last executing test programs:

45.133038237s ago: executing program 3 (id=1593):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r1 = dup(r0)
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000000))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x1c, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r3, 0x0, 0x0, 0x0, 0x10, 0xd, @void, @value}, 0x94)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f00000000c0), r2)
r5 = ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
sendmsg$GTP_CMD_ECHOREQ(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r4, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r5}, @GTPA_O_TEI={0x8, 0x9, 0x1}, @GTPA_O_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x34}}, 0x84)

44.97553691s ago: executing program 3 (id=1597):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x3c, r0, 0x801, 0x70bd26, 0x1000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "5d7a000600"}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac0b}]}]}, 0x3c}}, 0x0)

44.879904696s ago: executing program 3 (id=1599):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, &(0x7f00000000c0), &(0x7f0000000100)=r6}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_open_dev$dri(&(0x7f0000000000), 0x9, 0x14900)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r7, @ANYRES32=r4, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r7, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20)
r8 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$CDROMMULTISESSION(r8, 0x5310, &(0x7f0000000280)={@lba=0xa, 0x1, 0x1})
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}}, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r9, 0x4138ae84, &(0x7f0000000100)={{0x7000, 0xdddd1000, 0xe, 0x3, 0x8, 0x0, 0x0, 0x2, 0x0, 0x6, 0x9, 0x10}, {0x8080000, 0x4, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0xffff1000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0xff, 0xfc}, {0x10000, 0xd000, 0x0, 0x7f, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4}, {0x2, 0xdddd0000, 0x8, 0x8, 0xff, 0x7f, 0x0, 0xe, 0x0, 0xbf, 0x7d}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xa0}, {0x8080000, 0x0, 0xa, 0x6, 0x5, 0x0, 0x68, 0x1}, {0x0, 0x2000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0x10}, {0xf000}, {0x10000}, 0xfdfcffdb, 0x0, 0x4, 0x28, 0xb, 0xf801, 0x0, [0x2000000000000000, 0x0, 0x1]})

44.195502703s ago: executing program 3 (id=1612):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xb0, r0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x4}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mount$9p_virtio(&(0x7f0000000180), 0x0, 0x0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0), 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000440)={0x3, 0x0, 0x10000})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
sendmsg$NL80211_CMD_DEAUTHENTICATE(r4, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r0, 0x601, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="97529e360ca8"}]}, 0x28}, 0x1, 0x0, 0x0, 0xa040}, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x3c, r0, 0x801, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "5d7a000600"}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac0b}]}]}, 0x3c}}, 0x0)

44.036177892s ago: executing program 3 (id=1614):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r0, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]}, 0x28}, 0x1, 0x700000000000000}, 0x0)

43.445202297s ago: executing program 3 (id=1618):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x7e)
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
mount$9p_xen(0x0, &(0x7f0000001000)='./file0\x00', &(0x7f0000001040), 0xa, &(0x7f0000001100))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xad)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000800000000000000004000000180100002020702500000000002020207b1af8ff00000000bfa108000000000047010000f6ffffffb702000008001000b703000000000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

43.161957656s ago: executing program 32 (id=1618):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x7e)
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
mount$9p_xen(0x0, &(0x7f0000001000)='./file0\x00', &(0x7f0000001040), 0xa, &(0x7f0000001100))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xad)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000800000000000000004000000180100002020702500000000002020207b1af8ff00000000bfa108000000000047010000f6ffffffb702000008001000b703000000000000850000005d00000095"], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

31.6729645s ago: executing program 1 (id=1657):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x30, r2, 0x1, 0x70bd29, 0xffffffff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x30}, 0x1, 0x0, 0x200000000000000, 0x20000000}, 0xc000)

31.621136553s ago: executing program 1 (id=1659):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000640), r1)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)={0x20, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}, @MPTCP_PM_ATTR_ADDR={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r0)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x74, r3, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x90)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000180), 0x4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000bc0)={0x3e4, r5, 0x205, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3ae, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac=@device_b}, 0x0, @default, 0x5d7f, @val={0x0, 0x7, @random="6a831fe0366657"}, @void, @val={0x3, 0x1, 0xb8}, @void, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x80, 0x1, 0x6, 0x0, {0x2, 0xc9, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x8, 0xb, 0x4}}, @val={0x72, 0x6}, @void, @void, [{0xdd, 0x9b, "d8b1a2ccba28d8abb55ca00c6d670a72c2eb3865149f86afd645bb499ceb7e878b5a5f477725c4fd182e2de93f1af186f94b9f7a4559fa18ae9ecd5661a327f64d258888ed13212396366fe2229ac5cd2b39df8905d795a2c0526acf9d12fbc3c5be5245e6b79cd141f828a0116c1890260db51477c0a687891e1e441e9058b7b26725262c8cd829ac19e677e107f0c4e3c612e10a4cd7c712f865"}, {0xdd, 0xee, "95486fdaee62f9cf824e8ade1a304687148448c3e36ee293e61490daebfeeffcda2874a7039e9453a5b865ef01d0a37c1888f4493e92fa9e1e96de4687e8b8c8ed59e6080b53be5a3e2b4b1c5ff64cf02b73a177494bdb28c371d1eb096484ebe4bf4d885fb0d6facd63b870005e1a7e13c2145d45a5f9eab21e0566c327d11a2b4d92bc06760a036e850f63187e2a42fe0a0047903465801c19fdc11b975219357132fd0850a5023930300c2c1d436bffdc476c8a337c95353731570357f0c927c18ce926a4616d66b4bfb91a4fdf899425d37744cfcb25c740afe616ac9b46b5bd6b3aea61d1c3ae48708a1121"}, {0xdd, 0xa3, "97c21cd6c43dc9447c70b0baa36192ccf1647c46fb85a7798d674d9ab27fcb72c11c9cc8ec1769725edc8a3667f810d5dee8cccf4cb383fa3ca98af87f3ddd6573cb6ce5a786353f4c542ae6e6ce21b3dc5ba513ca4fb917ec6f6459851b92426226aa56fe9007a852543c3eb4d3a48c0604970e1d86c352b8443c9b98f0b137d7cc536d80ac60b4b9f7909cdbcb4601ebf6ca5251ce9e971c9a53be678fd5568f1ecc"}, {0xdd, 0x2b, "ff4f31cacbd795a981e8e6613b979b6be6886aa3362c9eb632509bc99b53d6579632f1f435add2fcd91bd7"}, {0xdd, 0x73, "455b5541eb93d26470befa3bebadc44f3a43e71c3cfa7b03b63b5e101f8032bfbcf58f23e06edcd056c78ccdae080bb430baccdb5de63ee172c4f4bf40bc4ba4c3d85feddab3e092dc3e265ff82a44054bd31b4939e0d21d38c47a8e377f6ee1afa3b33ab356052b47d410a1fbeb9de1470c59"}, {0xdd, 0x1d, "c7cf1610969418dbf19211335f5eeb663aa2c7eebee697a26d871d1727"}, {0xdd, 0x5e, "d457e871b1dab13d150d4fcd125533316e6d853ce729d5c9e705f1b06dd8e3922f3b8b95cbd9ab7ecff101d3511919a8f9603f57e4cff635355d4df0ec357563213c772f7d2e3c98291f08f68f2a9a4e29c12385d5f5895daa8772c42e58"}]}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7f}]}, 0x3e4}}, 0x0)

31.438108254s ago: executing program 1 (id=1662):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
rt_sigsuspend(&(0x7f00000000c0)={[0x7e44]}, 0x8)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x3, 0xc20, 0xadb12e32f182386c, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)

31.039176374s ago: executing program 0 (id=1666):
socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

30.625285552s ago: executing program 0 (id=1669):
r0 = socket$inet6(0xa, 0x1, 0x84)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x145680)
ioctl$SNDRV_PCM_IOCTL_PREPARE(r1, 0x4140, 0x0)
bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
sendto$inet6(r0, &(0x7f0000000140)='\b', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback, 0x1}, 0x1c)

30.469138466s ago: executing program 1 (id=1671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r1}, &(0x7f00000005c0), &(0x7f0000000640)=r2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r3, 0x18000000000002a0, 0xe, 0xf0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000021, 0x0, 0x0, 0x0, 0x0}, 0x50)

30.240762102s ago: executing program 1 (id=1674):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xb0, r0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x4}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mount$9p_virtio(&(0x7f0000000180), 0x0, 0x0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0), 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000440)={0x3, 0x0, 0x10000})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
sendmsg$NL80211_CMD_DEAUTHENTICATE(r4, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x28, r0, 0x601, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="97529e360ca8"}]}, 0x28}, 0x1, 0x0, 0x0, 0xa040}, 0x80)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))

29.992686295s ago: executing program 1 (id=1677):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0)
socket(0x10, 0x803, 0x0)
ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, &(0x7f0000001300)=""/4096)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtfilter={0x80, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0xc, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a0, 0xd5}}, @TCA_U32_ACT={0x34, 0x7, [@m_skbmod={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_U32_CLASSID={0x8, 0x1, {0x11, 0xb}}]}}]}, 0x80}, 0x1, 0x0, 0x0, 0x81}, 0x800)

29.747861268s ago: executing program 0 (id=1679):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)
pipe2$9p(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@ipv6_newnexthop={0x28, 0x68, 0x1, 0x0, 0x25dfdbfb, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_OIF={0x8, 0x5, r5}]}, 0x28}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="28000000120005"], 0x28}}, 0x80) (async)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x0, 0x0, 0x0, 0x0, 0x4, 0xc, 0x0, 0x5, 0xff, 0x1f}, {0x3, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x9}, {0x0, 0x0, 0x3c, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0) (async)
ioctl$KVM_RUN(r9, 0xae80, 0x0) (async)
truncate(&(0x7f0000000200)='./file1\x00', 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xfff3}, {0x5}, {0x1, 0xe}}}, 0x24}}, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r2}}) (async)
splice(r1, 0x0, r10, 0x0, 0x1fffffffffff, 0x0) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
setsockopt$XDP_UMEM_REG(r10, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f00000000c0)=""/15, 0x302000, 0x800, 0x0, 0x2}, 0x20) (async)
getsockname$packet(r10, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14)

29.222907848s ago: executing program 0 (id=1680):
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xa}, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000000), 0x6)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{0xc, 0x0, 0x2}, {0x8, 0x5, 0x5, 0x9}, {0xfff, 0x6, 0x8, 0x5}, {0x7, 0x3, 0x9}, {0x4, 0x6, 0x6, 0x2}, {0x3, 0xa, 0x2b, 0x800}]})
ioctl$sock_bt_hci(r3, 0x800448d7, &(0x7f00000001c0))

28.449845551s ago: executing program 0 (id=1684):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xb0, r0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x4}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mount$9p_virtio(&(0x7f0000000180), 0x0, 0x0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0), 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000440)={0x3, 0x0, 0x10000})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))

28.344197355s ago: executing program 0 (id=1685):
socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

24.46880746s ago: executing program 4 (id=1706):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
epoll_create(0xd18)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

24.292501245s ago: executing program 4 (id=1708):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0xff06, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f00000000c0)={0x18, 0x0, {0x4, @multicast, 'bond0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r3, 0x4008b100, &(0x7f0000000040)={0x18, 0x0, {0x4, @local, 'wg0\x00'}})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x64}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x12, &(0x7f0000000140), 0x4)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x6c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x6c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000040)={0x0, 0x3a, &(0x7f0000000080)={&(0x7f0000000340)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000840)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
sendmsg$rds(r8, &(0x7f0000001a00)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x34, r9, 0x1, 0x70bd2b, 0x0, {{}, {}, {0x1a, 0x17, {0x0, 0xfffffffd, @l2={'eth', 0x3a, 'gre0\x00'}}}}}, 0x34}}, 0x8044)

23.940391515s ago: executing program 4 (id=1710):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r1, 0x40305652, &(0x7f00000004c0)={0x0, 0x1, 0x0, 0x0, 0x2})
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1a}, @hci_ev_le_ext_adv_report={{}, {0x1, [{0x1a, 0x0, @any, 0x5, 0x3b, 0xb, 0x9, 0x2, 0x6, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}]}}}}, 0x1d)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x24, @long={0x3, 0x1}}, 0x14, &(0x7f00000000c0)={&(0x7f0000000080)="57ff45f71a47e2ea69deabc168053fb50cdcb8af", 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x4000014)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newlink={0x44, 0x10, 0x801, 0xfffffffd, 0x25dfdbfe, {}, [@IFLA_GROUP={0x8}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @rand_addr=' \x01\x00'}]}]}]}, 0x44}}, 0x0)

23.702516205s ago: executing program 4 (id=1712):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r0, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5}]}]}, 0x28}, 0x1, 0x0, 0x100000000000000}, 0x0)

23.611500262s ago: executing program 4 (id=1714):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0xb0, r0, 0x8, 0x70bd2c, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x4}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x1}]}, 0xb0}, 0x1, 0x0, 0x0, 0x20000000}, 0x44)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mount$9p_virtio(&(0x7f0000000180), 0x0, 0x0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
openat$ppp(0xffffffffffffff9c, &(0x7f00000005c0), 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r4, 0xc0206434, &(0x7f0000000440)={0x3, 0x0, 0x10000})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))

23.499998657s ago: executing program 4 (id=1715):
r0 = accept$ax25(0xffffffffffffffff, &(0x7f00000002c0)={{0x3, @bcast}, [@bcast, @rose, @null, @remote, @default, @remote, @remote, @netrom]}, &(0x7f0000000480)=0x48)
r1 = accept4$ax25(r0, &(0x7f00000003c0)={{}, [@default, @rose, @netrom, @bcast, @null, @netrom]}, &(0x7f00000004c0)=0x48, 0x0)
r2 = accept4$ax25(r1, &(0x7f0000000200)={{0x3, @null}, [@default, @null, @default, @rose, @rose, @null, @bcast]}, &(0x7f0000000340)=0x4c, 0xc0800)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x9b050, r2, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000000)='8', 0x1}], 0x1)
r7 = syz_open_dev$video4linux(&(0x7f00000001c0), 0xff, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r7, 0xc040563e, &(0x7f0000000380)={0x1, 0x0, 0x100, 0x5, {0x1, 0x48, 0x9, 0xe2bf}})
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

14.980872885s ago: executing program 33 (id=1677):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0)
socket(0x10, 0x803, 0x0)
ioctl$EVIOCGVERSION(0xffffffffffffffff, 0x80044501, &(0x7f0000001300)=""/4096)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtfilter={0x80, 0x2c, 0xd2b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0x3}, {}, {0x1, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0xc, 0x6, 0x0, 0x9, 0x401, 0x1000, 0x8a0, 0xd5}}, @TCA_U32_ACT={0x34, 0x7, [@m_skbmod={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}, @TCA_U32_CLASSID={0x8, 0x1, {0x11, 0xb}}]}}]}, 0x80}, 0x1, 0x0, 0x0, 0x81}, 0x800)

13.281922276s ago: executing program 34 (id=1685):
socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000180)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x2000000000c0, 0x2000000000f0, 0x200000000120], 0x0, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
getpeername$packet(r4, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r3, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

7.968630627s ago: executing program 35 (id=1715):
r0 = accept$ax25(0xffffffffffffffff, &(0x7f00000002c0)={{0x3, @bcast}, [@bcast, @rose, @null, @remote, @default, @remote, @remote, @netrom]}, &(0x7f0000000480)=0x48)
r1 = accept4$ax25(r0, &(0x7f00000003c0)={{}, [@default, @rose, @netrom, @bcast, @null, @netrom]}, &(0x7f00000004c0)=0x48, 0x0)
r2 = accept4$ax25(r1, &(0x7f0000000200)={{0x3, @null}, [@default, @null, @default, @rose, @rose, @null, @bcast]}, &(0x7f0000000340)=0x4c, 0xc0800)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000002, 0x9b050, r2, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000000)='8', 0x1}], 0x1)
r7 = syz_open_dev$video4linux(&(0x7f00000001c0), 0xff, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r7, 0xc040563e, &(0x7f0000000380)={0x1, 0x0, 0x100, 0x5, {0x1, 0x48, 0x9, 0xe2bf}})
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

1.665491982s ago: executing program 2 (id=1804):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
epoll_create(0xd18)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES64=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1.39956275s ago: executing program 2 (id=1805):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000006200)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000000c0)="24c2e2fb6d02ac2707af5fe61d2a9fdb8c8854fed3bfe8c759b0dc529f960ad7c002c29da2a685724c8ef5b614f9a28e5dc63199bbb0bdbd5f11324a3971c7d0bbac189346cc1e3cb63d0e0978c144dea35583cbb06dd29883f3874ba31ee0c0ddf289368ec28b3f86e5c797ea", 0x6d}, {&(0x7f0000000280)="af7bca008b3753746a5a192e30d2a391f6e4ec5e1db94152164e30d5c9548c1a1a29a22635e291b7962b306e5ff39eb5fb09f7d62c0c470f84181a97d05896b57c1bc826068fc196959b7f026f843a38398e2b4108a6ac512fe7b3b2c5e20a49290aa1c3c4b181bae36bb821a72629890349e4e7a53b00", 0x77}], 0x2, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x8804}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000007a00)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000180)=""/219, 0xdb}], 0x1, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f454c461c02f9b7ff7f00000000000002000300fffeffffdf020000000000004000000000000000030300000000000000000000080038000100040004000d00030000000080000000000000010000000700000000000000080000000000000005000000000000000204"], 0x78)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}, 0xfffffff5}], 0xf00, 0x0, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r2, 0x5101)
r4 = getpgid(0x0)
ptrace$setregs(0xd, r4, 0x8, &(0x7f0000000300)="4bd493730bf565a3df2e82ccddf31de8dfdaf458e12faff6860358eedb5fd201435211c12243838557556111efe1e36ae50261d7294d9a595faa8a08d8ebdfd719748efe3793794f20b622a2d34ce57620026a352539b96741aeb46330c67892223de0f3aa764ae33012997ea3728043842af1dadac2d1affdbcabe2f80bdf0b51836eb0beb8ca26a57549bdba9f1b43a5569eb34c49d20ee065dfff77b71acbe0073ca3ca46e3465fad93d3911b45acc9221ffa42a4e33937052a275e16c93b58ece4f2d95204f75bc7e5fd0c839de84899393d7a484d5b")
r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
r6 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r5, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r6, 0x20, &(0x7f0000000080)="1a5d97a2c23cf7dd8395b0dfe220806daa42dfebe21bbbada408f44f7be129f2714b561c97682952f5576afc6acefa09bcc8830ccedbafe3da557fe39161fe68367436ac884474bd", 0x0, 0x48)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)

543.613052ms ago: executing program 2 (id=1806):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, &(0x7f00000000c0)={0x9, 0x6, 0x0, 0x6, 0x19, "f44327189019f4ba9c2d666c378d75463e665e"})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x3c, r0, 0x801, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_KEY={0x20, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "5d7a000600"}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac0b}]}]}, 0x3c}}, 0x0)

324.753639ms ago: executing program 2 (id=1807):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa200000000000007020000d5ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000000)=@bpf_tracing={0x1a, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@call]}, &(0x7f0000000a00)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x35, '\x00', 0x0, 0x1c, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x13b02, r1, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)

172.899146ms ago: executing program 2 (id=1808):
r0 = gettid()
sched_setscheduler(r0, 0x6, &(0x7f0000000000)=0x1)
gettid()
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2, 0x2)
ioctl$DMA_BUF_SET_NAME_A(r1, 0x40046201, &(0x7f0000000080)='/%\x00')
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/kexec_loaded', 0x111002, 0xbb)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000180)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3f8, 0x140, 0x2c8, 0x208, 0x140, 0x0, 0x360, 0x360, 0x360, 0x360, 0x360, 0x6, &(0x7f0000000100), {[{{@ip={@loopback, @multicast2, 0xff000000, 0xffffffff, 'nicvf0\x00', 'bridge_slave_1\x00', {0xff}, {0xff}, 0x5e, 0x3, 0x7e}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x9, 0x1, @local, 0x4e24}}}, {{@ip={@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x29}, 0xffffff00, 0xffffffff, 'ip6gretap0\x00', 'caif0\x00', {0xff}, {0xff}, 0x3f, 0x1, 0x38}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x10000, 0x6, @loopback, 0x4e20}}}, {{@uncond, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xb}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x8001, 0x40, @multicast2, 0x4e23}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x12}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x0, 0x9}}}, {{@uncond, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x8, 0xb0}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x458)
sendmsg$nl_route(r2, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)=@ipv4_delroute={0x24, 0x19, 0x904, 0x70bd27, 0x25dfdbfc, {0x2, 0x80, 0x0, 0x8, 0x0, 0x0, 0xff, 0x0, 0x1000}, [@RTA_PRIORITY={0x8, 0x6, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x90)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f0000000740)={0x4, {0xb6ee, 0x3f3, 0x8001, 0x7}, {0x7, 0x2, 0x5, 0xe21c}, {0x4, 0x8}})
r4 = openat$cgroup_ro(r1, &(0x7f0000000780)='cpuset.memory_pressure_enabled\x00', 0x0, 0x0)
ioctl$VIDIOC_G_CTRL(r3, 0xc008561b, &(0x7f00000007c0)={0x3, 0x4})
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000800), 0x2, 0x0)
lstat(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000940)=@updsa={0x2d0, 0x1a, 0x200, 0x70bd25, 0x25dfdbfe, {{@in=@remote, @in=@rand_addr=0x64010102, 0x4e21, 0x1, 0x4e24, 0x845, 0xa, 0x40, 0x0, 0xe9176a6923048810, 0x0, r5}, {@in=@multicast1, 0x4d4, 0x2b}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {0x4d9, 0x4, 0x8000000000000000, 0x101, 0x1, 0x7, 0x7, 0x8}, {0x8001, 0x0, 0x0, 0x6}, {0x10001, 0xfe2, 0xfffffff8}, 0x70bd25, 0x3507, 0x0, 0x1, 0x3, 0x41}, [@etimer_thresh={0x8, 0xc, 0xff}, @lastused={0xc, 0xf, 0xfffffffffffff3b1}, @proto={0x5, 0x19, 0x2b}, @sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0x9}}, @etimer_thresh={0x8, 0xc, 0x4}, @tmpl={0x184, 0x5, [{{@in=@remote, 0x4d2, 0x6c}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3507, 0x0, 0x2, 0x1, 0xf, 0x8, 0x4}, {{@in=@rand_addr=0x64010100, 0x4d4, 0xff}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x26}, 0x0, 0x1, 0x1, 0x9, 0x1, 0x1, 0x80000000}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, 0x4d3, 0x2b}, 0x2, @in6=@mcast1, 0x3507, 0x3, 0x2, 0x4, 0x3, 0x5, 0xb}, {{@in=@private=0xa010102, 0x4d5, 0x33}, 0x2, @in=@multicast1, 0x3500, 0x1, 0x2, 0x62, 0x1, 0x9, 0xffffff00}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d4, 0x33}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x34ff, 0x0, 0x3, 0x3, 0x7ff, 0x3, 0x93}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x4d3, 0xff}, 0xa, @in6=@local, 0x3506, 0x3, 0x0, 0x3, 0x1, 0x9, 0xcf}]}, @encap={0x1c, 0x4, {0x2, 0x4e21, 0x4e23, @in=@empty}}, @etimer_thresh={0x8, 0xc, 0x7}, @XFRMA_IF_ID={0x8, 0x1f, 0x4}]}, 0x2d0}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000)
ioctl$VIDIOC_G_CTRL(r4, 0xc008561b, &(0x7f0000000cc0)={0x1000, 0x6})
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r4, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x50, 0x3, 0x8, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6004}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80), 0x800000, &(0x7f0000000ec0)={[], [{@appraise}, {@seclabel}, {@measure}, {@fowner_gt={'fowner>', r5}}]})
mount$9p_virtio(&(0x7f0000000f00), &(0x7f0000000f40)='./file0\x00', &(0x7f0000000f80), 0x2004, &(0x7f0000000fc0)={'trans=virtio,', {[{@version_L}, {@posixacl}, {@nodevmap}, {@cache_readahead}, {@mmap}, {@cache_mmap}, {@afid={'afid', 0x3d, 0x5}}], [{@obj_role={'obj_role', 0x3d, 'fowner>'}}, {@uid_gt={'uid>', r5}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@smackfshat={'smackfshat', 0x3d, 'measure'}}]}})
ioctl$VIDIOC_G_SELECTION(r4, 0xc040565e, &(0x7f0000001080)={0x7, 0x0, 0x4, {0x2, 0xf, 0x0, 0x7}})
writev(r4, &(0x7f00000032c0)=[{&(0x7f00000010c0)="5b02e86f3b6b90793ee1afd6a6eb9e5a52f5", 0x12}, {&(0x7f0000001100)="cf6db6a7d0af4e7bdeaffec4107de2d170dcf912ad629cdc02087a4f37f52698d2789efcdc287a4501b37010f29147a591e119ea2f97a22058ae50c47aabec9cd5f713fb643aed47087e50458a839d473c81d158c6c7fd7d4d4c4fe5d9d3c3c587acf273715f97931cf4c261746baa2792ab73a3f0d4934e29a8386eb7fd4eb25964e9b1f3d76ce423dc59726b625fdf7bd464dd678f82ebf43640dc8f758a395a21137a7c9a43cc6321dcf58eb73a850bf5b30c9e2c79451a2b3bdb30d33c8088458312140b9c4b9aab670fc71356453deeadd55479580d5ba662a891f4391a75a6501815aafc6436da9dd162475b7f7330056142e7376a513843eb5a3b0ce456b72d0e0b7ba79ea06132817cbd03e40a6f19df894d33317ffc4d0df7140bc973c5ace58f51dfd932124fa3bc2bc7840621ef9b1da1569a52e61c509604d90ffd07d7f0c37b01cf5b6688ad85cfd37a9374628ea1851690f36d4c2ee650870e0647a2590a11c40091cad630b50376dd0bbaf2c118db25316672008b8548055c46a058252db33e883b4284c8a92c659bd7130afb0351e49608bd4c9de3ad5b72fd9ec488647e3785a43e031b81a542f139ae4b46d29c3982a39ed41a7152c7d741de3f35862b74fc80116982bbf3cf100b4fc9b09c8920861219761ca49607aa7ced16f8c16112d3e7119d5e6e0aa83fdb3fc26646bddfc7cc7aca4ad8e0842d9895c24583270d880b3926460918a96be410088f119052239cf9be706b6322b5c53d4091fca0767778518737ea87391d2a00de52c88b61d3af4349e6e3801d21b254bc7a41e06f2e5465411e39064044a07746b8a09a21ed6eb5b97d07a114a3e7491b323eef00f440f2325dacc821f7ea005a4fbca6edc6080b1a0d26dc9b4856aab6ceea922126e5d683f31dcdee963e5f8a87bccfd397368c06ff7395c83b93ea0e6f35f099ec155803d62080f497f4cef78b5061fb84d1f324dcee456ac99e2b22bda669305577660049851b7a5982b5812f091a799da4b98021800aa52974f401bc88086d43626b8be27f0376837ee0cb7e87434c060a28ee2cd4f9430261efb93f00898a43e9a8705901136690234ca16071fd6c27b34715571a469932b067231d9aaedcecce03098584c2a85fa47312940a54aed21ddaf9182c23a1afc47a19f4fcc4f098ad4c14ab2e3fff9151b8b5fe62794ac06798509b5945ea97fccd8551344838c24fa037353a0b851f120128a58071217ff18dff2972b79195bd96e5e9a19b8020d958aed639ed60a26a4545d470412d730d012719f8f6dceb9e15504e02be9f2efebe3a8bce46105bb0f579b0f44b818d596186e926a78ffbdf9628019c14628c4ea724d9df6522758390ed3a99cb9b96c878f186918a78c0fadadbafe248a3b5df2981294de6a67c3c7ef0050e6c9e7501af096e90db75732243692ffcbec8f0450d436fd116eb7db1ad368cdc3a0c2de1bec2e2acc8eaa86e6281288ce6f9ec391dcad14ae956a5827a18bfa6ba34ee064520ad1c8c6c244dbb6bd4f51d2896e4bb396823d4637dee87e060b2db8cbc137896ed8cb36d982614fd39256f0156fa8dde5ab403b1cea7055c96e2876bd5bb0d10a2995dc14b5c52922445f7e999d078c5e9b0abd5bb959ce8ae74036f3064223f9256560f13f626c087b5df7081d94e20601f393b7d62e4cef1e824ac0de4b73b412de3e9f8a5cb27b89ff440c17f8cbf33b2489f7afb39e6e5a88adb6b9869b44ab57bae781f3a5fd8cdbaf2816d4c6b0f538021b61f8462987fb5e0d942e628f4be152239674bed25f5a858b4cd048529ef85726a4219cfb991f8439ae469e932b43cdf89a8d46adcf60c908393e20748fe26226d5df0918b4306849ea6b93e4adbf012ca9a8337a0c713fd97599128a0b0920fea05183af317422332bed2e70d6166d7c46da7c6e1ea3d1e766483d19700f24391e4c8746f369297b59e10e5f8a04e356136cb22f745be743ad9c493946441bd65be6fe79d79f4c90774ca91f10d525a9935af91e573659b1c7c78ce6dd256e760cbac252200ffa0d71a2aea79a609d0374ae836023921e6fbad1bec764cb202fcf9cd70a82ac174324f7eb531ea44dd5d11e122888128aab4c3463fee38161d18be650fcf19fb2eff8295656406306cbfcb70d365571ee4de987c72f63bcf71d22ee1fbe2717635b21654eeacd17e8052016a1b6ccef38491410943c998d7b1631a960f04a791a259fb856899d276e61c48399f74d4e6bc64c727e28b30826d4e498a88450c6688fe466200b87b2606322e6f4836b1e032683f0241b9234ce48971a334a21bf66b003427657e60eb9ab1f365f00156307fd1d268e130e2f7f4b7dc4e8ac8b17aac7a7ff972af20d0660a202a43ddbaa18aadc2ad32b4c670d04920160f43c10021ae9513665a2040ee0e74c9e54b9202569b65f8849f7d58d8783da77f1989a5f6a208bebe85d30dfe5f4f8bf2b69f135b45ab146866ddbfff72f9f990978bf0590ed702d996444729133f7fecc4ae897c074ea3f6859d41adcea49961bc89032bc995d4be9fda25c7169d569a9bd6b137b43fd587a0f471f97c8be750c3f6a95f1cfbf654f9444650d19e796eddbf9a1210a56794bb19f32c06a1abd11e2ab4c0fe4af01ba1a152bbd59a36af7eee651a5503cc8cf03dee90484bfd29d92ff47a17d22935f6f503d68c5ddc7f2aaeac7afee23b6f63a48259f8a285f13407dacf258a10b2bd21f4c18e3b13ef52dbae11060ca79a224230bb6c225a1d5b1fded3497fa9ba941b9d353df1e6f8f981e076863167ab664d63d1d2d6e9381cdd29b7f5ab4af125eeb3b90e435f9ec4d7fddfcf679c5322c79173bdcf37296cab681acf0f3c0576b9385935218adf03fc260dd587a570abec2ca8f4bf65a2ecc44f609631391d9c8e6d79f8b7da9c9bde70fed9e5814a0a52dc21c0e40efec45c4be48733f40672e4d1ce0a5eae6fd1eca15e22633ae48c0f625f0f36ad4988d8ed9995a50acb9aeb85b3f8767510283d0e92587bbde757701224e9b6951821f4241830aaf2785e6fbd4091b36769f8cdb386bc2015f2cdcea767f1236de027bc510576844ad541d98b9fa13141fac51ac33e974c6d9ce33f8e430b18c459fbb964ad58690d6015494862eadb6b91cf3b5246134bc163dee1ff27a7e1258913efece0abad96e50b52e815c538c7eb8e4d5cfa8a5d8c7bd41de26a965dce274f3e84785fc9d94b74f32e9b94e71214e30d3616dc7c42f1cbe78981794c31cea0041ed4a2e8ed0091ebda3a1dbda5b034ef1bebc58fb6d89af467e5b69f36f32641d5130798a3071e18503c714cd7c59ed8b7908f9b9c5be332e444c804ee45fbc145af35253cd029d438769e8e2371f81254f5e7399b9069dc99545792d8319a2b68d8272c395dc17c3829c2405030efd32cd9570632936dcf683acb79032a60a12dd081b2740e37141f78056b924aa0c1cf62aadd1906ee350691404d0360247adbc28987680f3d35fa63dd42c8424760d4bab124f5fd9d04d990aee70545c0c4b66a183c81b858e2b78c8583614f38c06aebc3e61cfa8a8eabe0b84b2afbf2691c81859b104a9cc9df70a6a94c2003fe508a840763fc8ea5af9abeee056e34c1e17f968637d60d691cc77260442a4f807aa4060993544ef5bdad1107f6c28d5da710961081dcc74eae7629163efacb2421a47aa3ebc6cfaf8c0e0ba875437007f386a0cca013151b8b1a6653e3f14221cf1b37db96e8bd557d2d36033010364772eb272056381fd756910b322e740f0b2a42bda97644b09d9ef90ed03e158d3bb7b30d4c0ca4783e9e72987ae9d51701004f34bc97011d9a732eafb3b41a228d5b6407b5a9b4f174e9fe08b55d2b9d330c333d476ebf805059e41a735be9376b780564a39d536d5b446b441551fd12744a728a2e2f4f86ff4aa9b0f264880b89c5e06f0dbc5ed3152d4d11fa45ef16b6a8b3cef337f3892b0cea886b0348da67aca8f391677945d60899762980d4a98708f5cb57e915b70d90c3a897ea581a3c6125519cef9fa7360a82e6d8f2850fea58316e238c55f9a9b845d4f73e8e394f9c806e53ef60bafd4b20f51ebd5951a71dd002e2be6bfa9e9d0566972284f661f6710325dc27d398909aebdbb464ff5132387bddf9f12d86bd0d31422655b5e41e31da61b1955c01d90f45e596dded44cb464fa9a7f0d65c82677786bfe4975cb13675708dc1d6561011bdd325ac2c7782439ea34512908bc94090e0e7f857060b345f77a42f3cb87a1c246aa34abc6444d00b96360a23d59510e44740b29f4045cc24ff3c6763a6775014423c044adaec6fbe8914ab93daa66d9a145a696af179313b36027428848eea2c51ad4aa9ae215ecde98f047d1e67b6817b6e41985ff121314c0f42f86f9a15470ae722188427240c6d97792d5216c3ce10d4e5ee2c6bddcd7e6d291ed81a5fee2018418d89da2187d24f7d056997090efb8cf21b3326b3563ab9cbd417660f65abc171047005fc7b977a2a1c9145a1a1e29d41c2a661c949fcbac13fdcfce6236f3df179d68998d5c6278044e90fe5b8bb2907e4e0cb6b12efbdbc0c6277e9bb5a7802056677e9120c584a1653844615eee35bf49f63a963f4dc64eae71cd573bf54f6038248c9ded6bb54cddab188ed637f30857318511c183baf49c2482d8ace1c57b49f8f7988bc005a01d6d42703c85d5e92a63ff424673d051f7cd8ae23f840f89c7625b779a9f682c58268a85d873ae5b621b385026a3dfc5fc28aabccd27881b6e3d27c4f619b964142184a08ac92f3acdd659632c9cb6a8e5a9f28bd1300eb9b96df3ad10572f6542bc3a3caf169f2a83931ceb3ee4b94540d020d338fcf36792428f10b404f71d965db0fa75003dcad669657986a36216127142c799467ad2c1bd8d0ecd652b46bf821d0dd61fd76411656f8ecc426e17e8f09050376157aae01b0ce4ed15bb75ba967de80ddde6e63fbd77b0eee332ce3a6ee6f21c953e3ad27d8de875de60aeaa7f44d17991509db21b3232a8f6b1855a6eaf76e83406d7551ba67fbc308110bcc2abfb44ab2b4b465d605ea167dd6b111e792fa297589d614e9de97697ace90e8bd698f0af098fea7ab852e1ed9333b3f9e8d1301d2f74afbf1bf1c397561d2f5d26ef30d8518c1fbaff67c8cc8ff3cb9922c8d44b0ddce984d232046745f4435c7393d177c6add15c81b70d3799b7ae216eff4783c12a1ca98feb743f2c9b3bcc48489a2d068966b455a3e1b8248e1737b23198e721c61d58aa3c52fe4647377eae23c4e7956d998f9a64f59ff718d855810f1f6a28bff1b38ddca3c422c4b159918008f6831aed5b50708079c30cfc2b8cd89424ee3df69f85312891950bd28478f52bf0b158a0ff021db421e25e6e78d17bd548b8fe065ba89e95110b001658ba3b3978b244e40bdcd56b880147483b5e51a2d4db81a2c4fe8114260942a3557fd80de85692939be4dd274ce64b5adbd3029e301f41a4770895be973a60eedc78bf19332586b624c0ed757e8be241b235c3d106539b8517538b37ce6c9d511e096f5eaa342830d8c718b5d4c93dc1de4ea317d1019e102cc41c567563e1ee38b74772f5df33455509a69f440528b3d6891570223874b68e795bcdab2c48af9be83cfac811ef9c66cbd6c919a72be139fa7f53c3915edb9d2caabc150539d502822025ae94bc430e9eccc16d197394d23cca7cfc6e156d7c6c04858797695aad1601d8d1efc4976c090bd49aa7a78d255c124", 0x1000}, {&(0x7f0000002100)="3162dfdcf72ef6891e08b86b78bbcacca6365ea64d10338e400a6a8f19c9123926fe0e0b9eb270dcbddb6135c2f89cb0b4f2a75ed6456f", 0x37}, {&(0x7f0000002140)="a579c6d3c13290011846aab97eb80ca9fad5ca3eeddc16ce", 0x18}, {&(0x7f0000002180)="c702c84df8e5360f3100a7a925ca48d2df69f48b4edbd7a7efc4199f8e575f4e305398dbbda4dbbf6a737a576ceb24db052bdd7c9a8673f522160fc18c87fb5f9e9a927dbd709e754926a8ee26156dd3de5513485dac5b9edc1ae582fb5f632184d9ef7d1d264bc87f8a4fb646e98c03e0f0dfa8864cdcbf72a7162ab6d4439d255ccb35b3401d9b3f6d8a165c2fa12fbfdf8453fed2ad6e78385c4d9c3105dccaa05aea10cdebee8fa97fd1d41985c0a1ad1df162b4910f9d1045cf2a082e36f69f840f7618a9611b46cae8de1428e28f3c7ea4d9226a1f82fbc10edb0617133be23f9e76a9eb7711dc7b1aac45bae7f0952d6c82a8f738d1e94b418123f388c9df65a09ac0b72955cdcd42d05754ec2978032ed99c99ce9a564ee866f3200052f4dd774034f505f4a8de45ee7669a1afc57ecd32ba24b944d49cb316b9be98a96ae08a39cbb057f61630563216e3e4d244a87f45496131a7a1910a3b34ecc4bb9d792e6bbae96c0315d237f73412e0084eaf005eb41c356bc20d5d43b874e95074cdfc8c717e5acf8b8819f6f899aaf4647baec127b74cf932a1e066f799956f116bc2bb8f29af92ff83c43431eee08e8f2b53a8949c9870aea3463d9186175b146c30910aa9ce49b2fefea1f4b3f0874a3dd538991b044b660afbd1cbe03fb32676ccc7a6ca3ae5645198d59c4e6f8cb177ea70d6c678960e25f1da3d0204916a0dffc143ccb1a5091aae205e1b217f53fd6d58053972f4217304a077a56420b7b80e9868b562e1d47d4df77291d3712fb2b9d876f6eea1a55cd0ed4c4dae11f3ff9672ac81f87a77659dcb5c647717627689850e95ee44d32cffc1cd2fabe79b92a1657c5893324f4bb7d48306cc2eaf28c80a4362d9301db4608e57824334a0296ca5397487a9e5197a4967947a142df067830066a170de4c15a1f158374586e2381e5f9d0173a120c7f5d3ca77eb8259c96e172e05c978827f23985372ba7d0c497af45c1c22c065ea30ca9567073bbdf37d6eca1b755fdcb4d2e492d94d527ff01555345a72d57d672a72faa01f387a749e7414437241b1edcadb78190fe69b88b85cc5562216e0fa0b60fea4b2af5c70b3535369c1ead844b74f9411c104637386026754b8bf095218c95a35a09e5b92310287385da2e358530e85cdb5b0cd2863c3ee08ca1cbf0916a8333d433e60823e6ae553e1c6b8e6c1bfe52e567d02114a3d38eabc1215fd5715ba5824eaca6b3dfe4af3ea8038b2abf58459c00c2669fcff4856810f63a3d7f8f83208b26e5c27c9f3b95b45992f3408003de5f5b82a3234575cb8a1357e2b85d62b7cee062781809145a305ab5bfbe198851565b1c5835883321a9caf7ab336785cc1697e6afd9629c7de301ea8a3a5b3e5dbd5384964fcc99aa7fe79d3ac6c8f863dc8004018cda22d8d13b6e35fc3086ab18afa3604c724a743f606e51eb8bb06a83b3a441c55f43604c65c1e8b92775ab91ee0ed7b5d219c1bbfe97a396b3f1c5cfed99b0ca207b2bbc3badb1df9090d5c176b2338fc3c6d9cae3ab9f5a27e117e2c9b3eff293c8416f00e9a4619acc5a7513e21c60a1b8a5cfc74d944dce1658254eb5b1683b02d0c3016b674fc79da10ddf962d4f3602bc867ce2f243cc8f58873c6ffdff3eee9fbdee050ef24a60a250848e008a8c26e30c0e3658c988018a05c7e3e39c8229c30e5a1f74c5a31bdc70e906ba3da14c394eebd80df02aec6353e2ebb08e531b44fcffd3ed13679adfcead523a4711ed2adf8aa68103720c813cc3dbb4acb9d3979f4131ac504a4d50d1f001fa0b5ce15ceaddbabb7293bf4ed0b54694d33ccee1fc6752a7e722b7684b584b538787116f66ab08de821f97f9576115e5c457997fcf874bc5ecb448d6edbefeef040fd7988382be54e18992846d68b09984d3fafaf4d9c05946dbb8ef81ab5539bc4805e9bf7ea1afb45bd5e7403c1f2751974dd7535412b28d9eea369e5c7715d7ed769ec16832f80ce311a796c6f2a645c2bbeceabc0213eaa097da6569b29c3cdfbb806bae7f6f92362ea49858a874bedfba434e8a7a42471c7d795a36dc97b72b2dfae45e2f80c06b355a8917acd69eecefe43cca16876645b6fd35ca72abb503cb3c3b372d536ca6882606a47fced972a79184728de70107505bdccf76ff0a12856dbae733fa09c2f20c3134682a031fa711a7909d78d50af51599ed0d7c2d165e78acf402861f7ceecdf0220814c62405046151253329c06d555cdc0765a25df209676cc2029ee5281556e1c08bb936d8a8d3f1c8aa956834bb3410c90d0bcf482a5b633bbbd507464c9335fd1a88ffa8524f81575ac739f777d55f13c4f96b6909d5eaf7a9668f54aa24280d4146431922da6f1a02889dc8e31e490a726a1c9c76d0864b5c4bcbb88aa41949b53ff5212a915542e0fa5e80a3b87a75192667757a0a9c2ec8105d6492b80fe844c2c9fbf0fc4fc57f586e0c432a1f34ec1ca19966511fcc6a43e5ae3e2995b871da93a3791a30462faddd58e8aa84b4fa5af065a3afcacb577f12815613c0a3037123d583b7ca5bf9ad15af62f537fea5db4f48f60d7fae9d93c17e48f875ad9bdf485b5b7880e125edba4cbd7b525c4f36a35ee49f17d228b52641aa292890a42f85f5814aa909225cdc35fa0568ebdbd8aa83c3768ebd4b4e54b705707ab5ac39dab14481ae0b12de9c6f8194de898491aa6f1efd585fe97a5f234ed8fb34d82c82eb288111b0e45dbf564259130711511ddbaca598c40b9c2b12364bded28f465507815090ef8237f4ab4a35f952f5fd35eed09932f4f74cd045d0dfd791c6a0644ed8ce2d5eac56fa9402ef3f25b0223958bd592f37c2627a15930a1cc58abed88e74126333a70aebc00397ec21e55196241f2799afd865cc71e141530973da0533a43e1a1d1263fc8bdb8cf0586a2eaf2eb9e1d75b2c54d260388aa21e8d82bb2385c023f704d34abea4037b2152afaa749682a5d45ddc75d04361eb2125c1de34e3572d0ee33005822e6990279ac6a4e3a0787e9312e55ee8673e7d92eeeb8fcc3b6413f79246336a40f28df6d2c288535e4894341a9fbd6a5fb39cf34fa8a6bed060129b89a9d7b4802ae060e7261e8c428553244fc985c4bd34299ec04839b6bf9e7e435973c0d6564714ebee5e9e8f52e48c4cc4997e414e703313ebf595883e61f09dbc2134481b3ff3ac8b32196e24c3c5c6b53bbb94b82afc706bf34b5c332c7331c0503b5d23dc049f3fa74b5f5f0a6dbf7f72c376742ce19151ea72b0b5647a8a9a26e6603a6bc66c2feb4f8f4e305ce22d7fd88f33eb65351b241a901b09a756b39a51258a57bf9e3b2f2c1184a59c8e4aea7188e839cbed0bf653139ed6c8c5723b256e8ad816e57c262771e4ae22747df5c16b95ff0c93a8ceac289b7ad468302894c1edaf2d236e2e3485c9bb02a19b53b48c52c6a019d61b1de3dbef29ca21c4dc6ae5b20fec29e2f78b5de8424b50afeb81dda8bb94807d1bafd6eb9e75811bff7fca261005777adbfd3d3e4bb981ae2ad656c0fcc115c90fd31100ffaf1b50f90fe61cf9b7a59654b47596b1da081b5483211664cbd91e2d41ff3674aa2464920dfdcb321dd179dee801cbf07eddeb7261a902be93e584bedcaffff9ffe7741e0dbc7d8fe79e87d95359f85971c76a6cc74011fd8d1c942a285d7b9f09391803eb7e73012557548cd7f94a3179b93daff43fa71d4a4d03ada033e7d9338936ba8520c46bb13e921a623b3876912b4ead16afdde19abf7169dbb00ecb34e87a71ace8864766c257ed660a72d600cd1288cd4c8fbdaaa61951ca55fdb20784e602689fdde7f2b9708fa46671b387a697a52fccc0d335be0827dad27ae7357b562209eb6dd0466b2560cc28558eb16ae00466ae47b90ee1073717514135ddffc5087bc8d4c7cf83ae2c6e1bb5351a3ed8cb58c3731049604c45352488323b73efcfe4ae11775bf1f7aa7fc7526ac463aa394f32176a02660b308e76800f49e29ec1d8a8bdee9ce2741411b13c3cbe8965c55c7dff816bed241007c55a9615a2fbb287f733ce88cf26024eec13425444f4bcbc067af36d1892b0b0046c8bf1d9e48ac3d044464ce188630cba91a758a64cbd3ea20265bd9bb152dfc6a5b310c811aee772663a11760f00b81c0ce0f8a4c0f9b5885dbb629aecf8086fb1c9899b2e3813150c2de8d9d22ae66fe27c0cf2066eeaa25bbae3f90c842e8b3f4725b2dbf62007e3b64f5be58a0c8904ef652b3cb1c7f8f8017915075e0c36fccdbeda0fa1e215db6b172d259d00d263f2d121b4516b3268ee9dea9181f84d458f56ef1b43a10ac36f4a2c57c7932d66d382eb5f61ad9d59a5f7c91d97716b65d7fbe06329f365521ce17d32086dccc23990f80d6518a9a58f0465f2473512b0eb581f8275ab7977a736f231e885ae77249e20f78ed39e6c0f9796fc68018550bd66b8d6f2aa874888c4e6f78ac27bf4db59dd4c4633d68ed82bd1906502fca4818edcc44a69ac31f9f4456514bcd820178a8b34e8ef097ff346a5a0275e23ab062a10a8ac7828897312c717b4e152912b82b73b1277ca32466afc87826ece49260533bc8b9fbf0e0cf986137ecf56f1c072646fe2a5fde98e65c0b5b13a1b5439c7eface9aa5e406ec3c0f26d687f1d0d8ad162ccfe61d38611308eefe2fe946b87b7341ce1492a6ba81e7a45f879f0cd25fe844b1061de091d425432aa1e049c4ed91d695d1b6da0012d29e9cfd6ea1732dbe4c9d83b2e510df8a45969bf02a0395600793ded617502b2825062ea47cb1a30dadb392e99b1077347770d1dd0b2988df0ec2cf505b8018f416c3f53f0251110f22634b1f14aeed0278601427b4ebdf89f24fef1c51bca9ff5a2164f29631af49220c8593d9dd728557cda076e45ba763dbce022c7f8c26ca7ef037165ff4b2ecd64b2e31bf69bb577c7c94dde92f567420ee2bc007f27f35f843cf07591cc41f0eb3d9214cba8bad8e345751a0298941357550c37faf474d16dcd36fc4cee98d962620819b2f9a0c8fadd1a48a698a91985e1fa9fcc5fe36b654fd56a916d8e262ecf4cf41e54b4a298c127c1267ff1f4a44304282d54f2cc60cbbefd79c78b9ae562451ce6c5187b3620cc94a8f1428dc6efa3a6358e3395a53bcdb1d3d1edb76bbb96cc0f5fa4447a9da869aeaa35747bd60c8dd3dd6f4aea9473e1539df7ffae79869b0d712f26c2d7952bec05844af59b86dee2c820d89552c37c1c36cb5db7ce9470c971bce72ab4d72a81729d6a3d9a300064901900eb1b512c0c66b205114b4c226f9fbed4a974642edcb8221167ebfb6be0ed93304a33ce29387041bd85d561842c50c8586280e182046e909c5a976f9c09111ddf95cb759c949dcd8d0250d50f7ea0949c2f91784d266d9735518afb7b3c8a1165aa5d7e45cb6dc3cb81402440fab8e775ca3388fb6fd51a09b5ddcd49fda4682361ffc2f8339aefe49aa23c829dfe1ab3f67c1fe8c56974754533b2b3e0b7b785d3a53dca2f7a540f7c38b339b7660d1378a3c029399b060a98a4e602741dc9fa3cf49e659f9d2e7094edb405ab1621a1f4f8a910303cbb614cb9e736ac2aab08f699b1bc6eb7ea5e1330b9d7ecdb7c8a42446573a57237448b952009738c041d4a150c9244b24d78a35c33f117d7e7800df8ec13c48a67ae2206510433fed12b040d64894fedaa485629ed465ab11519418cbf0ce7211f66ac779a8d5ecc466a7eb1ba44acf900b164b3c50d6331768ab99d29bb571acb7a6d252", 0x1000}, {&(0x7f0000003180)="b5883afa0f76798452afbe834a6f216e1f1d93ef82c013b32afc2ae3d40a", 0x1e}, {&(0x7f00000031c0)="86ba2caa92ac7b1c6053757f298f2b88d5b68e709d580d7be3749a6da377702cf88813d786cd75e32d6d75d5d75bd9170b252edfdd452d883d9f176c87f899ac162634e0e5196b7c134c9d5a9045728b062cb64b5c4e58181d2b39905e16aadd2826da3f622d7cbd790c391d6cdfbc495d139b33e5abda135a13dc6d6ff56206121b6000649459329a30022613f5927c07ebae27eab4c7a36c95eafea07ce7722c21471da4fb1cc7a0617b8a15e855325a3f2a929508ec4289fe3dd08c00e7b99aa7c14f8db43a27ec72530e8640f1ba3712f45dc3bc73a633e5ba4b4299d7c325", 0xe1}], 0x7)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000003340)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x2000, 0x3})
ioctl$BTRFS_IOC_SNAP_CREATE(r3, 0x50009401, &(0x7f0000003380)={{r1}, "d99585e209ca6e40baa00981316de739e634e54b0981ea658e81b9eff19f98a9eda6e939451d2c889ffcef71b0fc123c9322694052a15b7b32861109ba5fc397e36a0c18712972fa6a8cf4c22628e5ce96fd5661c74f01b93ef8551d90e8d9cbb8c4c312cd48645c775b34a6986778d5dc501b0b1d9e0f08e656333e9c576393fd45badc257e624d54d23120d6359580e387aeacba702b5852df02927babd821a7c6d3dc6cffeef5d79206c2c3da465881869124bd09db4e59b7af5dbeed188ae4d8af70a5c554a6be00328ed863be810fe04a3069a8f95dc01750c404a922e9db089b731f316bd8b874eabc40f7c9d0fb1ca12bcbcc529fb48f4b363c8dc09f87590e38cad32ad10394aabc52c96e8e9a69a19b2e451a4573d108b41a04089daa92ec8b1d5b0ec784430af4e90015112d3f56a7bc908c4df7bf19836033bc26efbe1e932327ab920b140dcb3564f26f1300cb608df0520126f262ab5096c53ddb11e0cbfb35f279296af0dd30676fa6419cf23087a21fc0358f6659d57845be02658eba22892508a2926c5a737d3d7cff7a58077a800ea8bfe0d95dd62291e4d9fba4dae64acf41033008296dba0e069d653fe015896ccdb120f01a5df7c0f13294e1a4002a79d1b060c9cabdbf51ace41673df73cbd84a383a081d3dff4d7348b34cdf1b674976453244720c224d1d05a3a9fdefa946532eebce2ae6d28cd2bd3da69f689b5852876d29f2f78c1a75daaf45818cd9596ac2bdcbbcb1b08d2a02409d86557a88b41c36f62315c6976abe3c91b8e6b3d5949f90432a7526fd570dd4a98425f7980a489ae3db523249043ebec17815203e7bd6207cbc95792fcb0598e2d42afc300da22f73941938d0ac72c05cea4ce69a80fae35ae27cc8115c4d2ad5374eb32bbebc25011755e8b4d9e06ca5e05c7e05588eb39c27ba361420e70c92ca30ec7b7935b4a2ff86bcf027e2305d6c29e7040d39584d99114686c6cb60770d287ae5e429e5c78981d6cc9d414da0fe4310325f27e49e662221524ff29ef3985ed6192d1c695adf52d38031faf760075046c09b5647c5bf1de543f5e3d88015fddd9e1de635ad92052c2b0d594f6263a944eab20a37cbe8e01017fe4d8a1feb46e07f176bf44ca31f70329d0a4d71062f4fd748cc6dfbfbcc38b073735aafb0e9518c8e098a4c84213ef7f874afff745177964d9993d01f6812d1d05e4df78c4c3ff1420f80ddcf860308c935a633111a4541a4deabe48e9822d57a3f5e4c7a455aae1fc404d843e392da3e9ca3d191c8da01227dd6a8614a120fa497ff00c9080811106c9c7fd18baca62720b26c20ba83eea16b9760f2964bfacc39c3fb59a21c612e782a367e0081edc762bd91feaf473a1b738f3e9d01c694cf02d008c3876918d4f1943f11e35f9d52c94ba56d196d7ed90df6c73101e4b85a2c9fd246522088c3cb5f70327a2cebe15a23b8969e6aab4f3ed64f0b89c51e5ea23af4638d22159b12d40189a731bcfb15c16993b61f2ab85274128aa36de37b50572d8c6d78c51c7b10df071d1a55b5161c589e5a30a4ba79d8b43357ad11b4361b4e6810aaca1ebbc386c8ab8388ac80a3ce8365a5aab400da3d8f7f142d0b0ad22d898ba2fa5edad4cefa552f8c94b7d017322e1bef4daf082f4d6ae0eae8124528f78961e44abc60b1fa9493174d62597715e94683e731e959144bbb78acc00386971ceb9091d1df2b792b66f86c8d95ad48403d9d5c12d20db34711dd3bf237f5dfb2da06f74074a69486b69f743ba8b165418dc2a7878dbbf948f77f855e5b15d65a94e6b48daff64dedf20c9a8a8a0cfc2e562dc11c19f8827800f2b742d130e111844ed434065fd0e156635fac42383773c0813c80b03a23aafa80af99085ac869d04c4721ac53655e239edd72b05e7ed32e141b6340d0fdec610f388e9731557cf84e8aef276ab96082bb6a03987ff7acfa5cd45586ab66d8c281d536a08f1464e4bd15a94c7d5dffb1b138597bd95dd862eac6cbd5d09b3205a2ffef66800084baa9f8d8fc8c508c61d95f9712b97a6e1fae7edd8d801a0d6664759a59e6c454db8993680eb8df185484ae53f414a1dd5d8f6e3cb66dc49b01e137cbd910f3a2ee5c6161ea16f046225079dec4c9bdbab4fd84cde8d6f1a7955a37733b71b96e539e2f43075f47a6ef1fa037cb7cd0594836514ceea28c99e7bf455d85e3ae188f84a6ec5397f90366c85474d4d0e0294b9fc26473a3619676266630b406c0a08b9573d0bfc21d82484c49fa3f757335e7a95a3ee9de554a167dcb7d44f6b09e5bf1e07ad4724a29d8436a5c472dcfbf27488c613f33f37f7ee15da4f7fb0d19c1966ea9560f539895be9796a03346348f9c0f89bbd721cbe32c018f860846d69d7f65d6aaddedb588bbb91c4705da31297423d08c30e4fe9d150f7be67aca24383d694264562c9d9612e41968dd4b69fe8f896da69d37f3455f8f80807da043d7bc6a430ab0c2f428959807e20c3e0e923b0c6a903780d1310a63be07bb521e9ffebae47fe36a85bfe2bd91eb515b00f13bcf189c1baa021e9be0a4be6398bceada07317867cdf291534cdb0acd23ecb6eb9778f906df0ae0a1ba8c6ab482bb2f43df360b082a1736ea620ee11a484e63321d018bb90b1502cdaba51015d0071b9c36093436cb4756b1085589402407cc1d0ef97356eb4a1b90853c8d293e540efc7d93c10f144ae2de8da0dd2f6fcd9afe161fe47aba4d184557a0f1689c1680d6bebcdd21354469c19fb1ee04dc74eab9e3a5a7a7ca4fc5c14a504d9d82d37fb4644a3b459067b90819a8fadd27c5800d92efedcb2fef1f6b4985a87d4230271438d5eb039de9a47db80a59de56032d9d874013a6e3c8962885ff88e390f8b78a1309f6e0c3e1aa90a27578822a72cd1edc476599f1d0ea357d1777afa5368985a4ddd07c33fe87ccefd4b96040f64b5916bd9e3c03cfd4c81f26ebfe701148184c818fea4d015b5a807e55286e36b8b310c80dfcafbf716d5e9d809b889bec92762460d35ffa35a3057621e06f183d6de825acc0d0b2069b0f8d393859b38c720a61916c59511370055a0c6d528af3d060f03722a68b70480e42a79ed0fa620eced6e201fd0299623f9716649d84bfda14a79a326b4bc2353ee4a89fa33866ca34b718f1d0a292301d927d1d5daa1b0c15a37d2fc40f4817ad11a307f7e85befb7e9ff4163c4adb702eab8eeb1d1cd369df4ac0cce8016a60d3f13a0b4f4829374321d015b6b835044cc056315b96dda5ba039dadf61f7b90c89f042a663b03660419d913687e3cf4ee6f4c219a4c512f34a7b0770795e164d6f5159a318b2b69c206e61302b646cd002322a0c024d5582dcb90fbb7e0cbf19883aa8470e34739890ac77826fa12efe4aefdb9b7ad7bbaa13400ad57e961547c4d9ba9d59f2459e608c7ab3610653761a5b5d240f9f23ea046770773af2cdfc6f0e8f2981cdd3076bf96139dc75d256f05cefec332d7f0f5a8fed1700d0450750ade66cb920f6e448de667ac1fdca8bc724cda66f5674c4a70e033cec32186caabbbb716ba698a0d6b39279a6edd5b88a4113d592e6710f9b64b98e7c090557f352540532a88bf37a15e2513842b558fc44ef159ead66391cdae751212dcda091698736946dd22596e5c9419969116106661707277143264e0ccc8056f32d54f76336f241b8fee8df4d19f114f71621a74ea85cd1b63af6b0c75229c754e96b58e5c223c48d615e78bd7cf1650faf35910a641a142c11bafd299d486ca41f4575fa951224ff7b997a9074095d4a85e900241ab0e9b209033d9d9049872a26796218cc6e6d27eba47aeeb572d294734c52977dc5e235de9b1468a920aa49d470d78be58ad8c5a4a46f2deee74da3d6bb29311cffaa26091b9109ae19815d0c58c5ff7e8132e160d5551367544f5c387378180d46643b0789d7f85a1de9effc185f29110d38a0b548f19d62bc28de499c6d58f0d9c40dbc338dad812e136e8099009be7277c69e11d510dab8ae4514a5f1eaec73152a18375a2c5aad98ab01722050d5e006317282c268f70912e0df6170ce61508c07756f295ec1c9a07bb04563448029cdf642b6c14b222bead1798b670bbfa7c909ee90197539ddee91f1b3825d4b1c7ca4b8c52588f60252c3bf3053a381439d737f3c5158200ed677398f53b59c832639f4f2a719ecdbbaef3fa28ab8c24cfbcc2aac85d89a9337f92adfb86fade8bfa55cd6e478cea18c2d9481e5fb2275f619470b7e47a036c7e63ea9b95e3ce76f2efc469a80cbc101fd4d426b422248e2056cc643dc68aa1471d59a78107418f133843738338323693bb46ed744e16453bb8af0fd7deb4628d6de5994954c4a9f9baf20512f327432bdef948becd42567ef12d892b554a97bdfdbdf51bda2032d8eb415929353f51c65f69a16318e3f0e7d526c391df1dec9b3364ea6a61eb48b04c6ad108773d55dcbc13019a245ea14a459e4746fc0444eb7bb72a20f8f18fea62c380e761953648fa81219f3ddcd8380d72da5e2510b618598feb69712a55f2d620d2132e7315e47e953f43e3b699e89d9600f1c4c8940f985f520e6eb0e85d1d202285da7b0f422ec73f05ea15f3b80b0fcb97e5d456bde11fbd19f4c44c5fdc2dea47588360b7034ceac0af93b729fbf201063855433a464e363f809091b60bfb4652f2385d36ba69ab3fffcd24c4f1d357db2c59dd80682c1d785ad9ef0bdf5c1f3dc6c5020563290ecb66536fd002d6830fc10ca9a03836be483d4f7537dec6839c93a99af4f570360e2820856edf75185283532840c377c8cb75261b919c1d1761f39c46cae5d0d2425b3ab0556d80f87e8aa551c45d56149c814cda0a2b63f055f186e89536dbd6d9e72944306dd86645923a1fe75f1d872ffd3e3fef603a986acfb73ec40e719cd17e79ebcc48c9b5be30c87bd0e9d4ca88468095fe140aaab3138275aca84ecf0e09eb4087461fb87622b9642e5d66ec13b6b1df3e445d685bf80a0192b0e75af52d2e9c8353a2426d4846ead44ff9884488e2f756792564a0d4f40436356efac364504d5360d358d0fc26b7efe3b5efa61e8bc879925f1be3c6441cb6c8878bd0a0ba3b837b97409940334465f0febef299dc455e946c7e90cbd12c7d755feae16ccb6fcb044304492735f1b84d9df23e50b833bdb152f85184bae6e487b0ec17e1ba62d340acf4f5155629b4b07f1a260704336a477392eca6cdd12fbea515e2ded7cacb38b58f459f8944e5532cf6b0f91a012f71c6029c85e3017f500180a012ee25141624cb7888bc527229f9dbfdbdc629373719d12dfc85a538e3eb6eeee6e7cadb9c5b50a6b7586df064d26ec80098d5a34bc607190b59015eaf7f062af08fe9edb11fbc8e6bae225a219b50cb20822073a425b571e15d2b68698f3c6cfa22cb94ec7916286869039c96887d68734dad6b748359334b0b68e6b622bbdabb1143d3895ef700b81c01fed686a08094ec1a18b166df991ca0ea47b2dbbf6e85500641519673b6e50f0c72ccab9e6b72fd827bc64a96f781856bab21f9dcf10c747c2591092d24ab613a4e10a42947f0d0c6412f5fe9babb185c8cddbf4a807a76d43641cb8253f94f6e09667ded5231540fa992bb5122ef3a7d3955893a1fd07e88e1a48a1986efad24c4f619ccf6c62e7fc2322d85bf14ce863842fb3b36376d1c96b730985bd34e4a028ef787f03bc0f2f53f8db0422d9feda4cc3aab56f144c9427cb20c"})
mount$tmpfs(0x0, &(0x7f0000004380)='./file0\x00', &(0x7f00000043c0), 0x2000, &(0x7f0000004400)={[{@nr_blocks={'nr_blocks', 0x3d, [0x36, 0x74, 0x2d, 0x33]}}, {@quota}], [{@fowner_eq={'fowner', 0x3d, r5}}, {@flag='silent'}, {@fowner_gt={'fowner>', r5}}, {@subj_type={'subj_type', 0x3d, '/dev/video1\x00'}}, {@obj_type={'obj_type', 0x3d, '\x8b'}}, {@appraise}, {@smackfsdef={'smackfsdef', 0x3d, '#%'}}, {@obj_role={'obj_role', 0x3d, 'caif0\x00'}}, {@obj_user}, {@permit_directio}]})
r6 = syz_open_dev$sg(&(0x7f00000044c0), 0x5, 0x200)
close_range(r6, r6, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000004500))
bind$alg(r2, &(0x7f0000004580)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-simd\x00'}, 0x58)
syslog(0x1, &(0x7f0000004600)=""/227, 0xe3)
ioctl$VIDIOC_ENCODER_CMD(r3, 0xc028564d, &(0x7f0000004700)={0x2, 0x0, [0xffff, 0xffffff4d, 0xf, 0x6, 0x80000001, 0x7, 0x55c]})

0s ago: executing program 2 (id=1809):
r0 = socket(0x28, 0x5, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000140)={0x5, 0xffff8a22, {<r1=>0xffffffffffffffff}, {0xee00}, 0x401, 0x5})
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000180)=r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1e2) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d6673"]) (async)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x80004, 0x10000}) (async)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r3, 0x80045017, &(0x7f0000000040)) (async)
listen(r0, 0x7)
r4 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080), 0x10) (async)
sendmmsg(r4, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x1}], 0x1}}], 0x1, 0x24008894) (async)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x3c, 0x0, 0x0, 0x200}, {0x3, 0x8, 0x5}]})

kernel console output (not intermixed with test programs):

c_cache_noprof+0x57/0x3e0
[  174.634921][ T8555]  should_failslab+0xc2/0x120
[  174.634941][ T8555]  __kmalloc_cache_noprof+0x6a/0x3e0
[  174.634965][ T8555]  ? sctp_datamsg_from_user+0x8d/0x1320
[  174.634990][ T8555]  sctp_datamsg_from_user+0x8d/0x1320
[  174.635008][ T8555]  ? __sk_mem_raise_allocated+0x895/0x1700
[  174.635038][ T8555]  ? sctp_primitive_ASSOCIATE+0x9c/0xd0
[  174.635059][ T8555]  sctp_sendmsg_to_asoc+0xaf5/0x1bf0
[  174.635099][ T8555]  ? sctp_assoc_set_primary+0x177/0x300
[  174.635138][ T8555]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  174.635164][ T8555]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  174.635181][ T8555]  ? selinux_sctp_bind_connect+0x112/0x2c0
[  174.635209][ T8555]  sctp_sendmsg+0xef5/0x1ee0
[  174.635223][ T8555]  ? avc_has_perm+0x11a/0x1c0
[  174.635246][ T8555]  ? __pfx_sctp_sendmsg+0x10/0x10
[  174.635267][ T8555]  ? __pfx_sock_has_perm+0x10/0x10
[  174.635287][ T8555]  ? __might_fault+0xe3/0x190
[  174.635310][ T8555]  ? __pfx_sctp_sendmsg+0x10/0x10
[  174.635329][ T8555]  inet_sendmsg+0x119/0x140
[  174.635345][ T8555]  __sys_sendto+0x431/0x510
[  174.635367][ T8555]  ? __pfx___sys_sendto+0x10/0x10
[  174.635406][ T8555]  ? ksys_write+0x1b9/0x240
[  174.635420][ T8555]  ? __pfx_ksys_write+0x10/0x10
[  174.635433][ T8555]  ? rcu_is_watching+0x12/0xc0
[  174.635457][ T8555]  __x64_sys_sendto+0xe0/0x1c0
[  174.635474][ T8555]  ? do_syscall_64+0x91/0x260
[  174.635494][ T8555]  ? lockdep_hardirqs_on+0x7c/0x110
[  174.635515][ T8555]  do_syscall_64+0xcd/0x260
[  174.635539][ T8555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.635555][ T8555] RIP: 0033:0x7fac75d8e169
[  174.635569][ T8555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.635585][ T8555] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  174.635602][ T8555] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  174.635613][ T8555] RDX: 0000000000034000 RSI: 0000200000847fff RDI: 0000000000000003
[  174.635623][ T8555] RBP: 00007fac76c88090 R08: 000020000005ffe4 R09: 000000000000001c
[  174.635634][ T8555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  174.635644][ T8555] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  174.635667][ T8555]  </TASK>
[  174.722787][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.919207][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.232263][ T8567] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1070'.
[  175.284385][ T8565] netlink: 'syz.1.1069': attribute type 25 has an invalid length.
[  175.671767][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  175.671783][   T40] audit: type=1400 audit(1745210743.067:359): avc:  denied  { write } for  pid=8583 comm="syz.0.1076" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  175.687328][   T40] audit: type=1400 audit(1745210743.067:360): avc:  denied  { write } for  pid=8583 comm="syz.0.1076" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  175.703072][ T8588] devtmpfs: Cannot change global quota limit on remount
[  175.733864][   T40] audit: type=1400 audit(1745210743.098:361): avc:  denied  { create } for  pid=8583 comm="syz.0.1076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  175.754700][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.776027][   T40] audit: type=1400 audit(1745210743.108:362): avc:  denied  { mount } for  pid=8586 comm="syz.1.1077" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  175.805441][   T40] audit: type=1400 audit(1745210743.108:363): avc:  denied  { remount } for  pid=8586 comm="syz.1.1077" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  175.858807][ T8595] IPVS: sync thread started: state = BACKUP, mcast_ifn = tunl0, syncid = 1, id = 0
[  175.945910][   T40] audit: type=1400 audit(1745210743.331:364): avc:  denied  { unmount } for  pid=5954 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  176.266705][ T8609] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  176.272310][ T8609] cramfs: wrong magic
[  176.295454][   T40] audit: type=1400 audit(1745210743.707:365): avc:  denied  { listen } for  pid=8608 comm="syz.3.1084" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  176.358171][   T40] audit: type=1400 audit(1745210743.757:366): avc:  denied  { ioctl } for  pid=8611 comm="syz.1.1085" path="socket:[17242]" dev="sockfs" ino=17242 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  176.450687][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.642645][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.888469][ T8636] SELinux: failed to load policy
[  176.893408][ T8640] capability: warning: `syz.3.1094' uses 32-bit capabilities (legacy support in use)
[  176.898970][   T40] audit: type=1400 audit(1745210744.305:367): avc:  denied  { load_policy } for  pid=8634 comm="syz.0.1093" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  177.042631][ T8636] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1929379840 (3858759680 ns) > initial count (2048 ns). Using initial count to start timer.
[  177.063659][   T40] audit: type=1400 audit(1745210744.487:368): avc:  denied  { write } for  pid=8648 comm="syz.1.1096" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  177.266060][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.410627][ T8655] openvswitch: netlink: Key type 30 is not supported
[  177.502206][ T8662] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1103'.
[  178.301738][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.460007][ T8683] input: syz0 as /devices/virtual/input/input8
[  181.278431][ T8662] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  181.283732][ T8662] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  181.294923][   T40] audit: type=1400 audit(1745210748.757:369): avc:  denied  { firmware_load } for  pid=8661 comm="syz.0.1103" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  181.425763][   T40] audit: type=1400 audit(1745210748.899:370): avc:  denied  { ioctl } for  pid=8688 comm="syz.3.1112" path="/dev/ptyqa" dev="devtmpfs" ino=137 ioctlcmd=0x5431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  181.487682][ T8689] can0: slcan on ptm0.
[  181.698428][ T8693] can0 (unregistered): slcan off ptm0.
[  181.734291][   T40] audit: type=1400 audit(1745210749.212:371): avc:  denied  { search } for  pid=5337 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.769157][   T40] audit: type=1400 audit(1745210749.232:372): avc:  denied  { read } for  pid=8706 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1769 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.792189][   T40] audit: type=1400 audit(1745210749.262:373): avc:  denied  { open } for  pid=8706 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1769 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.840850][   T40] audit: type=1400 audit(1745210749.262:374): avc:  denied  { getattr } for  pid=8706 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1769 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.855799][   T40] audit: type=1400 audit(1745210749.282:375): avc:  denied  { write } for  pid=8701 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.869618][   T40] audit: type=1400 audit(1745210749.282:376): avc:  denied  { add_name } for  pid=8701 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  181.967317][   T40] audit: type=1400 audit(1745210749.444:377): avc:  denied  { remove_name } for  pid=8712 comm="rm" name="resolv.conf.can0.link" dev="tmpfs" ino=3752 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  182.028657][   T40] audit: type=1400 audit(1745210749.505:378): avc:  denied  { setopt } for  pid=8718 comm="syz.2.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  182.132587][ T8725] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1123'.
[  182.198623][    C1] vkms_vblank_simulate: vblank timer overrun
[  182.268720][ T8733] netlink: 'syz.3.1124': attribute type 10 has an invalid length.
[  182.295339][ T8733] team0: Device ipvlan1 failed to register rx_handler
[  182.374629][    C1] vkms_vblank_simulate: vblank timer overrun
[  182.523952][ T8740] netlink: 'syz.0.1128': attribute type 25 has an invalid length.
[  182.591419][ T8745] 9pnet_virtio: no channels available for device 127.0.0.1
[  182.877284][ T8759] Illegal XDP return value 2636747196 on prog  (id 128) dev syz_tun, expect packet loss!
[  182.885986][ T8760] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1133'.
[  182.967477][ T8756] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  182.968768][ T8763] cgroup: none used incorrectly
[  182.971376][ T8756] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  183.043398][ T8767] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8767 comm=syz.1.1135
[  183.101764][ T8773] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1137'.
[  183.168137][ T8775] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1138'.
[  183.530789][ T8802] xt_CT: You must specify a L4 protocol and not use inversions on it
[  183.811651][    C1] vkms_vblank_simulate: vblank timer overrun
[  184.131350][ T8830] xt_limit: Overflow, try lower: 1207959552/384
[  184.254196][ T8833] ucma_write: process 677 (syz.1.1161) changed security contexts after opening file descriptor, this is not allowed.
[  184.288212][ T8797] GUP no longer grows the stack in syz.3.1147 (8797): 200000004000-20000000a000 (200000002000)
[  184.377825][ T8797] CPU: 0 UID: 0 PID: 8797 Comm: syz.3.1147 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  184.377853][ T8797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.377863][ T8797] Call Trace:
[  184.377870][ T8797]  <TASK>
[  184.377877][ T8797]  dump_stack_lvl+0x16c/0x1f0
[  184.377907][ T8797]  gup_vma_lookup+0x1d2/0x220
[  184.377932][ T8797]  __get_user_pages+0x234/0x36f0
[  184.377958][ T8797]  ? __pfx___might_resched+0x10/0x10
[  184.377988][ T8797]  ? __pfx___get_user_pages+0x10/0x10
[  184.378010][ T8797]  ? __pfx_down_read_killable+0x10/0x10
[  184.378042][ T8797]  __gup_longterm_locked+0x20d/0x1850
[  184.378071][ T8797]  ? try_get_folio+0x1d2/0x730
[  184.378090][ T8797]  ? __pfx___gup_longterm_locked+0x10/0x10
[  184.378124][ T8797]  ? try_get_folio+0x255/0x730
[  184.378154][ T8797]  gup_fast_fallback+0x183d/0x2650
[  184.378192][ T8797]  ? __pfx_gup_fast_fallback+0x10/0x10
[  184.378213][ T8797]  ? rcu_is_watching+0x12/0xc0
[  184.378236][ T8797]  ? __lock_acquire+0xaa4/0x1ba0
[  184.378254][ T8797]  get_user_pages_fast+0xa7/0xf0
[  184.378279][ T8797]  ? __pfx_get_user_pages_fast+0x10/0x10
[  184.378303][ T8797]  ? __mutex_trylock_common+0xe9/0x250
[  184.378322][ T8797]  __iov_iter_get_pages_alloc+0x835/0x1f20
[  184.378345][ T8797]  ? rcu_is_watching+0x12/0xc0
[  184.378365][ T8797]  ? trace_contention_end+0xdd/0x130
[  184.378382][ T8797]  ? __mutex_lock+0x1ca/0xb90
[  184.378403][ T8797]  ? __pfx___iov_iter_get_pages_alloc+0x10/0x10
[  184.378422][ T8797]  ? pipe_lock+0x64/0x80
[  184.378439][ T8797]  ? __pfx___mutex_lock+0x10/0x10
[  184.378495][ T8797]  ? import_ubuf+0x1b6/0x220
[  184.378520][ T8797]  iov_iter_get_pages2+0xa3/0x100
[  184.378540][ T8797]  ? __pfx_iov_iter_get_pages2+0x10/0x10
[  184.378558][ T8797]  ? wait_for_space+0x232/0x2e0
[  184.378585][ T8797]  __do_sys_vmsplice+0xa58/0x1210
[  184.378607][ T8797]  ? __pfx___do_sys_vmsplice+0x10/0x10
[  184.378631][ T8797]  ? do_raw_spin_lock+0x12c/0x2b0
[  184.378655][ T8797]  ? __pfx_futex_wait+0x10/0x10
[  184.378669][ T8797]  ? lockdep_hardirqs_on+0x7c/0x110
[  184.378723][ T8797]  ? rcu_is_watching+0x12/0xc0
[  184.378748][ T8797]  ? do_syscall_64+0xcd/0x260
[  184.378786][ T8797]  do_syscall_64+0xcd/0x260
[  184.378810][ T8797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.378827][ T8797] RIP: 0033:0x7f7779b8e169
[  184.378842][ T8797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.378859][ T8797] RSP: 002b:00007f777aa6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[  184.378875][ T8797] RAX: ffffffffffffffda RBX: 00007f7779db5fa0 RCX: 00007f7779b8e169
[  184.378886][ T8797] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 0000000000000007
[  184.378895][ T8797] RBP: 00007f7779c10a68 R08: 0000000000000000 R09: 0000000000000000
[  184.378904][ T8797] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  184.378913][ T8797] R13: 0000000000000000 R14: 00007f7779db5fa0 R15: 00007fffe7e29398
[  184.378935][ T8797]  </TASK>
[  184.454725][    C1] vkms_vblank_simulate: vblank timer overrun
[  184.713168][    C1] vkms_vblank_simulate: vblank timer overrun
[  184.863143][ T8854] FAULT_INJECTION: forcing a failure.
[  184.863143][ T8854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  184.906915][ T8854] CPU: 0 UID: 0 PID: 8854 Comm: syz.0.1168 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  184.910249][ T8854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  184.910261][ T8854] Call Trace:
[  184.910269][ T8854]  <TASK>
[  184.910277][ T8854]  dump_stack_lvl+0x16c/0x1f0
[  184.910305][ T8854]  should_fail_ex+0x512/0x640
[  184.910330][ T8854]  _copy_from_user+0x2e/0xd0
[  184.910352][ T8854]  copy_msghdr_from_user+0x98/0x160
[  184.910375][ T8854]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  184.910428][ T8854]  ___sys_sendmsg+0xfe/0x1d0
[  184.910473][ T8854]  ? __pfx____sys_sendmsg+0x10/0x10
[  184.910524][ T8854]  __sys_sendmsg+0x16d/0x220
[  184.910547][ T8854]  ? __pfx___sys_sendmsg+0x10/0x10
[  184.910576][ T8854]  ? rcu_is_watching+0x12/0xc0
[  184.910606][ T8854]  do_syscall_64+0xcd/0x260
[  184.910632][ T8854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.910650][ T8854] RIP: 0033:0x7fac75d8e169
[  184.910670][ T8854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.910687][ T8854] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  184.910704][ T8854] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  184.910716][ T8854] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  184.910726][ T8854] RBP: 00007fac76c88090 R08: 0000000000000000 R09: 0000000000000000
[  184.910738][ T8854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.910747][ T8854] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  184.910771][ T8854]  </TASK>
[  184.950567][    C1] vkms_vblank_simulate: vblank timer overrun
[  185.070472][    C1] vkms_vblank_simulate: vblank timer overrun
[  185.586010][  T838] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  185.787524][    C1] vkms_vblank_simulate: vblank timer overrun
[  185.790857][  T838] usb 6-1: Using ep0 maxpacket: 8
[  185.795547][  T838] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  185.799487][  T838] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  185.825557][  T838] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65312, setting to 1024
[  185.840833][  T838] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  185.842426][ T8883] FAULT_INJECTION: forcing a failure.
[  185.842426][ T8883] name failslab, interval 1, probability 0, space 0, times 0
[  185.854653][  T838] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  185.880987][ T8883] CPU: 0 UID: 0 PID: 8883 Comm: syz.0.1177 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  185.881014][ T8883] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  185.881024][ T8883] Call Trace:
[  185.881032][ T8883]  <TASK>
[  185.881039][ T8883]  dump_stack_lvl+0x16c/0x1f0
[  185.881067][ T8883]  should_fail_ex+0x512/0x640
[  185.881089][ T8883]  should_failslab+0xc2/0x120
[  185.881109][ T8883]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  185.881128][ T8883]  ? skb_clone+0x190/0x3f0
[  185.881153][ T8883]  skb_clone+0x190/0x3f0
[  185.881176][ T8883]  netlink_deliver_tap+0xabd/0xd30
[  185.881204][ T8883]  netlink_unicast+0x6b2/0x7f0
[  185.881230][ T8883]  ? __pfx_netlink_unicast+0x10/0x10
[  185.881251][ T8883]  ? genl_rcv_msg+0x4bb/0x800
[  185.881283][ T8883]  netlink_ack+0x696/0xb80
[  185.881313][ T8883]  netlink_rcv_skb+0x347/0x440
[  185.881335][ T8883]  ? __pfx_genl_rcv_msg+0x10/0x10
[  185.881362][ T8883]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  185.881397][ T8883]  ? __pfx_down_read+0x10/0x10
[  185.881441][ T8883]  ? netlink_deliver_tap+0x1ae/0xd30
[  185.881467][ T8883]  genl_rcv+0x28/0x40
[  185.881489][ T8883]  netlink_unicast+0x53a/0x7f0
[  185.881515][ T8883]  ? __pfx_netlink_unicast+0x10/0x10
[  185.881544][ T8883]  netlink_sendmsg+0x8d1/0xdd0
[  185.881572][ T8883]  ? __pfx_netlink_sendmsg+0x10/0x10
[  185.881604][ T8883]  ____sys_sendmsg+0xa95/0xc70
[  185.881630][ T8883]  ? copy_msghdr_from_user+0x10a/0x160
[  185.881650][ T8883]  ? __pfx_____sys_sendmsg+0x10/0x10
[  185.881687][ T8883]  ___sys_sendmsg+0x134/0x1d0
[  185.881709][ T8883]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.881762][ T8883]  __sys_sendmsg+0x16d/0x220
[  185.881788][ T8883]  ? __pfx___sys_sendmsg+0x10/0x10
[  185.881815][ T8883]  ? rcu_is_watching+0x12/0xc0
[  185.881843][ T8883]  do_syscall_64+0xcd/0x260
[  185.881868][ T8883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.881885][ T8883] RIP: 0033:0x7fac75d8e169
[  185.881899][ T8883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.881915][ T8883] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.881931][ T8883] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  185.881942][ T8883] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  185.881952][ T8883] RBP: 00007fac76c88090 R08: 0000000000000000 R09: 0000000000000000
[  185.881961][ T8883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  185.881971][ T8883] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  185.881994][ T8883]  </TASK>
[  185.979715][    C1] vkms_vblank_simulate: vblank timer overrun
[  186.067849][ T8895] netlink: 120 bytes leftover after parsing attributes in process `syz.2.1182'.
[  186.084599][  T838] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  186.084625][  T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.180703][ T8888] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  186.340994][  T838] usb 6-1: usb_control_msg returned -32
[  186.347892][  T838] usbtmc 6-1:16.0: can't read capabilities
[  186.365305][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  186.365320][   T40] audit: type=1400 audit(1745210753.861:399): avc:  denied  { append } for  pid=8900 comm="syz.0.1185" name="rtc0" dev="devtmpfs" ino=944 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  186.391633][ T8903] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1184'.
[  186.578512][    C1] vkms_vblank_simulate: vblank timer overrun
[  186.656829][   T40] audit: type=1400 audit(1745210754.174:400): avc:  denied  { ioctl } for  pid=8910 comm="syz.0.1190" path="socket:[21512]" dev="sockfs" ino=21512 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  186.693658][ T8917] usb 6-1: usbtmc_ioctl_clear_in_halt returned -32
[  186.778623][   T40] audit: type=1400 audit(1745210754.305:401): avc:  denied  { connect } for  pid=8920 comm="syz.3.1194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  186.945287][ T8925] FAULT_INJECTION: forcing a failure.
[  186.945287][ T8925] name failslab, interval 1, probability 0, space 0, times 0
[  186.957442][ T8925] CPU: 0 UID: 0 PID: 8925 Comm: syz.3.1196 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  186.957464][ T8925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  186.957472][ T8925] Call Trace:
[  186.957477][ T8925]  <TASK>
[  186.957482][ T8925]  dump_stack_lvl+0x16c/0x1f0
[  186.957507][ T8925]  should_fail_ex+0x512/0x640
[  186.957522][ T8925]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  186.957538][ T8925]  should_failslab+0xc2/0x120
[  186.957554][ T8925]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  186.957567][ T8925]  ? __alloc_skb+0x2b2/0x380
[  186.957586][ T8925]  __alloc_skb+0x2b2/0x380
[  186.957601][ T8925]  ? __pfx___alloc_skb+0x10/0x10
[  186.957618][ T8925]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  186.957640][ T8925]  netlink_alloc_large_skb+0x69/0x130
[  186.957659][ T8925]  netlink_sendmsg+0x6a1/0xdd0
[  186.957680][ T8925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.957705][ T8925]  ____sys_sendmsg+0xa95/0xc70
[  186.957726][ T8925]  ? copy_msghdr_from_user+0x10a/0x160
[  186.957742][ T8925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.957771][ T8925]  ___sys_sendmsg+0x134/0x1d0
[  186.957788][ T8925]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.957828][ T8925]  __sys_sendmsg+0x16d/0x220
[  186.957844][ T8925]  ? __pfx___sys_sendmsg+0x10/0x10
[  186.957866][ T8925]  ? rcu_is_watching+0x12/0xc0
[  186.957888][ T8925]  do_syscall_64+0xcd/0x260
[  186.957909][ T8925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.957923][ T8925] RIP: 0033:0x7f7779b8e169
[  186.957933][ T8925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.957946][ T8925] RSP: 002b:00007f777aa6d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.957961][ T8925] RAX: ffffffffffffffda RBX: 00007f7779db5fa0 RCX: 00007f7779b8e169
[  186.957970][ T8925] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  186.957978][ T8925] RBP: 00007f777aa6d090 R08: 0000000000000000 R09: 0000000000000000
[  186.957985][ T8925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.957993][ T8925] R13: 0000000000000000 R14: 00007f7779db5fa0 R15: 00007fffe7e29398
[  186.958011][ T8925]  </TASK>
[  187.388964][   T40] audit: type=1400 audit(1745210754.909:402): avc:  denied  { setopt } for  pid=8933 comm="syz.2.1199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  187.645731][    C1] vkms_vblank_simulate: vblank timer overrun
[  187.672829][ T8942] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1203'.
[  187.695036][ T8944] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1204'.
[  187.707712][ T8942] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  187.724408][ T8942] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  187.733243][   T40] audit: type=1400 audit(1745210755.251:403): avc:  denied  { watch watch_reads } for  pid=8941 comm="syz.3.1203" path="/287" dev="tmpfs" ino=1503 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  187.766105][ T8942] overlay: ./file0 is not a directory
[  187.818565][    C1] vkms_vblank_simulate: vblank timer overrun
[  187.953851][   T40] audit: type=1400 audit(1745210755.483:404): avc:  denied  { nlmsg_tty_audit } for  pid=8957 comm="syz.3.1207" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  188.323092][ T5997] usb 6-1: USB disconnect, device number 5
[  188.821497][   T40] audit: type=1400 audit(1745210756.348:405): avc:  denied  { ioctl } for  pid=8978 comm="syz.1.1217" path="socket:[20116]" dev="sockfs" ino=20116 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  188.891100][   T40] audit: type=1400 audit(1745210756.348:406): avc:  denied  { append } for  pid=8978 comm="syz.1.1217" name="event3" dev="devtmpfs" ino=1298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  189.114044][   T40] audit: type=1400 audit(1745210756.640:407): avc:  denied  { read write } for  pid=8993 comm="syz.3.1222" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  189.151700][   T40] audit: type=1400 audit(1745210756.640:408): avc:  denied  { open } for  pid=8993 comm="syz.3.1222" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  189.160790][ T8994] loop6: detected capacity change from 0 to 128
[  189.291226][ T8997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1224'.
[  190.323520][ T9029] cgroup: fork rejected by pids controller in /syz1
[  190.852466][   T24] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  191.006018][ T9152] NILFS (nullb0): couldn't find nilfs on the device
[  191.071132][   T24] usb 8-1: Using ep0 maxpacket: 8
[  191.097180][   T24] usb 8-1: config 0 has no interfaces?
[  191.138822][   T24] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  191.143388][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.146885][   T24] usb 8-1: Product: syz
[  191.148708][   T24] usb 8-1: Manufacturer: syz
[  191.150822][   T24] usb 8-1: SerialNumber: syz
[  191.209335][   T24] usb 8-1: config 0 descriptor??
[  191.407355][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  191.407370][   T40] audit: type=1400 audit(1745210758.953:414): avc:  denied  { execute } for  pid=9160 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  191.420527][   T40] audit: type=1400 audit(1745210758.963:415): avc:  denied  { execute_no_trans } for  pid=9160 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  191.480303][   T40] audit: type=1400 audit(1745210759.004:416): avc:  denied  { bind } for  pid=9012 comm="syz.3.1227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  191.494197][   T65] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.561925][   T24] usb 8-1: USB disconnect, device number 5
[  191.818052][   T65] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.838464][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  191.843666][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  191.850771][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  191.866984][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  191.871394][ T5959] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  191.906604][   T40] audit: type=1400 audit(1745210759.466:417): avc:  denied  { mounton } for  pid=9168 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  192.040523][   T65] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.286528][   T65] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.789698][ T9168] chnl_net:caif_netlink_parms(): no params data found
[  192.803880][   T40] audit: type=1400 audit(1745210760.360:418): avc:  denied  { ioctl } for  pid=9196 comm="syz.0.1261" path="socket:[21899]" dev="sockfs" ino=21899 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  192.967563][   T65] bridge_slave_1: left allmulticast mode
[  192.971169][   T65] bridge_slave_1: left promiscuous mode
[  192.975643][   T65] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.078420][   T65] bridge_slave_0: left allmulticast mode
[  193.125714][   T68] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  193.129345][   T65] bridge_slave_0: left promiscuous mode
[  193.131753][ T9215] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9215 comm=syz.2.1265
[  193.132630][   T65] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.157403][   T40] audit: type=1400 audit(1745210760.722:419): avc:  denied  { read } for  pid=9214 comm="syz.2.1265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  193.203870][   T40] audit: type=1400 audit(1745210760.722:420): avc:  denied  { ioctl } for  pid=9214 comm="syz.2.1265" path="socket:[22563]" dev="sockfs" ino=22563 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  193.215145][ T5959] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  193.233793][ T5959] CPU: 0 UID: 0 PID: 5959 Comm: kworker/u33:2 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  193.233821][ T5959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  193.233833][ T5959] Workqueue: hci2 hci_rx_work
[  193.233858][ T5959] Call Trace:
[  193.233864][ T5959]  <TASK>
[  193.233872][ T5959]  dump_stack_lvl+0x16c/0x1f0
[  193.233898][ T5959]  sysfs_warn_dup+0x7f/0xa0
[  193.233917][ T5959]  sysfs_create_dir_ns+0x24b/0x2b0
[  193.233935][ T5959]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  193.233959][ T5959]  ? find_held_lock+0x2b/0x80
[  193.233989][ T5959]  ? do_raw_spin_unlock+0x172/0x230
[  193.234010][ T5959]  kobject_add_internal+0x2c4/0x9b0
[  193.234039][ T5959]  kobject_add+0x16e/0x240
[  193.234065][ T5959]  ? __pfx_kobject_add+0x10/0x10
[  193.234092][ T5959]  ? do_raw_spin_unlock+0x172/0x230
[  193.234113][ T5959]  ? kobject_put+0xab/0x5a0
[  193.234144][ T5959]  device_add+0x288/0x1a70
[  193.234163][ T5959]  ? __pfx_dev_set_name+0x10/0x10
[  193.234183][ T5959]  ? __pfx_device_add+0x10/0x10
[  193.234200][ T5959]  ? mgmt_send_event_skb+0x2fb/0x460
[  193.234226][ T5959]  hci_conn_add_sysfs+0x17e/0x230
[  193.234247][ T5959]  le_conn_complete_evt+0x1075/0x1d70
[  193.234275][ T5959]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  193.234294][ T5959]  ? hci_event_packet+0x43c/0x1190
[  193.234319][ T5959]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  193.234340][ T5959]  ? skb_pull_data+0x166/0x210
[  193.234364][ T5959]  hci_le_meta_evt+0x2f3/0x5e0
[  193.234474][ T5959]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  193.234499][ T5959]  hci_event_packet+0x669/0x1190
[  193.234518][ T5959]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  193.234540][ T5959]  ? __pfx_hci_event_packet+0x10/0x10
[  193.234561][ T5959]  ? kcov_remote_start+0x3c9/0x6d0
[  193.234670][ T5959]  ? lockdep_hardirqs_on+0x7c/0x110
[  193.234701][ T5959]  hci_rx_work+0x2c5/0x16b0
[  193.234722][ T5959]  ? rcu_is_watching+0x12/0xc0
[  193.234748][ T5959]  process_one_work+0x9cc/0x1b70
[  193.234781][ T5959]  ? __pfx_process_one_work+0x10/0x10
[  193.234809][ T5959]  ? assign_work+0x1a0/0x250
[  193.234831][ T5959]  worker_thread+0x6c8/0xf10
[  193.234864][ T5959]  ? __pfx_worker_thread+0x10/0x10
[  193.234884][ T5959]  kthread+0x3c2/0x780
[  193.234902][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.234917][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.234932][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.234960][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.234978][ T5959]  ? rcu_is_watching+0x12/0xc0
[  193.235002][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.235023][ T5959]  ret_from_fork+0x45/0x80
[  193.235041][ T5959]  ? __pfx_kthread+0x10/0x10
[  193.235059][ T5959]  ret_from_fork_asm+0x1a/0x30
[  193.235098][ T5959]  </TASK>
[  193.235131][ T5959] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  193.310173][   T40] audit: type=1400 audit(1745210760.863:421): avc:  denied  { write } for  pid=5337 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  193.312054][ T5959] Bluetooth: hci2: failed to register connection device
[  193.312864][   T40] audit: type=1400 audit(1745210760.863:422): avc:  denied  { remove_name } for  pid=5337 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  193.585029][   T40] audit: type=1400 audit(1745210760.863:423): avc:  denied  { add_name } for  pid=5337 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  193.896215][   T68] Bluetooth: hci0: command tx timeout
[  194.521927][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  194.564048][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  194.571072][   T65] bond0 (unregistering): Released all slaves
[  194.743821][   T65] IPVS: stopping backup sync thread 8595 ...
[  195.458690][   T68] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  195.504488][ T9168] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.507109][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.510230][ T9168] bridge_slave_0: entered allmulticast mode
[  195.513855][ T9168] bridge_slave_0: entered promiscuous mode
[  195.538476][ T9168] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.560293][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.575057][ T9168] bridge_slave_1: entered allmulticast mode
[  195.587195][ T9168] bridge_slave_1: entered promiscuous mode
[  195.794863][ T9265] tmpfs: Bad value for 'mpol'
[  195.856400][ T9267] tmpfs: Bad value for 'mpol'
[  195.978839][ T5959] Bluetooth: hci0: command tx timeout
[  196.044383][ T9168] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.181883][   T65] hsr_slave_0: left promiscuous mode
[  196.203546][   T65] hsr_slave_1: left promiscuous mode
[  196.207025][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.210808][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.249271][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.251877][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.367162][   T65] veth1_macvtap: left promiscuous mode
[  196.390384][   T65] veth0_macvtap: left promiscuous mode
[  196.395195][   T65] veth1_vlan: left promiscuous mode
[  196.397832][   T65] veth0_vlan: left promiscuous mode
[  196.457092][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  196.457106][   T40] audit: type=1400 audit(1745210764.026:430): avc:  denied  { bind } for  pid=9287 comm="syz.0.1283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  198.031059][   T68] Bluetooth: hci0: command tx timeout
[  198.722177][   T65] team0 (unregistering): Port device team_slave_1 removed
[  198.914187][   T65] team0 (unregistering): Port device team_slave_0 removed
[  199.475412][ T5959] Bluetooth: hci2: command 0x0406 tx timeout
[  200.118842][ T5959] Bluetooth: hci0: command tx timeout
[  200.860725][ T9168] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.899713][ T9290] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1284'.
[  201.057924][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1285'.
[  201.116948][   T40] audit: type=1400 audit(1745210768.702:431): avc:  denied  { listen } for  pid=9307 comm="syz.2.1287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  201.145993][   T40] audit: type=1400 audit(1745210768.732:432): avc:  denied  { accept } for  pid=9307 comm="syz.2.1287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  201.224043][ T9309] 9pnet_fd: Insufficient options for proto=fd
[  201.328288][ T9168] team0: Port device team_slave_0 added
[  201.461567][ T9314] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  201.504530][ T9168] team0: Port device team_slave_1 added
[  201.537538][ T9314] syz.0.1288: attempt to access beyond end of device
[  201.537538][ T9314] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  201.570881][ T9314] XFS (nbd0): SB validate failed with error -5.
[  201.585485][ T9168] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.661168][ T9168] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.672198][ T9168] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.690702][ T9168] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.746537][ T9168] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.774548][ T9168] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.250026][ T9168] hsr_slave_0: entered promiscuous mode
[  202.276328][ T9168] hsr_slave_1: entered promiscuous mode
[  202.335703][ T9342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1295'.
[  202.590910][   T65] IPVS: stop unused estimator thread 0...
[  202.792192][ T9355] netlink: 'syz.0.1300': attribute type 142 has an invalid length.
[  202.825221][   T40] audit: type=1400 audit(1745210770.396:433): avc:  denied  { create } for  pid=9350 comm="syz.2.1299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  202.886492][ T9362] Unknown options in mask 5
[  203.006763][   T40] audit: type=1400 audit(1745210770.587:434): avc:  denied  { accept } for  pid=9369 comm="syz.3.1305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  203.228970][ T9378] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=55 sclass=netlink_tcpdiag_socket pid=9378 comm=syz.0.1307
[  203.312972][ T9378] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1307'.
[  203.336520][ T9378] netlink: 'syz.0.1307': attribute type 30 has an invalid length.
[  203.441198][ T9378] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  203.446746][ T9378] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  203.466834][ T9378] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  203.469769][ T9378] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  203.812220][ T9392] @: renamed from vlan0 (while UP)
[  204.506025][ T9427] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1325'.
[  204.907814][ T9436] netlink: 'syz.0.1329': attribute type 25 has an invalid length.
[  204.961270][ T9433] netlink: 'syz.3.1326': attribute type 5 has an invalid length.
[  205.380338][ T9458] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1337'.
[  205.426329][ T9458] sp0: Synchronizing with TNC
[  205.567035][ T9168] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  205.582335][ T9168] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  205.616896][ T9168] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  205.676844][ T9168] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  205.957883][ T9168] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.974045][ T9168] 8021q: adding VLAN 0 to HW filter on device team0
[  205.989195][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.992343][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.052006][   T40] audit: type=1400 audit(1745210773.654:435): avc:  denied  { setopt } for  pid=9475 comm="syz.3.1341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  206.063547][  T761] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.102503][  T761] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.231013][ T5959] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  206.553193][ T9168] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.652697][ T9168] veth0_vlan: entered promiscuous mode
[  206.676675][ T9168] veth1_vlan: entered promiscuous mode
[  206.746698][ T9168] veth0_macvtap: entered promiscuous mode
[  206.768384][ T9168] veth1_macvtap: entered promiscuous mode
[  206.824777][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.831835][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.871458][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.875570][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.881416][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.906015][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.925634][ T9168] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.931996][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.945754][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.950831][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.957065][   T40] audit: type=1400 audit(1745210774.555:436): avc:  denied  { listen } for  pid=9511 comm="syz.2.1349" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  206.968408][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.968427][ T9168] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.968442][ T9168] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.969770][ T9168] batman_adv: batadv0: Interface activated: batadv_slave_1
[  207.036985][   T40] audit: type=1400 audit(1745210774.555:437): avc:  denied  { read } for  pid=9511 comm="syz.2.1349" laddr=172.20.20.10 lport=35718 faddr=172.20.20.0 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  207.040478][ T9168] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.088489][ T9515] Bluetooth: hci4: Frame reassembly failed (-90)
[  207.097018][ T9168] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.101469][ T9168] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.107999][ T1204] Bluetooth: hci4: Frame reassembly failed (-84)
[  207.111177][ T9168] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.306370][ T9524] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1351'.
[  207.388700][   T40] audit: type=1400 audit(1745210774.986:438): avc:  denied  { mount } for  pid=9526 comm="syz.2.1352" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  207.438107][ T1143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.463512][ T1143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.494930][ T9515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1350'.
[  207.497642][   T40] audit: type=1400 audit(1745210775.096:439): avc:  denied  { watch } for  pid=9519 comm="syz.0.1351" path="/331/file0" dev="9p" ino=36831274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  207.508624][ T9520] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1351'.
[  207.508649][ T9520] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1351'.
[  207.553871][   T40] audit: type=1400 audit(1745210775.096:440): avc:  denied  { write } for  pid=9519 comm="syz.0.1351" name="/" dev="9p" ino=36831274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  207.564309][   T40] audit: type=1400 audit(1745210775.096:441): avc:  denied  { add_name } for  pid=9519 comm="syz.0.1351" name="cgroup.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  207.573952][   T40] audit: type=1400 audit(1745210775.096:442): avc:  denied  { create } for  pid=9519 comm="syz.0.1351" name="cgroup.stat" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  207.624643][ T8510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.627615][ T8510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  208.263547][ T9562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1358'.
[  208.270290][ T5959] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  209.022612][ T5961] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  209.027957][ T5961] CPU: 0 UID: 0 PID: 5961 Comm: kworker/u33:3 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  209.027982][ T5961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  209.027993][ T5961] Workqueue: hci0 hci_rx_work
[  209.028014][ T5961] Call Trace:
[  209.028022][ T5961]  <TASK>
[  209.028029][ T5961]  dump_stack_lvl+0x16c/0x1f0
[  209.028069][ T5961]  sysfs_warn_dup+0x7f/0xa0
[  209.028087][ T5961]  sysfs_create_dir_ns+0x24b/0x2b0
[  209.028103][ T5961]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  209.028118][ T5961]  ? find_held_lock+0x2b/0x80
[  209.028142][ T5961]  ? do_raw_spin_unlock+0x172/0x230
[  209.028161][ T5961]  kobject_add_internal+0x2c4/0x9b0
[  209.028190][ T5961]  kobject_add+0x16e/0x240
[  209.028214][ T5961]  ? __pfx_kobject_add+0x10/0x10
[  209.028238][ T5961]  ? do_raw_spin_unlock+0x172/0x230
[  209.028255][ T5961]  ? kobject_put+0xab/0x5a0
[  209.028283][ T5961]  device_add+0x288/0x1a70
[  209.028298][ T5961]  ? __pfx_dev_set_name+0x10/0x10
[  209.028315][ T5961]  ? __pfx_device_add+0x10/0x10
[  209.028331][ T5961]  ? mgmt_send_event_skb+0x2fb/0x460
[  209.028353][ T5961]  hci_conn_add_sysfs+0x17e/0x230
[  209.028373][ T5961]  le_conn_complete_evt+0x1075/0x1d70
[  209.028395][ T5961]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  209.028410][ T5961]  ? hci_event_packet+0x43c/0x1190
[  209.028432][ T5961]  hci_le_conn_complete_evt+0x23c/0x370
[  209.028453][ T5961]  hci_le_meta_evt+0x2f3/0x5e0
[  209.028469][ T5961]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  209.028488][ T5961]  hci_event_packet+0x669/0x1190
[  209.028504][ T5961]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  209.028522][ T5961]  ? __pfx_hci_event_packet+0x10/0x10
[  209.028539][ T5961]  ? kcov_remote_start+0x3c9/0x6d0
[  209.028556][ T5961]  ? lockdep_hardirqs_on+0x7c/0x110
[  209.028580][ T5961]  hci_rx_work+0x2c5/0x16b0
[  209.028598][ T5961]  ? rcu_is_watching+0x12/0xc0
[  209.028620][ T5961]  process_one_work+0x9cc/0x1b70
[  209.028647][ T5961]  ? __pfx_process_one_work+0x10/0x10
[  209.028670][ T5961]  ? assign_work+0x1a0/0x250
[  209.028688][ T5961]  worker_thread+0x6c8/0xf10
[  209.028716][ T5961]  ? __pfx_worker_thread+0x10/0x10
[  209.028733][ T5961]  kthread+0x3c2/0x780
[  209.028749][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028763][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028777][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028791][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028805][ T5961]  ? rcu_is_watching+0x12/0xc0
[  209.028823][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028838][ T5961]  ret_from_fork+0x45/0x80
[  209.028854][ T5961]  ? __pfx_kthread+0x10/0x10
[  209.028878][ T5961]  ret_from_fork_asm+0x1a/0x30
[  209.028914][ T5961]  </TASK>
[  209.028960][ T5961] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  209.135551][   T68] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  209.137074][ T5959] Bluetooth: hci4: command 0x1003 tx timeout
[  209.218497][ T5961] Bluetooth: hci0: failed to register connection device
[  209.369378][ T9587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'.
[  209.437641][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  209.437656][   T40] audit: type=1400 audit(1745210777.040:448): avc:  denied  { write } for  pid=9584 comm="syz.3.1370" path="socket:[22480]" dev="sockfs" ino=22480 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  209.439137][ T9587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'.
[  209.439157][ T9587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'.
[  209.439170][ T9587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1370'.
[  209.515383][ T9588] can0: slcan on ptm0.
[  209.859287][ T7881] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  209.896167][ T9611] batadv_slave_1: entered promiscuous mode
[  209.924016][ T9608] batadv_slave_1: left promiscuous mode
[  210.064284][ T7881] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.075546][ T7881] usb 8-1: config 0 has no interfaces?
[  210.077782][ T7881] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  210.126013][ T7881] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.153305][ T7881] usb 8-1: config 0 descriptor??
[  210.284761][ T9623] ip6erspan0: entered promiscuous mode
[  210.321761][   T40] audit: type=1400 audit(1745210777.921:449): avc:  denied  { listen } for  pid=9618 comm="syz.2.1380" lport=53886 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  210.370692][   T40] audit: type=1400 audit(1745210777.951:450): avc:  denied  { accept } for  pid=9618 comm="syz.2.1380" lport=53886 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  210.390203][   T40] audit: type=1400 audit(1745210777.961:451): avc:  denied  { setopt } for  pid=9618 comm="syz.2.1380" lport=53886 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  210.438069][   T40] audit: type=1400 audit(1745210778.041:452): avc:  denied  { connect } for  pid=9584 comm="syz.3.1370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  210.495445][   T40] audit: type=1400 audit(1745210778.091:453): avc:  denied  { append } for  pid=9584 comm="syz.3.1370" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  210.511877][   T40] audit: type=1400 audit(1745210778.091:454): avc:  denied  { write } for  pid=9584 comm="syz.3.1370" laddr=fe80::14 lport=1 faddr=fe80::17 fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  210.601350][ T9634] exfat: Unknown parameter 'discard'
[  210.626054][   T40] audit: type=1400 audit(1745210778.212:455): avc:  denied  { mounton } for  pid=9632 comm="syz.1.1383" path="/7/bus" dev="tmpfs" ino=54 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  210.663965][ T9587] can0 (unregistered): slcan off ptm0.
[  210.764647][ T9640] Bluetooth: MGMT ver 1.23
[  210.914069][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  210.916885][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  210.959634][ T5995] usb 8-1: USB disconnect, device number 6
[  210.975962][ T9650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  210.979991][ T9650] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.020154][ T9653] overlay: filesystem on ./bus is read-only
[  211.064752][   T40] audit: type=1400 audit(1745210778.672:456): avc:  denied  { write } for  pid=9646 comm="syz.2.1386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  211.404422][ T9675] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1391'.
[  211.408869][ T9675] 9pnet_virtio: no channels available for device 127.0.0.1
[  211.587082][   T40] audit: type=1400 audit(1745210779.193:457): avc:  denied  { getopt } for  pid=9676 comm="syz.0.1392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  211.596894][ T9682] overlayfs: failed to clone upperpath
[  211.706321][ T9685] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  211.777446][ T9692] xt_hashlimit: size too large, truncated to 1048576
[  212.127485][ T9709] FAULT_INJECTION: forcing a failure.
[  212.127485][ T9709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.134116][ T9709] CPU: 1 UID: 0 PID: 9709 Comm: syz.1.1404 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  212.134137][ T9709] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.134146][ T9709] Call Trace:
[  212.134151][ T9709]  <TASK>
[  212.134156][ T9709]  dump_stack_lvl+0x16c/0x1f0
[  212.134180][ T9709]  should_fail_ex+0x512/0x640
[  212.134231][ T9709]  _copy_from_iter+0x2a4/0x15b0
[  212.134251][ T9709]  ? __alloc_skb+0x200/0x380
[  212.134268][ T9709]  ? __pfx__copy_from_iter+0x10/0x10
[  212.134285][ T9709]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  212.134309][ T9709]  netlink_sendmsg+0x829/0xdd0
[  212.134331][ T9709]  ? __pfx_netlink_sendmsg+0x10/0x10
[  212.134357][ T9709]  ____sys_sendmsg+0xa95/0xc70
[  212.134378][ T9709]  ? copy_msghdr_from_user+0x10a/0x160
[  212.134394][ T9709]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.134423][ T9709]  ___sys_sendmsg+0x134/0x1d0
[  212.134441][ T9709]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.134482][ T9709]  __sys_sendmsg+0x16d/0x220
[  212.134498][ T9709]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.134521][ T9709]  ? rcu_is_watching+0x12/0xc0
[  212.134544][ T9709]  do_syscall_64+0xcd/0x260
[  212.134564][ T9709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.134578][ T9709] RIP: 0033:0x7f7c7598e169
[  212.134590][ T9709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.134603][ T9709] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.134617][ T9709] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  212.134626][ T9709] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  212.134634][ T9709] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  212.134641][ T9709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.134649][ T9709] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  212.134667][ T9709]  </TASK>
[  212.483615][ T9727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'.
[  212.487085][ T9727] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1410'.
[  212.752624][ T9738] FAULT_INJECTION: forcing a failure.
[  212.752624][ T9738] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.768754][ T9738] CPU: 0 UID: 0 PID: 9738 Comm: syz.1.1413 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  212.768783][ T9738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.768794][ T9738] Call Trace:
[  212.768800][ T9738]  <TASK>
[  212.768807][ T9738]  dump_stack_lvl+0x16c/0x1f0
[  212.768834][ T9738]  should_fail_ex+0x512/0x640
[  212.768858][ T9738]  _copy_from_user+0x2e/0xd0
[  212.768879][ T9738]  copy_msghdr_from_user+0x98/0x160
[  212.768901][ T9738]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  212.768933][ T9738]  ___sys_sendmsg+0xfe/0x1d0
[  212.768955][ T9738]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.769005][ T9738]  __sys_sendmsg+0x16d/0x220
[  212.769026][ T9738]  ? __pfx___sys_sendmsg+0x10/0x10
[  212.769053][ T9738]  ? rcu_is_watching+0x12/0xc0
[  212.769082][ T9738]  do_syscall_64+0xcd/0x260
[  212.769106][ T9738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.769125][ T9738] RIP: 0033:0x7f7c7598e169
[  212.769138][ T9738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.769154][ T9738] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.769679][ T9738] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  212.769690][ T9738] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  212.769699][ T9738] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  212.769708][ T9738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.769717][ T9738] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  212.769739][ T9738]  </TASK>
[  213.439099][ T9763] xt_hashlimit: size too large, truncated to 1048576
[  213.530855][ T9764] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  213.557502][ T9764] macsec1: entered allmulticast mode
[  213.595137][ T9764] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[  213.639201][ T9764] mac80211_hwsim hwsim8 wlan0: left allmulticast mode
[  213.643872][ T9764] mac80211_hwsim hwsim8 wlan0: left promiscuous mode
[  213.678238][ T9772] FAULT_INJECTION: forcing a failure.
[  213.678238][ T9772] name failslab, interval 1, probability 0, space 0, times 0
[  213.683950][ T9772] CPU: 0 UID: 0 PID: 9772 Comm: syz.0.1422 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  213.683973][ T9772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.683983][ T9772] Call Trace:
[  213.683989][ T9772]  <TASK>
[  213.683996][ T9772]  dump_stack_lvl+0x16c/0x1f0
[  213.684024][ T9772]  should_fail_ex+0x512/0x640
[  213.684046][ T9772]  should_failslab+0xc2/0x120
[  213.684064][ T9772]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  213.684081][ T9772]  ? skb_clone+0x190/0x3f0
[  213.684104][ T9772]  skb_clone+0x190/0x3f0
[  213.684141][ T9772]  netlink_deliver_tap+0xabd/0xd30
[  213.684171][ T9772]  netlink_unicast+0x5df/0x7f0
[  213.684196][ T9772]  ? __pfx_netlink_unicast+0x10/0x10
[  213.684224][ T9772]  netlink_sendmsg+0x8d1/0xdd0
[  213.684250][ T9772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.684279][ T9772]  ____sys_sendmsg+0xa95/0xc70
[  213.684302][ T9772]  ? copy_msghdr_from_user+0x10a/0x160
[  213.684321][ T9772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.684354][ T9772]  ___sys_sendmsg+0x134/0x1d0
[  213.684375][ T9772]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.684508][ T9772]  __sys_sendmsg+0x16d/0x220
[  213.684531][ T9772]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.684559][ T9772]  ? rcu_is_watching+0x12/0xc0
[  213.684586][ T9772]  do_syscall_64+0xcd/0x260
[  213.684610][ T9772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.684624][ T9772] RIP: 0033:0x7fac75d8e169
[  213.684637][ T9772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.684652][ T9772] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.684669][ T9772] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  213.684680][ T9772] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  213.684689][ T9772] RBP: 00007fac76c88090 R08: 0000000000000000 R09: 0000000000000000
[  213.684698][ T9772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.684708][ T9772] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  213.684880][ T9772]  </TASK>
[  214.048137][ T9781] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1425'.
[  214.054246][ T9781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1425'.
[  214.115183][ T9785] netlink: 'syz.3.1427': attribute type 24 has an invalid length.
[  215.071122][ T9822] FAULT_INJECTION: forcing a failure.
[  215.071122][ T9822] name failslab, interval 1, probability 0, space 0, times 0
[  215.126271][ T9822] CPU: 1 UID: 0 PID: 9822 Comm: syz.1.1443 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  215.126298][ T9822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  215.126308][ T9822] Call Trace:
[  215.126314][ T9822]  <TASK>
[  215.126321][ T9822]  dump_stack_lvl+0x16c/0x1f0
[  215.126349][ T9822]  should_fail_ex+0x512/0x640
[  215.126368][ T9822]  ? __kmalloc_noprof+0xbf/0x510
[  215.126387][ T9822]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  215.126415][ T9822]  should_failslab+0xc2/0x120
[  215.126434][ T9822]  __kmalloc_noprof+0xd2/0x510
[  215.126453][ T9822]  ? avc_has_perm_noaudit+0x149/0x3b0
[  215.126473][ T9822]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  215.126505][ T9822]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  215.126532][ T9822]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  215.126575][ T9822]  ? bpf_lsm_capable+0x9/0x10
[  215.126591][ T9822]  ? security_capable+0x7e/0x260
[  215.126611][ T9822]  ? ns_capable+0xd7/0x110
[  215.126635][ T9822]  genl_rcv_msg+0x55c/0x800
[  215.126663][ T9822]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.126687][ T9822]  ? __pfx___dev_queue_xmit+0x10/0x10
[  215.126704][ T9822]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  215.126725][ T9822]  ? __pfx_nl80211_start_ap+0x10/0x10
[  215.126746][ T9822]  ? __pfx_nl80211_post_doit+0x10/0x10
[  215.126771][ T9822]  ? __lock_acquire+0xaa4/0x1ba0
[  215.126793][ T9822]  netlink_rcv_skb+0x16a/0x440
[  215.126816][ T9822]  ? __pfx_genl_rcv_msg+0x10/0x10
[  215.126842][ T9822]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  215.126878][ T9822]  ? __pfx_down_read+0x10/0x10
[  215.126904][ T9822]  ? netlink_deliver_tap+0x1ae/0xd30
[  215.126930][ T9822]  genl_rcv+0x28/0x40
[  215.126952][ T9822]  netlink_unicast+0x53a/0x7f0
[  215.126979][ T9822]  ? __pfx_netlink_unicast+0x10/0x10
[  215.127009][ T9822]  netlink_sendmsg+0x8d1/0xdd0
[  215.127036][ T9822]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.127069][ T9822]  ____sys_sendmsg+0xa95/0xc70
[  215.127095][ T9822]  ? copy_msghdr_from_user+0x10a/0x160
[  215.127114][ T9822]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.127151][ T9822]  ___sys_sendmsg+0x134/0x1d0
[  215.127173][ T9822]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.127227][ T9822]  __sys_sendmsg+0x16d/0x220
[  215.127247][ T9822]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.127276][ T9822]  ? rcu_is_watching+0x12/0xc0
[  215.127304][ T9822]  do_syscall_64+0xcd/0x260
[  215.127328][ T9822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.127345][ T9822] RIP: 0033:0x7f7c7598e169
[  215.127360][ T9822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.127376][ T9822] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.127393][ T9822] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  215.127403][ T9822] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003
[  215.127413][ T9822] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  215.127423][ T9822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.127433][ T9822] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  215.127456][ T9822]  </TASK>
[  215.325346][   T68] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  215.412428][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  215.412440][   T40] audit: type=1800 audit(1745210783.018:467): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.1450" name="nullb0" dev="tmpfs" ino=2138 res=0 errno=0
[  215.574806][   T68] Bluetooth: hci0: command 0x0406 tx timeout
[  216.063229][   T40] audit: type=1400 audit(1745210783.659:468): avc:  denied  { setopt } for  pid=9868 comm="syz.2.1463" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  216.220914][    T9] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  216.444565][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.474081][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.511941][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  216.519821][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  216.525430][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.541314][    T9] usb 8-1: config 0 descriptor??
[  217.228295][ T9901] FAULT_INJECTION: forcing a failure.
[  217.228295][ T9901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.236428][ T9901] CPU: 2 UID: 0 PID: 9901 Comm: syz.0.1476 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  217.236453][ T9901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.236464][ T9901] Call Trace:
[  217.236470][ T9901]  <TASK>
[  217.236477][ T9901]  dump_stack_lvl+0x16c/0x1f0
[  217.236509][ T9901]  should_fail_ex+0x512/0x640
[  217.236531][ T9901]  _copy_from_iter+0x2a4/0x15b0
[  217.236552][ T9901]  ? __alloc_skb+0x200/0x380
[  217.236572][ T9901]  ? __pfx__copy_from_iter+0x10/0x10
[  217.236593][ T9901]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  217.236623][ T9901]  netlink_sendmsg+0x829/0xdd0
[  217.236651][ T9901]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.236683][ T9901]  ____sys_sendmsg+0xa95/0xc70
[  217.236709][ T9901]  ? copy_msghdr_from_user+0x10a/0x160
[  217.236728][ T9901]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.237961][ T9901]  ___sys_sendmsg+0x134/0x1d0
[  217.237986][ T9901]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.238040][ T9901]  __sys_sendmsg+0x16d/0x220
[  217.238060][ T9901]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.238089][ T9901]  ? rcu_is_watching+0x12/0xc0
[  217.238117][ T9901]  do_syscall_64+0xcd/0x260
[  217.238143][ T9901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.238179][ T9901] RIP: 0033:0x7fac75d8e169
[  217.238193][ T9901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.238208][ T9901] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.238224][ T9901] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  217.238235][ T9901] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  217.238245][ T9901] RBP: 00007fac76c88090 R08: 0000000000000000 R09: 0000000000000000
[  217.238254][ T9901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.238264][ T9901] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  217.238286][ T9901]  </TASK>
[  217.586894][    T9] usbhid 8-1:0.0: can't add hid device: -71
[  217.625217][ T9912] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1483'.
[  217.666642][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  217.682368][ T9915] netlink: 'syz.2.1482': attribute type 30 has an invalid length.
[  217.703409][   T40] audit: type=1400 audit(1745210785.320:469): avc:  denied  { accept } for  pid=9916 comm="syz.1.1484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  217.720342][    T9] usb 8-1: USB disconnect, device number 7
[  217.937872][ T9929] FAULT_INJECTION: forcing a failure.
[  217.937872][ T9929] name failslab, interval 1, probability 0, space 0, times 0
[  217.951414][ T9929] CPU: 2 UID: 0 PID: 9929 Comm: syz.0.1488 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  217.951438][ T9929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.951572][ T9929] Call Trace:
[  217.951579][ T9929]  <TASK>
[  217.951587][ T9929]  dump_stack_lvl+0x16c/0x1f0
[  217.951771][ T9929]  should_fail_ex+0x512/0x640
[  217.951793][ T9929]  should_failslab+0xc2/0x120
[  217.951811][ T9929]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  217.951828][ T9929]  ? skb_clone+0x190/0x3f0
[  217.951851][ T9929]  skb_clone+0x190/0x3f0
[  217.951871][ T9929]  netlink_deliver_tap+0xabd/0xd30
[  217.951895][ T9929]  netlink_unicast+0x5df/0x7f0
[  217.951919][ T9929]  ? __pfx_netlink_unicast+0x10/0x10
[  217.951947][ T9929]  netlink_sendmsg+0x8d1/0xdd0
[  217.951972][ T9929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.952003][ T9929]  ____sys_sendmsg+0xa95/0xc70
[  217.952026][ T9929]  ? copy_msghdr_from_user+0x10a/0x160
[  217.952045][ T9929]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.952079][ T9929]  ___sys_sendmsg+0x134/0x1d0
[  217.952099][ T9929]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.952147][ T9929]  __sys_sendmsg+0x16d/0x220
[  217.952166][ T9929]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.952192][ T9929]  ? rcu_is_watching+0x12/0xc0
[  217.952217][ T9929]  do_syscall_64+0xcd/0x260
[  217.952242][ T9929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.952259][ T9929] RIP: 0033:0x7fac75d8e169
[  217.952273][ T9929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.952288][ T9929] RSP: 002b:00007fac76c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.952308][ T9929] RAX: ffffffffffffffda RBX: 00007fac75fb5fa0 RCX: 00007fac75d8e169
[  217.952318][ T9929] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  217.952328][ T9929] RBP: 00007fac76c88090 R08: 0000000000000000 R09: 0000000000000000
[  217.952337][ T9929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.952346][ T9929] R13: 0000000000000000 R14: 00007fac75fb5fa0 R15: 00007ffee295b978
[  217.952368][ T9929]  </TASK>
[  218.041773][ T9930] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  218.249205][ T9939] netlink: 'syz.0.1492': attribute type 1 has an invalid length.
[  218.277488][ T9939] 8021q: adding VLAN 0 to HW filter on device bond1
[  218.284511][ T9939] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1492'.
[  218.539347][   T40] audit: type=1400 audit(1745210786.151:470): avc:  denied  { connect } for  pid=9952 comm="syz.2.1499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  218.563036][ T9954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1499'.
[  218.563359][   T40] audit: type=1400 audit(1745210786.151:471): avc:  denied  { search } for  pid=9952 comm="syz.2.1499" name="/" dev="configfs" ino=2080 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  218.594341][   T40] audit: type=1400 audit(1745210786.151:472): avc:  denied  { read } for  pid=9952 comm="syz.2.1499" name="/" dev="configfs" ino=2080 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  218.602912][   T40] audit: type=1400 audit(1745210786.151:473): avc:  denied  { open } for  pid=9952 comm="syz.2.1499" path="/" dev="configfs" ino=2080 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  218.626410][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880284b5000: rx timeout, send abort
[  218.744228][ T9958] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1501'.
[  218.917176][ T9961] vlan2: entered allmulticast mode
[  219.077671][ T9965] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1503'.
[  219.134210][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880284b5800: rx timeout, send abort
[  219.140582][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880284b5000: abort rx timeout. Force session deactivation
[  219.624642][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880284b4800: rx timeout, send abort
[  219.628379][    C3] vcan0: j1939_xtp_rx_abort_one: 0xffff8880284b4800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  219.640662][    C3] vcan0: j1939_tp_rxtimer: 0xffff8880284b5800: abort rx timeout. Force session deactivation
[  219.644202][ T9993] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1514'.
[  219.729410][   T40] audit: type=1400 audit(1745210787.342:474): avc:  denied  { setopt } for  pid=9996 comm="syz.0.1518" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  219.750223][   T40] audit: type=1400 audit(1745210787.342:475): avc:  denied  { ioctl } for  pid=9996 comm="syz.0.1518" path="socket:[25957]" dev="sockfs" ino=25957 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  219.909555][   T40] audit: type=1400 audit(1745210787.502:476): avc:  denied  { remount } for  pid=9994 comm="syz.1.1516" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  220.039000][T10018] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10018 comm=syz.0.1522
[  220.613690][   T40] audit: type=1400 audit(1745210788.203:477): avc:  denied  { bind } for  pid=10043 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.639789][   T40] audit: type=1400 audit(1745210788.233:478): avc:  denied  { ioctl } for  pid=10043 comm="syz.2.1534" path="socket:[25995]" dev="sockfs" ino=25995 ioctlcmd=0x89a1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.669013][   T40] audit: type=1400 audit(1745210788.233:479): avc:  denied  { write } for  pid=10043 comm="syz.2.1534" lport=59660 faddr=127.0.0.1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  220.680471][   T40] audit: type=1400 audit(1745210788.233:480): avc:  denied  { listen } for  pid=10043 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.693965][   T40] audit: type=1400 audit(1745210788.233:481): avc:  denied  { accept } for  pid=10043 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.710587][   T40] audit: type=1400 audit(1745210788.283:482): avc:  denied  { connect } for  pid=10043 comm="syz.2.1534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  220.740547][T10056] FAULT_INJECTION: forcing a failure.
[  220.740547][T10056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.766113][T10056] CPU: 1 UID: 0 PID: 10056 Comm: syz.3.1537 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  220.766158][T10056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.766168][T10056] Call Trace:
[  220.766173][T10056]  <TASK>
[  220.766180][T10056]  dump_stack_lvl+0x16c/0x1f0
[  220.766209][T10056]  should_fail_ex+0x512/0x640
[  220.766232][T10056]  _copy_from_user+0x2e/0xd0
[  220.766254][T10056]  copy_msghdr_from_user+0x98/0x160
[  220.766273][T10056]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  220.766299][T10056]  ___sys_sendmsg+0xfe/0x1d0
[  220.766316][T10056]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.766359][T10056]  __sys_sendmsg+0x16d/0x220
[  220.766376][T10056]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.766398][T10056]  ? rcu_is_watching+0x12/0xc0
[  220.766422][T10056]  do_syscall_64+0xcd/0x260
[  220.766443][T10056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.766457][T10056] RIP: 0033:0x7f7779b8e169
[  220.766468][T10056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.766482][T10056] RSP: 002b:00007f777aa6d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.766496][T10056] RAX: ffffffffffffffda RBX: 00007f7779db5fa0 RCX: 00007f7779b8e169
[  220.766505][T10056] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  220.766513][T10056] RBP: 00007f777aa6d090 R08: 0000000000000000 R09: 0000000000000000
[  220.766521][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.766529][T10056] R13: 0000000000000000 R14: 00007f7779db5fa0 R15: 00007fffe7e29398
[  220.766548][T10056]  </TASK>
[  221.016445][T10062] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  221.035424][T10062] CIFS mount error: No usable UNC path provided in device string!
[  221.035424][T10062] 
[  221.042814][T10062] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  221.823152][ T5961] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  221.936190][   T40] audit: type=1326 audit(1745210789.554:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10094 comm="syz.2.1552" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7881f8e169 code=0x0
[  222.299553][T10112] FAULT_INJECTION: forcing a failure.
[  222.299553][T10112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.307712][T10112] CPU: 0 UID: 0 PID: 10112 Comm: syz.1.1556 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  222.307742][T10112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.307752][T10112] Call Trace:
[  222.307758][T10112]  <TASK>
[  222.307765][T10112]  dump_stack_lvl+0x16c/0x1f0
[  222.307808][T10112]  should_fail_ex+0x512/0x640
[  222.307834][T10112]  _copy_from_iter+0x2a4/0x15b0
[  222.307855][T10112]  ? __alloc_skb+0x200/0x380
[  222.307876][T10112]  ? __pfx__copy_from_iter+0x10/0x10
[  222.307897][T10112]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  222.307927][T10112]  netlink_sendmsg+0x829/0xdd0
[  222.307954][T10112]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.307986][T10112]  ____sys_sendmsg+0xa95/0xc70
[  222.308012][T10112]  ? copy_msghdr_from_user+0x10a/0x160
[  222.308052][T10112]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.308091][T10112]  ___sys_sendmsg+0x134/0x1d0
[  222.308113][T10112]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.308163][T10112]  __sys_sendmsg+0x16d/0x220
[  222.308184][T10112]  ? __pfx___sys_sendmsg+0x10/0x10
[  222.308220][T10112]  do_syscall_64+0xcd/0x260
[  222.308245][T10112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.308262][T10112] RIP: 0033:0x7f7c7598e169
[  222.308276][T10112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.308292][T10112] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.308312][T10112] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  222.308323][T10112] RDX: 0000000000000800 RSI: 0000200000006040 RDI: 0000000000000006
[  222.308338][T10112] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  222.308348][T10112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.308357][T10112] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  222.308384][T10112]  </TASK>
[  222.722345][T10113] ubi31: attaching mtd0
[  222.728059][T10113] ubi31: scanning is finished
[  222.729944][T10113] ubi31: empty MTD device detected
[  222.769062][T10125] FAULT_INJECTION: forcing a failure.
[  222.769062][T10125] name failslab, interval 1, probability 0, space 0, times 0
[  222.773815][T10125] CPU: 1 UID: 0 PID: 10125 Comm: syz.1.1560 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  222.773839][T10125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.773850][T10125] Call Trace:
[  222.773856][T10125]  <TASK>
[  222.773862][T10125]  dump_stack_lvl+0x16c/0x1f0
[  222.773890][T10125]  should_fail_ex+0x512/0x640
[  222.773911][T10125]  should_failslab+0xc2/0x120
[  222.773930][T10125]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  222.773948][T10125]  ? skb_clone+0x190/0x3f0
[  222.773972][T10125]  skb_clone+0x190/0x3f0
[  222.773992][T10125]  netlink_deliver_tap+0xabd/0xd30
[  222.774019][T10125]  netlink_unicast+0x6b2/0x7f0
[  222.774043][T10125]  ? __pfx_netlink_unicast+0x10/0x10
[  222.774072][T10125]  netlink_ack+0x696/0xb80
[  222.774179][T10125]  netlink_rcv_skb+0x347/0x440
[  222.774202][T10125]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  222.774228][T10125]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  222.774263][T10125]  ? bpf_lsm_capable+0x9/0x10
[  222.774278][T10125]  ? security_capable+0x7e/0x260
[  222.774298][T10125]  ? ns_capable+0xd7/0x110
[  222.774321][T10125]  nfnetlink_rcv+0x1b3/0x430
[  222.774345][T10125]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  222.774367][T10125]  ? netlink_deliver_tap+0x1ae/0xd30
[  222.774393][T10125]  netlink_unicast+0x53a/0x7f0
[  222.774418][T10125]  ? __pfx_netlink_unicast+0x10/0x10
[  222.774448][T10125]  netlink_sendmsg+0x8d1/0xdd0
[  222.774475][T10125]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.774510][T10125]  ____sys_sendmsg+0xa95/0xc70
[  222.774534][T10125]  ? copy_msghdr_from_user+0x10a/0x160
[  222.774553][T10125]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.774588][T10125]  ___sys_sendmsg+0x134/0x1d0
[  222.774607][T10125]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.774652][T10125]  __sys_sendmsg+0x16d/0x220
[  222.774670][T10125]  ? __pfx___sys_sendmsg+0x10/0x10
[  222.774695][T10125]  ? rcu_is_watching+0x12/0xc0
[  222.774720][T10125]  do_syscall_64+0xcd/0x260
[  222.774743][T10125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.774757][T10125] RIP: 0033:0x7f7c7598e169
[  222.774771][T10125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.774785][T10125] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.774799][T10125] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  222.774809][T10125] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000004
[  222.774818][T10125] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  222.774827][T10125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.774858][T10125] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  222.774882][T10125]  </TASK>
[  223.116763][T10113] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  223.122279][T10113] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  223.142073][T10113] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  223.145715][T10113] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  223.149107][T10113] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  223.155125][T10113] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  223.163542][T10113] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 300445947
[  223.167636][T10113] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  223.172347][T10133] ubi31: background thread "ubi_bgt31d" started, PID 10133
[  223.325910][ T5961] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  223.915633][T10175] FAULT_INJECTION: forcing a failure.
[  223.915633][T10175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.938561][T10175] CPU: 3 UID: 0 PID: 10175 Comm: syz.3.1575 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  223.938587][T10175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  223.938598][T10175] Call Trace:
[  223.938603][T10175]  <TASK>
[  223.938610][T10175]  dump_stack_lvl+0x16c/0x1f0
[  223.938639][T10175]  should_fail_ex+0x512/0x640
[  223.938661][T10175]  _copy_to_user+0x32/0xd0
[  223.938682][T10175]  simple_read_from_buffer+0xcb/0x170
[  223.938710][T10175]  proc_fail_nth_read+0x197/0x270
[  223.938735][T10175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.938761][T10175]  ? rw_verify_area+0xcf/0x680
[  223.938782][T10175]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.938806][T10175]  vfs_read+0x1de/0xc70
[  223.938834][T10175]  ? __pfx___mutex_lock+0x10/0x10
[  223.938856][T10175]  ? __pfx_vfs_read+0x10/0x10
[  223.938887][T10175]  ? __fget_files+0x20e/0x3c0
[  223.938909][T10175]  ksys_read+0x12a/0x240
[  223.938922][T10175]  ? __pfx_ksys_read+0x10/0x10
[  223.938944][T10175]  ? rcu_is_watching+0x12/0xc0
[  223.938971][T10175]  do_syscall_64+0xcd/0x260
[  223.938995][T10175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.939011][T10175] RIP: 0033:0x7f7779b8cb7c
[  223.939024][T10175] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  223.939039][T10175] RSP: 002b:00007f777aa6d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  223.939055][T10175] RAX: ffffffffffffffda RBX: 00007f7779db5fa0 RCX: 00007f7779b8cb7c
[  223.939065][T10175] RDX: 000000000000000f RSI: 00007f777aa6d0a0 RDI: 0000000000000005
[  223.939074][T10175] RBP: 00007f777aa6d090 R08: 0000000000000000 R09: 0000000000000000
[  223.939083][T10175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.939093][T10175] R13: 0000000000000000 R14: 00007f7779db5fa0 R15: 00007fffe7e29398
[  223.939115][T10175]  </TASK>
[  223.968752][T10180] QAT: failed to copy from user cfg_data.
[  224.428003][T10196] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  224.451424][T10200] netlink: 'syz.0.1584': attribute type 10 has an invalid length.
[  224.462450][T10200] team0: Port device hsr_slave_0 added
[  224.643263][   T68] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  224.899702][   T40] audit: type=1400 audit(1745210792.526:484): avc:  denied  { ioctl } for  pid=10224 comm="syz.3.1593" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  224.993767][   T40] audit: type=1400 audit(1745210792.616:485): avc:  denied  { mount } for  pid=10230 comm="syz.1.1596" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  224.995272][T10231] overlayfs: missing 'lowerdir'
[  224.995410][T10229] netlink: 'syz.2.1595': attribute type 1 has an invalid length.
[  225.122606][   T40] audit: type=1400 audit(1745210792.746:486): avc:  denied  { unmount } for  pid=9168 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  225.324330][T10246] FAULT_INJECTION: forcing a failure.
[  225.324330][T10246] name failslab, interval 1, probability 0, space 0, times 0
[  225.329427][T10246] CPU: 1 UID: 0 PID: 10246 Comm: syz.1.1602 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  225.329448][T10246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  225.329459][T10246] Call Trace:
[  225.329464][T10246]  <TASK>
[  225.329470][T10246]  dump_stack_lvl+0x16c/0x1f0
[  225.329496][T10246]  should_fail_ex+0x512/0x640
[  225.329516][T10246]  should_failslab+0xc2/0x120
[  225.329533][T10246]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  225.329551][T10246]  ? skb_clone+0x190/0x3f0
[  225.329573][T10246]  skb_clone+0x190/0x3f0
[  225.329592][T10246]  netlink_deliver_tap+0xabd/0xd30
[  225.329616][T10246]  netlink_unicast+0x5df/0x7f0
[  225.329640][T10246]  ? __pfx_netlink_unicast+0x10/0x10
[  225.329667][T10246]  netlink_sendmsg+0x8d1/0xdd0
[  225.329692][T10246]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.329721][T10246]  ____sys_sendmsg+0xa95/0xc70
[  225.329744][T10246]  ? copy_msghdr_from_user+0x10a/0x160
[  225.329762][T10246]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.329796][T10246]  ___sys_sendmsg+0x134/0x1d0
[  225.329816][T10246]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.329864][T10246]  __sys_sendmsg+0x16d/0x220
[  225.329883][T10246]  ? __pfx___sys_sendmsg+0x10/0x10
[  225.329917][T10246]  do_syscall_64+0xcd/0x260
[  225.329939][T10246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.329955][T10246] RIP: 0033:0x7f7c7598e169
[  225.329969][T10246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.329983][T10246] RSP: 002b:00007f7c7683d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.329998][T10246] RAX: ffffffffffffffda RBX: 00007f7c75bb5fa0 RCX: 00007f7c7598e169
[  225.330008][T10246] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  225.330017][T10246] RBP: 00007f7c7683d090 R08: 0000000000000000 R09: 0000000000000000
[  225.330026][T10246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.330035][T10246] R13: 0000000000000000 R14: 00007f7c75bb5fa0 R15: 00007ffecf4814f8
[  225.330055][T10246]  </TASK>
[  225.521466][T10253] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  225.529171][T10250] : entered promiscuous mode
[  225.762263][ T5961] Bluetooth: hci0: Malformed Event: 0x02
[  225.785454][   T40] audit: type=1400 audit(1745210793.406:487): avc:  denied  { read } for  pid=10267 comm="syz.1.1610" path="socket:[25489]" dev="sockfs" ino=25489 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  225.901207][   T40] audit: type=1400 audit(1745210793.527:488): avc:  denied  { read } for  pid=10271 comm="syz.3.1612" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  225.965197][   T40] audit: type=1400 audit(1745210793.527:489): avc:  denied  { open } for  pid=10271 comm="syz.3.1612" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  226.021758][   T40] audit: type=1400 audit(1745210793.527:490): avc:  denied  { mounton } for  pid=10271 comm="syz.3.1612" path="/379/file1/file0" dev="autofs" ino=26888 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  226.044625][ T5961] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  226.077264][   T40] audit: type=1400 audit(1745210793.527:491): avc:  denied  { ioctl } for  pid=10271 comm="syz.3.1612" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  226.089613][   T40] audit: type=1400 audit(1745210793.567:492): avc:  denied  { unmount } for  pid=5955 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  226.691700][ T1144] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.964761][   T40] audit: type=1400 audit(1745210794.587:493): avc:  denied  { read } for  pid=10289 comm="syz.0.1622" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  227.002648][   T40] audit: type=1400 audit(1745210794.587:494): avc:  denied  { open } for  pid=10289 comm="syz.0.1622" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  227.061280][ T1144] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.080209][T10290] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  227.098880][T10290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  227.106804][T10290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  227.199230][T10290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  227.245601][T10290] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  227.283587][ T1144] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.288519][T10290] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  227.292082][T10290] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  227.342522][T10290] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  227.377725][T10290] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  227.413588][T10290] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  227.453315][T10290] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  227.516173][T10290] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  227.586588][T10290] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  227.646139][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  227.674265][ T5961] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  227.684755][ T5961] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  227.714821][ T5961] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  227.740141][ T5961] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  227.816841][T10312] netlink: 'syz.1.1628': attribute type 25 has an invalid length.
[  228.026560][ T1144] bridge_slave_1: left allmulticast mode
[  228.055893][ T1144] bridge_slave_1: left promiscuous mode
[  228.075411][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.148487][ T1144] bridge_slave_0: left allmulticast mode
[  228.151896][ T1144] bridge_slave_0: left promiscuous mode
[  228.164892][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.209680][   T40] audit: type=1400 audit(1745210795.828:495): avc:  denied  { map } for  pid=10322 comm="syz.2.1631" path="pipe:[27724]" dev="pipefs" ino=27724 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  229.015513][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.044837][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.052111][ T1144] bond0 (unregistering): Released all slaves
[  229.103927][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  229.243805][T10333] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1634'.
[  229.249046][T10333] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1634'.
[  229.278730][T10333] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1634'.
[  229.297504][T10333] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1634'.
[  229.357469][ T5961] Bluetooth: hci3: command 0x0c1a tx timeout
[  229.429407][ T5961] Bluetooth: hci0: command 0x0406 tx timeout
[  229.561092][T10295] chnl_net:caif_netlink_parms(): no params data found
[  229.831613][ T5961] Bluetooth: hci1: command tx timeout
[  229.939742][   T40] audit: type=1400 audit(1745210797.559:496): avc:  denied  { setattr } for  pid=10356 comm="syz.1.1639" name="video37" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  230.072606][T10357] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.084555][T10361] ata1.00: invalid cdb length 6
[  230.251583][ T1144] hsr_slave_0: left promiscuous mode
[  230.273041][ T1144] hsr_slave_1: left promiscuous mode
[  230.284903][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.299951][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.329162][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.341484][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.412267][ T1144] veth1_macvtap: left promiscuous mode
[  230.414920][ T1144] veth0_macvtap: left promiscuous mode
[  230.417602][ T1144] veth1_vlan: left promiscuous mode
[  230.424553][ T1144] veth0_vlan: left promiscuous mode
[  231.192917][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  231.441651][ T5961] Bluetooth: hci3: command 0x0c1a tx timeout
[  231.510571][ T5961] Bluetooth: hci0: command 0x0406 tx timeout
[  231.927282][ T5961] Bluetooth: hci1: command tx timeout
[  233.211761][ T1144] team0 (unregistering): Port device team_slave_1 removed
[  233.271440][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  233.512011][ T5961] Bluetooth: hci3: command 0x0c1a tx timeout
[  233.587327][ T1144] team0 (unregistering): Port device team_slave_0 removed
[  233.592043][ T5961] Bluetooth: hci0: command 0x0406 tx timeout
[  233.990339][ T5961] Bluetooth: hci1: command tx timeout
[  235.344742][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  235.578719][T10295] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.582011][ T5961] Bluetooth: hci3: command 0x0c1a tx timeout
[  235.585029][T10295] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.588195][T10295] bridge_slave_0: entered allmulticast mode
[  235.592236][T10295] bridge_slave_0: entered promiscuous mode
[  235.597922][T10295] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.601094][T10295] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.604952][T10295] bridge_slave_1: entered allmulticast mode
[  235.608742][T10295] bridge_slave_1: entered promiscuous mode
[  235.682566][ T5961] Bluetooth: hci0: command 0x0406 tx timeout
[  235.768539][T10357] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  235.824224][T10368] ip6erspan0: entered promiscuous mode
[  235.927486][T10295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.941775][T10295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.077299][ T5961] Bluetooth: hci1: command tx timeout
[  236.176296][T10357] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.565295][T10357] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.686766][T10295] team0: Port device team_slave_0 added
[  236.999108][T10295] team0: Port device team_slave_1 added
[  237.255625][T10295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.259429][T10295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.300181][T10295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.337778][T10357] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  237.403304][T10295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.433311][ T5961] Bluetooth: hci2: command 0x0406 tx timeout
[  237.490691][T10295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.516203][T10295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.523580][ T5961] Bluetooth: hci3: unexpected event for opcode 0x2031
[  237.545646][T10357] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  237.666877][T10357] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.768464][T10357] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.803008][ T1144] IPVS: stop unused estimator thread 0...
[  238.131705][T10295] hsr_slave_0: entered promiscuous mode
[  238.169218][T10295] hsr_slave_1: entered promiscuous mode
[  238.173925][T10295] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.189560][T10295] Cannot create hsr debugfs directory
[  238.394893][ T5961] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  238.731717][T10295] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  238.758475][T10295] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  238.808349][T10295] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  238.852578][T10295] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  238.968215][T10443] overlayfs: failed to clone upperpath
[  239.122890][T10295] 8021q: adding VLAN 0 to HW filter on device bond0
[  239.202562][T10295] 8021q: adding VLAN 0 to HW filter on device team0
[  239.214468][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.218438][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.294029][ T8510] bridge0: port 2(bridge_slave_1) entered blocking state
[  239.298072][ T8510] bridge0: port 2(bridge_slave_1) entered forwarding state
[  239.378444][T10295] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  239.784155][T10295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.306549][T10295] veth0_vlan: entered promiscuous mode
[  240.315587][T10295] veth1_vlan: entered promiscuous mode
[  240.351189][T10295] veth0_macvtap: entered promiscuous mode
[  240.357057][T10295] veth1_macvtap: entered promiscuous mode
[  240.377585][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.383445][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.387616][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.392561][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.396647][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.401536][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.407073][T10295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.425212][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.433027][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.441391][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.460334][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.475679][T10295] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  240.481585][T10295] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.494312][T10295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  240.525302][T10500] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  240.549445][T10500] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  240.553883][T10500] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  240.562769][T10500] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  240.585600][T10500] geneve2: entered promiscuous mode
[  240.588447][T10500] geneve2: entered allmulticast mode
[  240.729540][T10295] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.734237][T10295] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.739606][T10295] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.745475][T10295] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.983240][ T8510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.000947][ T8510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.055863][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.076368][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.316581][T10522] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1682'.
[  241.480869][T10529] ipt_REJECT: ECHOREPLY no longer supported.
[  241.689809][   T40] audit: type=1400 audit(1745210809.312:497): avc:  denied  { sys_chroot } for  pid=10535 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  241.697921][   T40] audit: type=1400 audit(1745210809.312:498): avc:  denied  { setgid } for  pid=10535 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  241.711666][ T7881] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  241.720298][   T40] audit: type=1400 audit(1745210809.312:499): avc:  denied  { setrlimit } for  pid=10535 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  241.900120][ T7881] usb 9-1: device descriptor read/64, error -71
[  242.139979][ T7881] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  242.280820][ T7881] usb 9-1: device descriptor read/64, error -71
[  242.335252][T10544] netlink: 'syz.2.1687': attribute type 10 has an invalid length.
[  242.367851][T10544] hsr0: entered promiscuous mode
[  242.391529][ T7881] usb usb9-port1: attempt power cycle
[  242.427560][T10544] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  242.436053][T10544] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  242.452616][T10544] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  242.466849][T10544] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1687'.
[  242.750111][ T7881] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  242.772117][ T7881] usb 9-1: device descriptor read/8, error -71
[  243.038343][ T7881] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  243.071301][ T7881] usb 9-1: device descriptor read/8, error -71
[  243.218193][ T7881] usb usb9-port1: unable to enumerate USB device
[  243.422228][   T68] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  243.763302][T10585] netlink: 448 bytes leftover after parsing attributes in process `syz.2.1696'.
[  243.767968][T10585] unsupported nla_type 14345
[  244.615702][   T40] audit: type=1400 audit(1745210812.243:500): avc:  denied  { associate } for  pid=10598 comm="syz.4.1700" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  244.633305][   T40] audit: type=1400 audit(1745210812.243:501): avc:  denied  { write } for  pid=10598 comm="syz.4.1700" path="/2/file0/bus" dev="9p" ino=36831345 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  244.687316][   T40] audit: type=1800 audit(1745210812.243:502): pid=10599 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.1700" name="bus" dev="9p" ino=36831345 res=0 errno=0
[  244.712529][   T40] audit: type=1400 audit(1745210812.313:503): avc:  denied  { ioctl } for  pid=10598 comm="syz.4.1700" path="/2/file0/bus" dev="9p" ino=36831345 ioctlcmd=0x7440 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  244.938909][ T5961] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  244.943600][ T5961] CPU: 0 UID: 0 PID: 5961 Comm: kworker/u33:3 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  244.943628][ T5961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  244.943641][ T5961] Workqueue: hci1 hci_rx_work
[  244.943664][ T5961] Call Trace:
[  244.943671][ T5961]  <TASK>
[  244.943678][ T5961]  dump_stack_lvl+0x16c/0x1f0
[  244.943705][ T5961]  sysfs_warn_dup+0x7f/0xa0
[  244.943726][ T5961]  sysfs_create_dir_ns+0x24b/0x2b0
[  244.943745][ T5961]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  244.943762][ T5961]  ? find_held_lock+0x2b/0x80
[  244.943788][ T5961]  ? do_raw_spin_unlock+0x172/0x230
[  244.943807][ T5961]  kobject_add_internal+0x2c4/0x9b0
[  244.943835][ T5961]  kobject_add+0x16e/0x240
[  244.943860][ T5961]  ? __pfx_kobject_add+0x10/0x10
[  244.943884][ T5961]  ? do_raw_spin_unlock+0x172/0x230
[  244.943904][ T5961]  ? kobject_put+0xab/0x5a0
[  244.943931][ T5961]  device_add+0x288/0x1a70
[  244.943947][ T5961]  ? __pfx_dev_set_name+0x10/0x10
[  244.943965][ T5961]  ? __pfx_device_add+0x10/0x10
[  244.943983][ T5961]  ? mgmt_send_event_skb+0x2fb/0x460
[  244.944008][ T5961]  hci_conn_add_sysfs+0x17e/0x230
[  244.944028][ T5961]  le_conn_complete_evt+0x1075/0x1d70
[  244.944042][ T5961]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  244.944053][ T5961]  ? hci_event_packet+0x43c/0x1190
[  244.944067][ T5961]  hci_le_conn_complete_evt+0x23c/0x370
[  244.944080][ T5961]  hci_le_meta_evt+0x2f3/0x5e0
[  244.944092][ T5961]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  244.944110][ T5961]  hci_event_packet+0x669/0x1190
[  244.944123][ T5961]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  244.944141][ T5961]  ? __pfx_hci_event_packet+0x10/0x10
[  244.944158][ T5961]  ? kcov_remote_start+0x3c9/0x6d0
[  244.944174][ T5961]  ? lockdep_hardirqs_on+0x7c/0x110
[  244.944198][ T5961]  hci_rx_work+0x2c5/0x16b0
[  244.944231][ T5961]  ? rcu_is_watching+0x12/0xc0
[  244.944254][ T5961]  process_one_work+0x9cc/0x1b70
[  244.944286][ T5961]  ? __pfx_process_one_work+0x10/0x10
[  244.944308][ T5961]  ? assign_work+0x1a0/0x250
[  244.944328][ T5961]  worker_thread+0x6c8/0xf10
[  244.944359][ T5961]  ? __pfx_worker_thread+0x10/0x10
[  244.944376][ T5961]  kthread+0x3c2/0x780
[  244.944389][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944398][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944408][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944418][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944427][ T5961]  ? rcu_is_watching+0x12/0xc0
[  244.944440][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944451][ T5961]  ret_from_fork+0x45/0x80
[  244.944464][ T5961]  ? __pfx_kthread+0x10/0x10
[  244.944475][ T5961]  ret_from_fork_asm+0x1a/0x30
[  244.944498][ T5961]  </TASK>
[  244.944516][ T5961] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  245.286680][ T5961] Bluetooth: hci1: failed to register connection device
[  245.605116][T10614] netlink: 'syz.4.1706': attribute type 25 has an invalid length.
[  246.166664][T10623] ieee802154 phy0 wpan0: encryption failed: -22
[  246.168923][   T40] audit: type=1400 audit(1745210813.803:504): avc:  denied  { write } for  pid=10621 comm="syz.4.1710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  246.173136][T10623] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  246.254289][ T5961] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  246.362308][T10630] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1713'.
[  246.393652][T10630] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1713'.
[  247.354538][   T68] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  249.242723][T10704] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1738'.
[  249.254975][T10704] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1738'.
[  249.263639][T10704] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1738'.
[  250.997358][T10724] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1746'.
[  251.007617][   T40] audit: type=1400 audit(1745210818.634:505): avc:  denied  { write } for  pid=10723 comm="syz.2.1746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  251.073681][T10727] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1746'.
[  251.430834][ T5961] Bluetooth: hci1: command 0x0406 tx timeout
[  251.854243][ T5961] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  251.909871][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  251.931884][   T40] audit: type=1400 audit(1745210819.554:506): avc:  denied  { create } for  pid=10749 comm="syz.2.1754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  251.972874][   T40] audit: type=1800 audit(1745210819.554:507): pid=10750 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.1754" name="nullb0" dev="tmpfs" ino=2138 res=0 errno=0
[  252.487614][T10768] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1758'.
[  252.992996][   T68] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  253.155513][T10789] ipt_REJECT: TCP_RESET invalid for non-tcp
[  255.227392][T10839] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.256786][T10839] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.473952][ T5961] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  255.518854][ T5961] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  255.546228][ T5961] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  255.558184][ T5961] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  255.564025][ T5961] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  255.701631][ T1144] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.876972][ T1144] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.002920][ T1144] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.025064][T10841] chnl_net:caif_netlink_parms(): no params data found
[  256.149672][ T1144] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.611040][T10841] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.622400][T10841] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.626892][T10841] bridge_slave_0: entered allmulticast mode
[  256.632127][T10841] bridge_slave_0: entered promiscuous mode
[  256.637360][T10841] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.641163][T10841] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.646092][T10841] bridge_slave_1: entered allmulticast mode
[  256.651469][T10841] bridge_slave_1: entered promiscuous mode
[  256.988822][T10866] netlink: 'syz.2.1780': attribute type 28 has an invalid length.
[  257.097513][T10841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.193308][T10841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.211939][T10870] syz.2.1782 (10870): attempted to duplicate a private mapping with mremap.  This is not supported.
[  257.373264][   T68] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  257.402294][   T68] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  257.438230][   T68] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  257.448449][   T68] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  257.451492][   T68] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  257.555226][ T1144] bridge_slave_1: left allmulticast mode
[  257.568245][ T1144] bridge_slave_1: left promiscuous mode
[  257.573495][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.600025][ T1144] bridge_slave_0: left allmulticast mode
[  257.605112][ T1144] bridge_slave_0: left promiscuous mode
[  257.614214][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.658902][ T5961] Bluetooth: hci0: command tx timeout
[  258.542503][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.571014][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.579255][ T1144] bond0 (unregistering): Released all slaves
[  258.640391][T10841] team0: Port device team_slave_0 added
[  258.655132][T10841] team0: Port device team_slave_1 added
[  258.908887][T10841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.920917][T10841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.957415][T10841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.218535][T10841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.224055][T10841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.258007][T10841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.500327][ T5961] Bluetooth: hci2: command tx timeout
[  259.523811][T10841] hsr_slave_0: entered promiscuous mode
[  259.532166][T10841] hsr_slave_1: entered promiscuous mode
[  259.536752][T10841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  259.544891][T10841] Cannot create hsr debugfs directory
[  259.737670][   T68] Bluetooth: hci0: command tx timeout
[  260.034040][ T1144] hsr_slave_0: left promiscuous mode
[  260.036976][ T1144] hsr_slave_1: left promiscuous mode
[  260.063284][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  260.065899][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.095694][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  260.098595][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.170045][ T1144] veth1_macvtap: left promiscuous mode
[  260.173498][ T1144] veth0_macvtap: left promiscuous mode
[  260.176433][ T1144] veth1_vlan: left promiscuous mode
[  260.179418][ T1144] veth0_vlan: left promiscuous mode
[  261.578103][   T68] Bluetooth: hci2: command tx timeout
[  261.819306][   T68] Bluetooth: hci0: command tx timeout
[  262.535030][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  262.543515][ T5961] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  262.563052][ T5961] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  262.576851][ T5961] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  262.583876][ T5961] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  262.908926][ T1144] team0 (unregistering): Port device team_slave_1 removed
[  263.154246][ T1144] team0 (unregistering): Port device team_slave_0 removed
[  263.659044][ T5961] Bluetooth: hci2: command tx timeout
[  263.903007][ T5961] Bluetooth: hci0: command tx timeout
[  264.714486][ T5961] Bluetooth: hci1: command tx timeout
[  265.116061][T10873] chnl_net:caif_netlink_parms(): no params data found
[  265.353794][   T40] audit: type=1400 audit(1745210832.985:508): avc:  denied  { create } for  pid=10920 comm="syz.2.1792" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  265.737285][ T5961] Bluetooth: hci2: command tx timeout
[  265.889969][T10873] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.892830][T10873] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.896108][T10873] bridge_slave_0: entered allmulticast mode
[  265.911785][T10873] bridge_slave_0: entered promiscuous mode
[  265.996225][T10873] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.002562][T10873] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.005691][T10873] bridge_slave_1: entered allmulticast mode
[  266.013921][T10873] bridge_slave_1: entered promiscuous mode
[  266.239035][T10873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.479434][T10873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.706050][T10841] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  266.718495][T10841] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  266.742450][T10841] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  266.768984][T10841] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  266.798415][ T5961] Bluetooth: hci1: command tx timeout
[  266.855144][T10873] team0: Port device team_slave_0 added
[  266.874729][T10916] chnl_net:caif_netlink_parms(): no params data found
[  266.908370][T10873] team0: Port device team_slave_1 added
[  267.186402][T10873] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.189611][T10873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.218220][T10873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.343623][T10873] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.349943][T10873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.372604][   T40] audit: type=1400 audit(1745210835.005:509): avc:  denied  { setopt } for  pid=10959 comm="syz.2.1798" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  267.373835][T10873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.561352][ T1144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.911894][T10976] could not allocate digest TFM handle tgr192-generic
[  267.958426][T10916] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.961592][T10916] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.966312][T10916] bridge_slave_0: entered allmulticast mode
[  267.971344][T10916] bridge_slave_0: entered promiscuous mode
[  268.048625][T10916] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.053932][T10916] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.064351][T10916] bridge_slave_1: entered allmulticast mode
[  268.069540][T10916] bridge_slave_1: entered promiscuous mode
[  268.115555][ T1144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.203430][T10873] hsr_slave_0: entered promiscuous mode
[  268.206879][T10873] hsr_slave_1: entered promiscuous mode
[  268.436275][ T1144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.534980][T10916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.543860][T10916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.620415][ T1144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.849651][T10841] 8021q: adding VLAN 0 to HW filter on device bond0
[  268.872374][ T5961] Bluetooth: hci1: command tx timeout
[  268.885596][T10916] team0: Port device team_slave_0 added
[  268.909260][T10916] team0: Port device team_slave_1 added
[  269.060142][T10841] 8021q: adding VLAN 0 to HW filter on device team0
[  269.073244][T10916] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.077552][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.095019][T10916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.104153][T10916] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.110840][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.143084][T10916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.282154][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.286626][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.298764][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.305337][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.441764][T10916] hsr_slave_0: entered promiscuous mode
[  269.469179][T10916] hsr_slave_1: entered promiscuous mode
[  269.472119][T10916] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.475584][T10916] Cannot create hsr debugfs directory
[  269.853089][T10873] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  270.001271][T10873] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  270.025656][T11008] 9p: Unknown Cache mode or invalid value fs
[  270.033751][T11008] 9pnet: Tag 65535 still in use
[  270.042245][    C3] ------------[ cut here ]------------
[  270.045773][    C3] refcount_t: underflow; use-after-free.
[  270.049251][    C3] WARNING: CPU: 3 PID: 1143 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  270.054340][    C3] Modules linked in:
[  270.068623][    C3] CPU: 3 UID: 0 PID: 1143 Comm: kworker/u32:7 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  270.085381][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.091448][    C3] Workqueue: events_unbound toggle_allocation_gate
[  270.099787][    C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  270.113648][    C3] Code: ff 89 de e8 88 81 eb fc 84 db 0f 85 66 ff ff ff e8 9b 86 eb fc c6 05 df df 9e 0b 01 90 48 c7 c7 40 11 f4 8b e8 f7 14 ab fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 78 86 eb fc 0f b6 1d ba df 9e 0b 31
[  270.123663][    C3] RSP: 0018:ffffc900006f8be8 EFLAGS: 00010082
[  270.131482][    C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adff8
[  270.140885][    C3] RDX: ffff888027692440 RSI: ffffffff817ae005 RDI: 0000000000000001
[  270.153945][    C3] RBP: ffff8880287d0778 R08: 0000000000000001 R09: 0000000000000000
[  270.157596][    C3] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880287d0778
[  270.161407][    C3] R13: ffff888035fee400 R14: 0000000000000015 R15: 1ffff110048b400c
[  270.179986][    C3] FS:  0000000000000000(0000) GS:ffff8880d6cb2000(0000) knlGS:0000000000000000
[  270.188250][    C3] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  270.191963][    C3] CR2: 000055def07fcd18 CR3: 000000000e180000 CR4: 0000000000352ef0
[  270.195879][    C3] DR0: 00000000313ccd71 DR1: 0000000000000000 DR2: 0000000000000000
[  270.200395][    C3] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  270.205342][    C3] Call Trace:
[  270.207408][    C3]  <IRQ>
[  270.209074][    C3]  p9_req_put+0x1ec/0x250
[  270.213377][    C3]  req_done+0x1dc/0x2e0
[  270.217808][    C3]  ? __pfx_req_done+0x10/0x10
[  270.221742][    C3]  ? debug_object_activate+0x2ec/0x4c0
[  270.225160][    C3]  ? __pfx_req_done+0x10/0x10
[  270.227776][    C3]  vring_interrupt+0x31b/0x400
[  270.230531][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[  270.233550][    C3]  __handle_irq_event_percpu+0x229/0x7d0
[  270.237117][    C3]  handle_irq_event+0xab/0x1e0
[  270.240111][    C3]  handle_edge_irq+0x263/0xd10
[  270.243637][    C3]  __common_interrupt+0xdf/0x250
[  270.246905][    C3]  common_interrupt+0x61/0xe0
[  270.249869][    C3]  asm_common_interrupt+0x26/0x40
[  270.252942][    C3] RIP: 0010:handle_softirqs+0x1dd/0x8e0
[  270.256178][    C3] Code: 88 6c 24 26 4c 89 7c 24 18 48 c7 c7 20 84 8b 8b e8 68 d3 f5 09 65 66 c7 05 d6 06 2a 12 00 00 e8 d9 3a 46 00 fb bb ff ff ff ff <49> c7 c7 c0 c0 00 8e 41 0f bc dc 83 c3 01 0f 85 a4 00 00 00 e9 b1
[  270.267564][    C3] RSP: 0018:ffffc900006f8f28 EFLAGS: 00000202
[  270.274131][    C3] RAX: 00000000002de554 RBX: 00000000ffffffff RCX: 0000000000000002
[  270.277189][    C3] RDX: 0000000000000000 RSI: ffffffff8dbef846 RDI: ffffffff8bf46540
[  270.280223][    C3] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  270.288654][    C3] R10: ffffffff90864917 R11: 0000000000000000 R12: 0000000000000202
[  270.293780][    C3] R13: 000000000000000a R14: 1ffff920000df1ed R15: ffffed1004ed2488
[  270.317561][    C3]  ? handle_softirqs+0x1d7/0x8e0
[  270.320019][    C3]  ? __pfx_sched_clock_cpu+0x10/0x10
[  270.322655][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  270.325207][    C3]  __irq_exit_rcu+0x109/0x170
[  270.331299][    C3]  irq_exit_rcu+0x9/0x30
[  270.333480][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  270.336019][    C3]  </IRQ>
[  270.338470][    C3]  <TASK>
[  270.340185][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  270.343084][    C3] RIP: 0010:write_comp_data+0x42/0x90
[  270.345701][    C3] Code: a9 00 01 ff 00 74 1d f6 c4 01 74 67 a9 00 00 0f 00 75 60 a9 00 00 f0 00 75 59 8b 82 3c 16 00 00 85 c0 74 4f 8b 82 18 16 00 00 <83> f8 03 75 44 48 8b 82 20 16 00 00 8b 92 1c 16 00 00 48 8b 38 48
[  270.358748][    C3] RSP: 0018:ffffc90005d6f930 EFLAGS: 00000246
[  270.362758][    C3] RAX: 0000000000000000 RBX: ffff88806a4415e0 RCX: ffffffff81af38b9
[  270.373400][    C3] RDX: ffff888027692440 RSI: 0000000000000000 RDI: 0000000000000005
[  270.398448][    C3] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  270.409826][    C3] R10: 0000000000000001 R11: 0000000000000000 R12: ffffed100d4882bd
[  270.414699][    C3] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88806a73b040
[  270.419962][    C3]  ? smp_call_function_many_cond+0x4c9/0x1290
[  270.424331][    C3]  smp_call_function_many_cond+0x4c9/0x1290
[  270.473449][    C3]  ? __pfx_do_sync_core+0x10/0x10
[  270.475279][    C3]  on_each_cpu_cond_mask+0x40/0x90
[  270.483221][    C3]  text_poke_bp_batch+0x220/0x760
[  270.485334][    C3]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  270.491179][    C3]  ? __jump_label_patch+0x1db/0x400
[  270.493390][    C3]  ? arch_jump_label_transform_queue+0xc0/0x120
[  270.495935][    C3]  ? find_held_lock+0x2b/0x80
[  270.499185][    C3]  text_poke_finish+0x30/0x40
[  270.501205][    C3]  arch_jump_label_transform_apply+0x1c/0x30
[  270.503918][    C3]  jump_label_update+0x376/0x550
[  270.507385][    C3]  static_key_enable_cpuslocked+0x1b7/0x270
[  270.510125][    C3]  static_key_enable+0x1a/0x20
[  270.512254][    C3]  toggle_allocation_gate+0xfa/0x280
[  270.516092][    C3]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  270.520172][    C3]  ? rcu_is_watching+0x12/0xc0
[  270.522411][    C3]  process_one_work+0x9cc/0x1b70
[  270.525286][    C3]  ? __pfx_process_one_work+0x10/0x10
[  270.528505][    C3]  ? assign_work+0x1a0/0x250
[  270.531078][    C3]  worker_thread+0x6c8/0xf10
[  270.533873][    C3]  ? __pfx_worker_thread+0x10/0x10
[  270.536680][    C3]  kthread+0x3c2/0x780
[  270.538834][    C3]  ? __pfx_kthread+0x10/0x10
[  270.541328][    C3]  ? __pfx_kthread+0x10/0x10
[  270.544042][    C3]  ? __pfx_kthread+0x10/0x10
[  270.546158][    C3]  ? __pfx_kthread+0x10/0x10
[  270.548459][    C3]  ? rcu_is_watching+0x12/0xc0
[  270.551594][    C3]  ? __pfx_kthread+0x10/0x10
[  270.555026][    C3]  ret_from_fork+0x45/0x80
[  270.557913][    C3]  ? __pfx_kthread+0x10/0x10
[  270.560563][    C3]  ret_from_fork_asm+0x1a/0x30
[  270.564036][    C3]  </TASK>
[  270.565788][    C3] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  270.569234][    C3] CPU: 3 UID: 0 PID: 1143 Comm: kworker/u32:7 Not tainted 6.15.0-rc2-syzkaller-00488-g6fea5fabd332 #0 PREEMPT(full) 
[  270.574363][    C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  270.580391][    C3] Workqueue: events_unbound toggle_allocation_gate
[  270.583626][    C3] Call Trace:
[  270.585095][    C3]  <IRQ>
[  270.586394][    C3]  dump_stack_lvl+0x3d/0x1f0
[  270.588581][    C3]  panic+0x71c/0x800
[  270.590479][    C3]  ? __pfx_panic+0x10/0x10
[  270.592532][    C3]  ? show_trace_log_lvl+0x29b/0x3e0
[  270.595460][    C3]  ? check_panic_on_warn+0x1f/0xb0
[  270.598252][    C3]  ? refcount_warn_saturate+0x14a/0x210
[  270.600665][    C3]  check_panic_on_warn+0xab/0xb0
[  270.603234][    C3]  __warn+0xf6/0x3c0
[  270.605619][    C3]  ? refcount_warn_saturate+0x14a/0x210
[  270.610027][    C3]  report_bug+0x3c3/0x580
[  270.613062][    C3]  ? refcount_warn_saturate+0x14a/0x210
[  270.616204][    C3]  handle_bug+0x184/0x210
[  270.620045][    C3]  exc_invalid_op+0x17/0x50
[  270.622656][    C3]  asm_exc_invalid_op+0x1a/0x20
[  270.625467][    C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210
[  270.630983][    C3] Code: ff 89 de e8 88 81 eb fc 84 db 0f 85 66 ff ff ff e8 9b 86 eb fc c6 05 df df 9e 0b 01 90 48 c7 c7 40 11 f4 8b e8 f7 14 ab fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 78 86 eb fc 0f b6 1d ba df 9e 0b 31
[  270.643276][    C3] RSP: 0018:ffffc900006f8be8 EFLAGS: 00010082
[  270.648117][    C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adff8
[  270.654108][    C3] RDX: ffff888027692440 RSI: ffffffff817ae005 RDI: 0000000000000001
[  270.658994][    C3] RBP: ffff8880287d0778 R08: 0000000000000001 R09: 0000000000000000
[  270.663721][    C3] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880287d0778
[  270.668611][    C3] R13: ffff888035fee400 R14: 0000000000000015 R15: 1ffff110048b400c
[  270.671995][    C3]  ? __warn_printk+0x198/0x350
[  270.675055][    C3]  ? __warn_printk+0x1a5/0x350
[  270.678018][    C3]  ? refcount_warn_saturate+0x149/0x210
[  270.680644][    C3]  p9_req_put+0x1ec/0x250
[  270.684752][    C3]  req_done+0x1dc/0x2e0
[  270.687206][    C3]  ? __pfx_req_done+0x10/0x10
[  270.689874][    C3]  ? debug_object_activate+0x2ec/0x4c0
[  270.693206][    C3]  ? __pfx_req_done+0x10/0x10
[  270.695020][    C3]  vring_interrupt+0x31b/0x400
[  270.696828][    C3]  ? __pfx_vring_interrupt+0x10/0x10
[  270.698962][    C3]  __handle_irq_event_percpu+0x229/0x7d0
[  270.701036][    C3]  handle_irq_event+0xab/0x1e0
[  270.703333][    C3]  handle_edge_irq+0x263/0xd10
[  270.705815][    C3]  __common_interrupt+0xdf/0x250
[  270.710182][    C3]  common_interrupt+0x61/0xe0
[  270.713735][    C3]  asm_common_interrupt+0x26/0x40
[  270.716431][    C3] RIP: 0010:handle_softirqs+0x1dd/0x8e0
[  270.719266][    C3] Code: 88 6c 24 26 4c 89 7c 24 18 48 c7 c7 20 84 8b 8b e8 68 d3 f5 09 65 66 c7 05 d6 06 2a 12 00 00 e8 d9 3a 46 00 fb bb ff ff ff ff <49> c7 c7 c0 c0 00 8e 41 0f bc dc 83 c3 01 0f 85 a4 00 00 00 e9 b1
[  270.729456][    C3] RSP: 0018:ffffc900006f8f28 EFLAGS: 00000202
[  270.731868][    C3] RAX: 00000000002de554 RBX: 00000000ffffffff RCX: 0000000000000002
[  270.735257][    C3] RDX: 0000000000000000 RSI: ffffffff8dbef846 RDI: ffffffff8bf46540
[  270.739040][    C3] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
[  270.742526][    C3] R10: ffffffff90864917 R11: 0000000000000000 R12: 0000000000000202
[  270.745730][    C3] R13: 000000000000000a R14: 1ffff920000df1ed R15: ffffed1004ed2488
[  270.749766][    C3]  ? handle_softirqs+0x1d7/0x8e0
[  270.752632][    C3]  ? __pfx_sched_clock_cpu+0x10/0x10
[  270.754705][    C3]  ? __pfx_handle_softirqs+0x10/0x10
[  270.756340][    C3]  __irq_exit_rcu+0x109/0x170
[  270.757941][    C3]  irq_exit_rcu+0x9/0x30
[  270.759561][    C3]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  270.761260][    C3]  </IRQ>
[  270.762866][    C3]  <TASK>
[  270.764642][    C3]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  270.768905][    C3] RIP: 0010:write_comp_data+0x42/0x90
[  270.771739][    C3] Code: a9 00 01 ff 00 74 1d f6 c4 01 74 67 a9 00 00 0f 00 75 60 a9 00 00 f0 00 75 59 8b 82 3c 16 00 00 85 c0 74 4f 8b 82 18 16 00 00 <83> f8 03 75 44 48 8b 82 20 16 00 00 8b 92 1c 16 00 00 48 8b 38 48
[  270.780055][    C3] RSP: 0018:ffffc90005d6f930 EFLAGS: 00000246
[  270.782938][    C3] RAX: 0000000000000000 RBX: ffff88806a4415e0 RCX: ffffffff81af38b9
[  270.786474][    C3] RDX: ffff888027692440 RSI: 0000000000000000 RDI: 0000000000000005
[  270.790588][    C3] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  270.795408][    C3] R10: 0000000000000001 R11: 0000000000000000 R12: ffffed100d4882bd
[  270.800254][    C3] R13: 0000000000000001 R14: dffffc0000000000 R15: ffff88806a73b040
[  270.804962][    C3]  ? smp_call_function_many_cond+0x4c9/0x1290
[  270.807767][    C3]  smp_call_function_many_cond+0x4c9/0x1290
[  270.810476][    C3]  ? __pfx_do_sync_core+0x10/0x10
[  270.812669][    C3]  on_each_cpu_cond_mask+0x40/0x90
[  270.814640][    C3]  text_poke_bp_batch+0x220/0x760
[  270.816521][    C3]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  270.818674][    C3]  ? __jump_label_patch+0x1db/0x400
[  270.820609][    C3]  ? arch_jump_label_transform_queue+0xc0/0x120
[  270.823965][    C3]  ? find_held_lock+0x2b/0x80
[  270.827130][    C3]  text_poke_finish+0x30/0x40
[  270.829619][    C3]  arch_jump_label_transform_apply+0x1c/0x30
[  270.832228][    C3]  jump_label_update+0x376/0x550
[  270.835467][    C3]  static_key_enable_cpuslocked+0x1b7/0x270
[  270.838585][    C3]  static_key_enable+0x1a/0x20
[  270.841409][    C3]  toggle_allocation_gate+0xfa/0x280
[  270.844629][    C3]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  270.847724][    C3]  ? rcu_is_watching+0x12/0xc0
[  270.850457][    C3]  process_one_work+0x9cc/0x1b70
[  270.853138][    C3]  ? __pfx_process_one_work+0x10/0x10
[  270.856528][    C3]  ? assign_work+0x1a0/0x250
[  270.859198][    C3]  worker_thread+0x6c8/0xf10
[  270.861595][    C3]  ? __pfx_worker_thread+0x10/0x10
[  270.864043][    C3]  kthread+0x3c2/0x780
[  270.865703][    C3]  ? __pfx_kthread+0x10/0x10
[  270.869464][    C3]  ? __pfx_kthread+0x10/0x10
[  270.871272][    C3]  ? __pfx_kthread+0x10/0x10
[  270.874490][    C3]  ? __pfx_kthread+0x10/0x10
[  270.881782][    C3]  ? rcu_is_watching+0x12/0xc0
[  270.885415][    C3]  ? __pfx_kthread+0x10/0x10
[  270.888694][    C3]  ret_from_fork+0x45/0x80
[  270.891413][    C3]  ? __pfx_kthread+0x10/0x10
[  270.894486][    C3]  ret_from_fork_asm+0x1a/0x30
[  270.897384][    C3]  </TASK>
[  270.900554][    C3] Kernel Offset: disabled
[  270.903910][    C3] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:47:18  Registers:
info registers vcpu 0

CPU#0
RAX=000000000011541f RBX=0000000000000000 RCX=ffffffff8b72a419 RDX=0000000000000000
RSI=ffffffff8dbef846 RDI=ffffffff8bf46540 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10
R8 =0000000000000001 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000000
R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90864910 R15=0000000000000000
RIP=ffffffff8b728caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001000 CR3=00000000326a6000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdcfee2e10 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a4a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a57
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a51
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a65
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011aeb
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011bc9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000080080783 RBX=0000000000000000 RCX=ffff888107c51070 RDX=000000000000009d
RSI=ffffffff8698ed48 RDI=ffff888107c512d0 RBP=0000000000000001 RSP=ffffc900006779b0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000
R12=0000000000000001 R13=0000000000004e20 R14=ffff888107c51070 R15=0000000000000001
RIP=ffffffff8698ed8f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6ab2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7882d63d58 CR3=0000000050688000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a4a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a57
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a51
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a65
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011aeb
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011bc9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882183488 00007f7882183480 00007f7882183478 00007f7882183450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882ced100 00007f7882183440 00007f7882183458 00007f78821834a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882183498 00007f7882183490 00007f7882183488 00007f7882183480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81af5c51 RDX=ffff888041098000
RSI=ffffffff81af5c3f RDI=0000000000000005 RBP=ffffc90003347938 RSP=ffffc90003347860
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=1ffff92000668f10 R13=0000000000000000 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff81af5c41 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7882d846c0 ffffffff 00c00000
GS =0000 ffff8880d6bb2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007ffdcfee1f00 CR3=0000000050688000 CR4=00352ef0
DR0=00000000313ccd71 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a4a
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a57
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a51
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011a65
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011aeb
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f7882011bc9
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff854e3af5 RDI=ffffffff9ae264a0 RBP=ffffffff9ae26460 RSP=ffffc900006f8550
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=000000000000002d R14=ffffffff9ae26460 R15=ffffffff854e3a90
RIP=ffffffff854e3b1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6cb2000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055def07fcd18 CR3=000000000e180000 CR4=00352ef0
DR0=00000000313ccd71 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000004080 Opmask01=0000000010000000 Opmask02=000000000007ffff Opmask03=2040000404420020
Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055def0831d10 000055def0831e10
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302d78742f736575 6575712f33316874 652f74656e2f346d 697376656474656e
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75366d69 7376656474656e2f 736563697665642f
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001b1 0000000000000000 000000302d78742f 7365756575712f33
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001e1 0000000039316c6c 696b66722f313179 68702f3131323038
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055def0804a80 000055def0846d30 0000000000000041 0000003177617264
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020