9811]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.709119][ T9811]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  113.709136][ T9811]  ? __pfx_rtnl_newlink+0x10/0x10
[  113.709152][ T9811]  rtnetlink_rcv_msg+0x95b/0xe90
[  113.709171][ T9811]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.709186][ T9811]  ? __pfx_avc_has_perm+0x10/0x10
[  113.709210][ T9811]  netlink_rcv_skb+0x16a/0x440
[  113.709228][ T9811]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.709246][ T9811]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  113.709276][ T9811]  ? netlink_deliver_tap+0x1ae/0xd30
[  113.709297][ T9811]  netlink_unicast+0x53d/0x7f0
[  113.709317][ T9811]  ? __pfx_netlink_unicast+0x10/0x10
[  113.709340][ T9811]  netlink_sendmsg+0x8d1/0xdd0
[  113.709362][ T9811]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.709388][ T9811]  ____sys_sendmsg+0xa95/0xc70
[  113.709408][ T9811]  ? copy_msghdr_from_user+0x10a/0x160
[  113.709423][ T9811]  ? __pfx_____sys_sendmsg+0x10/0x10
[  113.709453][ T9811]  ___sys_sendmsg+0x134/0x1d0
[  113.709470][ T9811]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.709549][ T9811]  __sys_sendmsg+0x16d/0x220
[  113.709573][ T9811]  ? __pfx___sys_sendmsg+0x10/0x10
[  113.709601][ T9811]  ? rcu_is_watching+0x12/0xc0
[  113.709631][ T9811]  do_syscall_64+0xcd/0x260
[  113.709657][ T9811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.709675][ T9811] RIP: 0033:0x7fe97698e969
[  113.709689][ T9811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.709706][ T9811] RSP: 002b:00007fe977797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.709722][ T9811] RAX: ffffffffffffffda RBX: 00007fe976bb6080 RCX: 00007fe97698e969
[  113.709734][ T9811] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  113.709743][ T9811] RBP: 00007fe977797090 R08: 0000000000000000 R09: 0000000000000000
[  113.709753][ T9811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  113.709764][ T9811] R13: 0000000000000000 R14: 00007fe976bb6080 R15: 00007ffd84cfd7f8
[  113.709786][ T9811]  </TASK>
[  113.709797][ T9811] kobject: kobject_add_internal failed for hsr2 (error: -12 parent: net)
[  113.727465][   T40] audit: type=1400 audit(1747742254.271:563): avc:  denied  { write } for  pid=9803 comm="syz.3.1194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  113.972742][ T9828] netlink: 'syz.1.1197': attribute type 1 has an invalid length.
[  114.005312][ T9827] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  114.007657][ T9827] overlayfs: failed to set xattr on upper
[  114.009535][ T9827] overlayfs: ...falling back to redirect_dir=nofollow.
[  114.012007][ T9827] overlayfs: ...falling back to index=off.
[  114.013930][ T9827] overlayfs: ...falling back to uuid=null.
[  114.015838][ T9827] overlayfs: ...falling back to xino=off.
[  114.017833][ T9827] overlayfs: conflicting lowerdir path
[  114.219470][ T9839] xt_hashlimit: size too large, truncated to 1048576
[  114.244564][ T9847] xt_hashlimit: size too large, truncated to 1048576
[  114.298554][ T9853] netlink: 'syz.1.1204': attribute type 7 has an invalid length.
[  114.301130][ T9853] netlink: 'syz.1.1204': attribute type 8 has an invalid length.
[  114.309168][ T9853] FAULT_INJECTION: forcing a failure.
[  114.309168][ T9853] name failslab, interval 1, probability 0, space 0, times 0
[  114.314152][ T9853] CPU: 1 UID: 0 PID: 9853 Comm: syz.1.1204 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  114.314170][ T9853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.314179][ T9853] Call Trace:
[  114.314184][ T9853]  <TASK>
[  114.314189][ T9853]  dump_stack_lvl+0x16c/0x1f0
[  114.314215][ T9853]  should_fail_ex+0x512/0x640
[  114.314235][ T9853]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  114.314253][ T9853]  should_failslab+0xc2/0x120
[  114.314269][ T9853]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  114.314282][ T9853]  ? __asan_memcpy+0x3c/0x60
[  114.314302][ T9853]  ? __kernfs_new_node+0xd2/0x8a0
[  114.314320][ T9853]  __kernfs_new_node+0xd2/0x8a0
[  114.314337][ T9853]  ? __pfx___kernfs_new_node+0x10/0x10
[  114.314357][ T9853]  ? find_held_lock+0x2b/0x80
[  114.314376][ T9853]  ? kernfs_root+0xee/0x2a0
[  114.314395][ T9853]  kernfs_new_node+0x13c/0x1e0
[  114.314415][ T9853]  ? net_ns_get_ownership+0xf8/0x1b0
[  114.314440][ T9853]  kernfs_create_dir_ns+0x4c/0x1a0
[  114.314464][ T9853]  sysfs_create_dir_ns+0x13a/0x2b0
[  114.314481][ T9853]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  114.314498][ T9853]  ? find_held_lock+0x2b/0x80
[  114.314520][ T9853]  ? net_namespace+0x12/0x50
[  114.314553][ T9853]  ? device_namespace+0x76/0xa0
[  114.314568][ T9853]  kobject_add_internal+0x2c4/0x9b0
[  114.314582][ T9853]  kobject_add+0x16e/0x240
[  114.314592][ T9853]  ? __pfx_kobject_add+0x10/0x10
[  114.314603][ T9853]  ? get_device_parent+0x1c5/0x4e0
[  114.314616][ T9853]  ? kobject_put+0xab/0x5a0
[  114.314634][ T9853]  ? device_add+0xbff/0x1a70
[  114.314649][ T9853]  device_add+0x288/0x1a70
[  114.314663][ T9853]  ? __pfx_dev_set_name+0x10/0x10
[  114.314679][ T9853]  ? __pfx_device_add+0x10/0x10
[  114.314693][ T9853]  ? lockdep_init_map_type+0x5c/0x280
[  114.314704][ T9853]  ? __init_waitqueue_head+0xca/0x150
[  114.314720][ T9853]  netdev_register_kobject+0x182/0x3a0
[  114.314736][ T9853]  register_netdevice+0x13dc/0x2270
[  114.314758][ T9853]  ? __pfx_register_netdevice+0x10/0x10
[  114.314773][ T9853]  ? hsr_add_port+0x57e/0x870
[  114.314788][ T9853]  hsr_dev_finalize+0x6cb/0xbe0
[  114.314804][ T9853]  hsr_newlink+0x46e/0xa00
[  114.314817][ T9853]  ? __pfx_hsr_newlink+0x10/0x10
[  114.314831][ T9853]  ? rtnl_create_link+0xa52/0xfa0
[  114.314844][ T9853]  ? __pfx_hsr_newlink+0x10/0x10
[  114.314857][ T9853]  rtnl_newlink+0xc45/0x2000
[  114.314875][ T9853]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.314886][ T9853]  ? find_held_lock+0x2b/0x80
[  114.314900][ T9853]  ? avc_has_perm_noaudit+0x117/0x3b0
[  114.314915][ T9853]  ? avc_has_perm_noaudit+0x149/0x3b0
[  114.314950][ T9853]  ? find_held_lock+0x2b/0x80
[  114.314969][ T9853]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.315004][ T9853]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.315021][ T9853]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  114.315043][ T9853]  ? __pfx_rtnl_newlink+0x10/0x10
[  114.315064][ T9853]  rtnetlink_rcv_msg+0x95b/0xe90
[  114.315087][ T9853]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  114.315106][ T9853]  ? __pfx_avc_has_perm+0x10/0x10
[  114.315136][ T9853]  netlink_rcv_skb+0x16a/0x440
[  114.315158][ T9853]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  114.315182][ T9853]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  114.315219][ T9853]  ? netlink_deliver_tap+0x1ae/0xd30
[  114.315246][ T9853]  netlink_unicast+0x53d/0x7f0
[  114.315271][ T9853]  ? __pfx_netlink_unicast+0x10/0x10
[  114.315302][ T9853]  netlink_sendmsg+0x8d1/0xdd0
[  114.315329][ T9853]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.315363][ T9853]  ____sys_sendmsg+0xa95/0xc70
[  114.315389][ T9853]  ? copy_msghdr_from_user+0x10a/0x160
[  114.315407][ T9853]  ? __pfx_____sys_sendmsg+0x10/0x10
[  114.315445][ T9853]  ___sys_sendmsg+0x134/0x1d0
[  114.315467][ T9853]  ? __pfx____sys_sendmsg+0x10/0x10
[  114.315523][ T9853]  __sys_sendmsg+0x16d/0x220
[  114.315543][ T9853]  ? __pfx___sys_sendmsg+0x10/0x10
[  114.315572][ T9853]  ? rcu_is_watching+0x12/0xc0
[  114.315600][ T9853]  do_syscall_64+0xcd/0x260
[  114.315628][ T9853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.315646][ T9853] RIP: 0033:0x7fe97698e969
[  114.315660][ T9853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.315677][ T9853] RSP: 002b:00007fe977797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  114.315694][ T9853] RAX: ffffffffffffffda RBX: 00007fe976bb6080 RCX: 00007fe97698e969
[  114.315704][ T9853] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  114.315715][ T9853] RBP: 00007fe977797090 R08: 0000000000000000 R09: 0000000000000000
[  114.315725][ T9853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.315735][ T9853] R13: 0000000000000000 R14: 00007fe976bb6080 R15: 00007ffd84cfd7f8
[  114.315768][ T9853]  </TASK>
[  114.315882][ T9853] kobject: kobject_add_internal failed for hsr2 (error: -12 parent: net)
[  114.492620][ T9863] xt_hashlimit: size too large, truncated to 1048576
[  114.493339][ T8045] : left promiscuous mode
[  114.546109][ T9862] netlink: 'syz.0.1209': attribute type 7 has an invalid length.
[  114.548757][ T9862] netlink: 'syz.0.1209': attribute type 8 has an invalid length.
[  114.558875][ T9862] team0: entered promiscuous mode
[  114.560797][ T9862] team_slave_0: entered promiscuous mode
[  114.563328][ T9862] team_slave_1: entered promiscuous mode
[  114.567584][ T9862] team0: left promiscuous mode
[  114.569382][ T9862] team_slave_0: left promiscuous mode
[  114.572102][ T9862] team_slave_1: left promiscuous mode
[  114.668368][   T40] audit: type=1400 audit(1747742255.211:564): avc:  denied  { listen } for  pid=9875 comm="syz.2.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.676223][ T9876] overlayfs: failed to resolve './file1/file0': -2
[  114.679715][   T40] audit: type=1400 audit(1747742255.221:565): avc:  denied  { accept } for  pid=9875 comm="syz.2.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  114.682964][ T9880] xt_hashlimit: size too large, truncated to 1048576
[  114.804453][ T9898] xt_hashlimit: size too large, truncated to 1048576
[  114.824303][ T8045] hsr_slave_0: left promiscuous mode
[  114.826634][ T8045] hsr_slave_1: left promiscuous mode
[  114.828992][ T8045] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.832903][ T8045] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.342483][ T8045] team0 (unregistering): Port device team_slave_1 removed
[  115.409105][ T8045] team0 (unregistering): Port device team_slave_0 removed
[  115.891648][ T9901] FAULT_INJECTION: forcing a failure.
[  115.891648][ T9901] name failslab, interval 1, probability 0, space 0, times 0
[  115.895919][ T9901] CPU: 2 UID: 0 PID: 9901 Comm: syz.1.1220 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  115.895938][ T9901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.895945][ T9901] Call Trace:
[  115.895949][ T9901]  <TASK>
[  115.895954][ T9901]  dump_stack_lvl+0x16c/0x1f0
[  115.895974][ T9901]  should_fail_ex+0x512/0x640
[  115.895990][ T9901]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  115.896002][ T9901]  should_failslab+0xc2/0x120
[  115.896015][ T9901]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  115.896026][ T9901]  ? __kernfs_new_node+0xd2/0x8a0
[  115.896040][ T9901]  __kernfs_new_node+0xd2/0x8a0
[  115.896052][ T9901]  ? kernfs_add_one+0x37d/0x840
[  115.896064][ T9901]  ? __pfx___kernfs_new_node+0x10/0x10
[  115.896079][ T9901]  ? find_held_lock+0x2b/0x80
[  115.896093][ T9901]  ? kernfs_root+0xee/0x2a0
[  115.896107][ T9901]  kernfs_new_node+0x13c/0x1e0
[  115.896126][ T9901]  __kernfs_create_file+0x53/0x350
[  115.896152][ T9901]  sysfs_add_file_mode_ns+0x207/0x3c0
[  115.896187][ T9901]  sysfs_create_file_ns+0x13d/0x1d0
[  115.896216][ T9901]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  115.896242][ T9901]  ? down_read+0x13d/0x480
[  115.896256][ T9901]  ? __pfx___up_read+0x10/0x10
[  115.896267][ T9901]  ? acpi_device_notify+0x351/0x480
[  115.896282][ T9901]  device_create_file+0xf2/0x1e0
[  115.896300][ T9901]  device_add+0x2bf/0x1a70
[  115.896315][ T9901]  ? __pfx_dev_set_name+0x10/0x10
[  115.896331][ T9901]  ? __pfx_device_add+0x10/0x10
[  115.896345][ T9901]  ? lockdep_init_map_type+0x5c/0x280
[  115.896356][ T9901]  ? __init_waitqueue_head+0xca/0x150
[  115.896372][ T9901]  netdev_register_kobject+0x182/0x3a0
[  115.896388][ T9901]  register_netdevice+0x13dc/0x2270
[  115.896406][ T9901]  ? __pfx_register_netdevice+0x10/0x10
[  115.896421][ T9901]  ? hsr_add_port+0x57e/0x870
[  115.896436][ T9901]  hsr_dev_finalize+0x6cb/0xbe0
[  115.896456][ T9901]  hsr_newlink+0x46e/0xa00
[  115.896472][ T9901]  ? __pfx_hsr_newlink+0x10/0x10
[  115.896485][ T9901]  ? rtnl_create_link+0xa52/0xfa0
[  115.896498][ T9901]  ? __pfx_hsr_newlink+0x10/0x10
[  115.896511][ T9901]  rtnl_newlink+0xc45/0x2000
[  115.896529][ T9901]  ? __pfx_rtnl_newlink+0x10/0x10
[  115.896541][ T9901]  ? find_held_lock+0x2b/0x80
[  115.896554][ T9901]  ? avc_has_perm_noaudit+0x117/0x3b0
[  115.896569][ T9901]  ? avc_has_perm_noaudit+0x149/0x3b0
[  115.896593][ T9901]  ? find_held_lock+0x2b/0x80
[  115.896605][ T9901]  ? __pfx_rtnl_newlink+0x10/0x10
[  115.896617][ T9901]  ? __pfx_rtnl_newlink+0x10/0x10
[  115.896628][ T9901]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  115.896642][ T9901]  ? __pfx_rtnl_newlink+0x10/0x10
[  115.896655][ T9901]  rtnetlink_rcv_msg+0x95b/0xe90
[  115.896669][ T9901]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  115.896681][ T9901]  ? __pfx_avc_has_perm+0x10/0x10
[  115.896700][ T9901]  netlink_rcv_skb+0x16a/0x440
[  115.896715][ T9901]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  115.896729][ T9901]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  115.896751][ T9901]  ? netlink_deliver_tap+0x1ae/0xd30
[  115.896767][ T9901]  netlink_unicast+0x53d/0x7f0
[  115.896783][ T9901]  ? __pfx_netlink_unicast+0x10/0x10
[  115.896801][ T9901]  netlink_sendmsg+0x8d1/0xdd0
[  115.896817][ T9901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  115.896836][ T9901]  ____sys_sendmsg+0xa95/0xc70
[  115.896858][ T9901]  ? copy_msghdr_from_user+0x10a/0x160
[  115.896870][ T9901]  ? __pfx_____sys_sendmsg+0x10/0x10
[  115.896892][ T9901]  ___sys_sendmsg+0x134/0x1d0
[  115.896905][ T9901]  ? __pfx____sys_sendmsg+0x10/0x10
[  115.896939][ T9901]  __sys_sendmsg+0x16d/0x220
[  115.896951][ T9901]  ? __pfx___sys_sendmsg+0x10/0x10
[  115.896968][ T9901]  ? rcu_is_watching+0x12/0xc0
[  115.896986][ T9901]  do_syscall_64+0xcd/0x260
[  115.897003][ T9901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.897015][ T9901] RIP: 0033:0x7fe97698e969
[  115.897024][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.897034][ T9901] RSP: 002b:00007fe977797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  115.897045][ T9901] RAX: ffffffffffffffda RBX: 00007fe976bb6080 RCX: 00007fe97698e969
[  115.897052][ T9901] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 000000000000000b
[  115.897059][ T9901] RBP: 00007fe977797090 R08: 0000000000000000 R09: 0000000000000000
[  115.897065][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  115.897071][ T9901] R13: 0000000000000000 R14: 00007fe976bb6080 R15: 00007ffd84cfd7f8
[  115.897085][ T9901]  </TASK>
[  116.109069][ T9911] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  116.162986][   T40] audit: type=1400 audit(1747742256.701:566): avc:  denied  { relabelfrom } for  pid=9915 comm="syz.1.1226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  116.169822][   T40] audit: type=1400 audit(1747742256.711:567): avc:  denied  { relabelto } for  pid=9915 comm="syz.1.1226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  116.637396][   T40] audit: type=1400 audit(1747742257.181:568): avc:  denied  { create } for  pid=9944 comm="syz.1.1235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1
[  116.644736][   T40] audit: type=1400 audit(1747742257.181:569): avc:  denied  { create } for  pid=9944 comm="syz.1.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  116.651024][   T40] audit: type=1400 audit(1747742257.181:570): avc:  denied  { getopt } for  pid=9944 comm="syz.1.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  116.658222][   T40] audit: type=1400 audit(1747742257.181:571): avc:  denied  { setopt } for  pid=9944 comm="syz.1.1235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  116.666557][   T40] audit: type=1400 audit(1747742257.211:572): avc:  denied  { read write } for  pid=8450 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.674725][   T40] audit: type=1400 audit(1747742257.211:573): avc:  denied  { open } for  pid=8450 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.682946][   T40] audit: type=1400 audit(1747742257.211:574): avc:  denied  { ioctl } for  pid=8450 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  116.695355][ T9947] mkiss: ax0: crc mode is auto.
[  117.269499][ T9961] macsec1: entered promiscuous mode
[  117.271303][ T9961] veth1_to_batadv: entered promiscuous mode
[  117.310594][   T40] audit: type=1400 audit(1747742257.851:575): avc:  denied  { map } for  pid=9972 comm="syz.2.1244" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  117.420580][ T9984] veth1_to_batadv: left promiscuous mode
[  117.860665][T10006] validate_nla: 2 callbacks suppressed
[  117.860677][T10006] netlink: 'syz.0.1256': attribute type 4 has an invalid length.
[  117.876137][T10006] ip6tnl1: entered promiscuous mode
[  117.877997][T10006] ip6tnl1: entered allmulticast mode
[  117.881284][T10006] team0: Device ip6tnl1 is of different type
[  117.957736][T10009] hashlimit_mt_check_common: 1 callbacks suppressed
[  117.957748][T10009] xt_hashlimit: size too large, truncated to 1048576
[  117.959596][ T5934] hid-generic 0005:04F3:0A0E.0005: unknown main item tag 0x0
[  117.968378][ T5934] hid-generic 0005:04F3:0A0E.0005: hidraw1: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  118.143129][T10025] xt_hashlimit: size too large, truncated to 1048576
[  118.188441][T10030] overlay: ./file1 is not a directory
[  118.194415][T10030] __nla_validate_parse: 10 callbacks suppressed
[  118.194426][T10030] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1264'.
[  118.231006][T10033] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  118.234218][T10033] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  118.237409][T10033] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  118.240265][T10033] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  118.257622][T10035] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1266'.
[  118.272810][T10037] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  118.394288][T10050] overlayfs: disabling nfs_export due to verity=require
[  118.402378][T10055] netlink: 'syz.0.1273': attribute type 1 has an invalid length.
[  118.406646][T10055] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.1273'.
[  118.411807][T10055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1273'.
[  118.447089][T10061] xt_hashlimit: size too large, truncated to 1048576
[  118.559910][T10078] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1124 sclass=netlink_route_socket pid=10078 comm=syz.0.1282
[  118.659848][T10087] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  118.730077][T10092] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1289'.
[  118.738301][T10092] macvlan2: entered promiscuous mode
[  118.740292][T10092] bridge0: entered promiscuous mode
[  118.742955][T10092] bridge0: port 3(macvlan2) entered blocking state
[  118.745298][T10092] bridge0: port 3(macvlan2) entered disabled state
[  118.747666][T10092] macvlan2: entered allmulticast mode
[  118.749581][T10092] bridge0: entered allmulticast mode
[  118.753591][T10092] macvlan2: left allmulticast mode
[  118.755812][T10092] bridge0: left allmulticast mode
[  118.758369][T10092] bridge0: left promiscuous mode
[  119.372977][T10095] xt_hashlimit: size too large, truncated to 1048576
[  119.467018][T10103] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.1293'.
[  119.470285][T10103] netlink: zone id is out of range
[  119.472150][T10103] netlink: zone id is out of range
[  119.473893][T10103] netlink: get zone limit has 8 unknown bytes
[  120.817526][T10164] dns_resolver: Unsupported server list version (0)
[  120.933747][T10176] xt_hashlimit: size too large, truncated to 1048576
[  121.138841][T10190] binder: Unknown parameter 'statl'
[  121.143603][T10192] fuse: Bad value for 'user_id'
[  121.145510][T10192] fuse: Bad value for 'user_id'
[  121.156094][T10192] /dev/nullb0: Can't lookup blockdev
[  121.158314][T10192] No source specified
[  121.285125][T10205] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  121.287461][T10205] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  121.293187][T10205] vhci_hcd vhci_hcd.0: Device attached
[  121.326864][T10203] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1326'.
[  121.330009][T10203] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1326'.
[  121.371875][T10213] xt_hashlimit: size too large, truncated to 1048576
[  121.385012][T10206] vhci_hcd: connection closed
[  121.386783][   T46] vhci_hcd: stop threads
[  121.390304][   T46] vhci_hcd: release socket
[  121.393033][   T46] vhci_hcd: disconnect device
[  121.423672][T10220] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=10220 comm=syz.1.1329
[  121.479800][T10225] xt_hashlimit: size too large, truncated to 1048576
[  121.535801][T10234] overlayfs: failed to clone upperpath
[  121.587271][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  121.587283][   T40] audit: type=1800 audit(1747742262.186:585): pid=10237 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.1336" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  121.744285][T10247] block nbd1: shutting down sockets
[  121.744525][T10251] xt_hashlimit: size too large, truncated to 1048576
[  121.779151][T10256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1343'.
[  121.783063][T10256] netlink: 'syz.1.1343': attribute type 19 has an invalid length.
[  121.787214][T10256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1343'.
[  121.911454][ T5940] Bluetooth: hci3: Invalid connection link type handle 0x00c8
[  121.923597][T10264] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  121.926477][T10264] overlayfs: missing 'lowerdir'
[  122.051431][   T40] audit: type=1400 audit(1747742262.646:586): avc:  denied  { read } for  pid=10279 comm="syz.2.1350" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  122.059123][   T40] audit: type=1400 audit(1747742262.646:587): avc:  denied  { open } for  pid=10279 comm="syz.2.1350" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  122.067189][   T40] audit: type=1400 audit(1747742262.646:588): avc:  denied  { ioctl } for  pid=10279 comm="syz.2.1350" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0xaea3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  122.070818][T10285] xt_hashlimit: size too large, truncated to 1048576
[  122.303678][T10295] ceph: Path missing in source
[  122.592363][T10309] tmpfs: Unknown parameter '¢]ÑÛ#òy'
[  122.637786][   T40] audit: type=1400 audit(1747742263.236:589): avc:  denied  { append } for  pid=10313 comm="syz.2.1362" name="pmem0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  122.650087][ T5346]  pmem0: [POWERTEC]
[  122.669628][T10319] FAULT_INJECTION: forcing a failure.
[  122.669628][T10319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.674062][T10319] CPU: 2 UID: 0 PID: 10319 Comm: syz.2.1363 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  122.674078][T10319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  122.674085][T10319] Call Trace:
[  122.674088][T10319]  <TASK>
[  122.674093][T10319]  dump_stack_lvl+0x16c/0x1f0
[  122.674128][T10319]  should_fail_ex+0x512/0x640
[  122.674150][T10319]  _copy_from_user+0x2e/0xd0
[  122.674167][T10319]  copy_msghdr_from_user+0x98/0x160
[  122.674181][T10319]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  122.674200][T10319]  ___sys_sendmsg+0xfe/0x1d0
[  122.674212][T10319]  ? __pfx____sys_sendmsg+0x10/0x10
[  122.674241][T10319]  __sys_sendmsg+0x16d/0x220
[  122.674253][T10319]  ? __pfx___sys_sendmsg+0x10/0x10
[  122.674270][T10319]  ? rcu_is_watching+0x12/0xc0
[  122.674287][T10319]  do_syscall_64+0xcd/0x260
[  122.674305][T10319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.674316][T10319] RIP: 0033:0x7ff96618e969
[  122.674325][T10319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.674336][T10319] RSP: 002b:00007ff966fba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  122.674346][T10319] RAX: ffffffffffffffda RBX: 00007ff9663b5fa0 RCX: 00007ff96618e969
[  122.674353][T10319] RDX: 0000000004010080 RSI: 0000200000000300 RDI: 0000000000000003
[  122.674359][T10319] RBP: 00007ff966fba090 R08: 0000000000000000 R09: 0000000000000000
[  122.674365][T10319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.674372][T10319] R13: 0000000000000000 R14: 00007ff9663b5fa0 R15: 00007ffd43d6d088
[  122.674385][T10319]  </TASK>
[  122.785313][T10325] netlink: 'syz.2.1366': attribute type 2 has an invalid length.
[  122.793620][T10326] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=40607 sclass=netlink_route_socket pid=10326 comm=syz.0.1364
[  122.799912][   T40] audit: type=1400 audit(1747742263.396:590): avc:  denied  { write } for  pid=10320 comm="syz.0.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  122.822599][   T40] audit: type=1400 audit(1747742263.396:591): avc:  denied  { connect } for  pid=10320 comm="syz.0.1364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  122.828556][T10328] xt_hashlimit: size too large, truncated to 1048576
[  122.857933][   T40] audit: type=1400 audit(1747742263.456:592): avc:  denied  { listen } for  pid=10320 comm="syz.0.1364" lport=46376 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  122.864616][   T40] audit: type=1400 audit(1747742263.456:593): avc:  denied  { accept } for  pid=10320 comm="syz.0.1364" lport=46376 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  123.023368][T10343] FAULT_INJECTION: forcing a failure.
[  123.023368][T10343] name failslab, interval 1, probability 0, space 0, times 0
[  123.028565][T10343] CPU: 1 UID: 0 PID: 10343 Comm: syz.2.1373 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  123.028589][T10343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.028599][T10343] Call Trace:
[  123.028605][T10343]  <TASK>
[  123.028613][T10343]  dump_stack_lvl+0x16c/0x1f0
[  123.028648][T10343]  should_fail_ex+0x512/0x640
[  123.028672][T10343]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  123.028694][T10343]  should_failslab+0xc2/0x120
[  123.028713][T10343]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  123.028731][T10343]  ? __alloc_skb+0x2b2/0x380
[  123.028755][T10343]  __alloc_skb+0x2b2/0x380
[  123.028773][T10343]  ? __pfx___alloc_skb+0x10/0x10
[  123.028794][T10343]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  123.028822][T10343]  netlink_alloc_large_skb+0x69/0x130
[  123.028846][T10343]  netlink_sendmsg+0x6a1/0xdd0
[  123.028873][T10343]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.028904][T10343]  ____sys_sendmsg+0xa95/0xc70
[  123.028930][T10343]  ? copy_msghdr_from_user+0x10a/0x160
[  123.028950][T10343]  ? __pfx_____sys_sendmsg+0x10/0x10
[  123.028988][T10343]  ___sys_sendmsg+0x134/0x1d0
[  123.029010][T10343]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.029063][T10343]  __sys_sendmsg+0x16d/0x220
[  123.029083][T10343]  ? __pfx___sys_sendmsg+0x10/0x10
[  123.029112][T10343]  ? rcu_is_watching+0x12/0xc0
[  123.029141][T10343]  do_syscall_64+0xcd/0x260
[  123.029169][T10343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.029187][T10343] RIP: 0033:0x7ff96618e969
[  123.029202][T10343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.029219][T10343] RSP: 002b:00007ff966fba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.029237][T10343] RAX: ffffffffffffffda RBX: 00007ff9663b5fa0 RCX: 00007ff96618e969
[  123.029248][T10343] RDX: 0000000004010080 RSI: 0000200000000300 RDI: 0000000000000003
[  123.029259][T10343] RBP: 00007ff966fba090 R08: 0000000000000000 R09: 0000000000000000
[  123.029269][T10343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.029279][T10343] R13: 0000000000000000 R14: 00007ff9663b5fa0 R15: 00007ffd43d6d088
[  123.029302][T10343]  </TASK>
[  123.045290][   T40] audit: type=1400 audit(1747742263.646:594): avc:  denied  { mount } for  pid=10344 comm="syz.3.1374" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  123.255952][T10365] xt_hashlimit: size too large, truncated to 1048576
[  123.479313][T10375] Invalid source name
[  123.481121][T10375] UBIFS error (pid: 10375): cannot open "/dev/sg0", error -22
[  123.602938][T10379] __nla_validate_parse: 1 callbacks suppressed
[  123.602950][T10379] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1386'.
[  123.613072][T10379] pim6reg1: entered promiscuous mode
[  123.615110][T10379] pim6reg1: entered allmulticast mode
[  123.738407][T10389] overlayfs: disabling nfs_export due to verity=require
[  123.742404][T10389] overlayfs: invalid origin (0000)
[  123.855822][T10395] FAULT_INJECTION: forcing a failure.
[  123.855822][T10395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.860220][T10395] CPU: 0 UID: 0 PID: 10395 Comm: syz.1.1393 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  123.860235][T10395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  123.860242][T10395] Call Trace:
[  123.860247][T10395]  <TASK>
[  123.860251][T10395]  dump_stack_lvl+0x16c/0x1f0
[  123.860272][T10395]  should_fail_ex+0x512/0x640
[  123.860289][T10395]  _copy_from_iter+0x2a4/0x15b0
[  123.860307][T10395]  ? __alloc_skb+0x200/0x380
[  123.860320][T10395]  ? __pfx__copy_from_iter+0x10/0x10
[  123.860337][T10395]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  123.860355][T10395]  netlink_sendmsg+0x829/0xdd0
[  123.860372][T10395]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.860391][T10395]  ____sys_sendmsg+0xa95/0xc70
[  123.860407][T10395]  ? copy_msghdr_from_user+0x10a/0x160
[  123.860419][T10395]  ? __pfx_____sys_sendmsg+0x10/0x10
[  123.860441][T10395]  ___sys_sendmsg+0x134/0x1d0
[  123.860454][T10395]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.860482][T10395]  __sys_sendmsg+0x16d/0x220
[  123.860495][T10395]  ? __pfx___sys_sendmsg+0x10/0x10
[  123.860516][T10395]  do_syscall_64+0xcd/0x260
[  123.860533][T10395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.860544][T10395] RIP: 0033:0x7fe97698e969
[  123.860554][T10395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.860564][T10395] RSP: 002b:00007fe9777b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.860574][T10395] RAX: ffffffffffffffda RBX: 00007fe976bb5fa0 RCX: 00007fe97698e969
[  123.860581][T10395] RDX: 0000000004010080 RSI: 0000200000000300 RDI: 0000000000000003
[  123.860588][T10395] RBP: 00007fe9777b8090 R08: 0000000000000000 R09: 0000000000000000
[  123.860594][T10395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.860600][T10395] R13: 0000000000000000 R14: 00007fe976bb5fa0 R15: 00007ffd84cfd7f8
[  123.860614][T10395]  </TASK>
[  124.586116][T10415] /dev/sg0: Can't lookup blockdev
[  124.652616][T10421] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1402'.
[  124.655682][T10422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1402'.
[  124.696763][T10424] xt_hashlimit: size too large, truncated to 1048576
[  124.857738][T10431] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1405'.
[  124.858346][T10434] mkiss: ax0: crc mode is auto.
[  125.105544][T10468] xt_hashlimit: size too large, truncated to 1048576
[  125.141813][T10471] JFS: discard option not supported on device
[  125.146114][T10471] bio_check_eod: 2 callbacks suppressed
[  125.146124][T10471] syz.3.1411: attempt to access beyond end of device
[  125.146124][T10471] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  125.161587][T10471] syz.3.1411: attempt to access beyond end of device
[  125.161587][T10471] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  125.171612][T10471] Mount JFS Failure: -5
[  125.287796][T10494] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1421'.
[  125.344289][T10501] netlink: 'syz.3.1423': attribute type 1 has an invalid length.
[  125.357192][T10501] 8021q: adding VLAN 0 to HW filter on device bond1
[  125.688276][T10513] xt_hashlimit: size too large, truncated to 1048576
[  125.774228][T10517] batadv_slave_0: mtu less than device minimum
[  125.891504][ T1334] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  126.041527][ T1334] usb 8-1: Using ep0 maxpacket: 16
[  126.045544][ T1334] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  126.049977][ T1334] usb 8-1: config 0 has no interfaces?
[  126.054452][ T1334] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  126.058392][ T1334] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  126.061729][   T64] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  126.061978][ T1334] usb 8-1: Product: syz
[  126.066449][ T1334] usb 8-1: SerialNumber: syz
[  126.070925][ T1334] usb 8-1: config 0 descriptor??
[  126.117733][ T5346]  pmem0: [POWERTEC]
[  126.157097][T10521] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1430'.
[  126.212663][   T64] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  126.215355][   T64] usb 7-1: config 0 has no interface number 0
[  126.217482][   T64] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  126.221280][   T64] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  126.225905][   T64] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  126.229429][   T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.234227][   T64] usb 7-1: config 0 descriptor??
[  126.240840][   T64] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  126.284841][T10523] 9pnet_fd: p9_fd_create_tcp (10523): problem binding to privport
[  126.288904][ T1334] usb 8-1: USB disconnect, device number 10
[  126.457054][T10519] iowarrior 7-1:0.1: Error -90 while submitting URB
[  126.460967][ T5934] usb 7-1: USB disconnect, device number 9
[  126.532951][T10527] sctp: [Deprecated]: syz.1.1432 (pid 10527) Use of int in maxseg socket option.
[  126.532951][T10527] Use struct sctp_assoc_value instead
[  126.544270][T10528] sctp: [Deprecated]: syz.1.1432 (pid 10528) Use of int in maxseg socket option.
[  126.544270][T10528] Use struct sctp_assoc_value instead
[  126.580979][T10532] usb usb8: usbfs: process 10532 (syz.1.1433) did not claim interface 0 before use
[  126.648116][T10537] SELinux: failed to load policy
[  126.651055][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  126.651065][   T40] audit: type=1400 audit(1747742267.246:605): avc:  denied  { setopt } for  pid=10536 comm="syz.1.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.652893][T10537] xt_TCPMSS: Only works on TCP SYN packets
[  126.653244][   T40] audit: type=1400 audit(1747742267.246:606): avc:  denied  { read } for  pid=10536 comm="syz.1.1434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.667905][   T40] audit: type=1400 audit(1747742267.256:607): avc:  denied  { write } for  pid=10536 comm="syz.1.1434" path="socket:[30762]" dev="sockfs" ino=30762 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  126.896823][T10545] xt_hashlimit: size too large, truncated to 1048576
[  127.029897][T10552] tipc: Started in network mode
[  127.033304][T10552] tipc: Node identity 080211000001, cluster identity 4711
[  127.036391][T10552] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  127.038738][T10553] syzkaller0: mtu less than device minimum
[  127.117741][   T40] audit: type=1400 audit(1747742267.716:608): avc:  denied  { read } for  pid=10561 comm="syz.3.1443" name="/" dev="configfs" ino=3218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  127.131470][   T40] audit: type=1400 audit(1747742267.716:609): avc:  denied  { open } for  pid=10561 comm="syz.3.1443" path="/" dev="configfs" ino=3218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  127.210464][T10571] xt_hashlimit: size too large, truncated to 1048576
[  127.563599][   T40] audit: type=1326 audit(1747742268.166:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10593 comm="syz.2.1456" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff96618e969 code=0x0
[  127.609449][T10601] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1459'.
[  127.614693][T10601] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1459'.
[  127.617629][T10602] netlink: 'syz.2.1456': attribute type 3 has an invalid length.
[  127.617758][T10601] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1459'.
[  127.621160][T10602] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1456'.
[  127.678689][   T40] audit: type=1400 audit(1747742268.276:611): avc:  denied  { remount } for  pid=10603 comm="syz.3.1460" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  127.700993][   T40] audit: type=1404 audit(1747742268.296:612): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  127.715082][   T40] audit: type=1400 audit(1747742268.316:613): avc:  denied  { prog_load } for  pid=10606 comm="syz.1.1461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  127.721508][   T40] audit: type=1400 audit(1747742268.316:614): avc:  denied  { write } for  pid=10606 comm="syz.1.1461" lport=4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=0
[  127.726191][T10607] vlan3: entered promiscuous mode
[  127.729854][T10607] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  127.733926][T10607] vlan3: entered allmulticast mode
[  127.735718][T10607] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  127.995610][T10620] xt_l2tp: v2 doesn't support IP mode
[  128.031686][ T5934] tipc: Node number set to 134418688
[  128.040013][T10622] trusted_key: encrypted_key: insufficient parameters specified
[  128.568529][T10665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10665 comm=syz.2.1484
[  128.667353][T10676] Cannot find del_set index 128 as target
[  128.667452][T10677] Cannot find del_set index 128 as target
[  128.710777][T10683] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1491'.
[  128.985272][T10705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1501'.
[  129.370596][T10719] netlink: 'syz.2.1505': attribute type 1 has an invalid length.
[  129.374039][T10719] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1505'.
[  129.571886][T10729] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  129.685531][T10736] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1510'.
[  129.689286][T10736] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1510'.
[  129.757879][T10744] netlink: 'syz.1.1513': attribute type 10 has an invalid length.
[  129.762163][T10744] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  129.767679][ T1148] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.770785][ T1148] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.780172][T10744] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  129.976307][T10763] FAULT_INJECTION: forcing a failure.
[  129.976307][T10763] name failslab, interval 1, probability 0, space 0, times 0
[  129.980379][T10763] CPU: 3 UID: 0 PID: 10763 Comm: syz.2.1521 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  129.980393][T10763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  129.980400][T10763] Call Trace:
[  129.980405][T10763]  <TASK>
[  129.980409][T10763]  dump_stack_lvl+0x16c/0x1f0
[  129.980429][T10763]  should_fail_ex+0x512/0x640
[  129.980445][T10763]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  129.980458][T10763]  should_failslab+0xc2/0x120
[  129.980470][T10763]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  129.980480][T10763]  ? __alloc_skb+0x2b2/0x380
[  129.980495][T10763]  __alloc_skb+0x2b2/0x380
[  129.980506][T10763]  ? __pfx___alloc_skb+0x10/0x10
[  129.980517][T10763]  ? call_nexthop_notifiers+0x210/0x390
[  129.980534][T10763]  nexthop_notify+0x20d/0x730
[  129.980548][T10763]  rtm_new_nexthop+0x2a23/0x84c0
[  129.980570][T10763]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  129.980586][T10763]  ? __lock_acquire+0x5ca/0x1ba0
[  129.980606][T10763]  ? __lock_acquire+0x5ca/0x1ba0
[  129.980630][T10763]  ? find_held_lock+0x2b/0x80
[  129.980647][T10763]  ? find_held_lock+0x2b/0x80
[  129.980669][T10763]  ? __lock_acquire+0x5ca/0x1ba0
[  129.980693][T10763]  ? find_held_lock+0x2b/0x80
[  129.980705][T10763]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  129.980717][T10763]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  129.980731][T10763]  ? __pfx_rtm_new_nexthop+0x10/0x10
[  129.980743][T10763]  ? rtnetlink_rcv_msg+0x95b/0xe90
[  129.980756][T10763]  rtnetlink_rcv_msg+0x95b/0xe90
[  129.980770][T10763]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  129.980782][T10763]  ? __pfx_avc_has_perm+0x10/0x10
[  129.980801][T10763]  netlink_rcv_skb+0x16a/0x440
[  129.980815][T10763]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  129.980829][T10763]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  129.980851][T10763]  ? netlink_deliver_tap+0x1ae/0xd30
[  129.980868][T10763]  netlink_unicast+0x53d/0x7f0
[  129.980883][T10763]  ? __pfx_netlink_unicast+0x10/0x10
[  129.980901][T10763]  netlink_sendmsg+0x8d1/0xdd0
[  129.980918][T10763]  ? __pfx_netlink_sendmsg+0x10/0x10
[  129.980937][T10763]  ____sys_sendmsg+0xa95/0xc70
[  129.980954][T10763]  ? copy_msghdr_from_user+0x10a/0x160
[  129.980966][T10763]  ? __pfx_____sys_sendmsg+0x10/0x10
[  129.980988][T10763]  ___sys_sendmsg+0x134/0x1d0
[  129.981001][T10763]  ? __pfx____sys_sendmsg+0x10/0x10
[  129.981031][T10763]  __sys_sendmsg+0x16d/0x220
[  129.981043][T10763]  ? __pfx___sys_sendmsg+0x10/0x10
[  129.981060][T10763]  ? rcu_is_watching+0x12/0xc0
[  129.981077][T10763]  do_syscall_64+0xcd/0x260
[  129.981094][T10763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.981106][T10763] RIP: 0033:0x7ff96618e969
[  129.981115][T10763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.981126][T10763] RSP: 002b:00007ff966fba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  129.981137][T10763] RAX: ffffffffffffffda RBX: 00007ff9663b5fa0 RCX: 00007ff96618e969
[  129.981143][T10763] RDX: 0000000004010080 RSI: 0000200000000300 RDI: 0000000000000003
[  129.981150][T10763] RBP: 00007ff966fba090 R08: 0000000000000000 R09: 0000000000000000
[  129.981156][T10763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  129.981162][T10763] R13: 0000000000000000 R14: 00007ff9663b5fa0 R15: 00007ffd43d6d088
[  129.981176][T10763]  </TASK>
[  130.140799][T10772] xt_TCPMSS: Only works on TCP SYN packets
[  130.144997][T10772] netlink: 'syz.0.1525': attribute type 1 has an invalid length.
[  130.147480][T10772] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1525'.
[  130.153324][T10772] 9pnet_virtio: no channels available for device syz
[  130.662599][   T64] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  130.832707][   T64] usb 6-1: too many endpoints for config 1 interface 0 altsetting 4: 33, using maximum allowed: 30
[  130.836472][   T64] usb 6-1: config 1 interface 0 altsetting 4 endpoint 0x1 has invalid maxpacket 495, setting to 64
[  130.840000][   T64] usb 6-1: config 1 interface 0 altsetting 4 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  130.843938][   T64] usb 6-1: config 1 interface 0 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 33
[  130.848368][   T64] usb 6-1: config 1 interface 0 has no altsetting 0
[  130.852886][   T64] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  130.855817][   T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.858529][   T64] usb 6-1: Product: syz
[  130.859902][   T64] usb 6-1: Manufacturer: syz
[  130.861800][   T64] usb 6-1: SerialNumber: syz
[  130.869804][T10790] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  130.875331][T10790] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  130.894011][T10804] xt_hashlimit: size too large, truncated to 1048576
[  130.946559][T10806] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=10806 comm=syz.2.1533
[  131.093922][   T64] usb 6-1: USB disconnect, device number 9
[  131.571789][   T64] IPVS: starting estimator thread 0...
[  131.661533][T10826] IPVS: using max 43 ests per chain, 103200 per kthread
[  131.684199][T10838] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1545'.
[  131.716955][   T40] kauditd_printk_skb: 1307 callbacks suppressed
[  131.716966][   T40] audit: type=1400 audit(1747742272.316:1922): avc:  denied  { create } for  pid=10844 comm="syz.1.1547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  131.731275][   T40] audit: type=1400 audit(1747742272.316:1923): avc:  denied  { write } for  pid=10844 comm="syz.1.1547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  131.738719][   T40] audit: type=1400 audit(1747742272.316:1924): avc:  denied  { nlmsg_write } for  pid=10844 comm="syz.1.1547" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  131.751753][   T40] audit: type=1326 audit(1747742272.346:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10847 comm="syz.0.1548" exe="/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7ff384d8e969 code=0x0
[  131.759181][   T40] audit: type=1400 audit(1747742272.346:1926): avc:  denied  { create } for  pid=10846 comm="syz.2.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  131.766125][   T40] audit: type=1400 audit(1747742272.356:1927): avc:  denied  { read } for  pid=10846 comm="syz.2.1549" name="binder-control" dev="binder" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.779041][   T40] audit: type=1400 audit(1747742272.356:1928): avc:  denied  { open } for  pid=10846 comm="syz.2.1549" path="/dev/binderfs/binder-control" dev="binder" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.791459][   T40] audit: type=1400 audit(1747742272.356:1929): avc:  denied  { ioctl } for  pid=10846 comm="syz.2.1549" path="/dev/binderfs/binder-control" dev="binder" ino=2 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  131.801710][   T40] audit: type=1400 audit(1747742272.356:1930): avc:  denied  { create } for  pid=10851 comm="syz.1.1550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  131.808910][   T40] audit: type=1400 audit(1747742272.376:1931): avc:  denied  { ioctl } for  pid=10851 comm="syz.1.1550" path="socket:[29468]" dev="sockfs" ino=29468 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  131.866020][T10860] tmpfs: Bad value for 'mpol'
[  132.253693][T10891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1560'.
[  132.277572][T10891] dvmrp8: entered allmulticast mode
[  132.280856][T10890] dvmrp8: left allmulticast mode
[  132.368396][T10898] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1563'.
[  132.584643][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  132.586752][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  132.757427][T10928] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1575'.
[  133.861484][ T5287] Bluetooth: hci2: command tx timeout
[  143.513639][   T40] kauditd_printk_skb: 21 callbacks suppressed
[  143.513655][   T40] audit: type=1400 audit(1747742284.116:1953): avc:  denied  { execute } for  pid=10946 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  143.526361][   T40] audit: type=1400 audit(1747742284.116:1954): avc:  denied  { execute_no_trans } for  pid=10946 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  143.550542][ T1420] ==================================================================
[  143.553199][ T1420] BUG: KASAN: slab-use-after-free in uart_write_room+0x85e/0x940
[  143.555752][ T1420] Read of size 8 at addr ffff88802b7f05f8 by task aoe_tx0/1420
[  143.558834][ T1420] 
[  143.560364][ T1420] CPU: 0 UID: 0 PID: 1420 Comm: aoe_tx0 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  143.560378][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.560386][ T1420] Call Trace:
[  143.560390][ T1420]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  143.560395][ T1420]  dump_stack_lvl+0x116/0x1f0
[  143.560418][ T1420]  print_report+0xc3/0x670
[  143.560430][ T1420]  ? __virt_addr_valid+0x5e/0x590
[  143.560445][ T1420]  ? __phys_addr+0xc6/0x150
[  143.560460][ T1420]  ? uart_write_room+0x85e/0x940
[  143.560472][ T1420]  kasan_report+0xe0/0x110
[  143.560483][ T1420]  ? uart_write_room+0x85e/0x940
[  143.560496][ T1420]  ? __pfx_uart_write_room+0x10/0x10
[  143.560507][ T1420]  uart_write_room+0x85e/0x940
[  143.560519][ T1420]  ? uart_write+0x2f6/0xb30
[  143.560531][ T1420]  ? __pfx_uart_write_room+0x10/0x10
[  143.560543][ T1420]  tty_write_room+0x66/0x90
[  143.560558][ T1420]  handle_tx+0x14f/0x630
[  143.560571][ T1420]  dev_hard_start_xmit+0x93/0x740
[  143.560591][ T1420]  __dev_queue_xmit+0x7eb/0x43e0
[  143.560608][ T1420]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.560623][ T1420]  ? finish_task_switch.isra.0+0x221/0xc10
[  143.560638][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.560651][ T1420]  ? __pfx___dev_queue_xmit+0x10/0x10
[  143.560669][ T1420]  ? __lock_acquire+0xaa4/0x1ba0
[  143.560686][ T1420]  ? __lock_acquire+0xaa4/0x1ba0
[  143.560704][ T1420]  ? do_raw_spin_lock+0x12c/0x2b0
[  143.560715][ T1420]  ? find_held_lock+0x2b/0x80
[  143.560728][ T1420]  ? skb_dequeue+0x126/0x180
[  143.560743][ T1420]  ? find_held_lock+0x2b/0x80
[  143.560757][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.560770][ T1420]  tx+0xcc/0x190
[  143.560781][ T1420]  ? __pfx_tx+0x10/0x10
[  143.560790][ T1420]  kthread+0x1e4/0x3e0
[  143.560806][ T1420]  ? find_held_lock+0x2b/0x80
[  143.560819][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560835][ T1420]  ? __pfx_default_wake_function+0x10/0x10
[  143.560849][ T1420]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.560864][ T1420]  ? __kthread_parkme+0x19e/0x250
[  143.560880][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560896][ T1420]  kthread+0x3c2/0x780
[  143.560905][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560915][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560924][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560933][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560942][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.560955][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560965][ T1420]  ret_from_fork+0x45/0x80
[  143.560975][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.560985][ T1420]  ret_from_fork_asm+0x1a/0x30
[  143.561004][ T1420]  </TASK>
[  143.561008][ T1420] 
[  143.561827][   T40] audit: type=1400 audit(1747742284.166:1955): avc:  denied  { write } for  pid=5846 comm="syz-executor" path="pipe:[2576]" dev="pipefs" ino=2576 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  143.564206][ T1420] Allocated by task 9605:
[  143.653137][ T1420]  kasan_save_stack+0x33/0x60
[  143.654773][ T1420]  kasan_save_track+0x14/0x30
[  143.656705][ T1420]  __kasan_kmalloc+0xaa/0xb0
[  143.658500][ T1420]  alloc_tty_struct+0x96/0x8c0
[  143.660082][ T1420]  tty_init_dev.part.0+0x1e/0x500
[  143.661905][ T1420]  tty_open+0xa50/0xf90
[  143.663490][ T1420]  chrdev_open+0x234/0x6a0
[  143.665241][ T1420]  do_dentry_open+0x744/0x1c10
[  143.667101][ T1420]  vfs_open+0x82/0x3f0
[  143.668726][ T1420]  path_openat+0x1e5e/0x2d40
[  143.670564][ T1420]  do_filp_open+0x20b/0x470
[  143.672239][ T1420]  do_sys_openat2+0x11b/0x1d0
[  143.674080][ T1420]  __x64_sys_openat+0x174/0x210
[  143.676237][ T1420]  do_syscall_64+0xcd/0x260
[  143.677948][ T1420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.680362][ T1420] 
[  143.681231][ T1420] Freed by task 64:
[  143.682857][ T1420]  kasan_save_stack+0x33/0x60
[  143.684954][ T1420]  kasan_save_track+0x14/0x30
[  143.686720][ T1420]  kasan_save_free_info+0x3b/0x60
[  143.688668][ T1420]  __kasan_slab_free+0x51/0x70
[  143.690426][ T1420]  kfree+0x2b6/0x4d0
[  143.691913][ T1420]  process_one_work+0x9cf/0x1b70
[  143.693963][ T1420]  worker_thread+0x6c8/0xf10
[  143.695774][ T1420]  kthread+0x3c2/0x780
[  143.697374][ T1420]  ret_from_fork+0x45/0x80
[  143.698999][ T1420]  ret_from_fork_asm+0x1a/0x30
[  143.700765][ T1420] 
[  143.701851][ T1420] Last potentially related work creation:
[  143.703975][ T1420]  kasan_save_stack+0x33/0x60
[  143.705842][ T1420]  kasan_record_aux_stack+0xb8/0xd0
[  143.707735][ T1420]  insert_work+0x36/0x230
[  143.709300][ T1420]  __queue_work+0x97e/0x10f0
[  143.711111][ T1420]  queue_work_on+0x1a4/0x1f0
[  143.712918][ T1420]  release_tty+0x4de/0x5d0
[  143.714639][ T1420]  tty_release_struct+0xb7/0xe0
[  143.716529][ T1420]  tty_release+0xe2d/0x1430
[  143.718110][ T1420]  __fput+0x3ff/0xb70
[  143.719668][ T1420]  task_work_run+0x150/0x240
[  143.721327][ T1420]  do_exit+0xafb/0x2c30
[  143.722891][ T1420]  do_group_exit+0xd3/0x2a0
[  143.724780][ T1420]  get_signal+0x2673/0x26d0
[  143.726303][ T1420]  arch_do_signal_or_restart+0x8f/0x7d0
[  143.728334][ T1420]  syscall_exit_to_user_mode+0x150/0x2a0
[  143.730316][ T1420]  do_syscall_64+0xda/0x260
[  143.732245][ T1420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.734774][ T1420] 
[  143.735831][ T1420] The buggy address belongs to the object at ffff88802b7f0000
[  143.735831][ T1420]  which belongs to the cache kmalloc-cg-2k of size 2048
[  143.740935][ T1420] The buggy address is located 1528 bytes inside of
[  143.740935][ T1420]  freed 2048-byte region [ffff88802b7f0000, ffff88802b7f0800)
[  143.746448][ T1420] 
[  143.747531][ T1420] The buggy address belongs to the physical page:
[  143.750251][ T1420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b7f0
[  143.753994][ T1420] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  143.756879][ T1420] memcg:ffff888023019001
[  143.758326][ T1420] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  143.760909][ T1420] page_type: f5(slab)
[  143.762633][ T1420] raw: 00fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122
[  143.766151][ T1420] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff888023019001
[  143.768959][ T1420] head: 00fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122
[  143.771745][ T1420] head: 0000000000000000 0000000000080008 00000000f5000000 ffff888023019001
[  143.774536][ T1420] head: 00fff00000000003 ffffea0000adfc01 00000000ffffffff 00000000ffffffff
[  143.777297][ T1420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  143.780089][ T1420] page dumped because: kasan: bad access detected
[  143.782144][ T1420] page_owner tracks the page as allocated
[  143.783934][ T1420] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 9605, tgid 9604 (syz.3.1133), ts 110707611054, free_ts 110666327771
[  143.790598][ T1420]  post_alloc_hook+0x181/0x1b0
[  143.792189][ T1420]  get_page_from_freelist+0x135c/0x3920
[  143.794047][ T1420]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  143.795973][ T1420]  alloc_pages_mpol+0x1fb/0x550
[  143.797617][ T1420]  new_slab+0x244/0x340
[  143.798945][ T1420]  ___slab_alloc+0xd9c/0x1940
[  143.800462][ T1420]  __slab_alloc.constprop.0+0x56/0xb0
[  143.802158][ T1420]  __kmalloc_cache_noprof+0xfb/0x3e0
[  143.803915][ T1420]  alloc_tty_struct+0x96/0x8c0
[  143.805467][ T1420]  tty_init_dev.part.0+0x1e/0x500
[  143.807114][ T1420]  tty_open+0xa50/0xf90
[  143.808500][ T1420]  chrdev_open+0x234/0x6a0
[  143.809983][ T1420]  do_dentry_open+0x744/0x1c10
[  143.811557][ T1420]  vfs_open+0x82/0x3f0
[  143.812885][ T1420]  path_openat+0x1e5e/0x2d40
[  143.814398][ T1420]  do_filp_open+0x20b/0x470
[  143.815849][ T1420] page last free pid 5346 tgid 5346 stack trace:
[  143.817877][ T1420]  __free_frozen_pages+0x69d/0xff0
[  143.819556][ T1420]  __put_partials+0x16d/0x1c0
[  143.821097][ T1420]  qlist_free_all+0x4e/0x120
[  143.822627][ T1420]  kasan_quarantine_reduce+0x195/0x1e0
[  143.824429][ T1420]  __kasan_slab_alloc+0x69/0x90
[  143.826033][ T1420]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  143.827835][ T1420]  getname_flags.part.0+0x4c/0x550
[  143.829532][ T1420]  getname_flags+0x93/0xf0
[  143.831006][ T1420]  do_sys_openat2+0xb8/0x1d0
[  143.832543][ T1420]  __x64_sys_openat+0x174/0x210
[  143.834183][ T1420]  do_syscall_64+0xcd/0x260
[  143.835733][ T1420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.837684][ T1420] 
[  143.838547][ T1420] Memory state around the buggy address:
[  143.840874][ T1420]  ffff88802b7f0480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.844097][ T1420]  ffff88802b7f0500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.847292][ T1420] >ffff88802b7f0580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.850539][ T1420]                                                                 ^
[  143.853753][ T1420]  ffff88802b7f0600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.856405][ T1420]  ffff88802b7f0680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  143.859050][ T1420] ==================================================================
[  143.861796][ T1420] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  143.864274][ T1420] CPU: 0 UID: 0 PID: 1420 Comm: aoe_tx0 Not tainted 6.15.0-rc7-syzkaller #0 PREEMPT(full) 
[  143.867530][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  143.871030][ T1420] Call Trace:
[  143.872157][ T1420]  <TASK>
[  143.873151][ T1420]  dump_stack_lvl+0x3d/0x1f0
[  143.874719][ T1420]  panic+0x71c/0x800
[  143.876024][ T1420]  ? __pfx_panic+0x10/0x10
[  143.877510][ T1420]  ? irqentry_exit+0x3b/0x90
[  143.879211][ T1420]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.881050][ T1420]  ? uart_write_room+0x85e/0x940
[  143.882712][ T1420]  ? check_panic_on_warn+0x1f/0xb0
[  143.884415][ T1420]  ? uart_write_room+0x85e/0x940
[  143.886048][ T1420]  check_panic_on_warn+0xab/0xb0
[  143.887716][ T1420]  end_report+0x107/0x170
[  143.889140][ T1420]  kasan_report+0xee/0x110
[  143.890653][ T1420]  ? uart_write_room+0x85e/0x940
[  143.892306][ T1420]  ? __pfx_uart_write_room+0x10/0x10
[  143.894053][ T1420]  uart_write_room+0x85e/0x940
[  143.895683][ T1420]  ? uart_write+0x2f6/0xb30
[  143.897234][ T1420]  ? __pfx_uart_write_room+0x10/0x10
[  143.898979][ T1420]  tty_write_room+0x66/0x90
[  143.900500][ T1420]  handle_tx+0x14f/0x630
[  143.901921][ T1420]  dev_hard_start_xmit+0x93/0x740
[  143.903614][ T1420]  __dev_queue_xmit+0x7eb/0x43e0
[  143.905267][ T1420]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.907009][ T1420]  ? finish_task_switch.isra.0+0x221/0xc10
[  143.908926][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.910534][ T1420]  ? __pfx___dev_queue_xmit+0x10/0x10
[  143.912296][ T1420]  ? __lock_acquire+0xaa4/0x1ba0
[  143.913903][ T1420]  ? __lock_acquire+0xaa4/0x1ba0
[  143.915505][ T1420]  ? do_raw_spin_lock+0x12c/0x2b0
[  143.917184][ T1420]  ? find_held_lock+0x2b/0x80
[  143.918748][ T1420]  ? skb_dequeue+0x126/0x180
[  143.920268][ T1420]  ? find_held_lock+0x2b/0x80
[  143.921892][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.923470][ T1420]  tx+0xcc/0x190
[  143.924654][ T1420]  ? __pfx_tx+0x10/0x10
[  143.926160][ T1420]  kthread+0x1e4/0x3e0
[  143.927595][ T1420]  ? find_held_lock+0x2b/0x80
[  143.929145][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.930709][ T1420]  ? __pfx_default_wake_function+0x10/0x10
[  143.932580][ T1420]  ? lockdep_hardirqs_on+0x7c/0x110
[  143.934296][ T1420]  ? __kthread_parkme+0x19e/0x250
[  143.935966][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.937538][ T1420]  kthread+0x3c2/0x780
[  143.938891][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.940421][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.941966][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.943491][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.945019][ T1420]  ? rcu_is_watching+0x12/0xc0
[  143.946608][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.948155][ T1420]  ret_from_fork+0x45/0x80
[  143.949652][ T1420]  ? __pfx_kthread+0x10/0x10
[  143.951178][ T1420]  ret_from_fork_asm+0x1a/0x30
[  143.952768][ T1420]  </TASK>
[  143.954383][ T1420] Kernel Offset: disabled
[  143.955815][ T1420] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:58:04  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854f9c75 RDI=ffffffff9adfe5a0 RBP=ffffffff9adfe560 RSP=ffffc9000721f3f8
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552
R12=0000000000000000 R13=0000000000000034 R14=ffffffff9adfe560 R15=ffffffff854f9c10
RIP=ffffffff854f9c9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69da000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c2f279e CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 306e616c7663616d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11a8a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11a97
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11a91
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11aa5
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11b2b
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe976a11c09
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f29c243c328ac986 340c4428893c10af 671ac4c63efec198 badb8c12df3eef3f
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9c4a029c6d4f5fa6 52a4f1a3787c83bb b43cca60818d0004 0000000b000c000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8866b948c1f35764 7f8994c9e73868ab 7482e7154ca87a31 f1f8da0cf40acfe9
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 33cd306b0e918568 520615f945d70734 e99cad5ec6d61329 3ea4ace2d543ad0b
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 52e3083c4981102e 7573b22293a3734f 04235fe88866b948 c1f357647f8994c9
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e73868ab7482e715 4ca87a31f1f8da0c f40acfe99c4a029c 6d4f5fa652a4f1a3
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 787c83bbb43cca60 818d84fb2a96b492 0aff75daf29c243c 328ac986340c4428
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88806a4415c0 RCX=ffffffff81af2e99 RDX=ffff888037394880
RSI=ffffffff81af2e73 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000416f930
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=ffffed100d4882b9 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88806a53b040
RIP=ffffffff81bb4656 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ada000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f6e51426ff8 CR3=000000000e180000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000001 Opmask01=0000000000000000 Opmask02=0000000080000001 Opmask03=0000000000000000
Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4d747fdb 00007fff4d747fdb
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4d7484e0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4d7484e0 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 39325b3a74656b63 6f73223d68746170 2022303535312e31 2e7a7973223d6d00
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3332513074656163 6573223762746170 2022303535312431 2470737322376700
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f6374653a725f 7463656a626f3a74 6f6f723d74786574 6e6f637420745f6d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6576697373696d 72657020656c6966 3d7373616c637420 745f656d69746e75
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 313d657669737369 6d72657020656c69 663d7373616c6374 20745f656d69746e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 75725f6374653a72 5f7463656a626f3a 746f6f723d747865 746e6f637420745f
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d64617379733a72 5f6d64617379733a 746f6f723d747865 746e6f6373203032
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30323d6f6e692022 31616473223d7665 642022726f747563 6578652d7a797322
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=ffffffff8169da1d RBX=0000000000000001 RCX=0000000000000002 RDX=0000000000000000
RSI=0000000000000000 RDI=ffffffff8e3bfc00 RBP=0000000000000002 RSP=ffffc90003e574a0
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=00000000000110b6
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8198268c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555591a9b500 ffffffff 00c00000
GS =0000 ffff8880d6bda000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f516a5b6038 CR3=0000000031070000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fffc0000 Opmask01=000000000000000f Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20303d766765735f 656c646e61683d53 4e4f4954504f5f4e 4153410063657865
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f516b0ed100 00007f516a583440 00007f516a583458 00007f516a5834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d534e4f4954504f 5f4e415341006365 786500726f747563 6578652d7a79732f
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000000001e8 RBX=0000000003ffffff RCX=ffffffff89424662 RDX=00000000ffffffff
RSI=0000000000002820 RDI=ffff88801e6c8a00 RBP=ffffc90003fa7d28 RSP=ffffc90003fa7cd0
R8 =0000000000000005 R9 =0000000000000004 R10=0000000000000001 R11=0000000000000000
R12=ffff88801e6c8a00 R13=0000000000002820 R14=00000000ffffffff R15=ffff88801e6c8a00
RIP=ffffffff821656f8 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb4afb41300 ffffffff 00c00000
GS =0000 ffff8880d6cda000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fffba67e64c CR3=0000000023073000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b57a88d ffffffff8b57a897 0000000200000004 0000000600040008
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58e6e6 ffffffff8b58c6df ffffffff8b58e8c0 ffffffff8b58e96b
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58d44d ffffffff8b58f3c4 ffffffff8b58cd88 ffffffff8b58e8eb
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58ebe1 ffffffff8b58c86e ffffffff8b58f2ef ffffffff8b58c67b
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58d481 ffffffff8b58d684 ffffffff8b58c732 ffffffff8b58d48f
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58ea71 ffffffff8b58eb57 ffffffff8b58ce24 ffffffff8b58d63b
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58ea09 ffffffff8b58c9b5 ffffffff8b58c927 ffffffff8b58e8fb
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8b58e90e ffffffff8b58edb2 ffffffff8b58eda5 ffffffff8b58ebe1
ZMM25=a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23 a29ceb23a29ceb23
ZMM26=ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db ce9e70dbce9e70db
ZMM27=3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a 3ff3e93a3ff3e93a
ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=da070000da070000 da070000da070000 da070000da070000 da070000da070000 da070000da070000 da070000da070000 da070000da070000 da070000da070000