last executing test programs:

30.417952345s ago: executing program 3 (id=33):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000b40)=""/141, 0x87}, {&(0x7f0000000200)=""/223, 0xdf}, {&(0x7f00000025c0)=""/4108, 0x1002}, {&(0x7f0000000340)=""/157, 0x9d}, {&(0x7f00000007c0)=""/127, 0x71}, {&(0x7f0000000000)=""/55, 0x37}], 0x6, 0x0, 0xffffffffffffff57}}], 0x1, 0x34000, 0x0)
r1 = syz_usb_connect(0x2, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
ioctl$EVIOCRMFF(r2, 0x40044581, &(0x7f0000000040)=0x1)
syz_usb_control_io(r1, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x439, 0x70bd2a, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_UPDELAY={0x8, 0x4, 0x4}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@gettfilter={0x2c, 0x2e, 0x300, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xd, 0xfffa}, {0x10, 0xf}, {0xe, 0xfff3}}, [{0x8, 0xb, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000000}, 0x24000011)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
sendmmsg(r4, &(0x7f0000001a00)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x6}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000580)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x6, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x10}}], 0x2, 0x4000000)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
ioctl$FS_IOC_GETVERSION(r5, 0x5b15, &(0x7f00000008c0))

27.407591502s ago: executing program 3 (id=88):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
read(r1, 0x0, 0x0)
bind$netlink(r0, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b0000000200000009000100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0x7f00}}}}}, 0x0)

27.308593948s ago: executing program 3 (id=89):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x4000, 0x140000) (async)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000000c0)={<r1=>0x0})
ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000100)={r1, 0x3})
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r2, &(0x7f0000000880)={0x0, 0x60, &(0x7f0000000840)={&(0x7f00000007c0)={0x14, r3, 0xb05}, 0x14}}, 0x0) (async)
r4 = fsopen(&(0x7f0000000000)='qnx6\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) (async)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
close(r5) (async)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) (async)
r6 = fsmount(r4, 0x0, 0x0)
r7 = openat$cgroup(r6, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58)

27.308365721s ago: executing program 3 (id=90):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='westwood\x00', 0x9)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f00000025c0)=[{&(0x7f00000000c0)=""/89, 0x59}], 0x1, 0xb7, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d)
sendfile(r0, r2, 0x0, 0x1000004)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='westwood\x00', 0x9) (async)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
preadv(r1, &(0x7f00000025c0)=[{&(0x7f00000000c0)=""/89, 0x59}], 0x1, 0xb7, 0x2) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) (async)
write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) (async)
sendfile(r0, r2, 0x0, 0x1000004) (async)

27.138480586s ago: executing program 3 (id=97):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x0, 0x8340})
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000040)={0xa4, 0x0, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

26.935248887s ago: executing program 3 (id=102):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900), 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioprio_set$uid(0x3, 0x0, 0x0) (async)
ioprio_set$uid(0x3, 0x0, 0x0)
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x22000, 0x8)
mkdirat(r6, &(0x7f00000001c0)='./file0\x00', 0x101)
r7 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

11.929205708s ago: executing program 32 (id=102):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000001900), 0x0) (async)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioprio_set$uid(0x3, 0x0, 0x0) (async)
ioprio_set$uid(0x3, 0x0, 0x0)
r5 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x22000, 0x8)
mkdirat(r6, &(0x7f00000001c0)='./file0\x00', 0x101)
r7 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}}) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

2.728491038s ago: executing program 1 (id=601):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff})
syslog(0x9, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=@newqdisc={0xffffffffffffffbf, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x8, 0x200, 0x8, 0x6, 0x8, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c841}, 0x44080)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f00000004c0)={0x0, @in={{0x2, 0xfffe, @empty}}, 0x0, 0x7ffe}, 0x90)
sendto$inet6(r3, &(0x7f0000000040)="9a1e", 0x2, 0x4, &(0x7f0000000100)={0xa, 0x4e24, 0x8, @local, 0x1}, 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)
accept4$unix(r1, &(0x7f0000000180)=@abs, &(0x7f0000000080)=0x6e, 0x800)
socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="cc0000001a0010012abd7000fcdbdf251c140902fd01fe0200200000fbff1900040000000c000900f7ff2228", @ANYRES32=r2, @ANYBLOB="84001300000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000004000000000000000000000000000000070000000000000f08000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005001a000300000005001a000200000008000400", @ANYRES32=r2, @ANYBLOB], 0xcc}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000008c0)=@newqdisc={0x70, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x3ff, 0x6, 0x4, 0x5}, {0xff, 0x1, 0x401, 0xf64a, 0x1, 0x9}, 0xf97, 0x6, 0xb70}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x592f3ca27be3fa98}, @TCA_TBF_RATE64={0xc, 0x4, 0x2e27b565961173ac}]}}]}, 0x70}}, 0x800)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000280)='nv\x00', 0x3)

2.668604849s ago: executing program 1 (id=605):
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x141)
flock(r2, 0x2)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtaction={0xf4, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0xe0, 0x1, [@m_sample={0xdc, 0x18, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xe4}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18}]}, {0x85, 0x6, "98148838de2bb5f2c7aa7c2c537fd16eeb1dd76a43880771691f4ec36e8d8e02ef2d0fd4c3be6bde959e57e1b5b9317f15a7ce090001067270ff4634d8e76f4a1f99e9119fbfb3d4fc48c6b7e42e7b0ac02ec2697c65348086db108831bc7c8d5a248ad83be7ad155c66e14f9df4cb031ff4d5eb32c0c0f3dd6cb7215a40cdbbb4"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x4}}}]}]}, 0xf4}}, 0x0)
unshare(0x2a020400)
syz_clone3(&(0x7f0000001240)={0xc0000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f00000001c0)="d6e99df20fc09af3d8bff899a52c769759b2fefa48444d3375bba5c16582e3756a983d77f811e6db09c6c91c3249d8915b9ce65ce294e05d30f197de1d8934f54b06bc2a7b1879d246a757c3a044a8db67511cd3662f382b6e2649bcb2ee1f57a54449da8eb0cd7398c945d15a0f", &(0x7f00000000c0)=@udp=r3, 0x4}, 0x20)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x66, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffff0100aaaaaaaaaaaa86dd6000318e00303a00fe880000000000000000000000000001ff020000000000000000000000000001"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
syz_extract_tcp_res$synack(&(0x7f0000000040), 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0x34, @remote, 0x5}, 0x1c)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@quota}]})

2.608577141s ago: executing program 1 (id=609):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffc000/0x4000)=nil)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
getsockname$netrom(r0, 0x0, &(0x7f0000001d00))
brk(0x200000ffc000) (async)
brk(0x200000ffc000)

2.548674568s ago: executing program 1 (id=610):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x9)
setresuid(0xee00, 0x0, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x290, 0x168, 0x9, 0x290, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @private0, [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c}, 0x6000000, 0x230, 0x290, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'veth1_to_batadv\x00', {0x0, 0x7ff, 0x46, 0x0, 0x2, 0x2, 0x1000}}}, @common=@inet=@ipcomp={{0x30}, {[0x0, 0x4d3]}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x8}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setreuid(0x0, r3)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getresuid(&(0x7f0000000140), &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0))
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@mcast2, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @dev}}, 0x0, @in6=@private1}}, &(0x7f0000000300)=0xe8)
r7 = geteuid()
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={[{@usrquota}, {@uid={'uid', 0x3d, r3}}], [{@obj_type={'obj_type', 0x3d, '+(+\x1b@:h\','}}, {@euid_lt={'euid<', r4}}, {@uid_eq={'uid', 0x3d, r5}}, {@audit}, {@fowner_eq={'fowner', 0x3d, r6}}, {@uid_lt={'uid<', r7}}, {@measure}]})

2.467711999s ago: executing program 1 (id=612):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000200), 0x22, 0x4, 0x5, &(0x7f0000000240)=[0x7d, 0x3bd, 0x0, 0x9], &(0x7f0000000280)=[0x6, 0x4]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x0, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.466424567s ago: executing program 1 (id=614):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r0, 0xa, 0x13)
fcntl$setlease(r0, 0x400, 0x0)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000480)={0x2})
r1 = syz_open_dev$vcsn(&(0x7f0000000440), 0x1, 0x40)
mknodat$null(r1, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x8802, 0x0)
acct(&(0x7f0000000000)='./file0\x00')
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080), 0x300, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000140)={'ip_vti0\x00', <r4=>0x0, 0x1, 0x8000, 0xaa99, 0x9, {{0x42, 0x4, 0x1, 0x0, 0x108, 0x68, 0x0, 0x80, 0x2f, 0x0, @local, @private=0xa010100, {[@ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x6e, 0x2, [{0x0, 0x8, "041b17e3c1c8"}, {0x0, 0x5, "aaa18e"}, {0x0, 0x7, "33a666cf53"}, {0x6, 0x10, "1533931d44f47cafeaa78b3945ff"}, {0x5, 0x9, "321597f0dcd50b"}, {0x7, 0xf, "a24eb1bd6c3c895eb2ffd438b3"}, {0x1, 0xd, "79c5cfc95fb2509be9d275"}, {0x2, 0xb, "23bcf5be1fd4fccf30"}, {0x6, 0x2}, {0x1, 0x12, "c39961af1ddcbbd695068742bb339e9f"}]}, @ra={0x94, 0x4}, @timestamp={0x44, 0xc, 0xde, 0x0, 0x7, [0x5, 0x5eb]}, @ra={0x94, 0x4}, @timestamp={0x44, 0x8, 0x88, 0x0, 0x9, [0x9]}, @cipso={0x86, 0x2f, 0x2, [{0x7, 0x6, "dd064456"}, {0x1, 0x4, "3eea"}, {0x7, 0x2}, {0x7, 0x11, "2f8ade12bd59328186c4e46a11c36f"}, {0x7, 0xc, "a8580bf9258825dccf05"}]}, @timestamp_prespec={0x44, 0x34, 0xd2, 0x3, 0x0, [{@rand_addr=0x64010101, 0x57e7}, {@broadcast, 0x9}, {@multicast1, 0x4}, {@broadcast, 0x9}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x1a}, 0x7fffffff}]}]}}}}})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r5=>r2, {r2}}, './file0\x00'})
socket$kcm(0x29, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x24, &(0x7f00000003c0)={[{@name={'name', 0x3d, '\x00'}}, {@nofavordynmods}, {}, {@clone_children}, {@clone_children}, {@subsystem='net_cls'}, {}], [{@smackfstransmute={'smackfstransmute', 0x3d, '\'[*'}}]})
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY(r0, 0x5000940f, &(0x7f00000004c0)={{r5}, "7026ad4b6a5c2054444bf6f716bc1746531c552d171a4bfd6e58a2e0a08d60d8a0134fcd482c987f4d8362170693ab7a472518a889e73735b09f83fe5cc38a0464c7da57adf0562ba7fffa1d3a9e5441fd1df7b9b910044426ce40a16b1c202766cd95add8c12d6d297352d21ab1bf2dadef2c44b88b4ab52726ff19907e64e4bc4f69d3255e187ea05c484dc36a82960350b0a7ff60a1d69c50234120d1063fbcbf47019c1ffdeae0955c455b725cb6c48deac8ce15d3816cc8bc8451619b48147ce65146bc76a59b564173548c32db1567bc0f43b830376f8652675ceb220418764f378abb77d84738942b2682f9686430c0d088a33d65c35bca647660fe7f7415dd6388fafa5d83eaf5514895a8bd69f582fa3f9302657ff3af207179bdf4089ecbd3acc854d6121f243ca06291054ba7176929e885cfa02fb46b3f7558fa6949cc7340421c19f5cc0f3521f3e6f53ff069a9cbc1b9736ae6d81647f4919b416b6b81c28835e796024170608f4a876016913b883154232efc8caa3c8b5987a763af9d9ed20a826831ab4aac383ca56341bfc30c1e03e8f7861e80f584825c386f39e2b553a70a3e6d153ad5bdfaef61e4418aac078bcba42a85e37a5ec44d9ae06d4562eb973c4b317550112ac7ca0e72c53512eac416370d56a25edae7bf38a251600308c3ad8a3fa847caf940ce2c5f12bf9d4bf9740fe6ee2f7736ec2c274e685e49666f1c9e75d309b352cfd9305e31aaa9844d5214c8588f7d8f0f828e05dd06dc73ce1b38f8cccdd0c1fc682597f0b02703b7d6d29a21c6354e0ae3df0556b0311e98320f761f1d27efc9711441e47036b7290424ab706303e5df561cec3cd305eb15febf60deefd25f3be4b79798839b0e85a34039e3e2fec167ea9aafe4d96720b1a2a69113923de806a1acbf0c3884d608bb21eb2f080d363ca16d3d996cb46349abe8f2a3581f49c580792f28f2f3ba97cdd97f0f8156f5e461bdf791194cda75b43ef7fda094398b723cc62525d1ada1bf634b4a06cf750e84197846eb942b686473805a190de070ea10e94951c1a5df60fdad81c819d138fc8d7360afdf9a36d9096c2b4aa1d3edb1b9111637741ce7dbe55bfa256a4f9ae45517b077661f29e8a9563cad1cb06a24e94a1521be0caa3ea28a5f28b9f3c514df74ce7b6b9fdcfe0e67c547492fb76f13a0d6df546f845c8edadb957d266f3d87f2a56c6b3015adef1afcb9f8aba2484b9ee77b66085195f26e814f688f534483826a444bf0e497c3647583458fc6b292b2180dc1edef51d25bfc520896e36fea79334d7ba0effe87312151fbf32b7c91d6e6642d6dd7b492c109ea4db0e406ebe5b0eb7b28a22ecf1bef7010a17c44784e331a4ba0fda4b0cba1392beec033d6ec63c4f8dc3009f00e95f63e0c1b72c5d83b530a971360ea91014f9d8f3ca95a4accffa468af1dce13e8568614c199e0cefe0db66a65db048f4fa5a865218892265779230b59330c5bac0b503219a9571b4dc3612b3661f500f99a870470a3c63bab182a82ba357d4ad22a21f9c1f174f1346bc76414ebe5fd963c7e365cdebd7cfe1f46c38b22d161e38ee74dff9f9cb99d4ef0b883297548aa7a48072d304e29a5c3ee3523898ebe3c521064f879db7332924803c6b731e42babd14f72a5b8e8624a2b5a20ffc8f1782442d108f8b1cee96a04a4a514a9f8952436da4a4869cda9ec50436c961570b0dc4a88959c9e83684bf900cbe267b2fdee31788b17f45c279b3bfc43a435c45edf22328f6df3e225e89a019752f52016a32c7bad88b05e44f0b75443fb538de921996310b5d8823dbfb93c35899dde943f4c6a767e9172e84ae82b1fa4d3012fe4df34d85e4eb74c2826c4cabc7f57617b815fb632219d06e1eeca8fa9e1501a067bf8ef818c0f8c6cbd09e3b7e2ff13ecfb59f64f65d5a01306fe3e1e57114738106ce815f0d4b4723c2d9e717dcc874edd823154b74c30036e1aa12d80b1f5c72bb32c167a634b63d09973c614ede6f545d579d7edaaef9e312402d51ff62c74db88be86458fc8b6b9b0b6aed9a387f64ab10e90eb563a549b1952942ea6b28ecfd82395e6504910f5a1d85e0497c0196c9dcd181e08c7b43bdd988e47dd35427ef82b1dc90d6ae9882b4d15003216667505a179e6262fa0898aff1f841672119758f83e5e97c3725d8e08d5bc5c7837d27e6afb9b896db8e85c6a04a48d4ea5e0c9afefccc48c33ebe5cfcf6f743a5bd29f68ae4bb27b450457cebbca154da0879dd27c0b5df11079012a7a3ae29fb896b8a149cc590e30d46d27b1cbca569900bdf3d71d63e2577e6cd942ada7b7f09e31f47a3c474dd77e9661abcc29d8d780f72c886f040f912ea47b972e794c7dcb9b57f251257c75e68acef010e61808ef07c7eec92215b603450fe7d2b633abab37677c0344ae0e7a45d28810bc326f434a51aa4988a52b0d1e43c7dcd821fb96fc0971bf8b143745182b661c41e9d07e6416a88c519b10b80295ca7372890791f19de4062c579643a82a1607785658387efe5348d09134452e9ea918193aa8ece1a0610c088313b5c9241e456d38c2c0671a087f03d567b9b43fd1b7a27b801e6be0a34cf45fc7302e8a0593cd545d8e610d5b90709a16479ca9c3dbe1b87a1c342582db504da864bcfd7e082404391ba66d7acb0918c86c0af7c48f6009a204773b854906aeca839d10ac43dd8b9624768f4332896f749b4852e1022da45937362a4e2676e6fd5cbe4e5de7487fc776ba1de401de913a7ec942b1f023d21462e6562cc36a351cb4416367f81aee4317934d5750b7b6eb3c18b65054970b10f2749e08f7798c1445ae4cc379d29f4cafc21383d50befe5d1b8de3f5403372fa6f73c04527befcc34bad7b4c09fe764905077e373cfe31046f95603b98e6ea10a460ee9aa82252c4e97c3cc50caa709810f7787b2551878b58e2829b50686a5608d80381147b81144514386aeede4f9784989aab0b6dde8f27d448a37aa34c9632fdbf482c01124a046bb2dda4df350d3147384199ec2ab366d91bada815bd6b785a1090439c20025d70f9c51de06ea6bb3660849d63999b0536c80217e395d368c24dbf5aecf74cc6a041df650ce2cf609b335ac18875fff873889408701157f1803e93d100f66a8a57b0d7c46bdd3d155bd7490a6c2b4888e83110eaf0a8c740c0d8a9e9e8e34819dc4837a2c6f8b071efd0e0d070bbbb8c1467a3cc6506ae806b465a95280d66f9fa9ef266d0c26376ee605276832f21244a2a96af44a929bf7cc7a2721de5d56198166c0ecfeb2eb5bf157714fae334a915fa0a571c53d068a813613c68d5d91e1f5456a9fd6040977360d8aac577013da1bb6f837f476ea162d90d6074c20901d944b038e036c48618323c413f557533ef0d34714f6df317376808c9db278755b8bd72713431b3dd28e210cd9a07cb464a8c63ecd5f24564c57b2fca99e69c83b58004e75dbc7bf43e8b54b90c41610752ee0feafcbea611c8b8e85f9c0ec1bfc0541ad44c01dbced93cff356d97c70a06a0a6e86e9c14a0cda077b3f714551993bc7ef99462e03045040140e132a7dd47ec6b11f86a6c2316d2385f3056779071e2dc3bc8dc72505ebb6433a8dff9fb1519913f9816e0c8e9ba9705d84e73376ac9bc458376226e94f1d32de0d1a760c69d6fecbfcf0278a63e9d1fe63f3e19755d97344be75001a0e564203ab5e1570204a49a2cf7dfc467c888979788b2aea8edc55e09b84c662faa05fba18921ae7204eda722f0db3564b2da6ea3f43ef160b409eef1e78efa8fb28d5a41667079d8541ddaeb8a4a9be0b9f68c4eae5cef7ea57b423c6d86ddff60768da9191e70cc590ab833f3ff79b386b765db4655dcba3082ef1ff9effd4a0a52d48a5f759adb6e0c2091a78a25ef69709b556fe537f3cbbe974705575b11524ddb5d82199be1a5d4529f77cbb27df45eee382df9581f175177f4b7daf7566193b0c5204eeb2905eb5c4d20ddf29ef28c752a136a51abfcddfd0cc52c4ca032b4f32110d75b788ba4bcee5ac6e3473edbbc0128fb83a90e4026d56030f249871f0dcb91cb42712929fc4afa67bb47fb7a9c2d91bfdbe5f47b755c807ebe34ca3f1bb6c8bd0cc94f9d19f73377c92dd21c23d176eab9c4de03ad8241a68a5aebd7d551d8ad54fb7b0b2642d240270df0eef6202a748fce2efe1b4b3c21cdfcc954bbf35fdbfeaade38ea899b1ee9b70cc0fb5fa22ae7c58c91eaeef87a07abffc7f6bb407a44e9feb1c24d1301175542d42dfc11a53e585def40624584a307f0370aa310b62fb467a884999c6a1cc6411ce7b1fa15df1bf69d321f1b7c0a3dd2bd5b2fa9255c361f025e26aac993b04ec12fcf86e01f3f33da276e18efa72f8e27ea0ce11d60f252e53c992175f9fd17e6ac07862a6b17e785491fce8b0bf7487fccfeb906337014103891418347c481d64f5443324d355d54e2d8bd5ac666bc3f236c279cd4f58734038c3d595868cbc0076a39f017c68585108019920cbaf0fffd0588e7b15724cac36c94ba4cc8e7fbbe148ff222b282af570d92d3e11c721119bc0181869462b92b031b0089868550ec44b5fe84ec603c32a2d5f14e93bcf8728471409ceca323b4ebca3deeba766e7bfafa31daf8f3eda3a9dc0d90d9d2ad15847c8b8d827628cadaace1756d0e7c85a8fff034d52fa9d4f2106a697d4cceb5f0c06ad23826aec1260e852f80f53888918585ef9cb90e2248069813ae03135b8f4511bb7d4b646bdee84ecf10a0297d59f229112cb0fa3c31e07c874c4ae3343e21120c10ec4a14c0eb8109004626b7eaf801155ac18c04f06c38e9b958429b6f932e5b4310a9a203a6bfe9b8f3216936c68948d1c38430c8b88a099b2dcee118318578a37b32637b470cd94b96bd0125f10c80bf975b90239d8703d3d7f5b74fefd2734bdc8eea41755e1bec870e4ebb6bed778b1fd815bb71d93553b59117b4f1b2c7c4798a23761aaf2f10afd0d9f97f2b157af040b606825488ca825bb054985f3d56041a2075f9f31b81b8c8dd40090c59bc80817406fc7ade3eb1ba6fd584fe9b130e1a2370110a11664e481e681ba8306eca119dc9a016311f58ebf3d90bca7fee4e8b4b35592ded6672210f7d24737a096c8bc6b1539b56bf47aacc9e0011dd78d54583c8abfd32c86922a52e44002e02ae1e69203ce5cedbbda15651104437346d1fb2bfc9ffe9287a8812225fa26d9f2d4807baf34ddf77d0dd2e5a54278b9bb6f01d624ea2771171d9d66742acad5028b442320652f421bb53bbca2c348ca4cfcfecd1b6d55b85ba1759fa722d07d090bf67a7ac4bc4c82bba7a664840d2febf13645304da31f113ccfb41b519894d499a0a4d08275a2010acd662d120823a35b3ad5ab0df1d70b630604046cb01c0055b27c349eb1f8d92d274eec19f90cc75ab948f0785f1538fadff25c409eb0b4f40bd09715f9dde6eb0cc9fb8a894d3828efd67f79ed0b77dd4d6ee1ae6b363cbe2351742e9f7b01397b58c08b1f5e032375673a2c8f8553bcd53cc9e44e70d12ba37a423056a8f972f236599263854a16f4477b55c76b4044642dbe70fd0f0328f67b947ddadfc3bd60757340b2fa9039926f009b26e8f915e37207365543c95f331fddec5fec204b607f7795ebd89aa3d852db30f534a58634ea3cb418f4e20d4c0591a909ea3d85586fd28dd60287a32c30e578604b7f984e130ff8112a672ffec1cdd1e656fb004e53cd72dbcf47fb"})
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000000), r7, 0x0, 0x1, 0x4}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0xffffff32, 0xc59, 0x7fffffff, 0x42000, r3, 0xcb, '\x00', r4, r5, 0x5, 0x3, 0x1, 0x7}, 0x50)

1.238782206s ago: executing program 2 (id=659):
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000040)=0x14)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000140)={0x10200, 0x5, 0x8080000, 0x1000, &(0x7f0000006000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="66b80b008ee866ba6100ed0f01d1c4e2d5aff2b8007000000f23c00f21f835000009000f23f80f01c8ea02000000860066baf80cb86024b28fef66bafc0c66b8000066ef66baf80cb8eaac488def66bafc0c66b84f8866ef66bad004ec", 0x5d}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001d00000227bd7000fddbdf251c000000", @ANYRES32=r0, @ANYBLOB="80001105439a35399ace11ef06000000b2570470049b86ad08"], 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.07611579s ago: executing program 2 (id=663):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0xfa7})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"])
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000180)={0x4, 0x2007})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800610001"], 0x48)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x2c, 0x2, 0xffffffffffffffff, 0x0, 0x0})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r3, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
r6 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r6, 0x80184132, &(0x7f0000000340))
read(r5, &(0x7f00000000c0)=""/226, 0xe2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x400800, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r7)
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x58, r9, 0x100, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x7}, @crypto_settings, @NL80211_ATTR_SMPS_MODE={0x5}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_SSID={0x19, 0x34, @random="86c9152d4fedfc29821ef789183cf73f525011a62d"}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_PBSS={0x4}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
flock(r4, 0x0)
r11 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r11, 0x303, 0x0, 0x0, {0x6}}, 0x14}}, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r7, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4044010}, 0x801)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xc9b1, r2}, 0x38)

1.06822028s ago: executing program 0 (id=665):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r2, &(0x7f0000000ac0)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
syz_genetlink_get_family_id$ethtool(0x0, r1)
fallocate(r1, 0x40, 0xfa5f, 0xffffffff)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=ANY=[@ANYBLOB="240000001e000100000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0000000006000500"], 0x24}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async)
writev(r2, &(0x7f0000000ac0)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) (async)
syz_genetlink_get_family_id$ethtool(0x0, r1) (async)
fallocate(r1, 0x40, 0xfa5f, 0xffffffff) (async)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001900)=ANY=[@ANYBLOB="240000001e000100000000000000000002000000", @ANYRES32=0x0, @ANYBLOB="0000000006000500"], 0x24}}, 0x0) (async)

985.042108ms ago: executing program 0 (id=667):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a}, 0x94)
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000840)=ANY=[@ANYBLOB="640000001800010000000000000000001d0109004d000f"], 0x64}}, 0x0)
r1 = epoll_create1(0x0)
fcntl$dupfd(r1, 0x2, 0xffffffffffffffff) (async)
r2 = fcntl$dupfd(r1, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r2, 0xffffffffffffffff, 0x11, 0x0, r2}, 0x11)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

928.535396ms ago: executing program 0 (id=669):
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@multicast2, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@empty}, 0x0, @in=@multicast1}}, &(0x7f00000000c0)=0xe8) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x400)
write$FUSE_DIRENTPLUS(r0, &(0x7f0000000300)={0xb0, 0xfffffffffffffff5, 0x0, [{{0x4, 0x0, 0x1, 0x5, 0xc, 0x1000, {0x6, 0x8000000000000001, 0x7fffffffffffffff, 0x1ff, 0x7ff, 0x1, 0x6, 0x0, 0x6, 0x8000, 0x5, r1, r2, 0x1}}, {0x6, 0x3ff, 0x6, 0x9, 'tmpfs\x00'}}]}, 0xb0) (async)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='i\x00:0,\x00'])

924.989089ms ago: executing program 0 (id=671):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000006ec0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x5, &(0x7f00000004c0)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

427.944399ms ago: executing program 4 (id=678):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r2, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newlink={0x20, 0x10, 0x403, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r2, 0xff7f}}, 0x20}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)
socket$kcm(0x2, 0x5, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910000000000000c3041818000100009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0xe4}, 0x48)
syz_io_uring_setup(0x1219, &(0x7f0000000500)={0x0, 0x7d10, 0x4, 0x1, 0xe}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000580)=<r7=>0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00')
writev(r8, &(0x7f00000000c0)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
socket$nl_netfilter(0x10, 0x3, 0xc)

348.478808ms ago: executing program 4 (id=679):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

218.720368ms ago: executing program 2 (id=680):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x725901, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf250b0000000c00058008000100"], 0x20}}, 0x4000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x1000, 0x2000, &(0x7f000000b000/0x2000)=nil})
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r1, 0x4068aea3, &(0x7f0000000040)={0xbc, 0x0, 0x5})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000b5000040"])
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

218.322147ms ago: executing program 4 (id=681):
r0 = dup(0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000b00), r1)
sendmsg$NFC_CMD_DEACTIVATE_TARGET(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x24, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x2000c081}, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r0, 0x1000)
statx(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x2000, 0x20, 0x0)
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)

168.197755ms ago: executing program 2 (id=682):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000002c0)={0x0, 0x0, 0x0, &(0x7f0000000200)=[0x7, 0xffffff7f], 0x22, 0x4, 0x5, &(0x7f0000000240)=[0x7d, 0x3bd, 0x0, 0x9], &(0x7f0000000280)=[0x6, 0x4]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x0, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

167.628255ms ago: executing program 4 (id=683):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r2, 0x4068aea3, &(0x7f0000000200))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x0, {}, [{0x34, 0x1, [@m_mpls={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310d2dbd7000ffdbdf002500000008000300", @ANYRES32=r6, @ANYBLOB="05000800000000000a00340001010101010100000800350007000000080026006c090000090007004121c2c5be0000000800090001ac0f000a0006"], 0x60}, 0x1, 0x0, 0x0, 0x4000001}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000a80)={0x6, 0x7, 0x6, 0x2005fe7, 0x5, 0x904, 0x0, 0x34}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x5c}, [@ldst={0x7, 0x2}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x48)
r7 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000300)="a1afd7b297a7", 0x0, 0x0, 0x0, 0x0, 0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000480)}, 0x10)

167.524475ms ago: executing program 2 (id=684):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
rmdir(&(0x7f0000000040)='./control\x00')
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x400017e)
mkdir(&(0x7f0000000100)='./control\x00', 0x184) (fail_nth: 23)

98.228732ms ago: executing program 4 (id=685):
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9)
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071121900000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x80)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000140), 0x0}, 0x20)
socketpair(0x2b, 0x80001, 0x0, &(0x7f0000000000))
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffff9) (async)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071121900000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x80) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000140), 0x0}, 0x20) (async)
socketpair(0x2b, 0x80001, 0x0, &(0x7f0000000000)) (async)

97.440437ms ago: executing program 4 (id=686):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'sit0\x00', &(0x7f0000000080)={'gretap0\x00', <r4=>0x0, 0x7800, 0x7800, 0x1fe, 0xae7d0aba, {{0x1f, 0x4, 0x1, 0x12, 0x7c, 0x66, 0x0, 0x5, 0x4, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0xa}, {[@timestamp={0x44, 0x18, 0x81, 0x0, 0x4, [0x8, 0x4, 0x8, 0xfffffffb, 0x2]}, @end, @lsrr={0x83, 0x13, 0xc0, [@loopback, @remote, @empty, @broadcast]}, @ssrr={0x89, 0x13, 0x50, [@private=0xa010101, @loopback, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_addr={0x44, 0x24, 0xc4, 0x1, 0x1, [{@broadcast, 0x2}, {@multicast2, 0x9}, {@dev={0xac, 0x14, 0x14, 0xb}, 0x8}, {@empty, 0x8}]}, @ra={0x94, 0x4}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000340)={'sit0\x00', &(0x7f0000000200)={'tunl0\x00', <r5=>0x0, 0x700, 0x8000, 0x2, 0x7, {{0x3b, 0x4, 0x2, 0x3d, 0xec, 0x66, 0x0, 0xff, 0x4, 0x0, @local, @rand_addr=0x64010102, {[@cipso={0x86, 0x5e, 0x1, [{0x5, 0xa, "8208fc443eaa2c57"}, {0x5, 0x10, "66263590b8dd3f257455fb373e8f"}, {0x5, 0x4, "40cc"}, {0x7, 0x3, '<'}, {0x6, 0x10, "58f0fb8b76dee2359f1ddaac1534"}, {0x0, 0x10, "bfaa1652e4e564d01ba8da5f77d3"}, {0x1, 0xc, "824ee3ff15fc7b49ab42"}, {0x0, 0xb, "77206312b1379793ad"}]}, @timestamp={0x44, 0x1c, 0xc4, 0x0, 0x7, [0x4, 0x5, 0x4, 0x8, 0x1, 0xd]}, @end, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x57, 0xffffffffffffffff, [{0x6, 0x5, "449a53"}, {0x1, 0x11, "4748d619bc2536e3afadfda779bc1f"}, {0x5, 0xd, "937df22c25ba029882d3d5"}, {0x7, 0x9, "5372d66745c1f5"}, {0x0, 0x11, "f8f8337c3baf61892b71322842ad7d"}, {0x0, 0xe, "855e930cb63b782a7ae546bb"}, {0x0, 0x6, "27be0dc0"}]}]}}}}})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000380)={<r6=>0x0, @loopback, @broadcast}, &(0x7f00000003c0)=0xc)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'gre0\x00', &(0x7f0000000400)={'syztnl2\x00', <r7=>0x0, 0x20, 0x10, 0x1000, 0x40, {{0x22, 0x4, 0x0, 0x22, 0x88, 0x65, 0x0, 0x0, 0x0, 0x0, @empty, @private=0xa010100, {[@lsrr={0x83, 0x7, 0x6d, [@multicast1]}, @noop, @generic={0x82, 0xc, "ccfa69146a89753837d6"}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x14, 0xb5, 0x1, 0x0, [{@dev={0xac, 0x14, 0x14, 0x35}, 0x10000}, {@empty, 0x2e4c}]}, @timestamp_prespec={0x44, 0x34, 0xdb, 0x3, 0xd, [{@empty, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@local, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7890}, {@multicast2, 0x16}, {@broadcast, 0xe8}]}, @noop, @rr={0x7, 0x13, 0x74, [@rand_addr=0x64010100, @empty, @multicast1, @empty]}]}}}}})
r8 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000300)={'bond0\x00', <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000ac0)=@delqdisc={0x1b0, 0x25, 0x400, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x6, 0xb}, {0xa, 0x10}, {0x10, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x7cb}, @TCA_STAB={0x130, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x3, 0x1e, 0x3, 0xae, 0x1, 0xffff, 0x6132, 0x4}}, {0xc, 0x2, [0xd, 0x6, 0x2, 0x4]}}, {{0x1c, 0x1, {0x1, 0xe0, 0x2, 0x7, 0x2, 0x2, 0x6, 0x5}}, {0xe, 0x2, [0x7, 0x8, 0xd, 0x101, 0x611]}}, {{0x1c, 0x1, {0x3, 0x7, 0x20, 0x9, 0x1, 0x1, 0x2, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x6, 0x2, 0x9, 0xec81, 0x0, 0x3ff, 0xae1, 0x7}}, {0x12, 0x2, [0x8, 0x800, 0x0, 0x7, 0x7ff, 0x6, 0x2]}}, {{0x1c, 0x1, {0x7f, 0xfd, 0xd, 0x100, 0x0, 0x0, 0x1, 0x2}}, {0x8, 0x2, [0x6, 0x3]}}, {{0x1c, 0x1, {0x7, 0x3, 0xff, 0x80000001, 0x0, 0x8, 0xe66, 0x8}}, {0x14, 0x2, [0xc, 0x2b86, 0x0, 0x57, 0xf0c, 0x1, 0x1000, 0x10]}}, {{0x1c, 0x1, {0x2, 0x11, 0x800, 0x3, 0x2, 0x1, 0x7fffffff, 0x7}}, {0x12, 0x2, [0x2, 0xff, 0xbf4d, 0x9, 0xc, 0x0, 0x6]}}]}, @qdisc_kind_options=@q_cake={{0x9}, {0x34, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x4}, @TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_ATM={0x8, 0x4, 0x2}, @TCA_CAKE_FLOW_MODE={0x8, 0x5, 0x2}, @TCA_CAKE_ATM={0x8, 0x4, 0x1}, @TCA_CAKE_OVERHEAD={0x8, 0x6, 0xffffffffffffffcc}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7fffffff}, @qdisc_kind_options=@q_clsact={0xb}]}, 0x1b0}}, 0x800)
r11 = socket$netlink(0x10, 0x3, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r13, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r15=>0x0})
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r13, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x1c, r14, 0xb01, 0x70bd2a, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r15}]}, 0x1c}}, 0x0)
r16 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WDS_PEER(r3, &(0x7f00000009c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000980)={&(0x7f00000008c0)={0x98, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x75}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa, 0x6, @random="e0fbd4a3441e"}, @NL80211_ATTR_MAC={0xa, 0x6, @random="ad6af9702b62"}]}, 0x98}, 0x1, 0x0, 0x0, 0x801}, 0x40)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r16, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd, 0x0, <r17=>0x0})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r16, 0x100000000)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r16, 0xc00464b4, &(0x7f0000000080)={r17})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r18=>0x0})
sendmsg$nl_route(r11, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="300000001c000100000000000000000007000000", @ANYRES32=r18, @ANYBLOB="40003a000a000200ffffffffffff000008000f"], 0x30}}, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r3, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f0000000c80)=ANY=[@ANYBLOB="dc010000", @ANYRES16=r0, @ANYBLOB="080028bd7000fbdbdf250b0000002800018014000200626f6e645f736c6176655f300000000008000300000000000800030002000000580001801400020070696d36726567300000000000000000080003000200000008000100", @ANYRES32=r4, @ANYBLOB="1400020076657468315f746f5f6873720000000008000300020000001400020069703665727370616e300000000000004400018008000300020000001400020073797a6b616c6c657231000000000000140002007663616e30000000000000000000000008000100", @ANYRES32=r5, @ANYBLOB="08000300020000000c0001800800030003000000580001800800030003000000140002006d6163767461703000000000000000001400020076657468315f6d616376746170000000080003000300000014000200697036746e6c30000000000000000000080003000200000060000180140002007866726d30000000000000000000000008000100", @ANYRES32=r6, @ANYBLOB="1400020073797a5f74756e00000000000000000008000100", @ANYRES32=r7, @ANYBLOB="1400020069703667726574617030000000000000080003000200000008000300000000004000018008000100", @ANYRES32=r9, @ANYBLOB="0800030000000000080003000300000008000300020000001400020076657468305f6d61637674617000000008000100", @ANYRES32=r18, @ANYBLOB="64985c585699992c00b000538b7270bd038b460ee50db7d784f85fd684c91fb8197227582e11"], 0x1dc}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000805)
r19 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r19, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x34, r0, 0x401, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x34}}, 0x0)

8.679296ms ago: executing program 2 (id=687):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r1 = syz_usb_connect(0x5, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="31010000dccd5e08cb06030000e8160000010902240001000064000904340102d469e70009058acf9b"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000280)={0x2c, &(0x7f0000000000)={0x0, 0x30, 0x14, {0x14, 0x9, "262232987136339d0f0abf266fb067287ba1"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3001}}, &(0x7f0000000140)={0x0, 0xf, 0x19, {0x5, 0xf, 0x19, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0x1, 0x3, 0x2}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x7, 0x9, 0x2, 0x1}, @ptm_cap={0x3}]}}, &(0x7f0000000180)={0x20, 0x29, 0xf, {0xf, 0x29, 0x81, 0x3, 0x7, 0x9, "e09fc70c", "e13a6179"}}, &(0x7f0000000240)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x10, 0x6, 0xc, 0xaf, 0x8, 0x4}}}, &(0x7f0000000800)={0x84, &(0x7f00000002c0)={0x0, 0x14, 0x71, "9e388d87dc17ca488c399c29161c5193b9e8039fd12ef0c28b18e838e87528819e481b9e8e986cd31eb97b347cbc1b2b4ccfaae5489b362b871edd07c5e6387a6e7669a361567b4e85b8ee4db77949f46abb9be2895ec40dcc98a6d5ded65f711e0f96d41e0ccefbf81bf99eb6b2ec87c3"}, &(0x7f0000000400)={0x0, 0xa, 0x1, 0xb}, &(0x7f0000000440)={0x0, 0x8, 0x1}, &(0x7f0000000480)={0x20, 0x0, 0x4, {0x0, 0x2}}, &(0x7f00000004c0)={0x20, 0x0, 0x4, {0x400, 0x4}}, &(0x7f0000000500)={0x40, 0x7, 0x2, 0xc}, &(0x7f0000000540)={0x40, 0x9, 0x1, 0x8}, &(0x7f0000000580)={0x40, 0xb, 0x2, "80b9"}, &(0x7f00000005c0)={0x40, 0xf, 0x2, 0x4}, &(0x7f0000000600)={0x40, 0x13, 0x6, @broadcast}, &(0x7f0000000680)={0x40, 0x17, 0x6, @remote}, &(0x7f00000006c0)={0x40, 0x19, 0x2, "e2a9"}, &(0x7f0000000700)={0x40, 0x1a, 0x2, 0x50f}, &(0x7f0000000740)={0x40, 0x1c, 0x1, 0x8}, &(0x7f0000000780)={0x40, 0x1e, 0x1, 0x1d}, &(0x7f00000007c0)={0x40, 0x21, 0x1, 0x8}}) (async)
r2 = syz_open_dev$loop(&(0x7f0000000040), 0x8, 0x20000)
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000080)=0x81) (async)
syz_emit_vhci(0x0, 0xf8)
syz_emit_vhci(0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcb}]}, 0x2c}}, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), r3)
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x4c, r6, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x28, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @device_b, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0xd6, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) (async)
syz_open_dev$usbfs(&(0x7f0000000080), 0x9, 0x141100)
r7 = openat$sr(0xffffffffffffff9c, &(0x7f00000008c0), 0x400, 0x0)
ioctl$BINDER_CTL_ADD(r7, 0xc1086201, &(0x7f0000000900)={'custom1\x00'})

8.450328ms ago: executing program 0 (id=688):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010063616e"], 0x48}}, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @empty, 0x8002}, 0x1c)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs2/custom0\x00', 0x800, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f00000000c0)="80b23e35fa8d02bbd4da5618c4f1ed20", 0x10)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f0000000180)="80ff2302ed0f249e38393ffab4266ac5", 0x10)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
socket(0x10, 0x3, 0x0)
setsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, 0x0, 0x300)
ioctl$sock_SIOCETHTOOL(r2, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f00000000c0)=@ethtool_per_queue_op={0x4b, 0xf, [0x9, 0x2400000, 0xff, 0x0, 0x6, 0x7f, 0x1, 0x6, 0x9, 0x7, 0x7, 0x0, 0x36, 0x36e5, 0x7, 0x9, 0x1, 0x2, 0x4, 0x9b, 0x2, 0x2, 0x0, 0x5f, 0xd00, 0x4, 0xcd9, 0x84c7, 0x2, 0x4, 0x1, 0xfff, 0x8, 0x5, 0x2, 0xa, 0x6, 0x9, 0xd6, 0x0, 0x5, 0x8, 0x8, 0x4, 0x1, 0x0, 0x7f, 0x3, 0x7, 0x7, 0xb7, 0x8, 0x8000, 0x800, 0x78, 0x4, 0x4, 0x10000, 0x555, 0x93c, 0x7, 0xffffffff, 0x0, 0xfffffffe, 0x4, 0x3, 0x7b4f, 0x1, 0x200, 0x80, 0x610f, 0x6, 0x7ff, 0x6ce1, 0x98, 0x404000, 0x1, 0x0, 0xaac, 0x53, 0x3, 0x2, 0x7, 0x1, 0x1, 0xdbf4, 0xfffffffe, 0x80000000, 0x1, 0x0, 0x59b55464, 0x2, 0x4, 0xe7f, 0xba5, 0x10000, 0xfffffffb, 0x8, 0x3ff, 0xb85, 0x8, 0x3, 0xdd, 0x800, 0xbac6, 0x4, 0x93, 0x8, 0x3, 0x40, 0xffff, 0x6, 0xfffffffb, 0x5f, 0x0, 0x0, 0x0, 0x6, 0x3ff, 0x7, 0x1ff, 0xc8c, 0x7, 0x5, 0x2, 0x80000801, 0x2, 0x4]}})

0s ago: executing program 0 (id=689):
r0 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$CDROMREADAUDIO(r0, 0x2284, &(0x7f0000000180)={@msf={0x4}, 0x1, 0x0, 0x0})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x3})
r6 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl(r6, 0x8b32, &(0x7f0000000040))
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_GETSTATE(r7, 0x5603, &(0x7f0000000040)={0xd, 0x7, 0x9})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@setneightbl={0x5c, 0x43, 0x1, 0x70bd2c, 0x25dfdbfc, {0x2}, [@NDTA_PARMS={0x30, 0x6, 0x0, 0x1, [@NDTPA_DELAY_PROBE_TIME={0xc}, @NDTPA_MCAST_REPROBES={0x8, 0x11, 0x6}, @NDTPA_DELAY_PROBE_TIME={0xc, 0x7, 0x80}, @NDTPA_PROXY_DELAY={0xc, 0xd, 0x698}]}, @NDTA_PARMS={0x4}, @NDTA_THRESH2={0x8, 0x3, 0x80000001}, @NDTA_GC_INTERVAL={0xc, 0x8, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x640}, 0x4000090)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r4, @ANYBLOB="fd00000000000000300012800b00010065727370616e00002000028004001200050016000200000006001800"], 0x50}}, 0x0)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r8, &(0x7f0000002140)={0x2020}, 0x2100)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9)
ptrace$poke(0x5, r9, &(0x7f0000000080), 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@ipv6_getaddr={0x3c, 0x16, 0x100, 0x70bd2b, 0x25dfdbff, {0xa, 0x78, 0x2, 0xfd, r4}, [@IFA_RT_PRIORITY={0x8, 0x9, 0x5}, @IFA_CACHEINFO={0x14, 0x6, {0x709f, 0x8001, 0x1}}, @IFA_FLAGS={0x8, 0x8, 0x11a}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4c051}, 0x48000)

kernel console output (not intermixed with test programs):

etooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   52.739309][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   52.740156][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   52.740673][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   52.741121][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   52.741829][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   52.742336][ T5939] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   52.745783][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   52.757427][   T40] audit: type=1400 audit(1751163195.159:85): avc:  denied  { read } for  pid=5937 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   52.758262][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   52.781156][   T40] audit: type=1400 audit(1751163195.159:86): avc:  denied  { open } for  pid=5937 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   52.784702][ T5940] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   52.791390][   T40] audit: type=1400 audit(1751163195.159:87): avc:  denied  { mounton } for  pid=5937 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   52.793510][ T5940] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   52.805536][ T5940] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   52.808823][ T5940] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   52.992506][   T40] audit: type=1400 audit(1751163195.409:88): avc:  denied  { module_request } for  pid=5944 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   53.089592][ T5944] chnl_net:caif_netlink_parms(): no params data found
[   53.128551][ T5931] chnl_net:caif_netlink_parms(): no params data found
[   53.230418][ T5937] chnl_net:caif_netlink_parms(): no params data found
[   53.281514][ T5933] chnl_net:caif_netlink_parms(): no params data found
[   53.384864][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.387399][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.389964][ T5944] bridge_slave_0: entered allmulticast mode
[   53.393462][ T5944] bridge_slave_0: entered promiscuous mode
[   53.413801][ T5931] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.416662][ T5931] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.419640][ T5931] bridge_slave_0: entered allmulticast mode
[   53.423281][ T5931] bridge_slave_0: entered promiscuous mode
[   53.427503][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.430522][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.433291][ T5944] bridge_slave_1: entered allmulticast mode
[   53.436787][ T5944] bridge_slave_1: entered promiscuous mode
[   53.504076][ T5931] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.508350][ T5931] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.511422][ T5931] bridge_slave_1: entered allmulticast mode
[   53.515169][ T5931] bridge_slave_1: entered promiscuous mode
[   53.583900][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.586766][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.589394][ T5937] bridge_slave_0: entered allmulticast mode
[   53.593218][ T5937] bridge_slave_0: entered promiscuous mode
[   53.596821][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.599851][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.602130][ T5937] bridge_slave_1: entered allmulticast mode
[   53.605483][ T5937] bridge_slave_1: entered promiscuous mode
[   53.653868][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.718015][ T5931] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.725150][ T5931] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.730277][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.750874][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   53.829358][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   53.857490][ T5944] team0: Port device team_slave_0 added
[   53.861359][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.863593][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.865912][ T5933] bridge_slave_0: entered allmulticast mode
[   53.870091][ T5933] bridge_slave_0: entered promiscuous mode
[   53.918576][ T5931] team0: Port device team_slave_0 added
[   53.922707][ T5944] team0: Port device team_slave_1 added
[   53.950371][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.952820][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.955073][ T5933] bridge_slave_1: entered allmulticast mode
[   53.957703][ T5933] bridge_slave_1: entered promiscuous mode
[   53.961746][ T5937] team0: Port device team_slave_0 added
[   53.965012][ T5931] team0: Port device team_slave_1 added
[   54.028736][ T5937] team0: Port device team_slave_1 added
[   54.055868][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.058813][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.069183][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.076384][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.126555][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.129640][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.142605][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.148729][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   54.176419][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.178911][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.186632][ T5931] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.196638][ T5931] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.199993][ T5931] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.207870][ T5931] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.225859][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.228878][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.241156][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.246214][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.248974][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.259665][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.289416][ T5933] team0: Port device team_slave_0 added
[   54.292797][ T5933] team0: Port device team_slave_1 added
[   54.402636][ T5944] hsr_slave_0: entered promiscuous mode
[   54.405221][ T5944] hsr_slave_1: entered promiscuous mode
[   54.429038][ T5931] hsr_slave_0: entered promiscuous mode
[   54.432359][ T5931] hsr_slave_1: entered promiscuous mode
[   54.435296][ T5931] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.439066][ T5931] Cannot create hsr debugfs directory
[   54.456912][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0
[   54.459121][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.466605][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   54.472641][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1
[   54.474728][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.482624][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   54.490245][ T5937] hsr_slave_0: entered promiscuous mode
[   54.493487][ T5937] hsr_slave_1: entered promiscuous mode
[   54.496341][ T5937] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.499640][ T5937] Cannot create hsr debugfs directory
[   54.691271][ T5933] hsr_slave_0: entered promiscuous mode
[   54.693953][ T5933] hsr_slave_1: entered promiscuous mode
[   54.697131][ T5933] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   54.700131][ T5933] Cannot create hsr debugfs directory
[   54.760498][ T5943] Bluetooth: hci2: command tx timeout
[   54.838550][ T5940] Bluetooth: hci0: command tx timeout
[   54.841244][ T5943] Bluetooth: hci1: command tx timeout
[   54.848610][ T5943] Bluetooth: hci3: command tx timeout
[   54.935229][ T5944] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   54.943531][ T5944] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   54.950953][ T5944] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   54.962436][ T5944] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   54.997509][ T5937] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   55.005824][ T5937] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   55.012010][ T5937] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   55.026842][ T5937] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   55.055606][ T5931] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   55.065808][ T5931] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   55.073668][ T5931] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   55.089604][ T5931] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   55.126584][ T5933] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   55.131868][ T5933] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   55.149348][ T5933] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   55.155897][ T5933] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   55.172468][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.226223][ T5944] 8021q: adding VLAN 0 to HW filter on device team0
[   55.239473][ T1259] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.241807][ T1259] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.257997][ T1259] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.260362][ T1259] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.296101][ T5931] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.300293][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.325660][ T5931] 8021q: adding VLAN 0 to HW filter on device team0
[   55.339466][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.341884][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.346336][ T5937] 8021q: adding VLAN 0 to HW filter on device team0
[   55.362703][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.364920][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.370234][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.373220][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.380927][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.398033][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.400403][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.410663][   T40] audit: type=1400 audit(1751163197.829:89): avc:  denied  { sys_module } for  pid=5944 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   55.412629][ T5933] 8021q: adding VLAN 0 to HW filter on device team0
[   55.430011][ T1259] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.432826][ T1259] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.446358][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.448673][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.514426][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.545882][ T5944] veth0_vlan: entered promiscuous mode
[   55.553674][ T5944] veth1_vlan: entered promiscuous mode
[   55.576702][ T5944] veth0_macvtap: entered promiscuous mode
[   55.583124][ T5931] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.586558][ T5944] veth1_macvtap: entered promiscuous mode
[   55.596678][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.606522][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.612541][ T5944] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.615492][ T5944] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.618856][ T5944] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.621865][ T5944] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.653952][ T5931] veth0_vlan: entered promiscuous mode
[   55.673922][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.681620][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0
[   55.686688][ T5931] veth1_vlan: entered promiscuous mode
[   55.709444][  T809] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.712860][  T809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.742702][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.744764][ T5931] veth0_macvtap: entered promiscuous mode
[   55.745789][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.758898][ T5931] veth1_macvtap: entered promiscuous mode
[   55.776624][ T5937] veth0_vlan: entered promiscuous mode
[   55.780739][ T5933] veth0_vlan: entered promiscuous mode
[   55.791448][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.795386][ T5937] veth1_vlan: entered promiscuous mode
[   55.804389][ T5931] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.807419][ T5944] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   55.810176][ T5933] veth1_vlan: entered promiscuous mode
[   55.818065][ T5931] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   55.820970][ T5931] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   55.823687][ T5931] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   55.826410][ T5931] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   55.875510][ T5933] veth0_macvtap: entered promiscuous mode
[   55.893842][ T5937] veth0_macvtap: entered promiscuous mode
[   55.916680][ T5933] veth1_macvtap: entered promiscuous mode
[   55.923663][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.926829][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.934412][ T5937] veth1_macvtap: entered promiscuous mode
[   55.955694][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   55.960690][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   55.966119][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.973321][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0
[   55.979144][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.991637][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1
[   55.998946][ T5933] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.002285][ T5933] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.004942][ T5933] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.007660][ T5933] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.020543][ T5937] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.024247][ T5937] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.024275][ T5937] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.024291][ T5937] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.055090][ T6022] syz.3.5 uses obsolete (PF_INET,SOCK_PACKET)
[   56.102142][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.104767][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.108764][ T1259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.111485][ T1259] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.141372][ T6028] netlink: 172 bytes leftover after parsing attributes in process `syz.1.6'.
[   56.150945][  T809] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.153374][  T809] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.165547][  T809] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   56.167960][  T809] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   56.258484][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'.
[   56.261539][ T6041] netlink: 2 bytes leftover after parsing attributes in process `syz.1.9'.
[   56.301290][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11'.
[   56.314144][ T6039] Zero length message leads to an empty skb
[   56.389916][ T6062] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   56.392786][ T6062] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   56.395537][ T6062] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   56.398575][ T6062] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   56.401569][ T6062] geneve2: entered promiscuous mode
[   56.403211][ T6062] geneve2: entered allmulticast mode
[   56.420540][ T6064] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17'.
[   56.579836][ T6069] netlink: 'syz.3.19': attribute type 39 has an invalid length.
[   56.589697][ T6018] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[   56.740208][ T6018] usb 6-1: too many configurations: 151, using maximum allowed: 8
[   56.751545][ T6018] usb 6-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[   56.754331][ T6018] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[   56.756940][ T6018] usb 6-1: Product: syz
[   56.758682][ T6018] usb 6-1: Manufacturer: syz
[   56.760275][ T6018] usb 6-1: SerialNumber: syz
[   56.763679][ T6018] usb 6-1: config 0 descriptor??
[   56.839618][ T5943] Bluetooth: hci2: command tx timeout
[   56.919329][ T5943] Bluetooth: hci3: command tx timeout
[   56.921073][ T5943] Bluetooth: hci1: command tx timeout
[   56.923179][ T5940] Bluetooth: hci0: command tx timeout
[   56.923357][ T6080] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24'.
[   56.972786][ T6049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   56.989531][ T6000] usb 6-1: USB disconnect, device number 2
[   57.258533][ T6017] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   57.413249][ T6017] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   57.416156][ T6017] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.418955][ T6017] usb 5-1: Product: syz
[   57.420441][ T6017] usb 5-1: Manufacturer: syz
[   57.421894][ T6017] usb 5-1: SerialNumber: syz
[   57.427738][ T6017] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   57.440603][   T40] kauditd_printk_skb: 74 callbacks suppressed
[   57.440617][   T40] audit: type=1400 audit(1751163199.859:164): avc:  denied  { firmware_load } for  pid=10 comm="kworker/0:1" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   57.449459][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[   57.632576][ T6094] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=94 sclass=netlink_audit_socket pid=6094 comm=syz.1.30
[   57.641316][   T40] audit: type=1400 audit(1751163200.059:165): avc:  denied  { create } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   57.648181][   T40] audit: type=1400 audit(1751163200.059:166): avc:  denied  { write } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   57.654937][   T40] audit: type=1400 audit(1751163200.059:167): avc:  denied  { bind } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   57.661073][   T40] audit: type=1400 audit(1751163200.059:168): avc:  denied  { name_bind } for  pid=6093 comm="syz.1.30" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   57.661705][ T6094] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[   57.667578][   T40] audit: type=1400 audit(1751163200.059:169): avc:  denied  { node_bind } for  pid=6093 comm="syz.1.30" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   57.667603][   T40] audit: type=1400 audit(1751163200.059:170): avc:  denied  { connect } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   57.667624][   T40] audit: type=1400 audit(1751163200.059:171): avc:  denied  { bind } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   57.690274][   T40] audit: type=1400 audit(1751163200.059:172): avc:  denied  { write } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   57.696315][   T40] audit: type=1400 audit(1751163200.069:173): avc:  denied  { getopt } for  pid=6093 comm="syz.1.30" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   57.989851][ T6129] mmap: syz.1.39 (6129) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   57.998611][ T6025] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[   58.148525][ T6025] usb 8-1: device descriptor read/64, error -71
[   58.208137][ T6130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.213270][ T6130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.288123][ T6145] =======================================================
[   58.288123][ T6145] WARNING: The mand mount option has been deprecated and
[   58.288123][ T6145]          and is ignored by this kernel. Remove the mand
[   58.288123][ T6145]          option from the mount to silence this warning.
[   58.288123][ T6145] =======================================================
[   58.299753][ T6145] new mount options do not match the existing superblock, will be ignored
[   58.305275][ T6145] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[   58.388579][ T6025] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[   58.518593][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[   58.518693][ T6025] usb 8-1: device descriptor read/64, error -71
[   58.523177][   T10] ath9k_htc: Failed to initialize the device
[   58.552453][   T10] usb 5-1: ath9k_htc: USB layer deinitialized
[   58.556634][ T6000] usb 5-1: USB disconnect, device number 2
[   58.599668][ T6166] bond1: entered allmulticast mode
[   58.638950][ T6025] usb usb8-port1: attempt power cycle
[   58.673512][ T6177] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.737297][ T6189] capability: warning: `syz.2.57' uses deprecated v2 capabilities in a way that may be insecure
[   58.836461][ T6201] process 'syz.2.62' launched './file0' with NULL argv: empty string added
[   58.847107][ T6202] netlink: 48 bytes leftover after parsing attributes in process `syz.1.63'.
[   58.899159][ T6207] warning: `syz.1.64' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   58.929012][ T5943] Bluetooth: hci2: command tx timeout
[   58.992009][ T6219] capability: warning: `syz.1.67' uses 32-bit capabilities (legacy support in use)
[   58.998607][ T5943] Bluetooth: hci3: command tx timeout
[   58.998785][ T6025] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[   59.005647][ T6219] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6219 comm=syz.1.67
[   59.008623][ T5943] Bluetooth: hci1: command tx timeout
[   59.008840][ T5940] Bluetooth: hci0: command tx timeout
[   59.029210][ T6025] usb 8-1: device descriptor read/8, error -71
[   59.074480][ T6222] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   59.080968][ T6222] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   59.085567][ T6222] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[   59.278634][ T6025] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[   59.299626][ T6025] usb 8-1: device descriptor read/8, error -71
[   59.319874][ T6230] /dev/sr0: Can't open blockdev
[   59.371518][ T6241] tmpfs: Unknown parameter 'usrquota_inode_hardli‡it'
[   59.410210][ T6025] usb usb8-port1: unable to enumerate USB device
[   59.517073][ T6249] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   59.522379][ T6249] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   59.527442][ T6249] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[   59.604129][ T6253] tmpfs: Bad value for 'mpol'
[   59.634567][ T6255] netlink: 20 bytes leftover after parsing attributes in process `syz.0.80'.
[   59.737713][ T6261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.82'.
[   59.737725][ T6262] netlink: 'syz.0.82': attribute type 14 has an invalid length.
[   59.741398][ T6261] netlink: 'syz.0.82': attribute type 14 has an invalid length.
[   60.408069][ T6272] 8021q: adding VLAN 0 to HW filter on device bond2
[   60.712575][ T6276] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   60.715513][ T6276] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   60.719080][ T6276] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[   60.962932][ T6303] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   60.965838][ T6303] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   60.970188][ T6303] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[   60.999382][ T5943] Bluetooth: hci2: command tx timeout
[   61.039131][ T6310] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   61.078541][ T5943] Bluetooth: hci0: command tx timeout
[   61.083774][ T6313] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[   61.086579][ T6313] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   61.091545][ T5943] Bluetooth: hci3: command tx timeout
[   61.093384][ T5943] Bluetooth: hci1: command tx timeout
[   61.421826][ T6333] overlayfs: failed to decode file handle (len=6, type=65535, flags=0, err=-22)
[   61.440574][ T6339] __nla_validate_parse: 38 callbacks suppressed
[   61.440589][ T6339] netlink: 12 bytes leftover after parsing attributes in process `syz.1.105'.
[   61.466604][ T6342] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[   61.471042][ T6342] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   61.475629][ T6342] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[   61.512871][ T6348] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.108'.
[   61.526395][ T6344] xfs: Unknown parameter 'norecovery�O
Ø	Ÿ	Œì²íd|:ÍãÑFh‘î'
[   62.236229][ T6357] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   62.475034][   T40] kauditd_printk_skb: 95 callbacks suppressed
[   62.475049][   T40] audit: type=1400 audit(1751163204.889:269): avc:  denied  { setopt } for  pid=6376 comm="syz.1.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   62.485430][   T40] audit: type=1400 audit(1751163204.899:270): avc:  denied  { connect } for  pid=6378 comm="syz.0.119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[   62.514399][ T6377] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   62.516818][ T6379] netlink: 92 bytes leftover after parsing attributes in process `syz.0.119'.
[   62.520502][   T40] audit: type=1400 audit(1751163204.939:271): avc:  denied  { bind } for  pid=6376 comm="syz.1.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   62.522356][ T6377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.118'.
[   62.526116][ T6377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.118'.
[   62.539503][   T40] audit: type=1400 audit(1751163204.959:272): avc:  denied  { ioctl } for  pid=6376 comm="syz.1.118" path="socket:[9213]" dev="sockfs" ino=9213 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   62.555974][ T6377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.118'.
[   62.558909][ T6377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.118'.
[   62.616546][ T6384] netlink: 24 bytes leftover after parsing attributes in process `syz.0.120'.
[   62.632578][   T40] audit: type=1400 audit(1751163205.049:273): avc:  denied  { create } for  pid=6385 comm="syz.1.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   62.640518][   T40] audit: type=1400 audit(1751163205.059:274): avc:  denied  { write } for  pid=6385 comm="syz.1.121" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   62.712560][   T40] audit: type=1400 audit(1751163205.129:275): avc:  denied  { create } for  pid=6393 comm="syz.0.125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   62.720102][ T6394] afs: Unknown parameter '!ú'
[   62.743919][   T40] audit: type=1400 audit(1751163205.159:276): avc:  denied  { listen } for  pid=6389 comm="syz.1.123" lport=54542 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   62.792519][   T40] audit: type=1400 audit(1751163205.209:277): avc:  denied  { accept } for  pid=6389 comm="syz.1.123" lport=54542 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   62.801522][   T40] audit: type=1400 audit(1751163205.209:278): avc:  denied  { getopt } for  pid=6389 comm="syz.1.123" lport=54542 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   62.992495][ T6417] 9p: Unknown access argument 18446744073709551615: -34
[   63.043073][ T6414] trusted_key: syz.1.130 sent an empty control message without MSG_MORE.
[   63.043755][ T6418] fuse: Unknown parameter ''
[   63.087948][ T6426] xt_hashlimit: size too large, truncated to 1048576
[   63.221604][ T6432] netlink: 'syz.1.135': attribute type 1 has an invalid length.
[   63.224073][ T6432] netlink: 208 bytes leftover after parsing attributes in process `syz.1.135'.
[   63.226892][ T6432] netlink: 'syz.1.135': attribute type 1 has an invalid length.
[   63.229524][ T6432] netlink: 'syz.1.135': attribute type 2 has an invalid length.
[   63.232035][ T6433] netlink: 'syz.1.135': attribute type 1 has an invalid length.
[   63.234535][ T6433] netlink: 208 bytes leftover after parsing attributes in process `syz.1.135'.
[   63.237549][ T6433] netlink: 'syz.1.135': attribute type 1 has an invalid length.
[   63.240883][ T6433] netlink: 'syz.1.135': attribute type 2 has an invalid length.
[   63.673596][ T6461] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   64.474526][ T6503] netlink: 'syz.1.159': attribute type 30 has an invalid length.
[   64.564905][ T6513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.567724][ T6513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.728532][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   64.799660][ T6017] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[   64.888509][   T10] usb 5-1: Using ep0 maxpacket: 32
[   64.892330][   T10] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[   64.895472][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   64.899359][   T10] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   64.903626][   T10] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   64.909043][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[   64.913804][   T10] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   64.917489][   T10] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   64.921083][   T10] usb 5-1: Product: syz
[   64.922860][   T10] usb 5-1: Manufacturer: syz
[   64.924889][   T10] usb 5-1: SerialNumber: syz
[   64.934437][   T10] usb 5-1: config 0 descriptor??
[   64.937777][   T10] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   64.945290][   T10] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   64.959900][ T6017] usb 6-1: config 1 has an invalid descriptor of length 156, skipping remainder of the config
[   64.964100][ T6017] usb 6-1: config 1 interface 0 altsetting 2 endpoint 0x82 has invalid maxpacket 20649, setting to 64
[   64.968726][ T6017] usb 6-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[   64.973555][ T6017] usb 6-1: config 1 interface 0 has no altsetting 0
[   64.976546][ T6017] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   64.979448][ T6017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   64.982012][ T6017] usb 6-1: SerialNumber: syz
[   64.987644][ T6017] usb 6-1: rejected 1 configuration due to insufficient available bus power
[   64.991281][ T6017] usb 6-1: no configuration chosen from 1 choice
[   65.142208][  T837] usb 5-1: USB disconnect, device number 3
[   65.144761][    C1] ldusb 5-1:0.0: usb_submit_urb failed (-19)
[   65.150930][  T837] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[   65.238664][ T5940] Bluetooth: hci2: command tx timeout
[   66.451512][ T6533] netlink: 'syz.0.169': attribute type 1 has an invalid length.
[   66.454828][ T6533] __nla_validate_parse: 9 callbacks suppressed
[   66.454840][ T6533] netlink: 228 bytes leftover after parsing attributes in process `syz.0.169'.
[   67.537627][ T6545] tmpfs: Group quota inode hardlimit too large.
[   67.577950][ T6017] usb 6-1: USB disconnect, device number 3
[   67.591408][   T40] kauditd_printk_skb: 23 callbacks suppressed
[   67.591421][   T40] audit: type=1400 audit(1751163210.009:302): avc:  denied  { setopt } for  pid=6547 comm="syz.0.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   67.602363][   T40] audit: type=1400 audit(1751163210.009:303): avc:  denied  { read } for  pid=6549 comm="syz.1.175" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   67.605867][  T837] IPVS: starting estimator thread 0...
[   67.611124][   T40] audit: type=1400 audit(1751163210.009:304): avc:  denied  { open } for  pid=6549 comm="syz.1.175" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   67.729842][ T6551] IPVS: using max 42 ests per chain, 100800 per kthread
[   67.966422][   T40] audit: type=1400 audit(1751163210.379:305): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.975498][   T40] audit: type=1400 audit(1751163210.379:306): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.983293][   T40] audit: type=1400 audit(1751163210.379:307): avc:  denied  { search } for  pid=5646 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   67.990587][   T40] audit: type=1400 audit(1751163210.379:308): avc:  denied  { read } for  pid=5646 comm="dhcpcd" name="n103" dev="tmpfs" ino=2807 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   67.997434][   T40] audit: type=1400 audit(1751163210.379:309): avc:  denied  { open } for  pid=5646 comm="dhcpcd" path="/run/udev/data/n103" dev="tmpfs" ino=2807 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.006955][   T40] audit: type=1400 audit(1751163210.379:310): avc:  denied  { getattr } for  pid=5646 comm="dhcpcd" path="/run/udev/data/n103" dev="tmpfs" ino=2807 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   68.024935][   T40] audit: type=1400 audit(1751163210.429:311): avc:  denied  { read open } for  pid=6574 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1903 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   68.168348][ T6586] ALSA: seq fatal error: cannot create timer (-19)
[   68.209936][ T6595] netlink: 'syz.0.188': attribute type 29 has an invalid length.
[   68.218743][ T6596] netlink: 'syz.0.188': attribute type 29 has an invalid length.
[   68.224614][ T6595] netlink: 484 bytes leftover after parsing attributes in process `syz.0.188'.
[   68.323209][ T6611] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58896 sclass=netlink_route_socket pid=6611 comm=syz.0.193
[   68.346776][ T6618] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'.
[   68.466950][ T6629] syz.0.200: attempt to access beyond end of device
[   68.466950][ T6629] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[   68.471738][ T6629] efs: cannot read volume header
[   68.506026][ T6631] befs: (nullb0): No write support. Marking filesystem read-only
[   68.510264][ T6631] befs: (nullb0): invalid magic header
[   68.631981][ T6637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.204'.
[   68.685388][ T6644] tmpfs: Bad value for 'mpol'
[   68.994937][ T6651] syz.0.210: attempt to access beyond end of device
[   68.994937][ T6651] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[   69.001878][ T6651] efs: cannot read volume header
[   69.650404][ T6018] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   69.670888][ T6685] netlink: 4 bytes leftover after parsing attributes in process `syz.2.222'.
[   69.810791][ T6018] usb 5-1: Using ep0 maxpacket: 8
[   69.814746][ T6018] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[   69.818076][ T6018] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   69.823246][ T6018] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   69.828472][ T6018] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   69.832701][ T6018] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   69.837710][ T6018] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   69.843191][ T6018] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   70.058316][ T6018] usb 5-1: usb_control_msg returned -32
[   70.060291][ T6018] usbtmc 5-1:16.0: can't read capabilities
[   70.169131][ T6017] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[   70.319047][ T6017] usb 7-1: too many configurations: 9, using maximum allowed: 8
[   70.322209][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.325003][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.328964][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.332428][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.335600][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.339089][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.341824][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.344535][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.347890][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.350892][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.354036][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.357757][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.361291][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.364730][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.368869][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.372430][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.375230][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.378893][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.381694][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.384548][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.388046][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.391090][ T6017] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[   70.393917][ T6017] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   70.398045][ T6017] usb 7-1: config 0 interface 0 has no altsetting 0
[   70.403061][ T6017] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   70.406198][ T6017] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   70.408864][ T6017] usb 7-1: Product: syz
[   70.410283][ T6017] usb 7-1: Manufacturer: syz
[   70.411727][ T6017] usb 7-1: SerialNumber: syz
[   70.415909][ T6017] usb 7-1: config 0 descriptor??
[   70.421637][ T6017] yurex 7-1:0.0: USB YUREX device now attached to Yurex #1
[   70.492201][ T6708] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   70.604708][ T6716] Bluetooth: MGMT ver 1.23
[   70.763570][ T6677] usbtmc 5-1:16.0: CHECK_CLEAR_STATUS returned 7
[   70.969734][ T6017] usb 5-1: USB disconnect, device number 4
[   70.979392][ T6736] usbtmc 5-1:16.0: send_request_dev_dep_msg_in returned -19
[   71.017367][ T6740] netlink: 12 bytes leftover after parsing attributes in process `syz.1.241'.
[   71.119769][ T6747] validate_nla: 23 callbacks suppressed
[   71.119785][ T6747] netlink: 'syz.1.243': attribute type 4 has an invalid length.
[   71.616389][ T6773] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6773 comm=syz.1.251
[   71.622475][ T6773] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6773 comm=syz.1.251
[   71.624894][ T6778] netlink: 12 bytes leftover after parsing attributes in process `syz.0.252'.
[   71.638898][ T6778] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   71.642523][ T6778] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   71.645278][ T6778] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   71.648062][ T6778] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   71.663547][ T6778] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[   71.666920][ T6778] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[   71.669697][ T6778] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[   71.672565][ T6778] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[   71.689551][ T6781] nfs: Unknown parameter ''
[   71.753874][ T6786] tmpfs: Unknown parameter 'usr'
[   71.756632][ T6786] netlink: 36 bytes leftover after parsing attributes in process `syz.0.256'.
[   71.927251][ T6803] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[   72.067300][ T6808] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[   72.070947][ T6808] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[   72.074516][ T6808] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[   72.078089][ T6808] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[   72.081880][ T6808] geneve2: entered promiscuous mode
[   72.083996][ T6808] geneve2: entered allmulticast mode
[   72.830967][ T6813] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6813 comm=syz.0.262
[   72.836345][ T6813] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6813 comm=syz.0.262
[   72.910999][   T40] kauditd_printk_skb: 39 callbacks suppressed
[   72.911010][   T40] audit: type=1400 audit(1751163215.329:351): avc:  denied  { setopt } for  pid=6825 comm="syz.1.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   72.956225][ T2297] usb 7-1: USB disconnect, device number 2
[   72.973299][ T2297] yurex 7-1:0.0: USB YUREX #1 now disconnected
[   72.985932][ T6833] SELinux:  policydb magic number 0x4b07fa81 does not match expected magic number 0xf97cff8c
[   72.989900][   T40] audit: type=1400 audit(1751163215.399:352): avc:  denied  { load_policy } for  pid=6832 comm="syz.2.272" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[   72.998376][ T6833] SELinux: failed to load policy
[   73.066851][ T6842] FAULT_INJECTION: forcing a failure.
[   73.066851][ T6842] name failslab, interval 1, probability 0, space 0, times 1
[   73.072263][ T6842] CPU: 3 UID: 0 PID: 6842 Comm: syz.2.275 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   73.072286][ T6842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.072297][ T6842] Call Trace:
[   73.072303][ T6842]  <TASK>
[   73.072310][ T6842]  dump_stack_lvl+0x16c/0x1f0
[   73.072355][ T6842]  should_fail_ex+0x512/0x640
[   73.072381][ T6842]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   73.072405][ T6842]  should_failslab+0xc2/0x120
[   73.072427][ T6842]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   73.072447][ T6842]  ? getname_flags.part.0+0x4c/0x550
[   73.072467][ T6842]  getname_flags.part.0+0x4c/0x550
[   73.072485][ T6842]  getname_flags+0x93/0xf0
[   73.072505][ T6842]  do_sys_openat2+0xb8/0x1d0
[   73.072519][ T6842]  ? __pfx_do_sys_openat2+0x10/0x10
[   73.072535][ T6842]  ? __fget_files+0x20e/0x3c0
[   73.072560][ T6842]  __x64_sys_open+0x153/0x1e0
[   73.072574][ T6842]  ? __pfx___x64_sys_open+0x10/0x10
[   73.072594][ T6842]  ? rcu_is_watching+0x12/0xc0
[   73.072618][ T6842]  do_syscall_64+0xcd/0x4c0
[   73.072644][ T6842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.072662][ T6842] RIP: 0033:0x7fbf7998e929
[   73.072675][ T6842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.072691][ T6842] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   73.072707][ T6842] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   73.072718][ T6842] RDX: 0000000000000000 RSI: 0000000000050500 RDI: 0000200000022ff6
[   73.072728][ T6842] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   73.072737][ T6842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.072746][ T6842] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   73.072769][ T6842]  </TASK>
[   73.078083][ T6844] netlink: 'syz.1.276': attribute type 10 has an invalid length.
[   73.139114][ T6844] hsr0: entered promiscuous mode
[   73.143376][ T6844] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[   73.146504][ T6844] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[   73.152250][ T6844] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[   73.260282][ T6858] netlink: 'syz.2.282': attribute type 4 has an invalid length.
[   73.360548][   T40] audit: type=1400 audit(1751163215.779:353): avc:  denied  { execute_no_trans } for  pid=6866 comm="syz.0.285" path="/90/file1" dev="tmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   73.417236][   T40] audit: type=1400 audit(1751163215.829:354): avc:  denied  { write } for  pid=6875 comm="syz.0.288" lport=132 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   73.426387][ T6878] dlm: no locking on control device
[   73.429349][   T40] audit: type=1400 audit(1751163215.849:355): avc:  denied  { create } for  pid=6875 comm="syz.0.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   73.430067][ T6878] veth1_to_batadv: mtu less than device minimum
[   73.435857][   T40] audit: type=1400 audit(1751163215.849:356): avc:  denied  { ioctl } for  pid=6875 comm="syz.0.288" path="socket:[12950]" dev="sockfs" ino=12950 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   73.463860][   T40] audit: type=1400 audit(1751163215.879:357): avc:  denied  { setopt } for  pid=6881 comm="syz.2.289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   73.575968][ T6890] FAULT_INJECTION: forcing a failure.
[   73.575968][ T6890] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   73.581219][ T6890] CPU: 2 UID: 0 PID: 6890 Comm: syz.0.292 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   73.581243][ T6890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   73.581253][ T6890] Call Trace:
[   73.581259][ T6890]  <TASK>
[   73.581266][ T6890]  dump_stack_lvl+0x16c/0x1f0
[   73.581297][ T6890]  should_fail_ex+0x512/0x640
[   73.581354][ T6890]  strncpy_from_user+0x3b/0x2e0
[   73.581377][ T6890]  getname_flags.part.0+0x8f/0x550
[   73.581393][ T6890]  __x64_sys_mkdir+0xd8/0x140
[   73.581408][ T6890]  do_syscall_64+0xcd/0x4c0
[   73.581424][ T6890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.581436][ T6890] RIP: 0033:0x7f7045b8e929
[   73.581445][ T6890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.581459][ T6890] RSP: 002b:00007f7046a9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   73.581474][ T6890] RAX: ffffffffffffffda RBX: 00007f7045db5fa0 RCX: 00007f7045b8e929
[   73.581486][ T6890] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   73.581496][ T6890] RBP: 00007f7046a9b090 R08: 0000000000000000 R09: 0000000000000000
[   73.581505][ T6890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.581514][ T6890] R13: 0000000000000000 R14: 00007f7045db5fa0 R15: 00007ffd828c3a08
[   73.581534][ T6890]  </TASK>
[   73.650093][ T6892] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   73.652910][ T6892] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   73.659112][ T6892] vhci_hcd vhci_hcd.0: Device attached
[   73.662645][ T5940] Bluetooth: hci1: unknown advertising packet type: 0x82
[   73.662680][ T5940] Bluetooth: hci1: Dropping invalid advertising data
[   73.667437][ T5940] Bluetooth: hci1: Malformed LE Event: 0x02
[   73.676505][ T6893] vhci_hcd: connection closed
[   73.678798][   T61] vhci_hcd: stop threads
[   73.683062][   T61] vhci_hcd: release socket
[   73.684954][   T61] vhci_hcd: disconnect device
[   73.818677][ T6900] kvm: MWAIT instruction emulated as NOP!
[   73.840466][ T6900] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   74.228106][ T6929] netlink: 'syz.0.303': attribute type 3 has an invalid length.
[   74.233332][ T6929] netlink: 132 bytes leftover after parsing attributes in process `syz.0.303'.
[   74.242883][ T6929] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[   74.321099][   T40] audit: type=1400 audit(1751163216.739:358): avc:  denied  { nlmsg_read } for  pid=6937 comm="syz.2.307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   74.378475][   T40] audit: type=1400 audit(1751163216.789:359): avc:  denied  { open } for  pid=6944 comm="syz.2.309" path="/dev/ptyq8" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   74.387827][   T40] audit: type=1400 audit(1751163216.789:360): avc:  denied  { ioctl } for  pid=6944 comm="syz.2.309" path="/dev/ptyq8" dev="devtmpfs" ino=135 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[   74.448836][ T6947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.310'.
[   74.451634][ T6947] netlink: 'syz.0.310': attribute type 7 has an invalid length.
[   74.453955][ T6947] netlink: 'syz.0.310': attribute type 8 has an invalid length.
[   74.456489][ T6947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.310'.
[   74.459125][ T6018] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   74.620426][ T6018] usb 6-1: config 0 has an invalid interface number: 191 but max is 0
[   74.623784][ T6018] usb 6-1: config 0 has no interface number 0
[   74.628339][ T6018] usb 6-1: New USB device found, idVendor=0502, idProduct=1632, bcdDevice=7e.13
[   74.632709][ T6018] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.636010][ T6018] usb 6-1: Product: syz
[   74.637648][ T6018] usb 6-1: Manufacturer: syz
[   74.639925][ T6018] usb 6-1: SerialNumber: syz
[   74.643751][ T6018] usb 6-1: config 0 descriptor??
[   74.705582][ T6961] input: syz0 as /devices/virtual/input/input7
[   74.854942][ T6025] usb 6-1: USB disconnect, device number 4
[   75.346197][ T6963] ieee802154 phy0 wpan0: encryption failed: -22
[   75.466919][ T6981] FAULT_INJECTION: forcing a failure.
[   75.466919][ T6981] name failslab, interval 1, probability 0, space 0, times 0
[   75.473749][ T6981] CPU: 3 UID: 0 PID: 6981 Comm: syz.2.319 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   75.473772][ T6981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.473782][ T6981] Call Trace:
[   75.473788][ T6981]  <TASK>
[   75.473794][ T6981]  dump_stack_lvl+0x16c/0x1f0
[   75.473821][ T6981]  should_fail_ex+0x512/0x640
[   75.473843][ T6981]  ? fs_reclaim_acquire+0xae/0x150
[   75.473862][ T6981]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   75.473884][ T6981]  should_failslab+0xc2/0x120
[   75.473907][ T6981]  __kmalloc_noprof+0xd2/0x510
[   75.473933][ T6981]  tomoyo_realpath_from_path+0xc2/0x6e0
[   75.473957][ T6981]  ? tomoyo_profile+0x47/0x60
[   75.473983][ T6981]  tomoyo_path_number_perm+0x245/0x580
[   75.474001][ T6981]  ? tomoyo_path_number_perm+0x237/0x580
[   75.474022][ T6981]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   75.474074][ T6981]  ? current_check_access_path+0x33c/0x460
[   75.474093][ T6981]  ? __pfx_current_check_access_path+0x10/0x10
[   75.474112][ T6981]  ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160
[   75.474129][ T6981]  ? lookup_dcache+0x66/0x170
[   75.474150][ T6981]  tomoyo_path_mkdir+0x9b/0xe0
[   75.474174][ T6981]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[   75.474205][ T6981]  security_path_mkdir+0x154/0x2f0
[   75.474228][ T6981]  do_mkdirat+0x175/0x3e0
[   75.474252][ T6981]  ? __pfx_do_mkdirat+0x10/0x10
[   75.474275][ T6981]  ? getname_flags.part.0+0x1c5/0x550
[   75.474295][ T6981]  __x64_sys_mkdir+0xef/0x140
[   75.474317][ T6981]  do_syscall_64+0xcd/0x4c0
[   75.474342][ T6981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.474358][ T6981] RIP: 0033:0x7fbf7998e929
[   75.474372][ T6981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.474387][ T6981] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   75.474403][ T6981] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   75.474414][ T6981] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   75.474423][ T6981] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   75.474433][ T6981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.474442][ T6981] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   75.474464][ T6981]  </TASK>
[   75.474471][ T6981] ERROR: Out of memory at tomoyo_realpath_from_path.
[   75.596475][ T6984] mkiss: ax0: crc mode is auto.
[   75.619076][ T6987] netlink: 56 bytes leftover after parsing attributes in process `syz.1.322'.
[   75.723357][ T6998] netlink: 'syz.0.327': attribute type 10 has an invalid length.
[   75.736043][ T6998] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[   75.888555][ T6018] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[   75.924726][ T7008] FAULT_INJECTION: forcing a failure.
[   75.924726][ T7008] name failslab, interval 1, probability 0, space 0, times 0
[   75.930452][ T7008] CPU: 1 UID: 0 PID: 7008 Comm: syz.0.331 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   75.930478][ T7008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.930488][ T7008] Call Trace:
[   75.930494][ T7008]  <TASK>
[   75.930501][ T7008]  dump_stack_lvl+0x16c/0x1f0
[   75.930531][ T7008]  should_fail_ex+0x512/0x640
[   75.930567][ T7008]  ? fs_reclaim_acquire+0xae/0x150
[   75.930609][ T7008]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[   75.930634][ T7008]  should_failslab+0xc2/0x120
[   75.930660][ T7008]  __kmalloc_noprof+0xd2/0x510
[   75.930689][ T7008]  tomoyo_realpath_from_path+0xc2/0x6e0
[   75.930716][ T7008]  ? tomoyo_profile+0x47/0x60
[   75.930747][ T7008]  tomoyo_path_number_perm+0x245/0x580
[   75.930766][ T7008]  ? tomoyo_path_number_perm+0x237/0x580
[   75.930797][ T7008]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   75.930847][ T7008]  ? current_check_access_path+0x33c/0x460
[   75.930870][ T7008]  ? __pfx_current_check_access_path+0x10/0x10
[   75.930891][ T7008]  ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160
[   75.930908][ T7008]  ? lookup_dcache+0x66/0x170
[   75.930931][ T7008]  tomoyo_path_mkdir+0x9b/0xe0
[   75.930957][ T7008]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[   75.930992][ T7008]  security_path_mkdir+0x154/0x2f0
[   75.931018][ T7008]  do_mkdirat+0x175/0x3e0
[   75.931044][ T7008]  ? __pfx_do_mkdirat+0x10/0x10
[   75.931071][ T7008]  ? getname_flags.part.0+0x1c5/0x550
[   75.931093][ T7008]  __x64_sys_mkdir+0xef/0x140
[   75.931119][ T7008]  do_syscall_64+0xcd/0x4c0
[   75.931147][ T7008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.931165][ T7008] RIP: 0033:0x7f7045b8e929
[   75.931179][ T7008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.931197][ T7008] RSP: 002b:00007f7046a9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   75.931214][ T7008] RAX: ffffffffffffffda RBX: 00007f7045db5fa0 RCX: 00007f7045b8e929
[   75.931227][ T7008] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   75.931237][ T7008] RBP: 00007f7046a9b090 R08: 0000000000000000 R09: 0000000000000000
[   75.931247][ T7008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.931257][ T7008] R13: 0000000000000000 R14: 00007f7045db5fa0 R15: 00007ffd828c3a08
[   75.931282][ T7008]  </TASK>
[   75.931381][ T7008] ERROR: Out of memory at tomoyo_realpath_from_path.
[   76.038622][ T6018] usb 6-1: Using ep0 maxpacket: 8
[   76.041544][ T6018] usb 6-1: config index 0 descriptor too short (expected 8192, got 43)
[   76.044103][ T6018] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   76.047465][ T6018] usb 6-1: config 0 has no interfaces?
[   76.049716][ T6018] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[   76.052639][ T6018] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.061066][ T6018] usb 6-1: config 0 descriptor??
[   76.204146][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[   76.206681][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[   76.218318][ T7020] xt_hashlimit: size too large, truncated to 1048576
[   76.266405][ T6991] netlink: 'syz.1.324': attribute type 2 has an invalid length.
[   76.272716][ T6991] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.324'.
[   76.276336][ T6991] nbd: must specify a device to reconfigure
[   76.285003][ T6018] usb 6-1: USB disconnect, device number 5
[   76.366749][ T2297] hid-generic 0004:000A:0001.0002: unknown main item tag 0x6
[   76.370171][ T2297] hid-generic 0004:000A:0001.0002: unknown main item tag 0x1
[   76.372566][ T2297] hid-generic 0004:000A:0001.0002: reserved main item tag 0xe
[   76.377576][ T2297] hid-generic 0004:000A:0001.0002: hidraw1: <UNKNOWN> HID vf.ff Device [syz1] on syz0
[   76.402291][ T5943] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   76.406624][ T5943] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   76.410466][ T5943] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   76.414139][ T5943] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   76.417955][ T5943] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   76.418609][ T5344] udevd[5344]: worker [5941] terminated by signal 33 (Unknown signal 33)
[   76.424239][ T5344] udevd[5344]: worker [5941] failed while handling '/devices/virtual/misc/uhid/0004:000A:0001.0002/hidraw/hidraw1'
[   76.441543][ T7030] SELinux:  policydb version 1402900228 does not match my version range 15-34
[   76.445280][ T7030] SELinux: failed to load policy
[   76.570741][ T7027] chnl_net:caif_netlink_parms(): no params data found
[   76.612189][  T809] Bluetooth: hci5: Frame reassembly failed (-84)
[   76.670720][ T7027] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.673009][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.675247][ T7027] bridge_slave_0: entered allmulticast mode
[   76.677920][ T7027] bridge_slave_0: entered promiscuous mode
[   76.681310][ T7027] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.683699][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.685953][ T7027] bridge_slave_1: entered allmulticast mode
[   76.688589][ T7027] bridge_slave_1: entered promiscuous mode
[   76.720745][ T7027] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.725311][ T7027] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.762728][ T7027] team0: Port device team_slave_0 added
[   76.766678][ T7027] team0: Port device team_slave_1 added
[   76.795869][ T7027] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.797984][ T7027] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.806350][ T7027] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.810699][ T7027] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.812792][ T7027] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.822690][ T7027] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.872572][ T7027] hsr_slave_0: entered promiscuous mode
[   76.875145][ T7027] hsr_slave_1: entered promiscuous mode
[   76.877599][ T7027] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.880972][ T7027] Cannot create hsr debugfs directory
[   77.027023][ T7027] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   77.032487][ T7027] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   77.038210][ T7027] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   77.044368][ T7027] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   77.103374][ T7027] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.124180][ T7027] 8021q: adding VLAN 0 to HW filter on device team0
[   77.129098][ T1259] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.131289][ T1259] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.138044][  T809] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.140659][  T809] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.282479][ T7078] FAULT_INJECTION: forcing a failure.
[   77.282479][ T7078] name failslab, interval 1, probability 0, space 0, times 0
[   77.286591][ T7078] CPU: 3 UID: 0 PID: 7078 Comm: syz.1.349 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   77.286607][ T7078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.286613][ T7078] Call Trace:
[   77.286617][ T7078]  <TASK>
[   77.286622][ T7078]  dump_stack_lvl+0x16c/0x1f0
[   77.286641][ T7078]  should_fail_ex+0x512/0x640
[   77.286655][ T7078]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[   77.286672][ T7078]  should_failslab+0xc2/0x120
[   77.286688][ T7078]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[   77.286701][ T7078]  ? stack_trace_save+0x8e/0xc0
[   77.286715][ T7078]  ? __d_alloc+0x31/0xaa0
[   77.286730][ T7078]  ? stack_depot_save_flags+0x28/0xa40
[   77.286746][ T7078]  __d_alloc+0x31/0xaa0
[   77.286763][ T7078]  d_alloc+0x4a/0x1e0
[   77.286784][ T7078]  d_alloc_parallel+0xe3/0x12e0
[   77.286799][ T7078]  ? find_held_lock+0x2b/0x80
[   77.286813][ T7078]  ? __pfx_d_alloc_parallel+0x10/0x10
[   77.286827][ T7078]  ? __d_lookup+0x266/0x4a0
[   77.286841][ T7078]  lookup_open.isra.0+0x665/0x1580
[   77.286857][ T7078]  ? __pfx_lookup_open.isra.0+0x10/0x10
[   77.286877][ T7078]  ? dput+0x1f/0x30
[   77.286886][ T7078]  ? lookup_fast+0x156/0x610
[   77.286900][ T7078]  path_openat+0x893/0x2cb0
[   77.286917][ T7078]  ? __pfx___up_read+0x10/0x10
[   77.286928][ T7078]  ? __pfx_path_openat+0x10/0x10
[   77.286946][ T7078]  do_filp_open+0x20b/0x470
[   77.286960][ T7078]  ? __pfx_do_filp_open+0x10/0x10
[   77.286973][ T7078]  ? rcu_is_watching+0x12/0xc0
[   77.286995][ T7078]  ? _raw_spin_unlock+0x28/0x50
[   77.287009][ T7078]  ? alloc_fd+0x471/0x7d0
[   77.287029][ T7078]  do_sys_openat2+0x11b/0x1d0
[   77.287042][ T7078]  ? __pfx_do_sys_openat2+0x10/0x10
[   77.287053][ T7078]  ? __fget_files+0x20e/0x3c0
[   77.287070][ T7078]  __x64_sys_open+0x153/0x1e0
[   77.287080][ T7078]  ? __pfx___x64_sys_open+0x10/0x10
[   77.287093][ T7078]  ? rcu_is_watching+0x12/0xc0
[   77.287106][ T7078]  do_syscall_64+0xcd/0x4c0
[   77.287123][ T7078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.287134][ T7078] RIP: 0033:0x7f5d3d38e929
[   77.287143][ T7078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.287153][ T7078] RSP: 002b:00007f5d3e174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   77.287163][ T7078] RAX: ffffffffffffffda RBX: 00007f5d3d5b5fa0 RCX: 00007f5d3d38e929
[   77.287172][ T7078] RDX: 0000000000000000 RSI: 0000000000050500 RDI: 0000200000022ff6
[   77.287178][ T7078] RBP: 00007f5d3e174090 R08: 0000000000000000 R09: 0000000000000000
[   77.287184][ T7078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.287189][ T7078] R13: 0000000000000000 R14: 00007f5d3d5b5fa0 R15: 00007fff18275288
[   77.287202][ T7078]  </TASK>
[   77.291030][ T7027] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.557945][ T7027] veth0_vlan: entered promiscuous mode
[   77.563286][ T7027] veth1_vlan: entered promiscuous mode
[   77.576843][ T7027] veth0_macvtap: entered promiscuous mode
[   77.581742][ T7027] veth1_macvtap: entered promiscuous mode
[   77.591806][ T7027] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.623707][ T7027] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.628950][ T7027] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.631678][ T7027] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.634363][ T7027] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.636751][ T7027] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.737542][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.740661][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.753772][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.757290][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.840107][ T7092] FAULT_INJECTION: forcing a failure.
[   77.840107][ T7092] name failslab, interval 1, probability 0, space 0, times 0
[   77.843856][ T7092] CPU: 2 UID: 0 PID: 7092 Comm: syz.4.338 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   77.843871][ T7092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.843877][ T7092] Call Trace:
[   77.843881][ T7092]  <TASK>
[   77.843886][ T7092]  dump_stack_lvl+0x16c/0x1f0
[   77.843905][ T7092]  should_fail_ex+0x512/0x640
[   77.843919][ T7092]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[   77.843936][ T7092]  should_failslab+0xc2/0x120
[   77.843952][ T7092]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   77.843965][ T7092]  ? __alloc_skb+0x2b2/0x380
[   77.843983][ T7092]  __alloc_skb+0x2b2/0x380
[   77.843996][ T7092]  ? __pfx___alloc_skb+0x10/0x10
[   77.844011][ T7092]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   77.844025][ T7092]  netlink_alloc_large_skb+0x69/0x130
[   77.844036][ T7092]  netlink_sendmsg+0x6a1/0xdd0
[   77.844049][ T7092]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.844064][ T7092]  ____sys_sendmsg+0xa95/0xc70
[   77.844076][ T7092]  ? copy_msghdr_from_user+0x10a/0x160
[   77.844091][ T7092]  ? __pfx_____sys_sendmsg+0x10/0x10
[   77.844108][ T7092]  ___sys_sendmsg+0x134/0x1d0
[   77.844123][ T7092]  ? __pfx____sys_sendmsg+0x10/0x10
[   77.844136][ T7092]  ? __lock_acquire+0x622/0x1c90
[   77.844169][ T7092]  __sys_sendmsg+0x16d/0x220
[   77.844184][ T7092]  ? __pfx___sys_sendmsg+0x10/0x10
[   77.844207][ T7092]  do_syscall_64+0xcd/0x4c0
[   77.844224][ T7092]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.844235][ T7092] RIP: 0033:0x7f1cb8f8e929
[   77.844244][ T7092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.844254][ T7092] RSP: 002b:00007f1cb9ec1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.844264][ T7092] RAX: ffffffffffffffda RBX: 00007f1cb91b5fa0 RCX: 00007f1cb8f8e929
[   77.844270][ T7092] RDX: 0000000000048000 RSI: 00002000000000c0 RDI: 0000000000000003
[   77.844276][ T7092] RBP: 00007f1cb9ec1090 R08: 0000000000000000 R09: 0000000000000000
[   77.844282][ T7092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.844288][ T7092] R13: 0000000000000000 R14: 00007f1cb91b5fa0 R15: 00007ffd866d5df8
[   77.844301][ T7092]  </TASK>
[   77.971819][   T40] kauditd_printk_skb: 23 callbacks suppressed
[   77.971830][   T40] audit: type=1404 audit(1751163220.389:384): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   77.989650][   T40] audit: type=1400 audit(1751163220.409:385): avc:  denied  { create } for  pid=7100 comm="syz.4.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   77.996017][   T40] audit: type=1400 audit(1751163220.409:386): avc:  denied  { create } for  pid=7100 comm="syz.4.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   78.003545][   T40] audit: type=1400 audit(1751163220.409:387): avc:  denied  { write } for  pid=7100 comm="syz.4.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[   78.011363][   T40] audit: type=1400 audit(1751163220.409:388): avc:  denied  { prog_load } for  pid=7100 comm="syz.4.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   78.021188][   T40] audit: type=1400 audit(1751163220.409:389): avc:  denied  { prog_load } for  pid=7103 comm="syz.0.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[   78.032160][   T40] audit: type=1400 audit(1751163220.409:390): avc:  denied  { create } for  pid=7103 comm="syz.0.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[   78.045515][   T40] audit: type=1400 audit(1751163220.419:391): avc:  denied  { read write } for  pid=7027 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   78.056524][   T40] audit: type=1400 audit(1751163220.429:392): avc:  denied  { read write } for  pid=5937 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   78.064401][   T40] audit: type=1400 audit(1751163220.439:393): avc:  denied  { read write } for  pid=7105 comm="syz.4.356" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=0
[   78.183200][ T7114] netlink: 16 bytes leftover after parsing attributes in process `syz.0.360'.
[   78.231180][ T7117] netlink: 'syz.0.361': attribute type 4 has an invalid length.
[   78.438817][ T5940] Bluetooth: hci4: command tx timeout
[   78.622716][ T7140] netlink: 16 bytes leftover after parsing attributes in process `syz.1.370'.
[   78.678713][ T5940] Bluetooth: hci5: command 0x1003 tx timeout
[   78.680829][ T5943] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   78.701699][ T7147] FAULT_INJECTION: forcing a failure.
[   78.701699][ T7147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.705952][ T7147] CPU: 1 UID: 0 PID: 7147 Comm: syz.1.372 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   78.705966][ T7147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.705973][ T7147] Call Trace:
[   78.705977][ T7147]  <TASK>
[   78.705981][ T7147]  dump_stack_lvl+0x16c/0x1f0
[   78.706002][ T7147]  should_fail_ex+0x512/0x640
[   78.706018][ T7147]  _copy_from_iter+0x29f/0x16f0
[   78.706035][ T7147]  ? __alloc_skb+0x200/0x380
[   78.706054][ T7147]  ? __pfx__copy_from_iter+0x10/0x10
[   78.706070][ T7147]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[   78.706085][ T7147]  netlink_sendmsg+0x829/0xdd0
[   78.706097][ T7147]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.706112][ T7147]  ____sys_sendmsg+0xa95/0xc70
[   78.706124][ T7147]  ? copy_msghdr_from_user+0x10a/0x160
[   78.706138][ T7147]  ? __pfx_____sys_sendmsg+0x10/0x10
[   78.706155][ T7147]  ___sys_sendmsg+0x134/0x1d0
[   78.706170][ T7147]  ? __pfx____sys_sendmsg+0x10/0x10
[   78.706184][ T7147]  ? __lock_acquire+0x622/0x1c90
[   78.706216][ T7147]  __sys_sendmsg+0x16d/0x220
[   78.706231][ T7147]  ? __pfx___sys_sendmsg+0x10/0x10
[   78.706254][ T7147]  do_syscall_64+0xcd/0x4c0
[   78.706270][ T7147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.706282][ T7147] RIP: 0033:0x7f5d3d38e929
[   78.706291][ T7147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.706301][ T7147] RSP: 002b:00007f5d3e174038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.706311][ T7147] RAX: ffffffffffffffda RBX: 00007f5d3d5b5fa0 RCX: 00007f5d3d38e929
[   78.706318][ T7147] RDX: 0000000000048000 RSI: 00002000000000c0 RDI: 0000000000000003
[   78.706324][ T7147] RBP: 00007f5d3e174090 R08: 0000000000000000 R09: 0000000000000000
[   78.706330][ T7147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.706336][ T7147] R13: 0000000000000000 R14: 00007f5d3d5b5fa0 R15: 00007fff18275288
[   78.706348][ T7147]  </TASK>
[   78.791681][ T5943] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   78.796350][ T5943] CPU: 3 UID: 0 PID: 5943 Comm: kworker/u33:6 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   78.796379][ T5943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   78.796393][ T5943] Workqueue: hci1 hci_rx_work
[   78.796426][ T5943] Call Trace:
[   78.796433][ T5943]  <TASK>
[   78.796441][ T5943]  dump_stack_lvl+0x16c/0x1f0
[   78.796471][ T5943]  sysfs_warn_dup+0x7f/0xa0
[   78.796500][ T5943]  sysfs_create_dir_ns+0x24b/0x2b0
[   78.796526][ T5943]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   78.796550][ T5943]  ? find_held_lock+0x2b/0x80
[   78.796578][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[   78.796600][ T5943]  kobject_add_internal+0x2c4/0x9b0
[   78.796635][ T5943]  kobject_add+0x16e/0x240
[   78.796653][ T5943]  ? __pfx_kobject_add+0x10/0x10
[   78.796673][ T5943]  ? do_raw_spin_unlock+0x172/0x230
[   78.796695][ T5943]  ? kobject_put+0xab/0x5a0
[   78.796730][ T5943]  device_add+0x288/0x1a70
[   78.796759][ T5943]  ? __pfx_dev_set_name+0x10/0x10
[   78.796778][ T5943]  ? __pfx_device_add+0x10/0x10
[   78.796808][ T5943]  ? mgmt_send_event_skb+0x2fb/0x460
[   78.796840][ T5943]  hci_conn_add_sysfs+0x17e/0x230
[   78.796869][ T5943]  le_conn_complete_evt+0x1075/0x1d70
[   78.796904][ T5943]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   78.796930][ T5943]  ? hci_event_packet+0x459/0x11c0
[   78.796963][ T5943]  hci_le_conn_complete_evt+0x23c/0x370
[   78.796996][ T5943]  hci_le_meta_evt+0x354/0x5e0
[   78.797021][ T5943]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[   78.797051][ T5943]  hci_event_packet+0x685/0x11c0
[   78.797085][ T5943]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   78.797115][ T5943]  ? __pfx_hci_event_packet+0x10/0x10
[   78.797145][ T5943]  ? kcov_remote_start+0x3c9/0x6d0
[   78.797170][ T5943]  ? lockdep_hardirqs_on+0x7c/0x110
[   78.797202][ T5943]  hci_rx_work+0x2c5/0x16b0
[   78.797231][ T5943]  ? rcu_is_watching+0x12/0xc0
[   78.797258][ T5943]  process_one_work+0x9cc/0x1b70
[   78.797288][ T5943]  ? __pfx_process_one_work+0x10/0x10
[   78.797316][ T5943]  ? assign_work+0x1a0/0x250
[   78.797346][ T5943]  worker_thread+0x6c8/0xf10
[   78.797395][ T5943]  ? __pfx_worker_thread+0x10/0x10
[   78.797417][ T5943]  kthread+0x3c2/0x780
[   78.797437][ T5943]  ? __pfx_kthread+0x10/0x10
[   78.797458][ T5943]  ? rcu_is_watching+0x12/0xc0
[   78.797479][ T5943]  ? __pfx_kthread+0x10/0x10
[   78.797498][ T5943]  ret_from_fork+0x5d4/0x6f0
[   78.797523][ T5943]  ? __pfx_kthread+0x10/0x10
[   78.797542][ T5943]  ret_from_fork_asm+0x1a/0x30
[   78.797574][ T5943]  </TASK>
[   78.797636][ T5943] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   78.912037][ T5943] Bluetooth: hci1: failed to register connection device
[   78.945141][ T7168] netlink: 'syz.0.380': attribute type 11 has an invalid length.
[   78.946019][ T7169] netlink: 'syz.0.380': attribute type 11 has an invalid length.
[   78.947654][ T7168] netlink: 32 bytes leftover after parsing attributes in process `syz.0.380'.
[   78.950107][ T7169] netlink: 32 bytes leftover after parsing attributes in process `syz.0.380'.
[   78.992624][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.0.382'.
[   79.067595][ T7188] FAULT_INJECTION: forcing a failure.
[   79.067595][ T7188] name failslab, interval 1, probability 0, space 0, times 0
[   79.072064][ T7188] CPU: 0 UID: 0 PID: 7188 Comm: syz.1.387 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   79.072079][ T7188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.072085][ T7188] Call Trace:
[   79.072089][ T7188]  <TASK>
[   79.072093][ T7188]  dump_stack_lvl+0x16c/0x1f0
[   79.072112][ T7188]  should_fail_ex+0x512/0x640
[   79.072128][ T7188]  should_failslab+0xc2/0x120
[   79.072144][ T7188]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   79.072159][ T7188]  ? skb_clone+0x190/0x3f0
[   79.072176][ T7188]  skb_clone+0x190/0x3f0
[   79.072191][ T7188]  netlink_deliver_tap+0xabd/0xd30
[   79.072211][ T7188]  netlink_unicast+0x5df/0x7f0
[   79.072223][ T7188]  ? __pfx_netlink_unicast+0x10/0x10
[   79.072237][ T7188]  netlink_sendmsg+0x8d1/0xdd0
[   79.072250][ T7188]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.072265][ T7188]  ____sys_sendmsg+0xa95/0xc70
[   79.072277][ T7188]  ? copy_msghdr_from_user+0x10a/0x160
[   79.072292][ T7188]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.072309][ T7188]  ___sys_sendmsg+0x134/0x1d0
[   79.072324][ T7188]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.072337][ T7188]  ? __lock_acquire+0x622/0x1c90
[   79.072370][ T7188]  __sys_sendmsg+0x16d/0x220
[   79.072385][ T7188]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.072408][ T7188]  do_syscall_64+0xcd/0x4c0
[   79.072424][ T7188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.072435][ T7188] RIP: 0033:0x7f5d3d38e929
[   79.072443][ T7188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.072454][ T7188] RSP: 002b:00007f5d3e174038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.072464][ T7188] RAX: ffffffffffffffda RBX: 00007f5d3d5b5fa0 RCX: 00007f5d3d38e929
[   79.072470][ T7188] RDX: 0000000000048000 RSI: 00002000000000c0 RDI: 0000000000000003
[   79.072477][ T7188] RBP: 00007f5d3e174090 R08: 0000000000000000 R09: 0000000000000000
[   79.072483][ T7188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.072488][ T7188] R13: 0000000000000000 R14: 00007f5d3d5b5fa0 R15: 00007fff18275288
[   79.072501][ T7188]  </TASK>
[   79.183428][ T7198] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[   79.291688][ T7214] FAULT_INJECTION: forcing a failure.
[   79.291688][ T7214] name failslab, interval 1, probability 0, space 0, times 0
[   79.295571][ T7214] CPU: 0 UID: 0 PID: 7214 Comm: syz.0.399 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   79.295586][ T7214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.295592][ T7214] Call Trace:
[   79.295596][ T7214]  <TASK>
[   79.295601][ T7214]  dump_stack_lvl+0x16c/0x1f0
[   79.295621][ T7214]  should_fail_ex+0x512/0x640
[   79.295634][ T7214]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   79.295649][ T7214]  should_failslab+0xc2/0x120
[   79.295665][ T7214]  __kmalloc_cache_noprof+0x6a/0x3e0
[   79.295677][ T7214]  ? rtnl_newlink+0x11b/0x2000
[   79.295694][ T7214]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.295708][ T7214]  rtnl_newlink+0x11b/0x2000
[   79.295727][ T7214]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.295742][ T7214]  ? find_held_lock+0x2b/0x80
[   79.295756][ T7214]  ? avc_has_perm_noaudit+0x117/0x3b0
[   79.295775][ T7214]  ? avc_has_perm_noaudit+0x149/0x3b0
[   79.295793][ T7214]  ? cred_has_capability.isra.0+0x193/0x2f0
[   79.295809][ T7214]  ? __lock_acquire+0x622/0x1c90
[   79.295836][ T7214]  ? find_held_lock+0x2b/0x80
[   79.295847][ T7214]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.295862][ T7214]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.295876][ T7214]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   79.295892][ T7214]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.295908][ T7214]  rtnetlink_rcv_msg+0x95b/0xe90
[   79.295924][ T7214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.295940][ T7214]  ? __lock_acquire+0xb8a/0x1c90
[   79.295961][ T7214]  netlink_rcv_skb+0x155/0x420
[   79.295972][ T7214]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.295988][ T7214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   79.295998][ T7214]  ? rcu_is_watching+0x12/0xc0
[   79.296019][ T7214]  netlink_unicast+0x53d/0x7f0
[   79.296031][ T7214]  ? __pfx_netlink_unicast+0x10/0x10
[   79.296045][ T7214]  netlink_sendmsg+0x8d1/0xdd0
[   79.296057][ T7214]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.296072][ T7214]  ____sys_sendmsg+0xa95/0xc70
[   79.296084][ T7214]  ? copy_msghdr_from_user+0x10a/0x160
[   79.296099][ T7214]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.296115][ T7214]  ___sys_sendmsg+0x134/0x1d0
[   79.296130][ T7214]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.296144][ T7214]  ? __lock_acquire+0x622/0x1c90
[   79.296174][ T7214]  __sys_sendmsg+0x16d/0x220
[   79.296189][ T7214]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.296212][ T7214]  do_syscall_64+0xcd/0x4c0
[   79.296228][ T7214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.296239][ T7214] RIP: 0033:0x7f7045b8e929
[   79.296248][ T7214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.296258][ T7214] RSP: 002b:00007f7046a9b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.296268][ T7214] RAX: ffffffffffffffda RBX: 00007f7045db5fa0 RCX: 00007f7045b8e929
[   79.296274][ T7214] RDX: 0000000000048000 RSI: 00002000000000c0 RDI: 0000000000000003
[   79.296281][ T7214] RBP: 00007f7046a9b090 R08: 0000000000000000 R09: 0000000000000000
[   79.296286][ T7214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.296292][ T7214] R13: 0000000000000000 R14: 00007f7045db5fa0 R15: 00007ffd828c3a08
[   79.296305][ T7214]  </TASK>
[   79.665904][ T7245] FAULT_INJECTION: forcing a failure.
[   79.665904][ T7245] name failslab, interval 1, probability 0, space 0, times 0
[   79.671997][ T7245] CPU: 0 UID: 0 PID: 7245 Comm: syz.2.412 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   79.672021][ T7245] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   79.672031][ T7245] Call Trace:
[   79.672038][ T7245]  <TASK>
[   79.672044][ T7245]  dump_stack_lvl+0x16c/0x1f0
[   79.672072][ T7245]  should_fail_ex+0x512/0x640
[   79.672096][ T7245]  should_failslab+0xc2/0x120
[   79.672121][ T7245]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[   79.672144][ T7245]  ? __alloc_skb+0x2b2/0x380
[   79.672169][ T7245]  __alloc_skb+0x2b2/0x380
[   79.672189][ T7245]  ? __pfx___alloc_skb+0x10/0x10
[   79.672208][ T7245]  ? do_raw_spin_lock+0x12c/0x2b0
[   79.672235][ T7245]  br_info_notify+0x10f/0x2e0
[   79.672255][ T7245]  ? br_fdb_delete_bulk+0x1/0xd00
[   79.672278][ T7245]  br_device_event+0x30e/0xa00
[   79.672294][ T7245]  ? __pfx_br_device_event+0x10/0x10
[   79.672312][ T7245]  ? lockdep_rtnl_is_held+0x26/0x40
[   79.672334][ T7245]  notifier_call_chain+0xb9/0x410
[   79.672355][ T7245]  ? __pfx_br_device_event+0x10/0x10
[   79.672375][ T7245]  call_netdevice_notifiers_info+0xbe/0x140
[   79.672394][ T7245]  netif_state_change+0x165/0x3b0
[   79.672410][ T7245]  ? __pfx_netif_state_change+0x10/0x10
[   79.672430][ T7245]  ? netif_change_flags+0x10d/0x160
[   79.672455][ T7245]  do_setlink.constprop.0+0x3570/0x4380
[   79.672486][ T7245]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   79.672511][ T7245]  ? stack_trace_save+0x8e/0xc0
[   79.672532][ T7245]  ? __pfx_stack_trace_save+0x10/0x10
[   79.672554][ T7245]  ? __lock_acquire+0xb8a/0x1c90
[   79.672580][ T7245]  ? find_held_lock+0x2b/0x80
[   79.672601][ T7245]  ? br_switchdev_set_port_flag+0x134/0x380
[   79.672620][ T7245]  ? __pfx_br_switchdev_set_port_flag+0x10/0x10
[   79.672654][ T7245]  ? br_port_flags_change+0x6b/0x1d0
[   79.672680][ T7245]  ? br_setport+0x1180/0x17d0
[   79.672698][ T7245]  ? __pfx_br_setport+0x10/0x10
[   79.672709][ T7245]  ? do_raw_spin_lock+0x12c/0x2b0
[   79.672722][ T7245]  ? __local_bh_enable_ip+0xa4/0x120
[   79.672736][ T7245]  ? br_port_slave_changelink+0xd9/0x190
[   79.672754][ T7245]  ? __local_bh_enable_ip+0xa4/0x120
[   79.672767][ T7245]  ? __pfx_br_port_slave_changelink+0x10/0x10
[   79.672781][ T7245]  rtnl_newlink+0x1446/0x2000
[   79.672811][ T7245]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.672831][ T7245]  ? find_held_lock+0x2b/0x80
[   79.672850][ T7245]  ? avc_has_perm_noaudit+0x117/0x3b0
[   79.672877][ T7245]  ? avc_has_perm_noaudit+0x149/0x3b0
[   79.672902][ T7245]  ? cred_has_capability.isra.0+0x193/0x2f0
[   79.672923][ T7245]  ? __lock_acquire+0x622/0x1c90
[   79.672955][ T7245]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.672975][ T7245]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.673012][ T7245]  ? rtnetlink_rcv_msg+0x93a/0xe90
[   79.673034][ T7245]  ? __pfx_rtnl_newlink+0x10/0x10
[   79.673055][ T7245]  rtnetlink_rcv_msg+0x95b/0xe90
[   79.673077][ T7245]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.673105][ T7245]  ? ref_tracker_free+0x37c/0x830
[   79.673130][ T7245]  netlink_rcv_skb+0x155/0x420
[   79.673147][ T7245]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.673172][ T7245]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   79.673198][ T7245]  ? netlink_deliver_tap+0x1ae/0xd30
[   79.673227][ T7245]  netlink_unicast+0x53d/0x7f0
[   79.673246][ T7245]  ? __pfx_netlink_unicast+0x10/0x10
[   79.673270][ T7245]  netlink_sendmsg+0x8d1/0xdd0
[   79.673291][ T7245]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.673315][ T7245]  ____sys_sendmsg+0xa95/0xc70
[   79.673333][ T7245]  ? copy_msghdr_from_user+0x10a/0x160
[   79.673355][ T7245]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.673383][ T7245]  ___sys_sendmsg+0x134/0x1d0
[   79.673407][ T7245]  ? __pfx____sys_sendmsg+0x10/0x10
[   79.673427][ T7245]  ? __lock_acquire+0x622/0x1c90
[   79.673482][ T7245]  __sys_sendmsg+0x16d/0x220
[   79.673506][ T7245]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.673546][ T7245]  do_syscall_64+0xcd/0x4c0
[   79.673574][ T7245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.673590][ T7245] RIP: 0033:0x7fbf7998e929
[   79.673604][ T7245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.673620][ T7245] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.673636][ T7245] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   79.673645][ T7245] RDX: 0000000000048000 RSI: 00002000000000c0 RDI: 0000000000000003
[   79.673654][ T7245] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   79.673663][ T7245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.673672][ T7245] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   79.673692][ T7245]  </TASK>
[   80.050900][ T7259] FAULT_INJECTION: forcing a failure.
[   80.050900][ T7259] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   80.056684][ T7259] CPU: 3 UID: 0 PID: 7259 Comm: syz.2.417 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   80.056700][ T7259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.056707][ T7259] Call Trace:
[   80.056712][ T7259]  <TASK>
[   80.056716][ T7259]  dump_stack_lvl+0x16c/0x1f0
[   80.056738][ T7259]  should_fail_ex+0x512/0x640
[   80.056754][ T7259]  should_fail_alloc_page+0xe7/0x130
[   80.056771][ T7259]  prepare_alloc_pages+0x3c2/0x610
[   80.056784][ T7259]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[   80.056798][ T7259]  ? kasan_save_stack+0x42/0x60
[   80.056811][ T7259]  ? kasan_save_track+0x14/0x30
[   80.056823][ T7259]  ? __kasan_slab_alloc+0x89/0x90
[   80.056837][ T7259]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[   80.056850][ T7259]  ? security_inode_alloc+0x3b/0x2b0
[   80.056863][ T7259]  ? inode_init_always_gfp+0xce4/0x1030
[   80.056877][ T7259]  ? alloc_inode+0x86/0x240
[   80.056886][ T7259]  ? iget_locked+0x2e4/0x830
[   80.056895][ T7259]  ? kernfs_get_inode+0x48/0x460
[   80.056909][ T7259]  ? kernfs_iop_lookup+0x1a7/0x2d0
[   80.056924][ T7259]  ? lookup_open.isra.0+0x4da/0x1580
[   80.056935][ T7259]  ? path_openat+0x893/0x2cb0
[   80.056948][ T7259]  ? do_filp_open+0x20b/0x470
[   80.056961][ T7259]  ? do_sys_openat2+0x11b/0x1d0
[   80.056970][ T7259]  ? __x64_sys_open+0x153/0x1e0
[   80.056984][ T7259]  ? do_syscall_64+0xcd/0x4c0
[   80.056999][ T7259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.057011][ T7259]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   80.057028][ T7259]  ? look_up_lock_class+0x6b/0x150
[   80.057044][ T7259]  ? register_lock_class+0x41/0x4c0
[   80.057063][ T7259]  ? __lock_acquire+0xb8a/0x1c90
[   80.057078][ T7259]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   80.057091][ T7259]  ? policy_nodemask+0xea/0x4e0
[   80.057108][ T7259]  alloc_pages_mpol+0x1fb/0x550
[   80.057123][ T7259]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   80.057139][ T7259]  ? find_held_lock+0x2b/0x80
[   80.057156][ T7259]  alloc_pages_noprof+0x131/0x390
[   80.057171][ T7259]  get_free_pages_noprof+0x10/0xb0
[   80.057187][ T7259]  inode_doinit_with_dentry+0x8d6/0x12e0
[   80.057204][ T7259]  ? __pfx_inode_doinit_with_dentry+0x10/0x10
[   80.057219][ T7259]  ? __pfx_wake_up_var+0x10/0x10
[   80.057236][ T7259]  selinux_d_instantiate+0x26/0x30
[   80.057250][ T7259]  security_d_instantiate+0x142/0x1a0
[   80.057267][ T7259]  d_splice_alias+0x93/0xf80
[   80.057281][ T7259]  kernfs_iop_lookup+0x23f/0x2d0
[   80.057297][ T7259]  ? __pfx_kernfs_iop_lookup+0x10/0x10
[   80.057312][ T7259]  lookup_open.isra.0+0x4da/0x1580
[   80.057327][ T7259]  ? __pfx_lookup_open.isra.0+0x10/0x10
[   80.057347][ T7259]  ? dput+0x1f/0x30
[   80.057356][ T7259]  ? lookup_fast+0x156/0x610
[   80.057375][ T7259]  path_openat+0x893/0x2cb0
[   80.057400][ T7259]  ? __pfx___up_read+0x10/0x10
[   80.057419][ T7259]  ? __pfx_path_openat+0x10/0x10
[   80.057449][ T7259]  do_filp_open+0x20b/0x470
[   80.057475][ T7259]  ? __pfx_do_filp_open+0x10/0x10
[   80.057498][ T7259]  ? rcu_is_watching+0x12/0xc0
[   80.057538][ T7259]  ? _raw_spin_unlock+0x28/0x50
[   80.057560][ T7259]  ? alloc_fd+0x471/0x7d0
[   80.057590][ T7259]  do_sys_openat2+0x11b/0x1d0
[   80.057607][ T7259]  ? __pfx_do_sys_openat2+0x10/0x10
[   80.057626][ T7259]  ? __fget_files+0x20e/0x3c0
[   80.057656][ T7259]  __x64_sys_open+0x153/0x1e0
[   80.057673][ T7259]  ? __pfx___x64_sys_open+0x10/0x10
[   80.057693][ T7259]  ? getname_flags.part.0+0x1c5/0x550
[   80.057711][ T7259]  ? rcu_is_watching+0x12/0xc0
[   80.057735][ T7259]  do_syscall_64+0xcd/0x4c0
[   80.057762][ T7259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.057779][ T7259] RIP: 0033:0x7fbf7998e929
[   80.057796][ T7259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.057811][ T7259] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   80.057825][ T7259] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   80.057834][ T7259] RDX: 0000000000000000 RSI: 0000000000050500 RDI: 0000200000022ff6
[   80.057842][ T7259] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   80.057850][ T7259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.057858][ T7259] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   80.057876][ T7259]  </TASK>
[   80.223923][ T7264] netlink: 36 bytes leftover after parsing attributes in process `syz.1.418'.
[   80.457009][ T7296] FAULT_INJECTION: forcing a failure.
[   80.457009][ T7296] name failslab, interval 1, probability 0, space 0, times 0
[   80.462994][ T7296] CPU: 1 UID: 0 PID: 7296 Comm: syz.2.429 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   80.463018][ T7296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   80.463029][ T7296] Call Trace:
[   80.463036][ T7296]  <TASK>
[   80.463044][ T7296]  dump_stack_lvl+0x16c/0x1f0
[   80.463088][ T7296]  should_fail_ex+0x512/0x640
[   80.463112][ T7296]  ? fs_reclaim_acquire+0xae/0x150
[   80.463135][ T7296]  should_failslab+0xc2/0x120
[   80.463163][ T7296]  __kmalloc_cache_noprof+0x6a/0x3e0
[   80.463182][ T7296]  ? do_raw_spin_unlock+0x172/0x230
[   80.463203][ T7296]  ? inode_doinit_use_xattr+0x54/0x410
[   80.463228][ T7296]  inode_doinit_use_xattr+0x54/0x410
[   80.463253][ T7296]  inode_doinit_with_dentry+0x10c8/0x12e0
[   80.463284][ T7296]  ? __pfx_inode_doinit_with_dentry+0x10/0x10
[   80.463310][ T7296]  ? __pfx_wake_up_var+0x10/0x10
[   80.463340][ T7296]  selinux_d_instantiate+0x26/0x30
[   80.463369][ T7296]  security_d_instantiate+0x142/0x1a0
[   80.463401][ T7296]  d_splice_alias+0x93/0xf80
[   80.463426][ T7296]  kernfs_iop_lookup+0x23f/0x2d0
[   80.463452][ T7296]  ? __pfx_kernfs_iop_lookup+0x10/0x10
[   80.463475][ T7296]  lookup_open.isra.0+0x4da/0x1580
[   80.463501][ T7296]  ? __pfx_lookup_open.isra.0+0x10/0x10
[   80.463535][ T7296]  ? dput+0x1f/0x30
[   80.463550][ T7296]  ? lookup_fast+0x156/0x610
[   80.463573][ T7296]  path_openat+0x893/0x2cb0
[   80.463600][ T7296]  ? __pfx___up_read+0x10/0x10
[   80.463617][ T7296]  ? __pfx_path_openat+0x10/0x10
[   80.463643][ T7296]  do_filp_open+0x20b/0x470
[   80.463664][ T7296]  ? __pfx_do_filp_open+0x10/0x10
[   80.463685][ T7296]  ? rcu_is_watching+0x12/0xc0
[   80.463731][ T7296]  ? _raw_spin_unlock+0x28/0x50
[   80.463752][ T7296]  ? alloc_fd+0x471/0x7d0
[   80.463783][ T7296]  do_sys_openat2+0x11b/0x1d0
[   80.463799][ T7296]  ? __pfx_do_sys_openat2+0x10/0x10
[   80.463817][ T7296]  ? __fget_files+0x20e/0x3c0
[   80.463844][ T7296]  __x64_sys_open+0x153/0x1e0
[   80.463861][ T7296]  ? __pfx___x64_sys_open+0x10/0x10
[   80.463882][ T7296]  ? rcu_is_watching+0x12/0xc0
[   80.463905][ T7296]  do_syscall_64+0xcd/0x4c0
[   80.463933][ T7296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.463953][ T7296] RIP: 0033:0x7fbf7998e929
[   80.463965][ T7296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.463981][ T7296] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   80.463999][ T7296] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   80.464011][ T7296] RDX: 0000000000000000 RSI: 0000000000050500 RDI: 0000200000022ff6
[   80.464022][ T7296] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   80.464034][ T7296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.464044][ T7296] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   80.464068][ T7296]  </TASK>
[   80.519977][ T5940] Bluetooth: hci4: command tx timeout
[   80.616166][ T7300] netlink: 44 bytes leftover after parsing attributes in process `syz.2.430'.
[   80.619899][ T7300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.430'.
[   80.627684][ T7300] syz.2.430 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   80.953811][ T7307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.432'.
[   81.463833][ T7358] FAULT_INJECTION: forcing a failure.
[   81.463833][ T7358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.470185][ T7358] CPU: 3 UID: 0 PID: 7358 Comm: syz.0.453 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   81.470210][ T7358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.470221][ T7358] Call Trace:
[   81.470225][ T7358]  <TASK>
[   81.470230][ T7358]  dump_stack_lvl+0x16c/0x1f0
[   81.470257][ T7358]  should_fail_ex+0x512/0x640
[   81.470282][ T7358]  _copy_to_user+0x32/0xd0
[   81.470305][ T7358]  simple_read_from_buffer+0xcb/0x170
[   81.470325][ T7358]  proc_fail_nth_read+0x197/0x270
[   81.470345][ T7358]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.470366][ T7358]  ? rw_verify_area+0xcf/0x680
[   81.470384][ T7358]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.470404][ T7358]  vfs_read+0x1e4/0xc60
[   81.470422][ T7358]  ? __pfx___mutex_lock+0x10/0x10
[   81.470445][ T7358]  ? __pfx_vfs_read+0x10/0x10
[   81.470470][ T7358]  ? __fget_files+0x20e/0x3c0
[   81.470498][ T7358]  ksys_read+0x12a/0x250
[   81.470515][ T7358]  ? __pfx_ksys_read+0x10/0x10
[   81.470575][ T7358]  do_syscall_64+0xcd/0x4c0
[   81.470601][ T7358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.470618][ T7358] RIP: 0033:0x7f7045b8d33c
[   81.470631][ T7358] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   81.470646][ T7358] RSP: 002b:00007f7046a9b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.470657][ T7358] RAX: ffffffffffffffda RBX: 00007f7045db5fa0 RCX: 00007f7045b8d33c
[   81.470668][ T7358] RDX: 000000000000000f RSI: 00007f7046a9b0a0 RDI: 0000000000000004
[   81.470679][ T7358] RBP: 00007f7046a9b090 R08: 0000000000000000 R09: 0000000000000000
[   81.470689][ T7358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.470698][ T7358] R13: 0000000000000000 R14: 00007f7045db5fa0 R15: 00007ffd828c3a08
[   81.470720][ T7358]  </TASK>
[   81.697216][ T7379] netlink: 24 bytes leftover after parsing attributes in process `syz.2.461'.
[   81.762704][ T7384] netlink: 'syz.4.463': attribute type 10 has an invalid length.
[   81.763560][ T7385] netlink: 'syz.4.463': attribute type 10 has an invalid length.
[   81.775165][ T7384] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.780961][ T7384] team0: Port device bond0 added
[   81.790369][ T7384] ip6tnl1: entered promiscuous mode
[   81.792223][ T7384] ip6tnl1: entered allmulticast mode
[   82.328043][ T7438] sctp: [Deprecated]: syz.1.483 (pid 7438) Use of int in max_burst socket option deprecated.
[   82.328043][ T7438] Use struct sctp_assoc_value instead
[   82.580871][ T7459] FAULT_INJECTION: forcing a failure.
[   82.580871][ T7459] name failslab, interval 1, probability 0, space 0, times 0
[   82.585272][ T7459] CPU: 3 UID: 0 PID: 7459 Comm: syz.1.491 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   82.585288][ T7459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.585295][ T7459] Call Trace:
[   82.585300][ T7459]  <TASK>
[   82.585306][ T7459]  dump_stack_lvl+0x16c/0x1f0
[   82.585335][ T7459]  should_fail_ex+0x512/0x640
[   82.585351][ T7459]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   82.585367][ T7459]  should_failslab+0xc2/0x120
[   82.585383][ T7459]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   82.585397][ T7459]  ? __kernfs_new_node+0xd2/0x8e0
[   82.585414][ T7459]  __kernfs_new_node+0xd2/0x8e0
[   82.585434][ T7459]  ? __pfx___kernfs_new_node+0x10/0x10
[   82.585463][ T7459]  ? find_held_lock+0x2b/0x80
[   82.585478][ T7459]  ? kernfs_root+0xee/0x2a0
[   82.585495][ T7459]  kernfs_new_node+0x13c/0x1e0
[   82.585515][ T7459]  __kernfs_create_file+0x53/0x350
[   82.585529][ T7459]  cgroup_addrm_files+0x546/0xc20
[   82.585547][ T7459]  ? __pfx_cgroup_addrm_files+0x10/0x10
[   82.585563][ T7459]  ? css_next_child+0xcf/0x2d0
[   82.585574][ T7459]  ? css_next_descendant_pre+0x58/0x1a0
[   82.585586][ T7459]  css_populate_dir+0x343/0x580
[   82.585603][ T7459]  cgroup_mkdir+0x5cb/0x11f0
[   82.585618][ T7459]  ? __pfx_cgroup_mkdir+0x10/0x10
[   82.585630][ T7459]  kernfs_iop_mkdir+0x10e/0x190
[   82.585646][ T7459]  ? bpf_lsm_inode_mkdir+0x9/0x10
[   82.585662][ T7459]  vfs_mkdir+0x593/0x8c0
[   82.585676][ T7459]  do_mkdirat+0x304/0x3e0
[   82.585692][ T7459]  ? __pfx_do_mkdirat+0x10/0x10
[   82.585708][ T7459]  ? getname_flags.part.0+0x1c5/0x550
[   82.585720][ T7459]  __x64_sys_mkdir+0xef/0x140
[   82.585735][ T7459]  do_syscall_64+0xcd/0x4c0
[   82.585752][ T7459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.585764][ T7459] RIP: 0033:0x7f5d3d38e929
[   82.585773][ T7459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.585784][ T7459] RSP: 002b:00007f5d3e174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   82.585796][ T7459] RAX: ffffffffffffffda RBX: 00007f5d3d5b5fa0 RCX: 00007f5d3d38e929
[   82.585803][ T7459] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   82.585809][ T7459] RBP: 00007f5d3e174090 R08: 0000000000000000 R09: 0000000000000000
[   82.585815][ T7459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   82.585821][ T7459] R13: 0000000000000000 R14: 00007f5d3d5b5fa0 R15: 00007fff18275288
[   82.585834][ T7459]  </TASK>
[   82.585849][ T7459] cgroup: cgroup_addrm_files: failed to add cgroup.procs, err=-12
[   82.599515][ T5940] Bluetooth: hci4: command tx timeout
[   82.657709][ T7463] netlink: 'syz.1.493': attribute type 10 has an invalid length.
[   82.677437][ T7463] hsr_slave_0: left promiscuous mode
[   82.680062][ T7463] hsr_slave_1: left promiscuous mode
[   82.953352][ T7493] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING
[   82.986852][   T40] kauditd_printk_skb: 713 callbacks suppressed
[   82.986868][   T40] audit: type=1400 audit(1751163225.399:1107): avc:  denied  { create } for  pid=7494 comm="syz.2.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=0
[   83.001409][   T40] audit: type=1400 audit(1751163225.399:1108): avc:  denied  { watch watch_reads } for  pid=7495 comm="syz.1.505" path="/syzcgroup/net/syz1/syz0" dev="cgroup" ino=228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=0
[   83.014298][   T40] audit: type=1400 audit(1751163225.399:1109): avc:  denied  { read } for  pid=7494 comm="syz.2.506" dev="nsfs" ino=4026533161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=0
[   83.028270][   T40] audit: type=1400 audit(1751163225.409:1110): avc:  denied  { read append } for  pid=7494 comm="syz.2.506" name="v4l-subdev5" dev="devtmpfs" ino=970 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=0
[   83.041269][   T40] audit: type=1400 audit(1751163225.409:1111): avc:  denied  { create } for  pid=7494 comm="syz.2.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[   83.050592][   T40] audit: type=1400 audit(1751163225.419:1112): avc:  denied  { read write } for  pid=5937 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   83.061933][   T40] audit: type=1400 audit(1751163225.419:1113): avc:  denied  { read write } for  pid=5931 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   83.069763][   T40] audit: type=1400 audit(1751163225.429:1114): avc:  denied  { read write } for  pid=5933 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   83.077951][   T40] audit: type=1400 audit(1751163225.439:1115): avc:  denied  { create } for  pid=7498 comm="syz.0.507" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=0
[   83.084467][   T40] audit: type=1400 audit(1751163225.449:1116): avc:  denied  { watch watch_reads } for  pid=7500 comm="syz.1.508" path="/190" dev="tmpfs" ino=1020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=0
[   83.261135][ T7544] netlink: 'syz.2.524': attribute type 10 has an invalid length.
[   83.291236][ T7544] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   83.381017][ T7568] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=7568 comm=syz.1.531
[   83.478032][ T7582] __nla_validate_parse: 3 callbacks suppressed
[   83.478049][ T7582] netlink: 12 bytes leftover after parsing attributes in process `syz.4.535'.
[   83.482816][ T7578] geneve2: entered promiscuous mode
[   83.488000][ T7578] geneve2: entered allmulticast mode
[   83.678982][ T7605] FAULT_INJECTION: forcing a failure.
[   83.678982][ T7605] name failslab, interval 1, probability 0, space 0, times 0
[   83.682770][ T7605] CPU: 2 UID: 0 PID: 7605 Comm: syz.2.543 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   83.682784][ T7605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   83.682792][ T7605] Call Trace:
[   83.682796][ T7605]  <TASK>
[   83.682800][ T7605]  dump_stack_lvl+0x16c/0x1f0
[   83.682820][ T7605]  should_fail_ex+0x512/0x640
[   83.682834][ T7605]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[   83.682852][ T7605]  should_failslab+0xc2/0x120
[   83.682868][ T7605]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[   83.682883][ T7605]  ? kstrdup_const+0x63/0x80
[   83.682897][ T7605]  ? __lock_acquire+0xb8a/0x1c90
[   83.682915][ T7605]  kstrdup+0x53/0x100
[   83.682929][ T7605]  kstrdup_const+0x63/0x80
[   83.682942][ T7605]  __kernfs_new_node+0x9b/0x8e0
[   83.682959][ T7605]  ? __pfx___kernfs_new_node+0x10/0x10
[   83.682978][ T7605]  ? find_held_lock+0x2b/0x80
[   83.682991][ T7605]  ? kernfs_root+0xee/0x2a0
[   83.683008][ T7605]  kernfs_new_node+0x13c/0x1e0
[   83.683028][ T7605]  __kernfs_create_file+0x53/0x350
[   83.683046][ T7605]  cgroup_addrm_files+0x546/0xc20
[   83.683065][ T7605]  ? __pfx_cgroup_addrm_files+0x10/0x10
[   83.683081][ T7605]  ? css_next_child+0xcf/0x2d0
[   83.683092][ T7605]  ? css_next_descendant_pre+0x58/0x1a0
[   83.683104][ T7605]  css_populate_dir+0x343/0x580
[   83.683122][ T7605]  cgroup_mkdir+0x5cb/0x11f0
[   83.683136][ T7605]  ? __pfx_cgroup_mkdir+0x10/0x10
[   83.683149][ T7605]  kernfs_iop_mkdir+0x10e/0x190
[   83.683165][ T7605]  ? bpf_lsm_inode_mkdir+0x9/0x10
[   83.683181][ T7605]  vfs_mkdir+0x593/0x8c0
[   83.683196][ T7605]  do_mkdirat+0x304/0x3e0
[   83.683211][ T7605]  ? __pfx_do_mkdirat+0x10/0x10
[   83.683227][ T7605]  ? getname_flags.part.0+0x1c5/0x550
[   83.683240][ T7605]  __x64_sys_mkdir+0xef/0x140
[   83.683255][ T7605]  do_syscall_64+0xcd/0x4c0
[   83.683271][ T7605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.683283][ T7605] RIP: 0033:0x7fbf7998e929
[   83.683292][ T7605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.683303][ T7605] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   83.683313][ T7605] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   83.683320][ T7605] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   83.683326][ T7605] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   83.683332][ T7605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   83.683338][ T7605] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   83.683351][ T7605]  </TASK>
[   83.683356][ T7605] cgroup: cgroup_addrm_files: failed to add tasks, err=-12
[   83.773353][ T7612] ata3.00: invalid multi_count 1 ignored
[   83.814285][ T7612] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   83.869612][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.2.550'.
[   83.975147][ T7641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.557'.
[   83.978667][ T7641] xt_hashlimit: max too large, truncated to 1048576
[   84.081861][ T7658] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (11)
[   84.224924][ T7673] IPv6: addrconf: prefix option has invalid lifetime
[   84.466551][ T7682] netlink: 12 bytes leftover after parsing attributes in process `syz.2.573'.
[   84.607846][ T7689] macsec1: entered promiscuous mode
[   84.609537][ T7689] macsec1: entered allmulticast mode
[   84.678709][ T5940] Bluetooth: hci4: command tx timeout
[   85.257536][ T7737] FAULT_INJECTION: forcing a failure.
[   85.257536][ T7737] name failslab, interval 1, probability 0, space 0, times 0
[   85.262890][ T7737] CPU: 0 UID: 0 PID: 7737 Comm: syz.4.595 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   85.262916][ T7737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.262928][ T7737] Call Trace:
[   85.262933][ T7737]  <TASK>
[   85.262940][ T7737]  dump_stack_lvl+0x16c/0x1f0
[   85.262970][ T7737]  should_fail_ex+0x512/0x640
[   85.262995][ T7737]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[   85.263022][ T7737]  should_failslab+0xc2/0x120
[   85.263049][ T7737]  kmem_cache_alloc_noprof+0x6d/0x3b0
[   85.263074][ T7737]  ? __kernfs_new_node+0xd2/0x8e0
[   85.263104][ T7737]  __kernfs_new_node+0xd2/0x8e0
[   85.263133][ T7737]  ? __pfx___kernfs_new_node+0x10/0x10
[   85.263167][ T7737]  ? find_held_lock+0x2b/0x80
[   85.263191][ T7737]  ? kernfs_root+0xee/0x2a0
[   85.263220][ T7737]  kernfs_new_node+0x13c/0x1e0
[   85.263253][ T7737]  __kernfs_create_file+0x53/0x350
[   85.263276][ T7737]  cgroup_addrm_files+0x546/0xc20
[   85.263308][ T7737]  ? __pfx_cgroup_addrm_files+0x10/0x10
[   85.263337][ T7737]  ? css_next_child+0xcf/0x2d0
[   85.263356][ T7737]  ? css_next_descendant_pre+0x58/0x1a0
[   85.263376][ T7737]  css_populate_dir+0x343/0x580
[   85.263407][ T7737]  cgroup_mkdir+0x5cb/0x11f0
[   85.263433][ T7737]  ? __pfx_cgroup_mkdir+0x10/0x10
[   85.263457][ T7737]  kernfs_iop_mkdir+0x10e/0x190
[   85.263483][ T7737]  ? bpf_lsm_inode_mkdir+0x9/0x10
[   85.263510][ T7737]  vfs_mkdir+0x593/0x8c0
[   85.263536][ T7737]  do_mkdirat+0x304/0x3e0
[   85.263564][ T7737]  ? __pfx_do_mkdirat+0x10/0x10
[   85.263592][ T7737]  ? getname_flags.part.0+0x1c5/0x550
[   85.263614][ T7737]  __x64_sys_mkdir+0xef/0x140
[   85.263638][ T7737]  do_syscall_64+0xcd/0x4c0
[   85.263666][ T7737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.263685][ T7737] RIP: 0033:0x7f1cb8f8e929
[   85.263702][ T7737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.263720][ T7737] RSP: 002b:00007f1cb9ec1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   85.263738][ T7737] RAX: ffffffffffffffda RBX: 00007f1cb91b5fa0 RCX: 00007f1cb8f8e929
[   85.263751][ T7737] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   85.263767][ T7737] RBP: 00007f1cb9ec1090 R08: 0000000000000000 R09: 0000000000000000
[   85.263777][ T7737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   85.263789][ T7737] R13: 0000000000000000 R14: 00007f1cb91b5fa0 R15: 00007ffd866d5df8
[   85.263814][ T7737]  </TASK>
[   85.263836][ T7737] cgroup: cgroup_addrm_files: failed to add notify_on_release, err=-12
[   85.285171][ T7739] netlink: 'syz.0.596': attribute type 1 has an invalid length.
[   85.356350][ T7739] netlink: 'syz.0.596': attribute type 4 has an invalid length.
[   85.356369][ T7739] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.596'.
[   85.617202][ T7775] xt_hashlimit: invalid rate
[   86.172335][ T7820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.628'.
[   86.442445][   T54] cfg80211: failed to load regulatory.db
[   86.544123][ T7846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.639'.
[   86.622599][ T7855] block device autoloading is deprecated and will be removed.
[   86.746295][ T7870] netlink: 56 bytes leftover after parsing attributes in process `syz.0.650'.
[   86.898723][ T7889] netlink: 28 bytes leftover after parsing attributes in process `syz.4.658'.
[   86.908830][ T7889] netlink: 28 bytes leftover after parsing attributes in process `syz.4.658'.
[   86.923792][ T7889] gretap0: entered promiscuous mode
[   86.931756][ T7889] gretap0: left promiscuous mode
[   86.931827][ T7896] FAULT_INJECTION: forcing a failure.
[   86.931827][ T7896] name failslab, interval 1, probability 0, space 0, times 0
[   86.938532][ T7896] CPU: 1 UID: 0 PID: 7896 Comm: syz.0.661 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   86.938550][ T7896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   86.938556][ T7896] Call Trace:
[   86.938561][ T7896]  <TASK>
[   86.938565][ T7896]  dump_stack_lvl+0x16c/0x1f0
[   86.938585][ T7896]  should_fail_ex+0x512/0x640
[   86.938600][ T7896]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   86.938615][ T7896]  should_failslab+0xc2/0x120
[   86.938630][ T7896]  __kmalloc_cache_noprof+0x6a/0x3e0
[   86.938642][ T7896]  ? ioc_cpd_alloc+0x96/0x150
[   86.938653][ T7896]  ? kasan_save_track+0x14/0x30
[   86.938668][ T7896]  ioc_cpd_alloc+0x96/0x150
[   86.938680][ T7896]  blkcg_css_alloc+0x193/0x910
[   86.938695][ T7896]  ? __pfx_ioc_cpd_alloc+0x10/0x10
[   86.938707][ T7896]  cgroup_apply_control_enable+0x4b0/0xbb0
[   86.938723][ T7896]  ? css_populate_dir+0x254/0x580
[   86.938740][ T7896]  cgroup_mkdir+0x5e7/0x11f0
[   86.938755][ T7896]  ? __pfx_cgroup_mkdir+0x10/0x10
[   86.938768][ T7896]  kernfs_iop_mkdir+0x10e/0x190
[   86.938784][ T7896]  ? bpf_lsm_inode_mkdir+0x9/0x10
[   86.938800][ T7896]  vfs_mkdir+0x593/0x8c0
[   86.938814][ T7896]  do_mkdirat+0x304/0x3e0
[   86.938830][ T7896]  ? __pfx_do_mkdirat+0x10/0x10
[   86.938845][ T7896]  ? getname_flags.part.0+0x1c5/0x550
[   86.938858][ T7896]  __x64_sys_mkdir+0xef/0x140
[   86.938873][ T7896]  do_syscall_64+0xcd/0x4c0
[   86.938890][ T7896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.938901][ T7896] RIP: 0033:0x7f7045b8e929
[   86.938910][ T7896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.938921][ T7896] RSP: 002b:00007f7046a9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   86.938931][ T7896] RAX: ffffffffffffffda RBX: 00007f7045db5fa0 RCX: 00007f7045b8e929
[   86.938938][ T7896] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   86.938944][ T7896] RBP: 00007f7046a9b090 R08: 0000000000000000 R09: 0000000000000000
[   86.938950][ T7896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   86.938956][ T7896] R13: 0000000000000000 R14: 00007f7045db5fa0 R15: 00007ffd828c3a08
[   86.938974][ T7896]  </TASK>
[   87.228953][ T7919] sp0: Synchronizing with TNC
[   87.408858][ T7924] dns_resolver: Unsupported content type (234)
[   87.411702][ T5940] Bluetooth: Unknown LE signaling command 0xe3
[   87.414580][ T5940] Bluetooth: Wrong link type (-22)
[   87.418223][ T7924] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7924 comm=syz.4.672
[   87.693216][ T7938] netlink: 'syz.4.678': attribute type 1 has an invalid length.
[   87.705970][ T7938] bond1: entered promiscuous mode
[   87.710464][ T7938] bond1: entered allmulticast mode
[   87.712423][ T7938] 8021q: adding VLAN 0 to HW filter on device bond1
[   87.723546][ T7938] bridge2: entered promiscuous mode
[   87.725761][ T7938] bridge2: entered allmulticast mode
[   87.727959][ T7938] bond1: (slave bridge2): Enslaving as a backup interface with an up link
[   87.797221][ T7941] syzkaller0: entered promiscuous mode
[   87.801036][ T7941] syzkaller0: entered allmulticast mode
[   87.819490][ T1248] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   87.929371][   T13] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[   87.988523][   T40] kauditd_printk_skb: 16663 callbacks suppressed
[   87.988534][   T40] audit: type=1400 audit(1751163230.399:16754): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   87.996446][ T5646] audit: audit_backlog=65 > audit_backlog_limit=64
[   87.997705][   T40] audit: type=1400 audit(1751163230.409:16755): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   87.999376][ T5646] audit: audit_lost=343 audit_rate_limit=0 audit_backlog_limit=64
[   88.005941][   T40] audit: type=1400 audit(1751163230.409:16756): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.005971][   T40] audit: type=1400 audit(1751163230.409:16757): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.005995][   T40] audit: type=1400 audit(1751163230.409:16758): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.006016][   T40] audit: type=1400 audit(1751163230.409:16759): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.006037][   T40] audit: type=1400 audit(1751163230.409:16760): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.006058][   T40] audit: type=1400 audit(1751163230.409:16761): avc:  denied  { read } for  pid=5646 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   88.008013][ T7951] FAULT_INJECTION: forcing a failure.
[   88.008013][ T7951] name failslab, interval 1, probability 0, space 0, times 0
[   88.064850][ T7951] CPU: 2 UID: 0 PID: 7951 Comm: syz.2.684 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   88.064865][ T7951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.064872][ T7951] Call Trace:
[   88.064877][ T7951]  <TASK>
[   88.064881][ T7951]  dump_stack_lvl+0x16c/0x1f0
[   88.064901][ T7951]  should_fail_ex+0x512/0x640
[   88.064917][ T7951]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   88.064933][ T7951]  should_failslab+0xc2/0x120
[   88.064948][ T7951]  __kmalloc_cache_noprof+0x6a/0x3e0
[   88.064961][ T7951]  ? percpu_ref_init+0xec/0x410
[   88.064974][ T7951]  ? __pfx_css_release+0x10/0x10
[   88.064984][ T7951]  percpu_ref_init+0xec/0x410
[   88.064995][ T7951]  ? init_and_link_css+0x32c/0x700
[   88.065011][ T7951]  cgroup_apply_control_enable+0x50b/0xbb0
[   88.065025][ T7951]  ? css_populate_dir+0x254/0x580
[   88.065042][ T7951]  cgroup_mkdir+0x5e7/0x11f0
[   88.065056][ T7951]  ? __pfx_cgroup_mkdir+0x10/0x10
[   88.065069][ T7951]  kernfs_iop_mkdir+0x10e/0x190
[   88.065086][ T7951]  ? bpf_lsm_inode_mkdir+0x9/0x10
[   88.065102][ T7951]  vfs_mkdir+0x593/0x8c0
[   88.065116][ T7951]  do_mkdirat+0x304/0x3e0
[   88.065132][ T7951]  ? __pfx_do_mkdirat+0x10/0x10
[   88.065148][ T7951]  ? getname_flags.part.0+0x1c5/0x550
[   88.065160][ T7951]  __x64_sys_mkdir+0xef/0x140
[   88.065175][ T7951]  do_syscall_64+0xcd/0x4c0
[   88.065191][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.065203][ T7951] RIP: 0033:0x7fbf7998e929
[   88.065211][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.065223][ T7951] RSP: 002b:00007fbf777f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[   88.065233][ T7951] RAX: ffffffffffffffda RBX: 00007fbf79bb5fa0 RCX: 00007fbf7998e929
[   88.065240][ T7951] RDX: 0000000000000000 RSI: 0000000000000184 RDI: 0000200000000100
[   88.065246][ T7951] RBP: 00007fbf777f6090 R08: 0000000000000000 R09: 0000000000000000
[   88.065252][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   88.065262][ T7951] R13: 0000000000000000 R14: 00007fbf79bb5fa0 R15: 00007ffc52d2aa08
[   88.065283][ T7951]  </TASK>
[   88.074157][ T7958] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7958 comm=syz.4.686
[   88.169296][ T6000] BUG: unable to handle page fault for address: ffffed101acea401
[   88.171815][ T6000] #PF: supervisor read access in kernel mode
[   88.171823][ T6000] #PF: error_code(0x0000) - not-present page
[   8J8u.n1 72198 290]2[: 13T:65000 0] PsGyDz k1a7lflfeer ek0e6r7n .P4aD 17lfefrete 0ke6rn7e lP:U D[  7f fd30 6878 .1P6M9D2 906 ][
 T60[   88.171846][ T6000] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[   88.171858][ T6000] CPU: 2 UID: 0 PID: 6000 Comm: kworker/2:4 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) 
[   88.187088][ T6000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   88.190973][ T6000] Workqueue: cgroup_destroy css_free_rwork_fn
[   88.193042][ T6000] RIP: 0010:css_rstat_flush+0x372/0x23f0
[   88.194909][ T6000] Code: 92 c3 31 ff 89 de e8 fd 2d 07 00 84 db 0f 85 01 11 00 00 e8 10 33 07 00 48 8b 44 24 08 48 83 c0 08 48 89 44 24 10 48 c1 e8 03 <42> 80 3c 38 00 0f 85 b8 15 00 00 48 8b 44 24 08 48 8b 58 08 48 85
[   88.200699][ T6000] RSP: 0018:ffffc9000305fb18 EFLAGS: 00010802
[   88.202511][ T6000] RAX: 1ffff1101acea401 RBX: 0000000000000001 RCX: ffffffff81b4fe71
[   88.204962][ T6000] RDX: ffff888036d4c880 RSI: ffffffff81b4ed60 RDI: 0000000000000001
[   88.207666][ T6000] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   88.210407][ T6000] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880579ab800
[   88.212862][ T6000] R13: ffff888029a4a000 R14: 0000000000000001 R15: dffffc0000000000
[   88.215329][ T6000] FS:  0000000000000000(0000) GS:ffff8880d6952000(0000) knlGS:0000000000000000
[   88.218144][ T6000] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.220112][ T6000] CR2: ffffed101acea401 CR3: 0000000031b69000 CR4: 0000000000352ef0
[   88.223107][ T6000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.225767][ T6000] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.228571][ T6000] Call Trace:
[   88.229626][ T6000]  <TASK>
[   88.230595][ T6000]  ? __lock_acquire+0x1053/0x1c90
[   88.232213][ T6000]  ? debug_object_deactivate+0x1ec/0x3a0
[   88.233962][ T6000]  ? finish_task_switch.isra.0+0x221/0xc10
[   88.235785][ T6000]  css_rstat_exit+0xa2/0x470
[   88.235802][ T6000]  css_free_rwork_fn+0x80/0x12e0
[   88.235815][ T6000]  ? rcu_is_watching+0x12/0xc0
[   88.235829][ T6000]  process_one_work+0x9cc/0x1b70
[   88.235841][ T6000]  ? __pfx_process_one_work+0x10/0x10
[   88.235853][ T6000]  ? assign_work+0x1a0/0x250
[   88.235870][ T6000]  worker_thread+0x6c8/0xf10
[   88.235882][ T6000]  ? __kthread_parkme+0x19e/0x250
[   88.249215][ T6000]  ? __pfx_worker_thread+0x10/0x10
[   88.249241][ T6000]  kthread+0x3c2/0x780
[   88.249256][ T6000]  ? __pfx_kthread+0x10/0x10
[   88.253931][ T6000]  ? rcu_is_watching+0x12/0xc0
[   88.255479][ T6000]  ? __pfx_kthread+0x10/0x10
[   88.256941][ T6000]  ret_from_fork+0x5d4/0x6f0
[   88.258333][ T6000]  ? __pfx_kthread+0x10/0x10
[   88.259897][ T6000]  ret_from_fork_asm+0x1a/0x30
[   88.261572][ T6000]  </TASK>
[   88.262933][ T6000] Modules linked in:
[   88.264505][ T6000] CR2: ffffed101acea401
[   88.265872][ T6000] ---[ end trace 0000000000000000 ]---
[   88.268005][ T6000] RIP: 0010:css_rstat_flush+0x372/0x23f0
[   88.270059][ T6000] Code: 92 c3 31 ff 89 de e8 fd 2d 07 00 84 db 0f 85 01 11 00 00 e8 10 33 07 00 48 8b 44 24 08 48 83 c0 08 48 89 44 24 10 48 c1 e8 03 <42> 80 3c 38 00 0f 85 b8 15 00 00 48 8b 44 24 08 48 8b 58 08 48 85
[   88.276035][ T6000] RSP: 0018:ffffc9000305fb18 EFLAGS: 00010802
[   88.278393][ T6000] RAX: 1ffff1101acea401 RBX: 0000000000000001 RCX: ffffffff81b4fe71
[   88.281503][ T6000] RDX: ffff888036d4c880 RSI: ffffffff81b4ed60 RDI: 0000000000000001
[   88.284720][ T6000] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[   88.287706][ T6000] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880579ab800
[   88.290151][ T6000] R13: ffff888029a4a000 R14: 0000000000000001 R15: dffffc0000000000
[   88.293013][ T6000] FS:  0000000000000000(0000) GS:ffff8880d6952000(0000) knlGS:0000000000000000
[   88.296610][ T6000] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.298736][ T6000] CR2: ffffed101acea401 CR3: 0000000031b69000 CR4: 0000000000352ef0
[   88.301151][ T6000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.304239][ T6000] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.306824][ T6000] Kernel panic - not syncing: Fatal exception
[   88.309926][ T6000] Kernel Offset: disabled
[   88.311726][ T6000] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:13:50  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000060363 RCX=ffffffff822eaa6e RDX=ffff88803c5e8000
RSI=ffffffff822e9db8 RDI=0000000000060363 RBP=000fffffffffffff RSP=ffffc90003b3f510
R8 =0000000000000007 R9 =0000000000000005 R10=0000000000000005 R11=0000000000007c78
R12=0000000000000005 R13=0000000000000001 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81bc20d6 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6752000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3bcbe0 CR3=000000005de39000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000000a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bfaf5 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc900274d7508
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=707573203a465023
R12=0000000000000000 R13=000000000000000a R14=ffffffff9b0882e0 R15=ffffffff855bfa90
RIP=ffffffff855bfb1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 00007f267cb87c80 ffffffff 00c00000
GS =0000 ffff8880d6852000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3d881b CR3=000000002aaad000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff18275610 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5d3d411c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855bfaf5 RDI=ffffffff9b088320 RBP=ffffffff9b0882e0 RSP=ffffc9000305f2f0
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=727265203a465023
R12=0000000000000000 R13=000000000000002e R14=ffffffff9b0882e0 R15=ffffffff855bfa90
RIP=ffffffff855bfb1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6952000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=ffffed101acea401 CR3=0000000031b69000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd828c3d90 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7045c11c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=dffffc0000000000 RBX=0000000000000003 RCX=ffffffff822b464c RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff90a80d50 RBP=1ffffffff21501aa RSP=ffffc90003fef528
R8 =0000000000000000 R9 =1ffffffff21501aa R10=ffffffff90a80d57 R11=0000000000000001
R12=ffffe8fefc789000 R13=0000607e25d37000 R14=ffffe8fefc789010 R15=ffff888033309000
RIP=ffffffff8222f552 RFL=00000807 [-O---PC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555571474500 ffffffff 00c00000
GS =0000 ffff8880d6a52000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1cb8f726e0 CR3=0000000031b69000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000005 Opmask01=0000000000000001 Opmask02=0000000000004000 Opmask03=0000000000000000
Opmask04=00000000fffff7ff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7de1eacb 00007ffd7de1eacb
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7de1efd0 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7de1efd0 0000003000000018
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 584452205d313539 3754205b5d303432 3536302e38382020 205b3e343c003900
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5244522057313533 3754205157303432 3536302432322020 2051343436003300
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7561662065676170 20656c646e616820 6f7420656c62616e 75203a475542205d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3638362e342e7a79 733d6d6d6f632038 3539373d64697020 74656b636f735f65
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74756f725f6b6e69 6c74656e3d737361 6c637320303d6570 79745f67736d6c6e
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20303d6c6f636f74 6f7270203a656761 7373656d206b6e69 6c74656e2064657a
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 696e676f6365726e 75203a78756e694c 4553205d38353937 54205b5d37353134
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6f6e6920227366 706d74223d766564 20223039312f223d 6874617020223830
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000