last executing test programs:

28.370786454s ago: executing program 3 (id=1399):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$igmp(0x2, 0x3, 0x2)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchdir(r2)
syz_open_procfs$namespace(0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./cgroup\x00', 0x0, 0x1001, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000011000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000640)="000000001beaea7a9644ef158011", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81901)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x408000, 0x1ea)
move_mount(r6, 0x0, r4, 0x0, 0x46)
ioctl$EVIOCGMASK(r1, 0x5b04, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r8, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r7, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r8, 0x0, 0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r5, 0x3b82, &(0x7f0000000180)={0x18, r8, 0x6, 0x0, &(0x7f0000000100)=[{0xe9, 0x100}, {0x7dc7, 0x6}, {0x7, 0x9}, {0x6e, 0x100000000}, {0x74, 0x7}, {0x2, 0x5}]})

27.849600263s ago: executing program 3 (id=1424):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0xa, 0x0) (async)
r2 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$can_bcm(r2, &(0x7f0000000280)={&(0x7f0000000000), 0x10, &(0x7f0000000100)={0x0}, 0x8, 0x0, 0x0, 0x8000}, 0x7289ab80f990c9e)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan0\x00'}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001800000400000000000200021d01080008000a00", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYBLOB="e736fe36753667ffc4cae5ea721d7edcebc07055fc1fab92ff50d9debb7f6119eb812e24035e5db73cebaea2bb3c8a177642da06bdcd7c73ad1d403e4c793ec5246cd76c63aedb43398c10dfbe43d06d7531bf80b434b11cee7d0831c78cab5242445e8598c871074c037428761374e2e42e07cdfcaab3627df992eb5f1d709b59d12fab7f742d55ba468325c454b1f8097044"], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40020)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000180)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0xab}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x76}, @exit={0x95, 0x0, 0x1008}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

27.710481757s ago: executing program 3 (id=1430):
r0 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, &(0x7f0000000000)={0x6, 'ip6erspan0\x00', {}, 0x8})
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
mount$9p_virtio(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x1000012, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=virtio,access=', @ANYRESDEC=r1])
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000203010200000000000000000000000009000200000000470200000008000340000000000800010001"], 0x30}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000001040)=@nat={'nat\x00', 0x8, 0x5, 0x6c0, 0x390, 0xf0, 0xffffffff, 0x2a0, 0xf0, 0x5f0, 0x5f0, 0xffffffff, 0x5f0, 0x5f0, 0x5, 0x0, {[{{@uncond, 0xb7030000, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv6=@private1, @ipv6=@private0, @port, @gre_key}}}, {{@uncond, 0x0, 0x168, 0x1b0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@dev, [], @ipv6=@private1, [], @ipv6=@private1, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv4, @ipv6=@local, @icmp_id, @icmp_id}}}, {{@ipv6={@mcast1, @local, [], [], 'wg1\x00', 'virt_wifi0\x00'}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4, @ipv4=@multicast1, @gre_key, @icmp_id}}}, {{@ipv6={@rand_addr=' \x01\x00', @ipv4={'\x00', '\xff\xff', @empty}, [], [], 'dummy0\x00', 'syzkaller0\x00'}, 0x0, 0x218, 0x260, 0x0, {}, [@common=@inet=@sctp={{0x148}, {[], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001]}}, @common=@mh={{0x28}, {"0c06"}}]}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id, @icmp_id}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r5 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x20000000, 0x0, &(0x7f0000000500)=""/51, 0x0, 0x2000})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000c40))
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r5})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0xfffff801, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf, @void, @value}, 0x94)
setxattr$incfs_id(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x3)
r6 = userfaultfd(0x80001)
r7 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r7, &(0x7f0000000040), 0x10)
listen(r7, 0x5)
r8 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r8, &(0x7f0000000080), 0x10)
sendmsg$nl_route_sched(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000740)=@newtaction={0x14, 0x30, 0x400, 0x70bd2b, 0x25dfdbfb}, 0x14}}, 0x40004)
close_range(r6, 0xffffffffffffffff, 0x0)

27.709539758s ago: executing program 3 (id=1434):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))
ioctl$IOMMU_TEST_OP_ADD_RESERVED(0xffffffffffffffff, 0x3ba0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$igmp(0x2, 0x3, 0x2)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchdir(r2)
syz_open_procfs$namespace(0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./cgroup\x00', 0x0, 0x1001, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='\x00', 0x81901)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x408000, 0x1ea)
move_mount(r5, 0x0, r3, 0x0, 0x46)
ioctl$EVIOCGMASK(r1, 0x5b04, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r7, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r7, 0x0, 0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r4, 0x3b82, &(0x7f0000000180)={0x18, r7, 0x6, 0x0, &(0x7f0000000100)=[{0xe9, 0x100}, {0x7dc7, 0x6}, {0x7, 0x9}, {0x6e, 0x100000000}, {0x74, 0x7}, {0x2, 0x5}]})

27.080570597s ago: executing program 3 (id=1448):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000780)=[@textreal={0x8, &(0x7f0000000040)="7e0db80f008ee0263e0fc7a8b3000f1c850050f6ab5b0066b9f70300000f320fda7f00f20f2b35670ff8090f08", 0x2d}], 0x1, 0x4c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$caif_seqpacket(0x25, 0x5, 0x1000003)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
sendto$inet(r4, &(0x7f0000000200), 0x0, 0x0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$CAIFSO_REQ_PARAM(r3, 0x116, 0x80, 0x0, 0x13)

26.808257532s ago: executing program 3 (id=1457):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r0, 0x0) (async)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix']) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {<r1=>0xee00, 0xffffffffffffffff}}, '\xe9\x1fq\x89Y\x1e\x923aK\x00'})
mount$bpf(0x0, &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000180), 0x800, &(0x7f0000000280)={[{@mode={'mode', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0xa}}, {@euid_gt={'euid>', r1}}]}) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000300)=0x49b9, 0x4) (async)
setsockopt$inet6_int(r2, 0x29, 0xcf, &(0x7f0000000000)=0xb, 0x4) (async)
shutdown(r2, 0x1) (async)
sendmmsg$inet6(r2, &(0x7f0000000600)=[{{&(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x1) (async)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x29}}, './file0\x00'})

11.740221471s ago: executing program 32 (id=1457):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async)
listen(r0, 0x0) (async)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix']) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {<r1=>0xee00, 0xffffffffffffffff}}, '\xe9\x1fq\x89Y\x1e\x923aK\x00'})
mount$bpf(0x0, &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000180), 0x800, &(0x7f0000000280)={[{@mode={'mode', 0x3d, 0x4}}], [{@pcr={'pcr', 0x3d, 0xa}}, {@euid_gt={'euid>', r1}}]}) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000300)=0x49b9, 0x4) (async)
setsockopt$inet6_int(r2, 0x29, 0xcf, &(0x7f0000000000)=0xb, 0x4) (async)
shutdown(r2, 0x1) (async)
sendmmsg$inet6(r2, &(0x7f0000000600)=[{{&(0x7f0000000140)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x1) (async)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x29}}, './file0\x00'})

2.956016992s ago: executing program 0 (id=1976):
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000006c0), 0x2a00, 0x0)
ioctl$CDROM_TIMED_MEDIA_CHANGE(r0, 0x5396, &(0x7f0000000740)={0x8000, 0x1})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r5, 0x8933, &(0x7f00000001c0)={'wpan0\x00'})
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) (async)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) (async)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r9 = dup3(r8, r7, 0x0) (async)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r10, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r10, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x104a, 0x16, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@weak_handle={0x77682a85, 0x100, 0x1}, @flat=@binder={0x73622a85, 0x1000}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000040)) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)) (async)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x18) (async)
write$nci(r2, &(0x7f00000001c0)=@NCI_OP_CORE_INTF_ERROR_NTF={0x0, 0x1, 0x3, 0x8, 0x1, {0x1, 0x1}}, 0x5)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0xfffffffffffffd3f}, 0x1, 0x0, 0x0, 0x88050}, 0x4004000)
r11 = openat$sr(0xffffffffffffff9c, &(0x7f00000002c0), 0x208000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r11, 0xc05c5340, &(0x7f00000004c0)={0x8, 0x4, 0x7, {0x3}, 0x1, 0x2})

2.889611987s ago: executing program 0 (id=1977):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x0, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$dsp(r0, &(0x7f0000000040)=""/48, 0xff9a)
ioctl$SNDCTL_DSP_GETISPACE(r0, 0x8010500d, &(0x7f0000000280))
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000180)={'veth0_vlan\x00', 0x44})
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix={0x9, 0x6, 0x34325241, 0x5, 0x17, 0x2, 0x4, 0x4, 0x1, 0x0, 0x1, 0x2}})
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x20020, &(0x7f0000000380)=ANY=[@ANYBLOB='mode=0'])

2.887338359s ago: executing program 4 (id=1978):
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000002000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x0, @val=@netfilter}, 0x40) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x0, @val=@netfilter}, 0x40)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ppoll(&(0x7f0000002640)=[{r4, 0x8000}], 0x1, 0x0, 0x0, 0x0) (async)
ppoll(&(0x7f0000002640)=[{r4, 0x8000}], 0x1, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r5, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r5, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0x5f}, 0x1c)
listen(r7, 0x7)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)
r11 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r11, 0x400, 0x1)
fcntl$getflags(r11, 0x401)
socket$inet_udp(0x2, 0x2, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r12 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r12, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r13=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r12, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r13, <r14=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r12, 0xc06864ce, &(0x7f0000000440)={r14}) (async)
ioctl$DRM_IOCTL_MODE_GETFB2(r12, 0xc06864ce, &(0x7f0000000440)={r14})

2.410432996s ago: executing program 2 (id=1988):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x12d102, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_DECODER_CMD(r2, 0xc0485660, &(0x7f0000000800)={0x3, 0x1, @stop_pts=0x6})
r3 = syz_open_procfs(0x0, &(0x7f0000000280)='personality\x00')
preadv(r3, &(0x7f0000000740)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1, 0x68, 0x0)
setsockopt$RDS_FREE_MR(0xffffffffffffffff, 0x114, 0x3, 0x0, 0x0)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
connect$netrom(0xffffffffffffffff, &(0x7f00000003c0)={{0x3, @bcast, 0x6}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x700501)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="eedc578ab5586831e43446a2efc27b244c8249880f2fbbadc79569bb974d16f2795a054d3a09765ad425494592a92cbc08033010bf3521ed4fe63af793d551b79d", 0x41)
ioctl$FS_IOC_GETVERSION(r5, 0xc0145b0d, &(0x7f0000000040))
r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x101402, 0x0)
preadv(r7, &(0x7f00000017c0)=[{0x0}, {&(0x7f0000001500)=""/94, 0x5e}], 0x2, 0x2, 0x4)
ioctl$DRM_IOCTL_FREE_BUFS(r7, 0x4010641a, &(0x7f0000000180)={0xe, &(0x7f00000007c0)=[0x4, 0x9, 0x8, 0x8b, 0x100, 0x9, 0x82d3, 0x1, 0x7, 0x4, 0x3, 0x3, 0xce52, 0xe]})
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/raw6\x00')
pread64(r8, &(0x7f0000000080)=""/237, 0xed, 0x5)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r6)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f0000000780)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000700)={&(0x7f0000000480)={0x254, r9, 0x800, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x561b36d0, 0x27}}}}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x81}, @NL80211_ATTR_FRAME_MATCH={0xde, 0x5b, "75ad2dc7bfde2eefdb0521425a606bc8f33d2bd0cf7c400362300277f320241f2d0cdbdf3a91ba355b10e03f254aae16bf4a9a86f6c12798178d89c5ad183eb18d05e9423add27703a5010772b4bc1943a60be5bf37b2b76684f1e11fad5d0a795cb1e397ff2a583014817baaa195d1361d2afc7755be5e5c28aacd69050ca426169ee7cc5f9c325f17de5ccfb97a794edaea0360032438a22fcf527e71c9c6b6285871bb4436be2333edbe9106306aad9ed63ef5168f8e198bb7858f7c32314476b6bba767bc70c318f272c1ca21905cf27f6d4abb1a6dbf85b"}, @NL80211_ATTR_FRAME_MATCH={0x90, 0x5b, "84ac534baf253d41ac152043bb2db41c28045282a9eedeef969a93f5f12f013a64ffd90109cbfd57e9fca8530e00bb015c2e622724cceea84948beed4c203d65177a8924002c8177a20c3f2bd16a6900c66870cd9730c7310802a78f0c6afdfbf65012c6f77036e9983188c2705c1f9a6f8bec4632f3ea90ba145830602feacd6fb46020cc8471c178fc5d9d"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x800}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_FRAME_MATCH={0xe, 0x5b, "410d6f70e301dbf0a8a6"}, @NL80211_ATTR_FRAME_MATCH={0x84, 0x5b, "535248c5e8a6399e257f9bd52a71aef900207dc1965eb884bc60138bf2b95856810e7d9aab023bfda9a2a7525da62a05d7f29fe055959797bd629bbcadb4a9da284d5fed1954124d0cbb12618a1837d221e20b58ed00ffbfcc604c4b2745d376e93b065a099d430d835d6f3a5e5eca3c9afd7788c3295ed2f229324bf940ab7a"}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x1}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x1}]}, 0x254}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
preadv2(r1, &(0x7f0000000240)=[{&(0x7f0000002dc0)=""/4107, 0x100b}], 0x1, 0xffff, 0x0, 0x1c)
socketpair(0x2b, 0x80001, 0x0, &(0x7f0000000000))
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="08000200e09e01000a000100a8aaaaaaaabb0000dea1997119595a927e858eef50dc65a38935d6ba9c4eb93ce2f1100c5b97a10332aea6db309139c79ea165d415d85db539072484b4dc81ef4f49a1cedca2afad411fb54e43074d7b8ae98fbc10a83591be3d43ac5e9a0bf2f7d6c913bc"], 0x2c}, 0x1, 0x0, 0x0, 0xc001}, 0x40046)

2.020305817s ago: executing program 0 (id=1991):
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1) (async, rerun: 64)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) (rerun: 64)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x1}, 0x1c) (async, rerun: 32)
r2 = socket$inet6(0xa, 0x2, 0x0) (rerun: 32)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r5 = eventfd(0xbc1)
ioctl$KVM_HYPERV_EVENTFD(r4, 0x400caed0, &(0x7f0000000180)={0x1, r5, 0xffffffff}) (async)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c) (async)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) (async, rerun: 64)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) (rerun: 64)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000040)=@x86={0x0, 0x8, 0x0, 0x0, 0x2, 0x2, 0xe, 0xfe, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x8000000000001})

1.900251081s ago: executing program 0 (id=1992):
r0 = socket$kcm(0x10, 0x400000002, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000fcffffff000000000000000018120000", @ANYRES32, @ANYBLOB="0000000300000000b703000000000000850000000c000000b71a0000000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, 0x0) (async)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x0) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc) (async)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(aegis128)\x00'}, 0x58)
bind$alg(r3, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(camellia)\x00'}, 0x58)
r4 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000140)={{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x57b7e7c3, 0xfffffffffffffffc, 0x0, 0x0, 0xd513}, {0xfffffffffffffffc, 0x0, 0x2, 0x5}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0xfffffffd, 0x33}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xfd, 0x8, 0x0, 0x6}}, 0xe8) (async)
sendmmsg(r4, &(0x7f0000000480), 0x21, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket$unix(0x1, 0x5, 0x0) (async)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000180)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x6, 0x2}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) (async)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0xc, r7, 0x200000}, 0x10) (async)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000000300)=0xa0, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xe}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}, {&(0x7f0000000180)="c19df440dd2a2fafab447bc372924525c1f5c36b3f1e758b57c6bf410b306d89b35c7c6d9c3713412659532f22f12c270530a08332f6805c5dfb1879c5ffe35632d9a16fbb2cbd63bd86a2f58dde1f74c3449b740408a37b452c1f2e846ad01d487e8fb1e2a633332a32c7e68d5d78a49b590ed74bff7ee254c19dbfd12b8ef006e7ca6ad62b6c619fafa5101230a67c0146ba1cf3e851896b067b6eebe3ddf558f948c26f5284e660078cbfb31f3cc1138ff5aebe6c1e6585517ab53ce55e71468fdc39d942ee4c80fadcd579e0a10135dfb1010dad75881abb63c0e5177744f73edbc6292a48fb9df94f5690fd97", 0xef}], 0x3}, 0x0)

1.088137179s ago: executing program 4 (id=1993):
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, &(0x7f0000000000)=0x63, 0x2) (async)
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
unshare(0x6a040000) (async)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000200)={'security\x00', 0x0, [0x2, 0x7000000, 0x9, 0x6, 0x1]}, &(0x7f00000001c0)=0x54) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) (async)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x28, 0x3, 0x6, 0x801, 0x0, 0x0, {0x3, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x40001}, 0x4)

1.08770231s ago: executing program 0 (id=1994):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=@newlinkprop={0x38, 0x6c, 0x400, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0xc0, 0x8}, [@IFLA_LINKMODE={0x5, 0x11, 0xf7}, @IFLA_LINKMODE={0x5, 0x11, 0x6}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x10}]}, 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x24000084)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000540)={0x28, r2, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0x28}}, 0x0)

1.087338647s ago: executing program 0 (id=1995):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9901}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast2}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x804)
r1 = socket$unix(0x1, 0x5, 0x0)
ppoll(&(0x7f0000000d40)=[{r1, 0x3a60}], 0x1, 0x0, 0x0, 0x0)
r2 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r2, 0x7005, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x190f0000)
readv(r2, &(0x7f0000000000)=[{&(0x7f00000012c0)=""/191, 0x4}], 0x3)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYRES64], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x3, 0x84940)

1.085336135s ago: executing program 1 (id=1996):
bind$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0x1, 0x2}, 0xc) (async)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000019000000", 0x8) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000340)={{0x0, 0x4, 0x0, 0x3772, 'syz0\x00', 0x100000}, 0x1, [0x9cc, 0x4000000000003ff, 0x1000, 0x8001, 0x4, 0x295, 0xffffffff, 0x0, 0xffff, 0x200, 0x1, 0x7f, 0xffff, 0x2, 0x3927, 0xb1, 0x8000000000000001, 0x6, 0x0, 0x1d7be47c, 0x3, 0x8, 0x7, 0x280000000000, 0x0, 0xc992, 0x7, 0x10000, 0x9, 0xfffffffffffffffc, 0x7f, 0xfff, 0x6, 0xbdf, 0x6, 0x8, 0x21be, 0xac, 0xe6fe, 0x5, 0x8000, 0x9, 0x6, 0x101, 0x2, 0xfffffffffffffff9, 0x800, 0x7, 0x800, 0xb, 0x6, 0x1, 0x5, 0x9, 0x6, 0x0, 0x9, 0x9, 0x200, 0x2, 0x2, 0xffffffffffff2bbd, 0x7, 0xffc, 0x2, 0x8, 0x3, 0x9, 0x200, 0x5, 0x8, 0xffffffffffffffff, 0x0, 0x3ff, 0x85, 0x2, 0xf, 0x10, 0x8, 0x7, 0x200, 0x2, 0x69d, 0x36, 0x8, 0x3ff, 0x3, 0x8, 0x800, 0xfffffffffffffb77, 0x8000000000000000, 0x5, 0x0, 0x0, 0x0, 0xffffffff, 0xb543, 0x3, 0xffffffffffffff47, 0x40000000000, 0x2, 0x5, 0x1000000, 0x8, 0x3, 0x80000001, 0x8, 0x7, 0x6, 0x6, 0xfffffffffffffffa, 0xfd, 0x0, 0xf9c, 0x3, 0x40, 0x156, 0x4b754dd7, 0xfffffffffffffffd, 0x2, 0x888, 0x2, 0x10, 0x400000000000000, 0xe, 0xa56, 0x6615, 0x81]}) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x402, @loopback}], 0x1c)
sendto$inet6(r1, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) (async)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000440)=ANY=[], 0x9) (async)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000300), 0x8)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x1) (async)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000040)=ANY=[], 0x6) (async)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtaction={0x44, 0x30, 0x48b, 0x0, 0x0, {}, [{0x30, 0x1, [@m_nat={0x2c, 0x21, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x20000050)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r3) (async)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001114050229bdf001000000000800010000000000080003000100000008004b0013"], 0x28}}, 0x4001090) (async)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0}) (async)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
getsockopt$ax25_int(r7, 0x101, 0x6, &(0x7f0000000200), &(0x7f00000002c0)=0x4) (async)
sendmsg$NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYRES32=r6, @ANYRES16=r4, @ANYBLOB="f653cab07a00c490ce52020000000005004900027d000000000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x98a41d4c0dd341bf}, 0x0) (async)
r8 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r8, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) (async)
dup2(r2, r8) (async)
r9 = accept4(r8, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r9, 0x0, 0x4000090) (async)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r10, 0xffffffffffffffff, 0x0) (async)
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r6, @ANYBLOB="4389bd2e3e39eb7e5f9f85aa5aa741cfe425a8a5f3dc920670174a6744e55f5db6f01921eed996f4c57efef2c6e88d74dc9c8a8e52321e2e7c0fe2fb3a2c3233d0902b7a570b825aff5a"], 0x28}}, 0x0)

990.02328ms ago: executing program 1 (id=1997):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000012c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121701, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd)
ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000000))
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r0, 0x58, &(0x7f0000000240)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001200)={r2}, 0xc)
prctl$PR_MCE_KILL(0x21, 0x1, 0x2)
syz_emit_ethernet(0xd2, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd60000000009c880020010000000000000000000000000002ff0200000000000000000000000000010000000000049078010000000000000048a0218b5e18924d1daa9268e74fedd2c8a2a913d2757ef9785d6bbffbfaf9743ba160c69403a465487d352c9ee7f60000002ae9c6e47b6d442f2f756a91993e9542e889e7cf7118add317350284d1cc5d8d00d6ce891743b9653014e80fb7f826a1bf3073000000000000000000000000000000ca5e0ff0a96b6eefdd65b199f135c5e30000000000000000"], 0x0)

989.721327ms ago: executing program 1 (id=1998):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async, rerun: 64)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 64)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000b80)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0) (async)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)={0x70, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffa}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8}]}, @TIPC_NLA_LINK={0x40, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xcfa}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4004}, 0x20000000) (async, rerun: 64)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000000)=""/82, 0x52}], 0x2}, 0x0) (rerun: 64)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async, rerun: 64)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "5d4b42fac245ae74", "21cb70af1a8d3978b3ad1a2c6ede97acca25f6a9000bab0d716e9ebdee04ab7e", "b65dab43", "9a2c4361134d8abe"}, 0x38) (async, rerun: 64)
ioctl$int_in(r1, 0x5452, &(0x7f0000000280)=0xfffffffffffff6d5) (async)
recvmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/114, 0x72}], 0x1}, 0x20) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00000001c0), 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
io_setup(0x2007, &(0x7f0000000980)=<r6=>0x0) (async)
eventfd2(0x0, 0x0)
io_submit(r6, 0x0, 0x0)

909.106448ms ago: executing program 1 (id=1999):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a"], 0x122}}, 0x0)
socket$inet6(0xa, 0x200000000003, 0x87)
syz_emit_ethernet(0x4e, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000001aaaaaaaaaa1586dd6003136c00188700fc0200000000000000000000000001fdff020000000000000000000000000001"], 0x0)

908.648841ms ago: executing program 1 (id=2000):
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@gettaction={0x14, 0x5a, 0x1, 0xffffffff}, 0x14}}, 0x24004000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="24000000200001030000000000000000020000000000000000000000080017"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) (async)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x70201841, 0x1, 0x5, 0x4003ff, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}}, 0x50) (async)
write$P9_RXATTRWALK(r1, &(0x7f0000000000)={0xf, 0x1f, 0x2, 0x4}, 0xca80)

850.177162ms ago: executing program 1 (id=2001):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000080))
r1 = syz_open_dev$audion(&(0x7f0000000000), 0x1, 0x4000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x50)
ioctl$KVM_CHECK_EXTENSION_VM(r3, 0xae03, 0x51)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x9, @empty, 0x4}, 0x1c)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r6, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x4, 0x2000000, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x1a480, 0x0)
ioctl$IOMMU_VFIO_CHECK_EXTENSION(r8, 0x3b65, 0x9)
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b7500090583c945"], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80082)

849.996635ms ago: executing program 4 (id=2002):
socket$netlink(0x10, 0x3, 0x8000000004) (async)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000001c0)="580000001400192340834b80044d8c561f067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000b0c10000000224e00000000", 0x58}], 0x1)

849.753914ms ago: executing program 4 (id=2003):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x48)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000002140)={0x2020, 0x0, <r3=>0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r2, &(0x7f0000004300)="afe28a28263ffd9dbc5af980196765a3c1f82c4a1fae7a322fdf0f6eec50303f6104db417704a701a8d6c5e7f5c99a5cf3eed4e0e1c82545122d6933469933ec605aaf61a5b8b1f8aacbafca498796976da62837e4a0d818ea71474d0412cfe162a7260456c425f2604cbd262e2aef92d09d6d2e105b7e7d377c95ccfe1d0f9af9f7e6a6d85d4a8ebee6fa703efd8c4a106793205a405938d47f97266eaa5fda88f11a03a8305399889ccc48f85c4b6a7747f489dc76c93b06be84635190224018e13954cd2fe714fec88f6aac3c57d5fec99307b8c8327e8854000e81d781e2f5bc37e96bbc3077555f696c6fadd199d9bfbf0997e76925fe17923ac5976e32f52ee407c43070cd8a709a2326ac96b94051cd0cc8f29b43edbc4ed850ae7a30b45db7e72114aeb46bd3a91775582c9206a638456a0e3da847a7be2e21620df89ea7e2da53f77f39cf0eb2d0b601d507d4dd57a534b5c77076052cdb03dd0c241f75f442fdb07624ad9d9fcbba92a4f20b20b424e3c9c92f2831e5efe0be454f3b4dbb9dbe6152bb152206ff0451edeffdbaba54deb39f00e74297c676effb60950dce7a847031ca85a1b3690f573bc31094d6e7d95f5821c0eae6a2685958619d94108eefcbc0dc5dda47ca509878dd8caa875d69af6c88997b5d67e5c67bf9daf89547a55061eb0cc55e2c696b71c7384ba16928fa81f7394a048329c467ef813df172236464f9d1418e5d5386b0eb6d5c4f765d0246ee91ab39c07310b61680788e3a57dab96d1eabe1a0efc2b6c882aed50d993d15f8561bc1f6bde7e79b711bb206685344aae196c1c4b97cd515911341cd60c6ad108e0013f87d063385ea5f057de4315284cb6f8545436981ce1c4bbf13f178e3a504bc0c8b1bead105f7e7622c288aca7206ee18dbb97b1b393d102d9c65e3a765e87f554d98383e4e49ad1c600d8fac4acb970ce04e0c866806bd44b21b5c891c3bccefb87bdf389d6a36992cacfe52b96e7e1014cc58ec29fe0ac221ea6d49f759f2a746e7603272d572515fbbb33d2b6f94eb9c6571118b606e18ef88ff88366aa3ecccd6c845f9b8534f49997c940a930693fcdf742fde3676c6cee9eda06ab856a4dfee75c7c9cda6b11da6441644b62116e6fdcae5b5e0148047028a5842c21fb9637771a5ac84ba9740c9c9b56b58c08730a48e81c05b312449edd27843c173d1875c28aeca43761a06fed193378129243aa514bf74d6b76ccd70807440401948d6f3bd9a352cd432e1289f2d4e78add381e4477dd8ac2f2ccd3b6533121ac51c393dc773b9e120ea8194e51d76749b4f0c4e6e40132ba1535015d5ff224ff77310be5a31a6defa004262918136b9db98a94a1fd244be1f5a7cf6762e7bea536df1d312a72776baa881833d295f1a60f2ac98d54f302d8fc72f135ab3256d065a618b60d2a6982ee89c60bac90dd81e0cfc24118c568e8e3a29a9f29e55f479a8fb5638d6cd724605b69aaacafd440020f4776652537454041acc13cdb0bf1489fbac78c4bfae755b259764756407204b22cfe838ddf82523c03b4bc1eeb55c43b1f50b7d03fd4da448ae51cc4a844fd0240e0d131c2693ed770844bf25e3bbea974a5c2a40ed65f1c3a729ed93ec22b93899aa861ce301e1cc1f3e98846a39a49169cbe3eef35e3595207f1014a8dc89d6b512dc05cd23ed4b4741f6ac778794cd1282f42a72301f37816859cb92d53db6793f294df19d0ef1bb453685f3c666b3941c25c92b204c8307c0e83469032f276cef4ce538a4570d652aa212de6fae8ae4d62399de49f0d4bfc0a47fbd79e7a86e12c9d863dde004f9e9d605dac7d688dc5daff78c27bbe727fbab0cd3058e75544261d5d83468ef23e3a224f0ec460855aad927c5c5b3bfce0a3e3c45abb0ee6dbd04242ec765e324209bdf07f4ed21eb15e2f030476fbc3cd05554f54858232625e9b37ac41b8e354ebc85a0282fbf9ad5d6e0c2d7b093bc1f887646faa1e7622f110b546dadf44eff6bafb2a58631a93e560bd67b42ab96d4a9f044f26a481feb8b3f2018a7236799c2d1877a63e5fe64dd207be729eb1cda7977d59bc139e1d2f6cae1defe90b8f6a99ae4dbac317413745521247f3691e894af33c7484afb11f4d2f858ee87e93ad202f9853c6ceee0a92e052225ebf283a017ae2e7cfcf924ea4e3b319a05a9bfe3f476308aa5039fb8a7d3642043957a2090e0727120a7aea16d16e7a4b15d5676966041f76188fb69d89080b6eb2d4d42bc84e298dedda4db06b78df5c7198230ab439f0c3b4f3f649d531664c59eee2d73fe14f01133776b717f6b7118afdb264ace9e44af5bfdf35bfa7f7ab538004c0085c11da725ed284a34c7f27da78acf488bd0f54e6026efbf81af934558c36473d0fdc85519e11b4f30fa3b7ef757c35f4c88a360549def898cc460557433e44621589e71f3118003b4695f3130dc005d32c0330b950c12e430d2a2a6b9a68995bc9e1345dcfa30585603f09e74296cffe8d758b216de00e8302eed0e06f94e7bdf835cf27fcbe57651f36d6d2de82f179f42fc8e7fed4f5c7f5b691c6e038a76cab3e604e42ceda945e155db89cc0013564726053ccd77cd8e626bac72468ae0998f686450d5e0a17ce88e1b15d05f212c336d7cb5013eb94fa861b588be01ed252b487b4d1918c87a341b5daf74f3083bd49ccc6ee26ff8993b5398145ae7f9505c1398f1bdd2cb90636f9e99da243cedccc97252fe15ee10e886c187e5c614f33bbf630c654b1d87e693b765f3a36b67bd1fb46afcd24c96a00e00000000000000abca853d51694da85296a430b8856f51173946c9f143db65fd1b51b9534657d3a7953ba7186651ddc6f0a625563c3b43cfbc83330507d399ae87731e1ab1f15320779da21d2000d85155a8c9cbd6f642695a565dec615d7bdf8a47a76005b3607cde6176b8303b7eeb2212179d6f5176e45b1759810fcec418e6c41e7b33da9f92211631a070257cea55e644498466d5fc5744f903e6c4a2d3809eb6e70d50a82f66a1a05079ebe9ae0b756bb2781dafd14b1a06c0eb2c9b77b0d8d005d47aacf5447a104f85df3decb0ef8bf1483b47be9c945b95634c474f9cebdc97a91f85aba7172d05cd7b06afa043b8900ab400770fa270029e34ebab31a69367a18057ce532cd66e52b807b8665475977a56ec5407c778994ce9c85e8b96f1313e468cf83d266f14250acee2a4a52001de174d2208bc2a679916e4231fb30a99263a0398e99e9f8236010f17a5de367d673a95b374158d2baae4612ec6898d0fec2f95b45c6bd760a0cabcac1067470492c5e66c11ea745ae803dd24a5c89cac5a0d64bcc15648b1d812be638d10311d640b3251a8001619d09f138bf04e35c02807c2c87c222a6f54da320f0169cece864f4d37af54f0fdcfd455051c0effe17d2c04b3b67807af05cd8176017cd8e35c1ca1b13112f2dddde84be95ef67a6c8ad8a4ab0e7175fd124bda62656c4afec4dc8c0261a855e75575ddbb375e45a5b635fc7bc528ba387dd24f485ba69a9ba2761c243d359bce078d0ba0cdc13b6ee7d66a8546c49a4429af5866f866ba2e1e0a10ff4a3c3b5e240d918f6a896c35f51ad7b02e6d0747ee80a99c8812577600e359b703e571ec18d6b88866f28aef250de65f39b266f6795237f7d3f741127f3d47cefb255d1b3c06c7d8fec9bb8e5c666d7ca7b803dbabc6cacecbca1ed8e89ddc2140f45c4f8572c146d7ab2be20eb72baaee4b1d371aa9f06833ba1a0cb66b701c1fd90e8bcdcfb9bd57a8cad381e7cb2b99250d21384ebf771833ac6f32f4115fcb0ffa177dcae6673b1ff80cbefbaec2c863b263035ad2a0d0a340fed260d4fbf008745bc1b51e5b011b54584f6c0cf3a401f8cfd23f23e830a311bec365064895cbe8a664184aff212bac6f164f6b619e4d8521ae447abc8f59b284aa2e94061aa15afd9070fef452d4fd644da4b6b716784109d92abd31d3221a76eaf592e6529e70a67bd92cdb431c7af9f658b2ace3d954c4a5208f1edcdb8a04461262ed26b24bb3df41b1c28ec42880590b3685f56a3982250ae96c7e1fcb9aa6a9887639d2209cf190e9ea82d5634513eb36c5c0e0769250948967240e29921da36aa0c07c76c81c7bd8b7f1c1c9063b4b1fcd88f63aaf568a7cc9249fad5c996853dd160d80f5251673643fb5e0067c97b0d2b513c1d22a3c2e73786c3c5c17f14c57c2df7c830216e5c3ef066468069428501e1a78c935f4c520c5cfe9daa89ca4bb4895fec8a328453ff630848eeac719bcc09d7bee73e58f4b7cf90f098bb7019c73912b630af92ed9b309c53c5c4edaa3788f9e6d486bd363619cd2c140d9a7175f6c5f977eb6e6f58f18c8d0ace671570e0dd6ed78ca228782ddb71c6f137cf0e27fa85b52b1c15ddf184a72dab098a8b1c1f6746238a8a92848f2478b690b80c131c85e90b69953f5eb54c0b47d59b7e440190e1c9b2d72fdd94c64296ca33aab32cc8f69091df05aaefd4ea00303a3522672f01b5373abae33d34844831a1af2e51276b61e637a93e02e09c306e5fb9619e82bbcf0e43e2f5e8ec8a458b9f1c612634645eb82051fa34f4b13439c3ba2e016972df37f197d09121bd377b1472a2da64698efb11cc88fa36ac173c83ee155b73716639f5d73a29fb783fb27e5ccbab5f9b95a4dca6a7406cd053a7ac9ff25f42ebddd9afe7df308979c314acaacecea602267c6d57fb5f5222e4ccd4b18573b32d6a19f1798a1d78b36b32f0723f7b33b06c2ca43b22e4cce6cda741b3e68a056a0cd6d51b6929cf4a16fb7b2490cbe87e5612dfa7d26ad40ec412021f9033aa2884ee86c7610623fb64663ac5554e694e84877708e77d243bcdb198714fff672b0f927f9cbe5b2436002f02a559dda5232cc150170d7b32d547a080f852c6838809f8ae1995e7ad4b24c7d1ecdb6b5dabca5da671493a3a1b4da1e7ad13ca4b4dbcf53a71348366cef7ee45cb719a8321205aa70da47104e66f344393e64dcfcd015b9d6bc75ec3dd31551de4b614bdc4d89c8de1254a91c4f33cdddf98d8ddf36e8cdc537a7d11dbf51913ca87ca9f644a2a08905e15c0f2bc58168e425b52055e7878ba468909dbed30815e01720df5a1be196471d30c1525070efa59fe62720960e473dc237d7866d77e8ac69cbaa50cea6205b7ccef9437b132f41e87906f3b9c48e9750e7ed1993597f8e599ab8596f4378853ee10e26289e72b92c425f5f0ad0f94d4694415739ccfc06bc5a49237157071116578df4f8aaa1eb4c123c8ada753e4a631f3f9660fbc9404d8af9ef1af380ccee1f2e520c03615fe7c5d276e917d84061f8cc0e5814caac9ecb0ebdf8bfae551197d66ff22236832a0ac38586b059a4ae9054d1810d361f50da921b33904cb6ea7faf44b811e7f7348d07cd32c8f83da01d4d74092493ef5cd3d2cbb9eeed6986f3e4615b8d341cbe13d6eac3bc1e9217fc2f86dd0cab958a6b4e0f0604501b48d352118611e96a974e3642fa785538e7d5b3bc7a363ca95a98a0816e6179bb438f3c110036770da0978987ebcd241464136b2a8d45bf1c2b499b6dba8e44448c73163ae7df71d7c98b705af886dc195cc918c2552fc1696d6749222a4e83279a14001ccb540a64a713fa1691c30e99ae0bf8fdacaaf4aea9d4f89db7d4f364f7a30c80b782f5cd7af01347d78769902f2ed675b6b859b5467cad1bed59a64f13a4b5a827e029c9a3107b08e5f18b930855f7d85f1d78d45d7d3c909b87213158dbe5cfda90936388885a32a61529ab30bf31fcc1d6df9ead0f49ada899dc8be042d2289383f6d09411aea11e6002359ff2e36345b8454ec5f126db94349666a3666323ca164a0f72873b63c9dcc0c60785a66862655d4ab5749bc00bd98ba9e20325e78a572fc93739ce884f3398218c614f8ea33cdff4b797dc2c2874d20670733f30acf52ae4d14c9e83f54533acd42931ea42fcbf89f7a8e68c3c8ecefa4a1e1c693244d4604f9488df30718c455f719a6d93b30173305264c9bdb21e8a68a74e7310dbecdc27afc7b162466c444ce4bda0d937104e683349828a4f0ca8723d54fe13287286f7a6dbb8ece6a7ece355fbee7424e7e524ec33ed5fed03a1ea964af0830108c5e69a071606d9d28450977245cba4d0e1ed8177752526e218cb5e113dff2236c663808533c580da3d83ad502a3d5d30949ca2cea660ccb613cc7661d6857b3b70588976ac8ceed944f7f738e43101369bea05a26ff31692ab45b6c95f794a5c92d8bd42ce8803162cc730782e0c1e468c9d090488763d9d1f1471c2ab1cd8599e078d81a0e84707ea02a0f91c3d588bb54f1f5ba58845617b80263ab8fb2c6757d72eebe00591c7b6cffddb969f6fee2ef9f016f641aa2ccfd59c839ba40ac1a10bb9d94f96e1c6829dd4d2dcb9d0f71726c31d813fa78af8b7621fa47f4b0ed9d9d98e4209676969728a00a92dd592dfee41c806076f0e4100e371c7427f888ef91f03c5b16d87b2ade294f69b77afb199de38bfebfa3ec9285d1829c7c0714bd100c84efc8eb71146a1d4c7f659d77c42119b738d6bcfede23855780a6627d4a417aab498ec60bf69c44fc1f3fd4f99ed941a1234ad1f3120dcc71275c464be23453749841dc1c36a76b28b3659e809a1216aea67658ff76e99580cb202eedb9d4cab23e879723d11f8d4086362271f8f2e6816d47eaeaa5066c3c4338868fd3c8b832581490b6801278e9d1d59771dcc73eef6b9903ba9b9f5e565eece392568c878662ad9cbb931242a27d883fe7839e7e502c368e736f5dc057ed2e4b5c963c54712c772535e22e94c61a13ed50682c065cad0d861b3888ef332ed0236e2747720f97793b46eb39b51057b44f2b9e05de8c077cff7ef5afb56a5d28754d76161909a05573f8aaee5fdf260d80eda7e1b83539e09362a4f9aa0e8f069e0cf221eca87593457b342de27c99cf14c4bc0d8050aa19c8e4a56b3b5d2c3fcc23633f5ab20ec063270c9922292b645a5523f9bba5c6f66368c227bb4b2ad6c1f4c8927552f6b41a312a4bec49669e2968a7d6bf30cf09f8d3fb473ce5a839ed27fa906dbf504aec3a5a2884bf4c569235202dffa763b14f4501ecb8608e77aeb4fda0e4177fad0bc02da3224f183355ad62f6c50efa3c8f8e02bf3cf47ff31210606bb87ce4acb53ead7eff942d65d9905e9bf6acf5829eed4855da2488e0896ad346da16a5c988e31b0632592a2dc3030d28b6d62a3a4638a0a3736f5103ce5fe72baac7fa23d5295c42cd81075ca9f7a9a7fe3cf418f50f7eccd8a7c3e6fb1e8b30c5d8dbb0772a8b44f44cebd8249ce10eb24d1f668765796b4a56a482580456ac49db677284f3b2deaa9514973ad5c156bb4961b2ad05bcde1bcea522790765208eab6eb27777c2ef643ab0c85e9625d259ae29a3b2e864bf936cefd90b63ba2281f8bf8505ef6040335c258d338c014c31810a324dfe382699ac0b92a2747973a297e94fcd75ec7d156bd61cf848d7144f9a9dd89c72b9c323ed6f37110f722da90396816050ad800fb33a92651b0356fd15c4cf876a3509ab32cca3f5bd6906ce5ec186391effb13fac0a10525622023645bfb9742472695c81461db0298f84af1983b6e5e94ae355e0e790fb51fe558bd70e889744872c9ababf42b930340e192ab4295ee72e1392f2bbb137533a919d72e651cbafa37a88232d0f464bd4531e49c65abd629f3e8b920ae3bde61a3538514866f18a937848f7bd99e4a0fbea506b9ee5a0400000000000000020f91d65c88bf2251c617cfde3314ec540c8128adf417f1ee716473c3d3c049dc7714a832c128869bb4a9bad6f8be1b0a6bb5c0e40417d594a876a5fb50055e7c67e2519698e5ca89fada7c84032a811b0eb5c67364ea809c6be960c9a7b98afc8e6315e780d8f556b97ea65b7fd27ca6fab61164d60a109d182b9b8f7995ee915eb68be320000db4b0bb821ce13a8d55ff70629a5f2bb89a1c7a4b874b49bcb13105493a9560344f89877e7c5e409a15bcda6d27073c3b744b386b0b82098d307dc3aab1ead4306a73cf8382bd3451c0aaa14a8333c6f34e6b5e5d3b240e01243749b3938840c835e16129ddca5d9439511b4fd22752d904dcd60f9405467918e48fa17547493e51a14ccb47128c7449b51cef63178f32cb06155b9e9cb65dba65f8a6f9a45d8d49852609dd0cf8418f463cb15eaaea77c1c89f530c1f6c6c7820d66957ff2fe731628a328f4e7896d5cf6fcc0782c05c47b8f01d28908913e379334fa90ea01906e865202fc6386fc69fb683a1dfd037ec5bbdb368b3530a3cbbbecf2107faeaf32081c65b48a3bd352998df0a781dd86c7c8112407db1bf1ac6446a0c77e8f2e3374fb8217abd59b3d40c9582a3ab663f278a83b22685914b4b2bacc973ffb2dec5e6eb98d6c16463c1e9a896ca4e65206687ca4423c359b4e1ce06a57ecb083b750026719dff109a1d823b4ccff79e5ce416bf3756d913b31faad8c0bab1c62276a581ba8830da7c59c5224db7dd38b032db7cf7022502a8f3cef31dc8344a2d02af978d6f901b1b0097dc425f4f34b73c6ee02a8b48d7a23299c1c6e5190221f84c2ecfe5bdb67b36c5dc23455ae466722c5e4f52b07aa667a6cb55c6a411225e88cf513c7cdd2065a1e044c0008f8b6a5b28f3f00f14e7da47e944ca666cec951593ac26ce5e75f17ca2d438dd8f926ac57d1761a72024187a2f77ef42a7d246f906166afecdcdcf8db8cef6f8855ecd97185fda05bae717eaf3165b99021fbdcee50384a22c8c025c8f82d4839dcb0a6075642dc453c21a4dcdc997d70315dce9a3ac7eb0185924436965d1376624b5c08772ba59b142a066bcd0ad044628e463921d78f1efcf8e8cd1e0fcf525115ae2b104c31561574003770c21e847ab80b65d3a2b53e6ad4a3d5227e3bc82b58b5feabc9c70b55264b32b658227851518664baa871f8128bd826ce818be1edef708e033155ed69a0bd83b246d83ac85b33d7370dcc7f930c25609e2e5f86f1738ba266b079a3743180b9b84a24e4915b1743834ec319e5b238ba6942e4128348be821b21892477e4c5ad3a2031f0ef11d9d54cc90f87cf093e582b1384c8960c36421969f7ee247001f37c66f10ff6dc3edc7de984acb599e9b8bd3e792855ddc703698578edfe74bd27e967dbe77bd4cd0bcbe08ebfa7c5bf95745e670438097ee29215d3ecbde9e8e50e14ec41a9d746de20230140d854e36e95f7c13446db26715b9a30a3d3afa3a5645e0afd3eaf8457a87c528792241e99a415b8709ae334bfa81fd8508c77b50e3d1f2ecf8f7b6b1d187bbac0bd3d49f00fb5c21836a2bd79ea2839bd3a1d396422699dfe0958479c36964efdb2f602d25f202a534df612f347696de6fecffb673d2162f2572c6d04895fc22b638dbf54dfad4d6058683919ec47cc3d3d1f5e4528bae31632081b9b80770ce0e7d44287e18fde786801e7beda77c0b9ee3965f3a4956496fe8e892b65e137d9e47e8e164f7c6fe9c6ac9ece1b7eead32a5a188df5539537e1b736f1c5d67b604d064eda6b6730c51e182cae81e65290f12f68a7146888e438a799d04931f2a0b9b6c565d47d9d322e7358ccdbc08eafc2470414c44f97e33013b976b995bcf96409789bc2bc97d7add4b6eaaa84c18ea936f0eb332185f9de597d6f7793215df2c0be4b5b4085910adb83d248be16deeac399070ad00a24a67cebef51694726a612ea5763f1bbff03a77357d867ec5461c33d73a47db4a51b496be6960ca7c8cb92a51dd578f99e4b1d2b18ce406b2751aeb065ad0225aeb1eedce3b26e3feec915361cd6b4acc105a2962edcd6547691a557f4deb9ca96d39bd92ebc96e763b6139a0421f42c561a7a20ffebef94bc0b7538466064610134ede0221cde98d085531471c0e9761880904952234f0ae34502b3790aad682fe6e7fd7977816e21aa3f7793ca99312ee07ef9b34a31102710bbaa31dcd57d941e6d5fd6b6607d3449bbffb1434d67edc10727230c3283ab7e212152039e9403bc7ae082cb3934794468dc7549aa35cdf35d3c0f754b7fdf47dbb5bc5047923f6841b9a4054a0eef23de222f0ecc04410fccfe3779820d2ac659b84ea56eeefaae980f1bd43aef8e78705ce1995cee4f88400903f66e6d24307090e23d04387909a62a3394890118549baec01b6f2a5c416f68b71bfc2b7a0bf289587664a2b6194d4eccb51bd4177c9487b724f91d088ce68f20882a8dd633b17ad73584e68382877eba4fae1af839baca07f3adc4c9796e07dc69e90bd5efe3a84d3ca40fa8209c2bc9c9303ff2c7979a9508d925c021cea6c7f1483b5c5b00232c292f302fad79aa5fa4820b04a5aed1f9be4cbf4430bd2b6b559133979e5239f514e87559950808fd098792c0b1bd0b9cb94463b22be92962692dca35a8bd0fe0edc28e7e759d2d753177fc29860d419a29fd89c0a2c11e957483f9c13637e2f66e96bf3454b943b7dd368b71243ef58b0b3d469cdf5572a990a5c998c5796b80031f56bc98f5bf70a717cc5ff4febbfc32b29543548d8862f1ab57fbdbeda2a9901593c0d92d4eca205312c18ce649ed5a3263b66d8ca52734a16035daaa182c24e9ae2851e8dd153d2fe34978e8df50402f133190ada04cfaaac56ca6fa20771a195c76a84651ca4aa9c7c4eb16007ef1e965055ab6cb08a02db6c1a82f8c695ec370095c0afd535ed8abf17ff514451055854a99de69863f393e1679ddf5326e1f4de42220df3839ee71c8fab2c3faee9af0f5e9ee5a3c4c146ae7d36536064a11644a9a195290f3d75f64652050ca8a1ef17eed6f5077a651af1ce5304f2e6fa781a83df2a7c4f5e1c8337d35f93633d684803b7bec4fea60e1f9925580f9199f40f307bfd84de2d51f1df191eeb52a48ed4a19c4f524cc26f7043bbabb1c43c4f20d950e218dbcf09a8bda0e1ca1759466938dd764c85c3d8de92b3534ff5c492d024e6ca87952243fe8b6379ba189032926685afcd3839a4423ba19cb0c5488982ce7cad134c60bc329f855ba4be63475ade6110d6db66613c3c7647e76e3949f8e5299738014743523662fd6b1626bcc0cffdb3b757ddcbeefa2facc49da06d907d21888b9344a3167d143e5f8e022d8c75229fd491145c451ac92f000aeee43219215a8136c7c17327f6e0a3eef7fe1861930d143d92f33aa74984c89f9ba3e9ee887bef4f9b16654cbc739fd6b2eebb255596dfd6639896685b72b0e1ea92019884468f5c78d21a3a69df24a3d8d517cec2122417bad0ac7db0182cc87b8b752e7474a36acb8508d118d44d509cd8594dea3a3a611a6c1c0b3bcf48b4834d8bb5cd18f420ed7aea21810c0303ca2d5fc67b116491f1bbd055221c79ec0dfcfc22c17cba3eb4fea49127615fdcef9cbecba603dd2e01e07af17ab0f4a6179f54edb34db2dc0c937a0aa1151c8a9474afd1af7c0a83174aa1fdd8e4bfb9b10841df5ccf068a5612627c8724b1c68fd3879a57265836409a6d851f1baf0023ca", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x78, 0x0, 0xfffffffffffffffc, {0x88, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x4000, 0x25daa903, 0xffffffffffffffff, r5, 0xffffffff, 0x9}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x21, 0xffffffff, 0x50339398, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6}}, 0x50)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chown(&(0x7f00000000c0)='./file0\x00', r4, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010028bd7000fcdbdf252100000008000300", @ANYRES32=r8, @ANYBLOB="14002c80080000008009"], 0x30}, 0x1, 0x0, 0x0, 0x14001}, 0x9590f6cc3ea35512)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r7, 0xa20, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x2bc3}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x2}, @NL80211_ATTR_MAC={0xa}]}, 0x38}}, 0x80)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r11 = socket$igmp6(0xa, 0x3, 0x2)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007c80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000007cc0)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r12, &(0x7f0000007dc0)={0x0, 0x0, &(0x7f0000007d80)={&(0x7f00000004c0)={0x70, r13, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r14}, @val={0xc, 0x99, {0x0, 0x55}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @random="57bea22daca5"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x7}, @NL80211_ATTR_PMKID={0x14, 0x55, "287cd654db6a7bfc61687e7598fe0b71"}, @NL80211_ATTR_PMK={0x14, 0xfe, "f931e2804f8d3a9da354afc314c260aa"}]}, 0x70}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
sendmsg$ETHTOOL_MSG_WOL_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x2c, r10, 0x1, 0x0, 0x80000004, {0x1b}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}]}]}, 0x2c}}, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0)
r15 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r16 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r17 = dup(r16)
ioctl$TIOCL_SETSEL(r17, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x4, 0xd6e}})
ioctl$TIOCL_SETSEL(r17, 0x541c, &(0x7f0000000300)={0x2, {0x2, 0x340, 0x0, 0x101}})
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x15, 0xf, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r15}, {}, {}, {0x85, 0x0, 0x0, 0xa0}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x10}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x56010000}}, [], {{0x6}, {0x5}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)

710.156171ms ago: executing program 4 (id=2004):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x598}, {&(0x7f00000007c0)=""/154, 0x4c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x24, 0x4, 0x8, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x550}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}]}, 0x24}, 0x1, 0x0, 0x0, 0x28c16562e159cd74}, 0x4)

709.612927ms ago: executing program 4 (id=2005):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2e, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000100)="c2ff4f8d5db2268e", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

589.987105ms ago: executing program 2 (id=2006):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
memfd_secret(0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$packet(0x11, 0x3, 0x300)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000080))
socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000002d00090027bd700000ee0000040000000e0018"], 0x24}}, 0x84)
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r6, 0x4040942c, &(0x7f00000001c0)={0x0, 0x4, [0x5, 0xfff0000, 0x8, 0x2, 0xa, 0x5]})
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="340100001700010029bd700000000000ac1414bb00000000000000000000000000000000000000002001000000000000000000000000000120010000000000000000000000000001e000000200000000000000000000000000000000000000000200008084000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200002000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000200000000400000000000060000000000000000000000000000000000000000000000000000000000000000000000000009000000ba6b6e000201000000000000000400000000000000000000000000000c000800080008000101"], 0x134}}, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x41, 0x0)
write$nbd(r8, 0x0, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ipvlan0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0x8}, {0x6, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xfff, 0x40, 0x172}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
r11 = socket$kcm(0x10, 0x2, 0x0)
sync_file_range(r4, 0x3, 0x8, 0x2)
write$cgroup_subtree(r11, &(0x7f0000000000)=ANY=[@ANYBLOB="0439000025"], 0x33fe0)
close_range(r9, r9, 0x2)
write(r5, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="240000003c00070100000000feffffff047c00000408fc800c00018006000600800a0000"], 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

499.949481ms ago: executing program 2 (id=2007):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000340)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000003c0)="04", 0x1)
shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x4000)
syz_clone3(&(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = shmget$private(0x0, 0x11000, 0x0, &(0x7f0000fec000/0x11000)=nil)
mlockall(0x3)
shmat(r2, &(0x7f0000fed000/0x4000)=nil, 0x7000)
mlockall(0x5)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a01020000000000000000020000050900020073797a32000000000900010073797a3000000000269f465b258cf2dc96a375b9a32306380004803400018009000100686173680000000024000280080002400000000f0800044000000006080006400000000008b7674109b5b983cc3873e05d49c8ae000640000007ff140000001100010000000000000000000000000a"], 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

80.231179ms ago: executing program 2 (id=2008):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000000)={<r1=>0x0, 0xd3, "1b90edaa997b76304632892c146a3025bc5be1f896f657a9f812a03a31e5c8d8d4ae3f693e13729c462d5e87c5a30b9a39cfd1204340986b998a7f1271082818ecccad42050844e23e3c8fe53523977cf91c23fd5e737256088f1d65baa035d6259e243026c28ae5b5c4ea8afbdd813f8f3b279c9a5bbd95fe4ec1fd11aa89f0ef854911b4c991b905422a6e000978c06b6ef309a50c1c6291dcc53135941e0823bdab75aa8e518ee2f36d87a9cee56bbefd232433e54f12492191a811e475f70869f85f42bdf501546b48eaa522cc025c5e1b"}, &(0x7f0000000100)=0xdb)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000140)={r1, 0xffffffff}, 0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000180)={r1, 0x816}, 0x8)
getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
r2 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r3 = syz_open_dev$evdev(&(0x7f0000000240), 0xff, 0x20001)
ioctl$EVIOCGNAME(r3, 0x80404506, &(0x7f0000000280)=""/135)
r4 = syz_open_dev$usbmon(&(0x7f0000000340), 0x8, 0x8040)
ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x10d38)
r5 = add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r6 = add_key$user(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x3}, &(0x7f0000000400)="91b083a85683d01434b3ae0fb3293b6a58ce34fa6db56d477b21a760cccc96ff3016bd804c8d614907d870683955455b5e055835d458475b2120b806646c6495e8fd02753da8eb65c4414de2ea4bc66bb7b91d4a75f0cc053d3a0db438ce3003f8cbc249f866fecb94bd0d154ca263cbd149b3", 0x73, r5) (async)
ioctl$EVIOCGMTSLOTS(r3, 0x8040450a, &(0x7f0000000500)=""/80) (async)
ioctl$EVIOCGKEY(r3, 0x80404518, &(0x7f0000000580)=""/57)
keyctl$dh_compute(0x17, &(0x7f00000005c0)={r6, r6, r6}, &(0x7f0000000600)=""/58, 0x3a, &(0x7f0000000680)={&(0x7f0000000640)={'digest_null\x00'}})
ioctl$int_out(r0, 0x0, &(0x7f00000006c0)) (async)
r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000700)={0x10000, 0x3, 0xeeee0000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'veth0_macvtap\x00', <r8=>0x0})
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0) (async)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r2, 0x84009422, &(0x7f00000007c0)={0x0, 0x0, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r9 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000bc0), 0x800, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000d00)={@fallback=<r10=>r3, 0x0, 0x0, 0x6, &(0x7f0000000c00)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000c40)=[0x0, 0x0, 0x0], &(0x7f0000000c80)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000cc0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r11=>0x0}, 0x40) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000dc0)={0x0, r9, 0x0, 0xe, &(0x7f0000000d80)='/dev/ubi_ctrl\x00', <r12=>0x0}, 0x30)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000d40)={@ifindex=r8, r9, 0x1f, 0x23, r9, @void, @void, @void, @value=r12, r11}, 0x20) (async)
r13 = dup(r9)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000e80)={{r10, <r14=>0xffffffffffffffff}, &(0x7f0000000e00), &(0x7f0000000e40)=r9}, 0x20) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000001180)={0x6fd, <r15=>0x0}, 0x8) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001240)={{r13, <r16=>0xffffffffffffffff}, &(0x7f00000011c0), &(0x7f0000001200)='%-5lx  \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x13, 0x25, &(0x7f0000000ec0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x82}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r14}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x7}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r13}}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0xb5}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r9}}]}, &(0x7f0000001000)='syzkaller\x00', 0x38a4, 0xbe, &(0x7f0000001040)=""/190, 0x40f00, 0x40, '\x00', r8, @fallback=0x18, r10, 0x8, &(0x7f0000001100)={0x1, 0x2}, 0x8, 0x10, &(0x7f0000001140)={0x3, 0x3, 0x8, 0x1}, 0x10, r15, 0xffffffffffffffff, 0x6, &(0x7f0000001340)=[r16, 0xffffffffffffffff, r10, r13, 0xffffffffffffffff, r13, r10], &(0x7f0000001380)=[{0x0, 0x5, 0xd, 0xb}, {0x3, 0x4, 0xa, 0x2}, {0x2, 0x3, 0xe, 0x6}, {0x0, 0x4, 0xb, 0x3}, {0x1, 0x5, 0x3, 0xc}, {0x4, 0x5, 0x1, 0x9}], 0x10, 0x8, @void, @value}, 0x94)

404.188ยตs ago: executing program 2 (id=2009):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r1)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="40000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100767469001400028008000500e000000108000100", @ANYRES32=r2, @ANYBLOB="851820d453ddc028602da7fa9897a86231c480ffcffff364a7f19dd6c8233644c7b437788ea0bc5cf140cf8a1a9d4bd54ab0a8332997706a37c4a58221588da0bb8d54c66985cc8276e06a222281b2613bf05d67446efc2bcf3fe5177065116de659de289f8049855924c9dc01"], 0x40}}, 0x0)

0s ago: executing program 2 (id=2010):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a"], 0x122}}, 0x0)
socket$inet6(0xa, 0x200000000003, 0x87)
syz_emit_ethernet(0x4e, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000001aaaaaaaaaa1586dd6003136c00188700fc0200000000000000000000000002fdff020000000000000000000000000001"], 0x0)

0s ago: executing program 2 (id=2011):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="010102000000000014004380"], 0x44}, 0x1, 0xba01}, 0x810)
r1 = socket(0x10, 0x80002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="8500"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
add_key$keyring(&(0x7f0000005180), 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffc)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB="2800000012000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00.', @ANYBLOB], 0x28}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000005400e5ea29bd7000ffffffff07000002", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r3, @ANYBLOB="01030300ff"], 0x38}, 0x1, 0x0, 0x0, 0x2800}, 0x40084c0)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
dup2(r8, r9)
r10 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r10, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x10, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x3], [0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x3, 0x0, 0x4, 0x0, 0xffeffffe, 0x0, 0x5], [0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5b2bb47c], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x239, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
write$selinux_load(r5, &(0x7f0000000000)=ANY=[], 0x2000)
sendmmsg$alg(r1, &(0x7f00000000c0), 0x0, 0x240008c0)
socket$inet(0x2, 0x1, 0x800)

kernel console output (not intermixed with test programs):

 sel_write_load+0x2ac/0x1bd0
[  109.495391][ T9641]  __vmalloc_node_noprof+0xad/0xf0
[  109.495403][ T9641]  ? sel_write_load+0x2ac/0x1bd0
[  109.495416][ T9641]  sel_write_load+0x2ac/0x1bd0
[  109.495433][ T9641]  ? __lock_acquire+0xb8a/0x1c90
[  109.495451][ T9641]  ? __pfx_sel_write_load+0x10/0x10
[  109.495463][ T9641]  ? get_pid_task+0xfc/0x250
[  109.495488][ T9641]  ? __pfx_sel_write_load+0x10/0x10
[  109.495500][ T9641]  vfs_write+0x2a0/0x1150
[  109.495516][ T9641]  ? __pfx___mutex_lock+0x10/0x10
[  109.495533][ T9641]  ? __pfx_vfs_write+0x10/0x10
[  109.495550][ T9641]  ? __fget_files+0x20e/0x3c0
[  109.495569][ T9641]  ksys_write+0x12a/0x250
[  109.495582][ T9641]  ? __pfx_ksys_write+0x10/0x10
[  109.495599][ T9641]  do_syscall_64+0xcd/0x4c0
[  109.495617][ T9641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.495628][ T9641] RIP: 0033:0x7f1b6578e929
[  109.495637][ T9641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.495648][ T9641] RSP: 002b:00007f1b66584038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  109.495658][ T9641] RAX: ffffffffffffffda RBX: 00007f1b659b5fa0 RCX: 00007f1b6578e929
[  109.495665][ T9641] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  109.495672][ T9641] RBP: 00007f1b66584090 R08: 0000000000000000 R09: 0000000000000000
[  109.495678][ T9641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.495684][ T9641] R13: 0000000000000000 R14: 00007f1b659b5fa0 R15: 00007ffcf7e966f8
[  109.495697][ T9641]  </TASK>
[  109.495703][ T9641] warn_alloc: 3 callbacks suppressed
[  109.495708][ T9641] syz.1.1199: vmalloc error: size 8192, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  109.592264][ T9641] CPU: 0 UID: 0 PID: 9641 Comm: syz.1.1199 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  109.592280][ T9641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  109.592287][ T9641] Call Trace:
[  109.592291][ T9641]  <TASK>
[  109.592296][ T9641]  dump_stack_lvl+0x16c/0x1f0
[  109.592316][ T9641]  warn_alloc+0x248/0x3a0
[  109.592332][ T9641]  ? __pfx_warn_alloc+0x10/0x10
[  109.592346][ T9641]  ? rcu_is_watching+0x12/0xc0
[  109.592360][ T9641]  ? trace_kmalloc+0x2b/0xd0
[  109.592376][ T9641]  ? __kmalloc_cache_node_noprof+0x272/0x420
[  109.592391][ T9641]  ? __kasan_kmalloc+0x8a/0xb0
[  109.592406][ T9641]  ? __get_vm_area_node+0x208/0x330
[  109.592420][ T9641]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  109.592448][ T9641]  ? sel_write_load+0x2ac/0x1bd0
[  109.592465][ T9641]  ? avc_has_perm_noaudit+0x149/0x3b0
[  109.592476][ T9641]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  109.592491][ T9641]  ? __pfx_avc_has_perm+0x10/0x10
[  109.592502][ T9641]  ? sel_write_load+0x2ac/0x1bd0
[  109.592513][ T9641]  __vmalloc_node_noprof+0xad/0xf0
[  109.592525][ T9641]  ? sel_write_load+0x2ac/0x1bd0
[  109.592538][ T9641]  sel_write_load+0x2ac/0x1bd0
[  109.592555][ T9641]  ? __lock_acquire+0xb8a/0x1c90
[  109.592574][ T9641]  ? __pfx_sel_write_load+0x10/0x10
[  109.592587][ T9641]  ? get_pid_task+0xfc/0x250
[  109.592612][ T9641]  ? __pfx_sel_write_load+0x10/0x10
[  109.592624][ T9641]  vfs_write+0x2a0/0x1150
[  109.592641][ T9641]  ? __pfx___mutex_lock+0x10/0x10
[  109.592658][ T9641]  ? __pfx_vfs_write+0x10/0x10
[  109.592675][ T9641]  ? __fget_files+0x20e/0x3c0
[  109.592694][ T9641]  ksys_write+0x12a/0x250
[  109.592707][ T9641]  ? __pfx_ksys_write+0x10/0x10
[  109.592725][ T9641]  do_syscall_64+0xcd/0x4c0
[  109.592748][ T9641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.592760][ T9641] RIP: 0033:0x7f1b6578e929
[  109.592769][ T9641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.592780][ T9641] RSP: 002b:00007f1b66584038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  109.592790][ T9641] RAX: ffffffffffffffda RBX: 00007f1b659b5fa0 RCX: 00007f1b6578e929
[  109.592797][ T9641] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  109.592804][ T9641] RBP: 00007f1b66584090 R08: 0000000000000000 R09: 0000000000000000
[  109.592810][ T9641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.592816][ T9641] R13: 0000000000000000 R14: 00007f1b659b5fa0 R15: 00007ffcf7e966f8
[  109.592830][ T9641]  </TASK>
[  109.592862][ T9641] Mem-Info:
[  109.630260][ T9650] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1203'.
[  109.631760][ T9641] active_anon:13683 inactive_anon:8569 isolated_anon:0
[  109.631760][ T9641]  active_file:15342 inactive_file:41931 isolated_file:0
[  109.631760][ T9641]  unevictable:1768 dirty:611 writeback:0
[  109.631760][ T9641]  slab_reclaimable:10143 slab_unreclaimable:71192
[  109.631760][ T9641]  mapped:24809 shmem:18696 pagetables:1219
[  109.631760][ T9641]  sec_pagetables:307 bounce:0
[  109.631760][ T9641]  kernel_misc_reclaimable:0
[  109.631760][ T9641]  free:430432 free_pcp:17862 free_cma:0
[  109.691562][ T9641] Node 0 active_anon:54716kB inactive_anon:34276kB active_file:59732kB inactive_file:163304kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99172kB dirty:2380kB writeback:0kB shmem:71556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12976kB pagetables:4372kB sec_pagetables:1228kB all_unreclaimable? no Balloon:0kB
[  109.695006][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  109.695016][   T40] audit: type=1400 audit(1750519882.310:677): avc:  denied  { setopt } for  pid=9648 comm="syz.2.1203" lport=43445 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  109.702328][ T9641] Node 1 active_anon:16kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:64kB dirty:64kB writeback:0kB shmem:3228kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:256kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  109.721699][ T9641] Node 0 DMA free:13328kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:412kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:760kB local_pcp:208kB free_cma:0kB
[  109.722423][ T9620] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.730836][ T9641] lowmem_reserve[]: 0 1235 1235 1235 1235
[  109.730864][ T9641] Node 0 DMA32 free:141684kB boost:61900kB min:89416kB low:96292kB high:103168kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56836kB inactive_anon:34276kB active_file:59320kB inactive_file:163296kB unevictable:3536kB writepending:2380kB present:2080628kB managed:1264732kB mlocked:0kB bounce:0kB free_pcp:26532kB local_pcp:3228kB free_cma:0kB
[  109.733907][ T9620] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.734062][ T9619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  109.734214][ T9619] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  109.735358][ T9641] lowmem_reserve[]: 0 0 0 0 0
[  109.757611][ T9641] Node 1 Normal free:1564668kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB writepending:64kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:44576kB local_pcp:0kB free_cma:0kB
[  109.767372][ T9641] lowmem_reserve[]: 0 0 0 0 0
[  109.768956][ T9641] Node 0 DMA: 11*4kB (UM) 9*8kB (UME) 21*16kB (UM) 17*32kB (UME) 15*64kB (UM) 13*128kB (UME) 10*256kB (UME) 6*512kB (UME) 2*1024kB (ME) 1*2048kB (U) 0*4096kB = 13348kB
[  109.774185][ T9641] Node 0 DMA32: 719*4kB (UME) 513*8kB (ME) 310*16kB (UME) 433*32kB (UME) 382*64kB (UME) 167*128kB (UME) 58*256kB (UME) 54*512kB (UME) 15*1024kB (UME) 4*2048kB (UM) 1*4096kB (M) = 141764kB
[  109.780272][ T9641] Node 1 Normal: 149*4kB (UME) 104*8kB (UME) 68*16kB (UME) 128*32kB (UME) 114*64kB (UME) 55*128kB (UE) 37*256kB (UE) 29*512kB (UE) 32*1024kB (UM) 24*2048kB (UM) 351*4096kB (UM) = 1564884kB
[  109.786301][ T9641] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  109.789490][ T9641] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  109.792501][ T9641] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  109.795537][ T9641] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  109.798596][ T9641] 75966 total pagecache pages
[  109.800296][ T9641] 1 pages in swap cache
[  109.801641][ T9641] Free swap  = 123968kB
[  109.803019][ T9641] Total swap = 124996kB
[  109.804375][ T9641] 1048443 pages RAM
[  109.805667][ T9641] 0 pages HighMem/MovableOnly
[  109.807243][ T9641] 282931 pages reserved
[  109.808713][ T9641] 0 pages cma reserved
[  109.810370][ T9651] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  109.813399][ T9651] SELinux: failed to load policy
[  109.830420][ T9653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1204'.
[  109.835065][ T9653] netlink: 'syz.0.1204': attribute type 5 has an invalid length.
[  109.838469][ T9653] netlink: 'syz.0.1204': attribute type 7 has an invalid length.
[  109.852490][ T9653] : entered promiscuous mode
[  109.857261][ T9657] netlink: 'syz.2.1206': attribute type 2 has an invalid length.
[  109.860728][ T9657] netlink: 'syz.2.1206': attribute type 8 has an invalid length.
[  109.863946][ T9657] netlink: 1148 bytes leftover after parsing attributes in process `syz.2.1206'.
[  109.954658][ T9677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1213'.
[  109.959611][ T9677] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1213'.
[  109.972133][ T9680] SELinux:  policydb magic number 0x4b07fa81 does not match expected magic number 0xf97cff8c
[  109.974728][   T40] audit: type=1400 audit(1750519882.590:678): avc:  denied  { mount } for  pid=9679 comm="syz.1.1215" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  109.975398][ T9680] SELinux: failed to load policy
[  109.987905][ T9678] SELinux: ebitmap: truncated map
[  109.994466][ T9678] SELinux: failed to load policy
[  110.036254][ T9684] FAULT_INJECTION: forcing a failure.
[  110.036254][ T9684] name failslab, interval 1, probability 0, space 0, times 0
[  110.040870][ T9684] CPU: 2 UID: 0 PID: 9684 Comm: syz.2.1217 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  110.040886][ T9684] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.040893][ T9684] Call Trace:
[  110.040897][ T9684]  <TASK>
[  110.040901][ T9684]  dump_stack_lvl+0x16c/0x1f0
[  110.040921][ T9684]  should_fail_ex+0x512/0x640
[  110.040937][ T9684]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  110.040954][ T9684]  should_failslab+0xc2/0x120
[  110.040970][ T9684]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  110.040984][ T9684]  ? __pfx___might_resched+0x10/0x10
[  110.040998][ T9684]  ? alloc_vmap_area+0x645/0x29c0
[  110.041018][ T9684]  alloc_vmap_area+0x645/0x29c0
[  110.041040][ T9684]  ? __pfx_alloc_vmap_area+0x10/0x10
[  110.041061][ T9684]  __get_vm_area_node+0x1ca/0x330
[  110.041074][ T9684]  __vmalloc_node_range_noprof+0x271/0x14b0
[  110.041087][ T9684]  ? sel_write_load+0x2ac/0x1bd0
[  110.041118][ T9684]  ? sel_write_load+0x2ac/0x1bd0
[  110.041132][ T9684]  ? avc_has_perm_noaudit+0x149/0x3b0
[  110.041143][ T9684]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  110.041158][ T9684]  ? __pfx_avc_has_perm+0x10/0x10
[  110.041169][ T9684]  ? sel_write_load+0x2ac/0x1bd0
[  110.041180][ T9684]  __vmalloc_node_noprof+0xad/0xf0
[  110.041192][ T9684]  ? sel_write_load+0x2ac/0x1bd0
[  110.041205][ T9684]  sel_write_load+0x2ac/0x1bd0
[  110.041222][ T9684]  ? __lock_acquire+0xb8a/0x1c90
[  110.041241][ T9684]  ? __pfx_sel_write_load+0x10/0x10
[  110.041253][ T9684]  ? get_pid_task+0xfc/0x250
[  110.041278][ T9684]  ? __pfx_sel_write_load+0x10/0x10
[  110.041290][ T9684]  vfs_write+0x2a0/0x1150
[  110.041305][ T9684]  ? __pfx___mutex_lock+0x10/0x10
[  110.041322][ T9684]  ? __pfx_vfs_write+0x10/0x10
[  110.041340][ T9684]  ? __fget_files+0x20e/0x3c0
[  110.041358][ T9684]  ksys_write+0x12a/0x250
[  110.041371][ T9684]  ? __pfx_ksys_write+0x10/0x10
[  110.041390][ T9684]  do_syscall_64+0xcd/0x4c0
[  110.041408][ T9684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.041419][ T9684] RIP: 0033:0x7f1cab58e929
[  110.041428][ T9684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.041438][ T9684] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  110.041449][ T9684] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  110.041456][ T9684] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  110.041463][ T9684] RBP: 00007f1cac3c8090 R08: 0000000000000000 R09: 0000000000000000
[  110.041469][ T9684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.041475][ T9684] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  110.041488][ T9684]  </TASK>
[  110.100316][ T9688] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1219'.
[  110.177846][ T9700] fuse: Unknown parameter '
'
[  110.204474][ T9704] 9pnet: p9_errstr2errno: server reported unknown error @ํ��������	
[  110.253346][ T9712] syzkaller0: left promiscuous mode
[  110.255285][ T9712] syzkaller0: left allmulticast mode
[  110.288988][ T9714] SELinux: ebitmap: truncated map
[  110.293982][ T9714] SELinux: failed to load policy
[  110.333216][ T9723] FAULT_INJECTION: forcing a failure.
[  110.333216][ T9723] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  110.340073][ T9723] CPU: 0 UID: 0 PID: 9723 Comm: syz.2.1231 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  110.340091][ T9723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  110.340098][ T9723] Call Trace:
[  110.340102][ T9723]  <TASK>
[  110.340106][ T9723]  dump_stack_lvl+0x16c/0x1f0
[  110.340128][ T9723]  should_fail_ex+0x512/0x640
[  110.340145][ T9723]  should_fail_alloc_page+0xe7/0x130
[  110.340163][ T9723]  prepare_alloc_pages+0x3c2/0x610
[  110.340177][ T9723]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  110.340192][ T9723]  ? stack_trace_save+0x8e/0xc0
[  110.340207][ T9723]  ? __pfx_stack_trace_save+0x10/0x10
[  110.340221][ T9723]  ? stack_depot_save_flags+0x28/0xa40
[  110.340240][ T9723]  ? kasan_save_stack+0x42/0x60
[  110.340254][ T9723]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  110.340268][ T9723]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  110.340282][ T9723]  ? __get_vm_area_node+0x1ca/0x330
[  110.340292][ T9723]  ? __vmalloc_node_noprof+0xad/0xf0
[  110.340303][ T9723]  ? sel_write_load+0x2ac/0x1bd0
[  110.340314][ T9723]  ? vfs_write+0x2a0/0x1150
[  110.340327][ T9723]  ? ksys_write+0x12a/0x250
[  110.340339][ T9723]  ? do_syscall_64+0xcd/0x4c0
[  110.340355][ T9723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.340372][ T9723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  110.340386][ T9723]  ? policy_nodemask+0xea/0x4e0
[  110.340403][ T9723]  alloc_pages_mpol+0x1fb/0x550
[  110.340419][ T9723]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  110.340438][ T9723]  alloc_pages_noprof+0x131/0x390
[  110.340454][ T9723]  get_free_pages_noprof+0x10/0xb0
[  110.340470][ T9723]  kasan_populate_vmalloc+0x89/0x1f0
[  110.340487][ T9723]  alloc_vmap_area+0x959/0x29c0
[  110.340510][ T9723]  ? __pfx_alloc_vmap_area+0x10/0x10
[  110.340531][ T9723]  __get_vm_area_node+0x1ca/0x330
[  110.340545][ T9723]  __vmalloc_node_range_noprof+0x271/0x14b0
[  110.340557][ T9723]  ? sel_write_load+0x2ac/0x1bd0
[  110.340573][ T9723]  ? sel_write_load+0x2ac/0x1bd0
[  110.340587][ T9723]  ? avc_has_perm_noaudit+0x149/0x3b0
[  110.340598][ T9723]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  110.340613][ T9723]  ? __pfx_avc_has_perm+0x10/0x10
[  110.340624][ T9723]  ? sel_write_load+0x2ac/0x1bd0
[  110.340635][ T9723]  __vmalloc_node_noprof+0xad/0xf0
[  110.340646][ T9723]  ? sel_write_load+0x2ac/0x1bd0
[  110.340659][ T9723]  sel_write_load+0x2ac/0x1bd0
[  110.340677][ T9723]  ? __lock_acquire+0xb8a/0x1c90
[  110.340693][ T9723]  ? __pfx_sel_write_load+0x10/0x10
[  110.340705][ T9723]  ? get_pid_task+0xfc/0x250
[  110.340730][ T9723]  ? __pfx_sel_write_load+0x10/0x10
[  110.340742][ T9723]  vfs_write+0x2a0/0x1150
[  110.340757][ T9723]  ? __pfx___mutex_lock+0x10/0x10
[  110.340778][ T9723]  ? __pfx_vfs_write+0x10/0x10
[  110.340795][ T9723]  ? __fget_files+0x20e/0x3c0
[  110.340814][ T9723]  ksys_write+0x12a/0x250
[  110.340827][ T9723]  ? __pfx_ksys_write+0x10/0x10
[  110.340845][ T9723]  do_syscall_64+0xcd/0x4c0
[  110.340862][ T9723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.340873][ T9723] RIP: 0033:0x7f1cab58e929
[  110.340882][ T9723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.340893][ T9723] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  110.340903][ T9723] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  110.340910][ T9723] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  110.340916][ T9723] RBP: 00007f1cac3c8090 R08: 0000000000000000 R09: 0000000000000000
[  110.340923][ T9723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.340929][ T9723] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  110.340942][ T9723]  </TASK>
[  110.494654][    C0] vkms_vblank_simulate: vblank timer overrun
[  110.517607][   T40] audit: type=1400 audit(1750519883.130:679): avc:  denied  { unmount } for  pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  110.581504][ T9733] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  110.622780][   T40] audit: type=1400 audit(1750519883.240:680): avc:  denied  { getopt } for  pid=9724 comm="syz.2.1232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  110.642266][   T40] audit: type=1400 audit(1750519883.260:681): avc:  denied  { execute } for  pid=9732 comm="syz.0.1236" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=26593 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  110.672974][ T9725] IPv6: sit1: Disabled Multicast RS
[  110.675122][ T9725] sit1: entered allmulticast mode
[  110.872785][ T9746] SELinux: ebitmap: truncated map
[  110.879158][ T9746] SELinux: failed to load policy
[  111.028461][ T9753] FAULT_INJECTION: forcing a failure.
[  111.028461][ T9753] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  111.032671][ T9753] CPU: 0 UID: 0 PID: 9753 Comm: syz.1.1242 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  111.032689][ T9753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.032696][ T9753] Call Trace:
[  111.032700][ T9753]  <TASK>
[  111.032705][ T9753]  dump_stack_lvl+0x16c/0x1f0
[  111.032725][ T9753]  should_fail_ex+0x512/0x640
[  111.032742][ T9753]  should_fail_alloc_page+0xe7/0x130
[  111.032760][ T9753]  prepare_alloc_pages+0x3c2/0x610
[  111.032773][ T9753]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  111.032790][ T9753]  ? rcu_is_watching+0x12/0xc0
[  111.032804][ T9753]  ? trace_mm_page_alloc+0x11f/0x1a0
[  111.032822][ T9753]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  111.032836][ T9753]  ? stack_trace_save+0x8e/0xc0
[  111.032851][ T9753]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  111.032871][ T9753]  ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  111.032885][ T9753]  ? __get_vm_area_node+0x1ca/0x330
[  111.032895][ T9753]  ? __vmalloc_node_noprof+0xad/0xf0
[  111.032905][ T9753]  ? sel_write_load+0x2ac/0x1bd0
[  111.032917][ T9753]  ? vfs_write+0x2a0/0x1150
[  111.032934][ T9753]  ? ksys_write+0x12a/0x250
[  111.032946][ T9753]  ? do_syscall_64+0xcd/0x4c0
[  111.032962][ T9753]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.032978][ T9753]  alloc_pages_bulk_noprof+0x71c/0x1410
[  111.032993][ T9753]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  111.033007][ T9753]  ? policy_nodemask+0xea/0x4e0
[  111.033025][ T9753]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  111.033040][ T9753]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  111.033062][ T9753]  kasan_populate_vmalloc+0xf1/0x1f0
[  111.033078][ T9753]  alloc_vmap_area+0x959/0x29c0
[  111.033101][ T9753]  ? __pfx_alloc_vmap_area+0x10/0x10
[  111.033123][ T9753]  __get_vm_area_node+0x1ca/0x330
[  111.033136][ T9753]  __vmalloc_node_range_noprof+0x271/0x14b0
[  111.033149][ T9753]  ? sel_write_load+0x2ac/0x1bd0
[  111.033165][ T9753]  ? sel_write_load+0x2ac/0x1bd0
[  111.033179][ T9753]  ? avc_has_perm_noaudit+0x149/0x3b0
[  111.033190][ T9753]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  111.033205][ T9753]  ? __pfx_avc_has_perm+0x10/0x10
[  111.033216][ T9753]  ? sel_write_load+0x2ac/0x1bd0
[  111.033227][ T9753]  __vmalloc_node_noprof+0xad/0xf0
[  111.033238][ T9753]  ? sel_write_load+0x2ac/0x1bd0
[  111.033252][ T9753]  sel_write_load+0x2ac/0x1bd0
[  111.033269][ T9753]  ? __lock_acquire+0xb8a/0x1c90
[  111.033286][ T9753]  ? __pfx_sel_write_load+0x10/0x10
[  111.033298][ T9753]  ? get_pid_task+0xfc/0x250
[  111.033324][ T9753]  ? __pfx_sel_write_load+0x10/0x10
[  111.033335][ T9753]  vfs_write+0x2a0/0x1150
[  111.033350][ T9753]  ? __pfx___mutex_lock+0x10/0x10
[  111.033367][ T9753]  ? __pfx_vfs_write+0x10/0x10
[  111.033385][ T9753]  ? __fget_files+0x20e/0x3c0
[  111.033403][ T9753]  ksys_write+0x12a/0x250
[  111.033417][ T9753]  ? __pfx_ksys_write+0x10/0x10
[  111.033434][ T9753]  do_syscall_64+0xcd/0x4c0
[  111.033452][ T9753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.033462][ T9753] RIP: 0033:0x7f1b6578e929
[  111.033472][ T9753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.033482][ T9753] RSP: 002b:00007f1b66584038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.033493][ T9753] RAX: ffffffffffffffda RBX: 00007f1b659b5fa0 RCX: 00007f1b6578e929
[  111.033500][ T9753] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  111.033526][ T9753] RBP: 00007f1b66584090 R08: 0000000000000000 R09: 0000000000000000
[  111.033537][ T9753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.033546][ T9753] R13: 0000000000000000 R14: 00007f1b659b5fa0 R15: 00007ffcf7e966f8
[  111.033560][ T9753]  </TASK>
[  111.159650][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.425934][ T9769] program syz.2.1248 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  111.432690][ T6114] usb 8-1: USB disconnect, device number 12
[  111.497336][ T9777] SELinux:  policydb magic number 0x37373130 does not match expected magic number 0xf97cff8c
[  111.501549][ T9777] SELinux: failed to load policy
[  111.603613][ T9785] FAULT_INJECTION: forcing a failure.
[  111.603613][ T9785] name failslab, interval 1, probability 0, space 0, times 0
[  111.608420][ T9785] CPU: 3 UID: 0 PID: 9785 Comm: syz.2.1251 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  111.608436][ T9785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.608443][ T9785] Call Trace:
[  111.608447][ T9785]  <TASK>
[  111.608451][ T9785]  dump_stack_lvl+0x16c/0x1f0
[  111.608471][ T9785]  should_fail_ex+0x512/0x640
[  111.608485][ T9785]  ? __kmalloc_node_noprof+0xc5/0x500
[  111.608502][ T9785]  should_failslab+0xc2/0x120
[  111.608517][ T9785]  __kmalloc_node_noprof+0xd8/0x500
[  111.608531][ T9785]  ? __get_vm_area_node+0x208/0x330
[  111.608542][ T9785]  ? __vmalloc_node_range_noprof+0x3e5/0x14b0
[  111.608556][ T9785]  __vmalloc_node_range_noprof+0x3e5/0x14b0
[  111.608573][ T9785]  ? sel_write_load+0x2ac/0x1bd0
[  111.608588][ T9785]  ? avc_has_perm_noaudit+0x149/0x3b0
[  111.608598][ T9785]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  111.608613][ T9785]  ? __pfx_avc_has_perm+0x10/0x10
[  111.608624][ T9785]  ? sel_write_load+0x2ac/0x1bd0
[  111.608635][ T9785]  __vmalloc_node_noprof+0xad/0xf0
[  111.608647][ T9785]  ? sel_write_load+0x2ac/0x1bd0
[  111.608660][ T9785]  sel_write_load+0x2ac/0x1bd0
[  111.608677][ T9785]  ? __lock_acquire+0xb8a/0x1c90
[  111.608694][ T9785]  ? __pfx_sel_write_load+0x10/0x10
[  111.608706][ T9785]  ? get_pid_task+0xfc/0x250
[  111.608732][ T9785]  ? __pfx_sel_write_load+0x10/0x10
[  111.608743][ T9785]  vfs_write+0x2a0/0x1150
[  111.608759][ T9785]  ? __pfx___mutex_lock+0x10/0x10
[  111.608792][ T9785]  ? __pfx_vfs_write+0x10/0x10
[  111.608810][ T9785]  ? __fget_files+0x20e/0x3c0
[  111.608829][ T9785]  ksys_write+0x12a/0x250
[  111.608842][ T9785]  ? __pfx_ksys_write+0x10/0x10
[  111.608860][ T9785]  do_syscall_64+0xcd/0x4c0
[  111.608878][ T9785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.608889][ T9785] RIP: 0033:0x7f1cab58e929
[  111.608898][ T9785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.608909][ T9785] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  111.608919][ T9785] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  111.608926][ T9785] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  111.608933][ T9785] RBP: 00007f1cac3c8090 R08: 0000000000000000 R09: 0000000000000000
[  111.608939][ T9785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.608945][ T9785] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  111.608959][ T9785]  </TASK>
[  111.745562][ T9791] FAULT_INJECTION: forcing a failure.
[  111.745562][ T9791] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.752035][ T9791] CPU: 0 UID: 0 PID: 9791 Comm: syz.0.1254 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  111.752052][ T9791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  111.752058][ T9791] Call Trace:
[  111.752062][ T9791]  <TASK>
[  111.752067][ T9791]  dump_stack_lvl+0x16c/0x1f0
[  111.752087][ T9791]  should_fail_ex+0x512/0x640
[  111.752104][ T9791]  _copy_to_user+0x32/0xd0
[  111.752121][ T9791]  simple_read_from_buffer+0xcb/0x170
[  111.752137][ T9791]  proc_fail_nth_read+0x197/0x270
[  111.752151][ T9791]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.752166][ T9791]  ? rw_verify_area+0xcf/0x680
[  111.752178][ T9791]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  111.752191][ T9791]  vfs_read+0x1e1/0xc60
[  111.752206][ T9791]  ? __pfx___mutex_lock+0x10/0x10
[  111.752222][ T9791]  ? __pfx_vfs_read+0x10/0x10
[  111.752239][ T9791]  ? __fget_files+0x20e/0x3c0
[  111.752258][ T9791]  ksys_read+0x12a/0x250
[  111.752271][ T9791]  ? __pfx_ksys_read+0x10/0x10
[  111.752284][ T9791]  ? fput+0x70/0xf0
[  111.752303][ T9791]  do_syscall_64+0xcd/0x4c0
[  111.752320][ T9791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.752332][ T9791] RIP: 0033:0x7fbc7438d33c
[  111.752341][ T9791] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  111.752352][ T9791] RSP: 002b:00007fbc75113030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  111.752362][ T9791] RAX: ffffffffffffffda RBX: 00007fbc745b5fa0 RCX: 00007fbc7438d33c
[  111.752369][ T9791] RDX: 000000000000000f RSI: 00007fbc751130a0 RDI: 0000000000000006
[  111.752375][ T9791] RBP: 00007fbc75113090 R08: 0000000000000000 R09: 0000000000000000
[  111.752381][ T9791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.752387][ T9791] R13: 0000000000000000 R14: 00007fbc745b5fa0 R15: 00007ffe5b963f78
[  111.752401][ T9791]  </TASK>
[  111.818766][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.857602][   T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  112.007617][   T24] usb 7-1: Using ep0 maxpacket: 8
[  112.011352][   T24] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  112.015274][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  112.019145][   T24] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  112.022973][   T24] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  112.028164][   T24] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  112.031687][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.102087][ T9809] SELinux: ebitmap: truncated map
[  112.110012][ T9809] SELinux: failed to load policy
[  112.112436][ T9811] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  112.116296][ T9811] SELinux: failed to load policy
[  112.237090][   T24] usb 7-1: GET_CAPABILITIES returned 0
[  112.239388][   T24] usbtmc 7-1:16.0: can't read capabilities
[  112.395425][   T40] audit: type=1400 audit(1750519885.010:682): avc:  denied  { ioctl } for  pid=9834 comm="syz.0.1269" path="socket:[30952]" dev="sockfs" ino=30952 ioctlcmd=0x6629 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  112.437909][   T24] usb 7-1: USB disconnect, device number 9
[  112.440805][ T9837] SELinux: ebitmap: truncated map
[  112.447762][ T9837] SELinux: failed to load policy
[  112.560855][ T9842] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1272'.
[  112.564306][ T9842] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1272'.
[  112.688442][ T9853] smc: net device bond0 applied user defined pnetid SYZ0
[  112.716177][ T9859] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1279'.
[  112.744486][ T9863] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  112.750921][ T9862] SELinux: ebitmap: truncated map
[  112.772060][ T5300] Bluetooth: hci3: unexpected event for opcode 0x0c12
[  112.817657][   T40] audit: type=1400 audit(1750519885.430:683): avc:  denied  { transfer } for  pid=9870 comm="syz.3.1285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  112.925339][   T40] audit: type=1400 audit(1750519885.540:684): avc:  denied  { connect } for  pid=9880 comm="syz.1.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  112.967519][ T9886] FAULT_INJECTION: forcing a failure.
[  112.967519][ T9886] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  112.971844][ T9886] CPU: 2 UID: 0 PID: 9886 Comm: syz.2.1291 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  112.971859][ T9886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  112.971866][ T9886] Call Trace:
[  112.971870][ T9886]  <TASK>
[  112.971874][ T9886]  dump_stack_lvl+0x16c/0x1f0
[  112.971908][ T9886]  should_fail_ex+0x512/0x640
[  112.971928][ T9886]  should_fail_alloc_page+0xe7/0x130
[  112.971948][ T9886]  prepare_alloc_pages+0x3c2/0x610
[  112.971962][ T9886]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  112.971979][ T9886]  ? __pfx___page_table_check_zero+0x10/0x10
[  112.971996][ T9886]  ? lockdep_hardirqs_on+0x7c/0x110
[  112.972015][ T9886]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  112.972031][ T9886]  ? get_page_from_freelist+0x1321/0x3890
[  112.972051][ T9886]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  112.972065][ T9886]  ? policy_nodemask+0xea/0x4e0
[  112.972083][ T9886]  alloc_pages_mpol+0x1fb/0x550
[  112.972099][ T9886]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  112.972113][ T9886]  ? __lock_acquire+0x622/0x1c90
[  112.972134][ T9886]  alloc_pages_noprof+0x131/0x390
[  112.972150][ T9886]  pte_alloc_one+0x1c/0x3a0
[  112.972161][ T9886]  __do_fault+0x320/0x490
[  112.972174][ T9886]  ? find_held_lock+0x2b/0x80
[  112.972188][ T9886]  __handle_mm_fault+0x3c2a/0x5490
[  112.972204][ T9886]  ? __pfx___handle_mm_fault+0x10/0x10
[  112.972216][ T9886]  ? __pfx_mt_find+0x10/0x10
[  112.972234][ T9886]  ? find_vma+0xbf/0x140
[  112.972250][ T9886]  ? __pfx_find_vma+0x10/0x10
[  112.972267][ T9886]  handle_mm_fault+0x589/0xd10
[  112.972280][ T9886]  ? __pkru_allows_pkey+0x41/0xb0
[  112.972297][ T9886]  do_user_addr_fault+0x7a6/0x1370
[  112.972313][ T9886]  ? rcu_is_watching+0x12/0xc0
[  112.972329][ T9886]  exc_page_fault+0x5c/0xb0
[  112.972344][ T9886]  asm_exc_page_fault+0x26/0x30
[  112.972355][ T9886] RIP: 0010:_copy_from_user+0x93/0xd0
[  112.972370][ T9886] Code: ec df fc 89 ee 4c 89 ef 48 b8 00 f0 ff ff ff 7f 00 00 48 39 c3 48 0f 47 d8 e8 59 cc 46 fd 0f 01 cb 4c 89 ef 48 89 de 48 89 e9 <f3> a4 0f 1f 00 49 89 cc 48 89 cb 0f 01 ca 31 ff 48 89 ce e8 b5 e7
[  112.972381][ T9886] RSP: 0018:ffffc90003c3fb20 EFLAGS: 00050246
[  112.972391][ T9886] RAX: 0000000000000001 RBX: 0000200000000000 RCX: 0000000000002000
[  112.972397][ T9886] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffc90004bd1000
[  112.972404][ T9886] RBP: 0000000000002000 R08: 0000000000000001 R09: fffff5200097a5ff
[  112.972410][ T9886] R10: ffffc90004bd2fff R11: 0000000000000000 R12: 0000000000000000
[  112.972416][ T9886] R13: ffffc90004bd1000 R14: 0000000000002000 R15: 0000000000002000
[  112.972432][ T9886]  sel_write_load+0x2f9/0x1bd0
[  112.972451][ T9886]  ? __lock_acquire+0xb8a/0x1c90
[  112.972467][ T9886]  ? __pfx_sel_write_load+0x10/0x10
[  112.972480][ T9886]  ? get_pid_task+0xfc/0x250
[  112.972506][ T9886]  ? __pfx_sel_write_load+0x10/0x10
[  112.972517][ T9886]  vfs_write+0x2a0/0x1150
[  112.972534][ T9886]  ? __pfx___mutex_lock+0x10/0x10
[  112.972552][ T9886]  ? __pfx_vfs_write+0x10/0x10
[  112.972570][ T9886]  ? __fget_files+0x20e/0x3c0
[  112.972589][ T9886]  ksys_write+0x12a/0x250
[  112.972602][ T9886]  ? __pfx_ksys_write+0x10/0x10
[  112.972620][ T9886]  do_syscall_64+0xcd/0x4c0
[  112.972638][ T9886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.972649][ T9886] RIP: 0033:0x7f1cab58e929
[  112.972657][ T9886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.972667][ T9886] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  112.972676][ T9886] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  112.972682][ T9886] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  112.972693][ T9886] RBP: 00007f1cac3c8090 R08: 0000000000000000 R09: 0000000000000000
[  112.972699][ T9886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.972705][ T9886] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  112.972719][ T9886]  </TASK>
[  113.202641][   T40] audit: type=1400 audit(1750519885.820:685): avc:  denied  { map } for  pid=9899 comm="syz.2.1296" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  113.283498][   T40] audit: type=1400 audit(1750519885.900:686): avc:  denied  { setattr } for  pid=9897 comm="syz.1.1295" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  113.380470][ T9898] SELinux:  policydb magic number 0x6b730026 does not match expected magic number 0xf97cff8c
[  113.452336][ T9915] FAULT_INJECTION: forcing a failure.
[  113.452336][ T9915] name failslab, interval 1, probability 0, space 0, times 0
[  113.456464][ T9915] CPU: 2 UID: 0 PID: 9915 Comm: syz.0.1300 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  113.456479][ T9915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  113.456486][ T9915] Call Trace:
[  113.456490][ T9915]  <TASK>
[  113.456495][ T9915]  dump_stack_lvl+0x16c/0x1f0
[  113.456515][ T9915]  should_fail_ex+0x512/0x640
[  113.456530][ T9915]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  113.456544][ T9915]  should_failslab+0xc2/0x120
[  113.456561][ T9915]  __kmalloc_cache_noprof+0x6a/0x3e0
[  113.456574][ T9915]  ? security_load_policy+0x113/0x12c0
[  113.456592][ T9915]  ? kasan_save_track+0x14/0x30
[  113.456608][ T9915]  security_load_policy+0x113/0x12c0
[  113.456629][ T9915]  ? __pfx_security_load_policy+0x10/0x10
[  113.456646][ T9915]  ? find_held_lock+0x2b/0x80
[  113.456663][ T9915]  ? __might_fault+0xe3/0x190
[  113.456677][ T9915]  ? __might_fault+0xe3/0x190
[  113.456689][ T9915]  ? __might_fault+0x13b/0x190
[  113.456708][ T9915]  sel_write_load+0x332/0x1bd0
[  113.456727][ T9915]  ? __lock_acquire+0xb8a/0x1c90
[  113.456743][ T9915]  ? __pfx_sel_write_load+0x10/0x10
[  113.456755][ T9915]  ? get_pid_task+0xfc/0x250
[  113.456781][ T9915]  ? __pfx_sel_write_load+0x10/0x10
[  113.456792][ T9915]  vfs_write+0x2a0/0x1150
[  113.456808][ T9915]  ? __pfx___mutex_lock+0x10/0x10
[  113.456832][ T9915]  ? __pfx_vfs_write+0x10/0x10
[  113.456856][ T9915]  ? __fget_files+0x20e/0x3c0
[  113.456878][ T9915]  ksys_write+0x12a/0x250
[  113.456891][ T9915]  ? __pfx_ksys_write+0x10/0x10
[  113.456910][ T9915]  do_syscall_64+0xcd/0x4c0
[  113.456929][ T9915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.456940][ T9915] RIP: 0033:0x7fbc7438e929
[  113.456949][ T9915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.456962][ T9915] RSP: 002b:00007fbc75113038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  113.456973][ T9915] RAX: ffffffffffffffda RBX: 00007fbc745b5fa0 RCX: 00007fbc7438e929
[  113.456980][ T9915] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  113.456986][ T9915] RBP: 00007fbc75113090 R08: 0000000000000000 R09: 0000000000000000
[  113.456992][ T9915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  113.456999][ T9915] R13: 0000000000000000 R14: 00007fbc745b5fa0 R15: 00007ffe5b963f78
[  113.457013][ T9915]  </TASK>
[  113.536979][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.536979][ T9916] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0
[  113.544497][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.544497][ T9916] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0
[  113.549353][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  113.552590][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.552590][ T9916] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0
[  113.560534][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  113.563686][ T9916] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  113.566194][ T9916] UDF-fs: Scanning with blocksize 512 failed
[  113.573498][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.573498][ T9916] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  113.577945][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.577945][ T9916] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  113.582509][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  113.585820][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.585820][ T9916] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  113.590062][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  113.593068][ T9916] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  113.595438][ T9916] UDF-fs: Scanning with blocksize 1024 failed
[  113.597719][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.597719][ T9916] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  113.602051][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.602051][ T9916] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  113.606114][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  113.609719][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.609719][ T9916] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  113.613823][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  113.616836][ T9916] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  113.619646][ T9916] UDF-fs: Scanning with blocksize 2048 failed
[  113.621924][ T9916] syz.2.1298: attempt to access beyond end of device
[  113.621924][ T9916] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  113.626020][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  113.629439][ T9916] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  113.632510][ T9916] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  113.634962][ T9916] UDF-fs: Scanning with blocksize 4096 failed
[  113.636930][ T9916] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  113.675987][ T9926] netlink: 'syz.0.1301': attribute type 4 has an invalid length.
[  114.127136][ T9941] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  114.267399][ T9947] FAULT_INJECTION: forcing a failure.
[  114.267399][ T9947] name failslab, interval 1, probability 0, space 0, times 0
[  114.272346][ T9947] CPU: 1 UID: 0 PID: 9947 Comm: syz.3.1310 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  114.272360][ T9947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  114.272368][ T9947] Call Trace:
[  114.272372][ T9947]  <TASK>
[  114.272376][ T9947]  dump_stack_lvl+0x16c/0x1f0
[  114.272397][ T9947]  should_fail_ex+0x512/0x640
[  114.272412][ T9947]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  114.272426][ T9947]  should_failslab+0xc2/0x120
[  114.272443][ T9947]  __kmalloc_cache_noprof+0x6a/0x3e0
[  114.272455][ T9947]  ? security_load_policy+0x113/0x12c0
[  114.272473][ T9947]  ? kasan_save_track+0x14/0x30
[  114.272488][ T9947]  security_load_policy+0x113/0x12c0
[  114.272507][ T9947]  ? irqentry_exit+0x3b/0x90
[  114.272524][ T9947]  ? __pfx_security_load_policy+0x10/0x10
[  114.272549][ T9947]  ? _copy_from_user+0x93/0xd0
[  114.272566][ T9947]  sel_write_load+0x332/0x1bd0
[  114.272584][ T9947]  ? __lock_acquire+0xb8a/0x1c90
[  114.272602][ T9947]  ? __pfx_sel_write_load+0x10/0x10
[  114.272614][ T9947]  ? get_pid_task+0xfc/0x250
[  114.272639][ T9947]  ? __pfx_sel_write_load+0x10/0x10
[  114.272650][ T9947]  vfs_write+0x2a0/0x1150
[  114.272666][ T9947]  ? __pfx___mutex_lock+0x10/0x10
[  114.272683][ T9947]  ? __pfx_vfs_write+0x10/0x10
[  114.272700][ T9947]  ? __fget_files+0x20e/0x3c0
[  114.272718][ T9947]  ksys_write+0x12a/0x250
[  114.272732][ T9947]  ? __pfx_ksys_write+0x10/0x10
[  114.272749][ T9947]  do_syscall_64+0xcd/0x4c0
[  114.272771][ T9947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.272783][ T9947] RIP: 0033:0x7fcbdd58e929
[  114.272791][ T9947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.272802][ T9947] RSP: 002b:00007fcbde445038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  114.272813][ T9947] RAX: ffffffffffffffda RBX: 00007fcbdd7b5fa0 RCX: 00007fcbdd58e929
[  114.272820][ T9947] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000003
[  114.272826][ T9947] RBP: 00007fcbde445090 R08: 0000000000000000 R09: 0000000000000000
[  114.272832][ T9947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  114.272839][ T9947] R13: 0000000000000000 R14: 00007fcbdd7b5fa0 R15: 00007ffcb4041ca8
[  114.272852][ T9947]  </TASK>
[  114.381165][ T9949] macvtap2: entered allmulticast mode
[  114.383213][ T9949] veth0_macvtap: entered allmulticast mode
[  114.390606][ T9949] netlink: 'syz.3.1311': attribute type 10 has an invalid length.
[  114.393116][ T9949] __nla_validate_parse: 4 callbacks suppressed
[  114.393123][ T9949] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1311'.
[  114.405016][ T9949] geneve0: entered promiscuous mode
[  114.406774][ T9949] geneve0: entered allmulticast mode
[  114.410030][ T9949] team0: Failed to send port change of device geneve0 via netlink (err -105)
[  114.412993][ T9949] team0: Failed to send options change via netlink (err -105)
[  114.415537][ T9949] team0: Port device geneve0 added
[  114.560418][ T9959] block nbd3: not configured, cannot reconfigure
[  114.566547][ T9961] cgroup2: Unknown parameter 'subj_type'
[  114.629193][ T9965] 8021q: adding VLAN 0 to HW filter on device bond2
[  114.632485][ T9965] bond0: (slave bond2): Enslaving as an active interface with an up link
[  114.691134][ T9971] SELinux:  unable to allocate memory for policydb string of length 8
[  114.693823][ T9971] sel_write_load: 5 callbacks suppressed
[  114.693831][ T9971] SELinux: failed to load policy
[  114.780877][ T9986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1326'.
[  114.782349][ T9984] SELinux: ebitmap: truncated map
[  114.786997][ T9986] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1326'.
[  114.788824][ T9984] SELinux: failed to load policy
[  114.863798][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  114.863809][   T40] audit: type=1326 audit(1750519887.480:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9994 comm="syz.1.1329" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1b6578e929 code=0x0
[  114.875276][ T9997] SELinux:  unable to allocate memory for policydb string of length 8
[  114.878763][ T9997] SELinux: failed to load policy
[  114.903280][ T9999] batadv_slave_1: entered promiscuous mode
[  114.905430][ T9999] batadv_slave_1: left promiscuous mode
[  114.997080][T10005] netlink: 'syz.3.1332': attribute type 2 has an invalid length.
[  115.001560][T10005] netlink: 'syz.3.1332': attribute type 1 has an invalid length.
[  115.510173][   T40] audit: type=1400 audit(1750519888.130:692): avc:  denied  { shutdown } for  pid=10010 comm="syz.0.1335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  115.544975][T10014] block nbd0: not configured, cannot reconfigure
[  115.553686][T10014] netlink: 'syz.0.1336': attribute type 23 has an invalid length.
[  115.626882][T10017] SELinux: failed to load policy
[  115.742943][T10024] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  115.745917][T10024] SELinux: failed to load policy
[  115.808405][T10020] snd_dummy snd_dummy.0: control 0:0:0:syz0:7 is already present
[  115.812560][T10020] fuse: Unknown parameter 'obj_type'
[  115.813435][   T40] audit: type=1400 audit(1750519888.430:693): avc:  denied  { accept } for  pid=10026 comm="syz.1.1341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  115.881010][T10033] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  115.970943][T10045] batadv_slave_1: entered promiscuous mode
[  115.975725][T10045] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1346'.
[  116.058867][T10045] team0 (unregistering): Port device team_slave_0 removed
[  116.064048][T10045] team0 (unregistering): Port device team_slave_1 removed
[  116.162418][T10043] batadv_slave_1: left promiscuous mode
[  116.317010][T10056] net_ratelimit: 514 callbacks suppressed
[  116.317022][T10056] openvswitch: netlink: Key type 88 is out of range max 32
[  116.750673][T10075] syzkaller1: entered promiscuous mode
[  116.753635][T10075] syzkaller1: entered allmulticast mode
[  116.778201][ T5300] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  116.781325][ T5300] Bluetooth: hci3: Injecting HCI hardware error event
[  116.784532][ T5300] Bluetooth: hci3: hardware error 0x00
[  116.897145][   T40] audit: type=1400 audit(1750519889.510:694): avc:  denied  { append } for  pid=10080 comm="syz.2.1359" name="pfkey" dev="proc" ino=4026532986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  116.904824][   T40] audit: type=1400 audit(1750519889.520:695): avc:  denied  { map } for  pid=10080 comm="syz.2.1359" path="/proc/1025/net/pfkey" dev="proc" ino=4026532986 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  117.177794][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  117.286160][T10100] FAULT_INJECTION: forcing a failure.
[  117.286160][T10100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.286180][T10100] CPU: 1 UID: 0 PID: 10100 Comm: syz.3.1365 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  117.286194][T10100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  117.286201][T10100] Call Trace:
[  117.286212][T10100]  <TASK>
[  117.286216][T10100]  dump_stack_lvl+0x16c/0x1f0
[  117.286246][T10100]  should_fail_ex+0x512/0x640
[  117.286266][T10100]  _copy_from_iter+0x29f/0x16f0
[  117.286285][T10100]  ? __pfx__copy_from_iter+0x10/0x10
[  117.286301][T10100]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  117.286324][T10100]  copy_page_from_iter+0xde/0x180
[  117.286341][T10100]  tun_build_skb.constprop.0+0x2e8/0x14f0
[  117.286363][T10100]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  117.286388][T10100]  ? __pfx__kstrtoull+0x10/0x10
[  117.286402][T10100]  tun_get_user+0x165f/0x3b80
[  117.286423][T10100]  ? __pfx_tun_get_user+0x10/0x10
[  117.286439][T10100]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  117.286458][T10100]  ? find_held_lock+0x2b/0x80
[  117.286472][T10100]  ? tun_get+0x191/0x370
[  117.286489][T10100]  tun_chr_write_iter+0xdc/0x210
[  117.286506][T10100]  vfs_write+0x6c4/0x1150
[  117.286520][T10100]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  117.286538][T10100]  ? __pfx_vfs_write+0x10/0x10
[  117.286550][T10100]  ? find_held_lock+0x2b/0x80
[  117.286571][T10100]  ksys_write+0x12a/0x250
[  117.286584][T10100]  ? __pfx_ksys_write+0x10/0x10
[  117.286601][T10100]  do_syscall_64+0xcd/0x4c0
[  117.286618][T10100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.286629][T10100] RIP: 0033:0x7fcbdd58d3df
[  117.286638][T10100] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  117.286649][T10100] RSP: 002b:00007fcbde445000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  117.286669][T10100] RAX: ffffffffffffffda RBX: 00007fcbdd7b5fa0 RCX: 00007fcbdd58d3df
[  117.286676][T10100] RDX: 000000000000004e RSI: 0000200000000100 RDI: 00000000000000c8
[  117.286682][T10100] RBP: 00007fcbde445090 R08: 0000000000000000 R09: 0000000000000000
[  117.286688][T10100] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000001
[  117.286694][T10100] R13: 0000000000000000 R14: 00007fcbdd7b5fa0 R15: 00007ffcb4041ca8
[  117.286707][T10100]  </TASK>
[  117.367022][   T40] audit: type=1400 audit(1750519889.990:696): avc:  denied  { map } for  pid=10105 comm="syz.1.1368" path="pipe:[31351]" dev="pipefs" ino=31351 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  117.367052][   T40] audit: type=1400 audit(1750519889.990:697): avc:  denied  { execute } for  pid=10105 comm="syz.1.1368" path="pipe:[31351]" dev="pipefs" ino=31351 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  117.402736][T10107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1367'.
[  117.405589][T10107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1367'.
[  117.405607][T10107] netlink: 'syz.3.1367': attribute type 19 has an invalid length.
[  117.421575][T10111] netlink: 'syz.1.1370': attribute type 10 has an invalid length.
[  117.424137][T10111] lo: entered promiscuous mode
[  117.425749][T10111] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  117.530817][T10116] mkiss: ax0: crc mode is auto.
[  117.544891][T10116] SELinux:  policydb magic number 0x290708bc does not match expected magic number 0xf97cff8c
[  117.548572][T10116] SELinux: failed to load policy
[  117.765267][T10130] netlink: 'syz.1.1376': attribute type 10 has an invalid length.
[  117.769122][T10130] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1376'.
[  117.771894][T10130] dummy0: entered promiscuous mode
[  117.773698][T10130] bridge0: port 2(dummy0) entered blocking state
[  117.776648][T10130] bridge0: port 2(dummy0) entered disabled state
[  117.779621][T10130] dummy0: entered allmulticast mode
[  117.783495][T10130] bridge0: port 2(dummy0) entered blocking state
[  117.787086][T10130] bridge0: port 2(dummy0) entered forwarding state
[  117.794026][T10130] netlink: 'syz.1.1376': attribute type 1 has an invalid length.
[  117.800614][T10130] bridge0: entered promiscuous mode
[  117.802485][T10130] macvlan2: entered promiscuous mode
[  117.833342][T10132] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[  117.912415][   T40] audit: type=1400 audit(1750519890.530:698): avc:  denied  { ioctl } for  pid=10137 comm="syz.2.1380" path="socket:[30439]" dev="sockfs" ino=30439 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  117.919252][T10138] SELinux:  policydb magic number 0x4c0 does not match expected magic number 0xf97cff8c
[  117.923455][T10138] SELinux: failed to load policy
[  117.925603][T10138] SELinux:  policydb magic number 0xeec26da3 does not match expected magic number 0xf97cff8c
[  117.929955][T10138] SELinux: failed to load policy
[  117.953707][T10142] loop6: detected capacity change from 0 to 524287487
[  117.956306][T10142] buffer_io_error: 18 callbacks suppressed
[  117.956314][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.961100][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.963593][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.966074][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.969175][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.971972][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.974582][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.977342][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.980070][T10142] ldm_validate_partition_table(): Disk read failed.
[  117.982324][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.982836][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1383'.
[  117.984927][T10142] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.988305][T10144] bridge_slave_0: left allmulticast mode
[  117.991037][T10142] Dev loop6: unable to read RDB block 0
[  117.992857][T10144] bridge_slave_0: left promiscuous mode
[  117.994803][T10142]  loop6: unable to read partition table
[  117.996649][T10144] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.000264][T10142] loop_reread_partitions: partition scan of loop6 (3Ÿพxณ˜Cึ

) failed (rc=-5)
[  118.057474][   T40] audit: type=1326 audit(1750519890.670:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10141 comm="syz.2.1382" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1cab58e929 code=0x0
[  118.065078][T10145] loop6: detected capacity change from 524287487 to 33554432
[  118.266936][T10158] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1387'.
[  118.269935][T10158] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1387'.
[  118.273830][T10158] netlink: 'syz.2.1387': attribute type 18 has an invalid length.
[  118.321082][T10162] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  118.321082][T10162] The task syz.0.1385 (10162) triggered the difference, watch for misbehavior.
[  118.405424][T10166] syzkaller0: entered allmulticast mode
[  118.409988][T10165] syzkaller0: left allmulticast mode
[  118.857686][ T5300] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  119.053578][   T40] audit: type=1400 audit(1750519891.670:700): avc:  denied  { bind } for  pid=10171 comm="syz.2.1391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  119.119384][    C1] vcan0: j1939_tp_rxtimer: 0xffff888054a3b800: rx timeout, send abort
[  119.123518][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880553d8800: rx timeout, send abort
[  119.440787][T10181] SELinux:  policydb magic number 0x61746162 does not match expected magic number 0xf97cff8c
[  119.444057][T10181] SELinux: failed to load policy
[  119.591336][T10186] SELinux:  policydb magic number 0x34383106 does not match expected magic number 0xf97cff8c
[  119.594667][T10186] SELinux: failed to load policy
[  119.623042][    C1] vcan0: j1939_tp_rxtimer: 0xffff888054a3b800: abort rx timeout. Force session deactivation
[  119.626970][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880553d8800: abort rx timeout. Force session deactivation
[  119.651429][T10192] netlink: 'syz.0.1397': attribute type 23 has an invalid length.
[  119.707828][T10192] netlink: 'syz.0.1397': attribute type 8 has an invalid length.
[  119.711259][T10192] __nla_validate_parse: 3 callbacks suppressed
[  119.711269][T10192] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'.
[  119.777510][T10206] IPVS: persistence engine module ip_vs_pe_s not found
[  119.838611][T10213] SELinux: ebitmap: truncated map
[  119.843910][T10213] SELinux: failed to load policy
[  119.846725][T10216] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  119.850850][T10216] SELinux: failed to load policy
[  119.864070][T10218] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1403'.
[  119.996367][   T40] kauditd_printk_skb: 8 callbacks suppressed
[  119.996382][   T40] audit: type=1400 audit(1750519892.610:709): avc:  denied  { accept } for  pid=10237 comm="syz.0.1412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  120.011167][T10246] netlink: 'syz.1.1414': attribute type 25 has an invalid length.
[  120.061456][T10250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1416'.
[  120.073547][T10250] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[  120.076779][T10250] SELinux: failed to load policy
[  120.107869][T10256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1418'.
[  120.115332][T10256] SELinux:  policydb version -1511003350 does not match my version range 15-34
[  120.118207][T10256] SELinux: failed to load policy
[  120.120069][T10256] snd_dummy snd_dummy.0: control 0:0:0:syz0:7 is already present
[  120.123526][T10256] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1418'.
[  120.155214][T10261] SELinux: ebitmap: truncated map
[  120.160244][T10261] SELinux: failed to load policy
[  120.187247][T10269] xt_cgroup: invalid path, errno=-2
[  120.191171][T10269] [U] 
[  120.192339][T10269] [U] 
[  120.193257][T10269] [U] 
[  120.194144][T10269] [U] 
[  120.195091][T10269] [U] 
[  120.196002][T10269] [U] 
[  120.196926][T10269] [U] 
[  120.197850][T10269] [U] 
[  120.199258][T10269] [U] 
[  120.200289][T10269] [U] 
[  120.201204][T10269] [U] 
[  120.202118][T10269] [U] 
[  120.203165][T10269] [U] 
[  120.204062][T10269] [U] 
[  120.204973][T10269] [U] 
[  120.205899][T10269] [U] 
[  120.209721][T10268] [U] 
[  120.252056][   T40] audit: type=1400 audit(1750519892.870:710): avc:  denied  { remount } for  pid=10280 comm="syz.0.1426" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  120.260093][T10254] lo: entered allmulticast mode
[  120.315481][T10300] bio_check_eod: 2 callbacks suppressed
[  120.315492][T10300] syz.1.1429: attempt to access beyond end of device
[  120.315492][T10300] nbd1: rw=4096, sector=0, nr_sectors = 2 limit=0
[  120.322175][T10300] XFS (nbd1): SB validate failed with error -5.
[  120.367743][   T40] audit: type=1400 audit(1750519892.980:711): avc:  denied  { write } for  pid=10309 comm="syz.3.1430" name="/" dev="9p" ino=35913863 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  120.387358][T10314] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  120.391288][T10314] SELinux: failed to load policy
[  120.399007][T10317] netlink: 'syz.1.1433': attribute type 2 has an invalid length.
[  120.401260][T10316] netlink: 'syz.1.1433': attribute type 2 has an invalid length.
[  120.471081][T10324] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  120.536356][T10329] batadv_slave_1: entered promiscuous mode
[  120.539768][T10328] batadv_slave_1: left promiscuous mode
[  120.568552][T10339] tipc: Failed to remove unknown binding: 66,1,1/0:3878993594/3878993596
[  120.571709][T10339] tipc: Failed to remove unknown binding: 66,1,1/0:3878993594/3878993596
[  120.841673][T10348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10348 comm=syz.0.1442
[  120.852013][T10350] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  120.854280][T10350] UDF-fs: Scanning with blocksize 2048 failed
[  120.856756][T10350] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  120.859305][T10350] UDF-fs: Scanning with blocksize 4096 failed
[  120.889178][T10254] lo: left allmulticast mode
[  120.897632][T10352] kvm: kvm [10351]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000004) = 0x0
[  121.029688][T10370] SELinux: ebitmap: truncated map
[  121.034699][T10370] SELinux: failed to load policy
[  121.389369][   T40] audit: type=1400 audit(1750519894.010:712): avc:  denied  { map } for  pid=10403 comm="syz.2.1460" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  121.397260][   T40] audit: type=1400 audit(1750519894.010:713): avc:  denied  { execute } for  pid=10403 comm="syz.2.1460" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  121.446152][T10406] SELinux: ebitmap: truncated map
[  121.452107][T10406] SELinux: failed to load policy
[  121.501056][T10410] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  121.505319][T10410] netlink: 'syz.2.1463': attribute type 1 has an invalid length.
[  121.575255][T10412] netlink: 'syz.2.1464': attribute type 10 has an invalid length.
[  121.578057][T10412] tipc: Resetting bearer <eth:team0>
[  121.583594][T10412] team0: Cannot enslave team device to itself
[  121.750336][T10417] warn_alloc: 5 callbacks suppressed
[  121.750346][T10417] syz.2.1466: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  121.756938][T10417] CPU: 2 UID: 0 PID: 10417 Comm: syz.2.1466 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  121.756954][T10417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  121.756961][T10417] Call Trace:
[  121.756966][T10417]  <TASK>
[  121.756971][T10417]  dump_stack_lvl+0x16c/0x1f0
[  121.757006][T10417]  warn_alloc+0x248/0x3a0
[  121.757023][T10417]  ? __pfx_warn_alloc+0x10/0x10
[  121.757037][T10417]  ? __pfx_stack_trace_save+0x10/0x10
[  121.757054][T10417]  ? stack_depot_save_flags+0x28/0xa40
[  121.757077][T10417]  ? kasan_save_stack+0x42/0x60
[  121.757091][T10417]  ? kasan_save_stack+0x33/0x60
[  121.757104][T10417]  ? kasan_save_track+0x14/0x30
[  121.757118][T10417]  ? xskq_create+0x52/0x1d0
[  121.757131][T10417]  ? xsk_setsockopt+0x640/0x840
[  121.757144][T10417]  ? do_sock_setsockopt+0x224/0x470
[  121.757157][T10417]  ? xskq_create+0xfb/0x1d0
[  121.757172][T10417]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  121.757191][T10417]  ? xskq_create+0xfb/0x1d0
[  121.757208][T10417]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  121.757225][T10417]  ? xskq_create+0xfb/0x1d0
[  121.757240][T10417]  vmalloc_user_noprof+0x9e/0xe0
[  121.757252][T10417]  ? xskq_create+0xfb/0x1d0
[  121.757266][T10417]  xskq_create+0xfb/0x1d0
[  121.757282][T10417]  xsk_setsockopt+0x640/0x840
[  121.757296][T10417]  ? __pfx_xsk_setsockopt+0x10/0x10
[  121.757309][T10417]  ? __lock_acquire+0x622/0x1c90
[  121.757331][T10417]  ? selinux_socket_setsockopt+0x6a/0x80
[  121.757346][T10417]  ? __pfx_xsk_setsockopt+0x10/0x10
[  121.757360][T10417]  do_sock_setsockopt+0x224/0x470
[  121.757371][T10417]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  121.757390][T10417]  __sys_setsockopt+0x1a0/0x230
[  121.757426][T10417]  __x64_sys_setsockopt+0xbd/0x160
[  121.757444][T10417]  ? do_syscall_64+0x91/0x4c0
[  121.757461][T10417]  ? lockdep_hardirqs_on+0x7c/0x110
[  121.757478][T10417]  do_syscall_64+0xcd/0x4c0
[  121.757498][T10417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.757510][T10417] RIP: 0033:0x7f1cab58e929
[  121.757521][T10417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.757545][T10417] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  121.757556][T10417] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  121.757563][T10417] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  121.757570][T10417] RBP: 00007f1cab610b39 R08: 0000000000000004 R09: 0000000000000000
[  121.757577][T10417] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.757584][T10417] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  121.757598][T10417]  </TASK>
[  121.840011][    C2] vkms_vblank_simulate: vblank timer overrun
[  121.842574][T10417] Mem-Info:
[  121.843669][T10417] active_anon:13763 inactive_anon:8563 isolated_anon:0
[  121.843669][T10417]  active_file:15634 inactive_file:42082 isolated_file:0
[  121.843669][T10417]  unevictable:1798 dirty:908 writeback:0
[  121.843669][T10417]  slab_reclaimable:10323 slab_unreclaimable:72067
[  121.843669][T10417]  mapped:25121 shmem:18684 pagetables:1293
[  121.843669][T10417]  sec_pagetables:307 bounce:0
[  121.843669][T10417]  kernel_misc_reclaimable:0
[  121.843669][T10417]  free:434661 free_pcp:15915 free_cma:0
[  121.857625][T10417] Node 0 active_anon:55040kB inactive_anon:34252kB active_file:60900kB inactive_file:163908kB unevictable:3656kB isolated(anon):0kB isolated(file):0kB mapped:100420kB dirty:3568kB writeback:0kB shmem:71508kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13072kB pagetables:4660kB sec_pagetables:1228kB all_unreclaimable? no Balloon:0kB
[  121.867942][T10417] Node 1 active_anon:12kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:64kB dirty:64kB writeback:0kB shmem:3228kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:512kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  121.877822][T10417] Node 0 DMA free:14064kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:412kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:272kB local_pcp:0kB free_cma:0kB
[  121.886773][T10417] lowmem_reserve[]: 0 1235 1235 1235 1235
[  121.888772][T10417] Node 0 DMA32 free:116872kB boost:61900kB min:89416kB low:96292kB high:103168kB reserved_highatomic:0KB free_highatomic:0KB active_anon:55036kB inactive_anon:34252kB active_file:60488kB inactive_file:163900kB unevictable:3656kB writepending:3568kB present:2080628kB managed:1264732kB mlocked:120kB bounce:0kB free_pcp:58892kB local_pcp:27264kB free_cma:0kB
[  121.899018][T10417] lowmem_reserve[]: 0 0 0 0 0
[  121.900525][T10417] Node 1 Normal free:1607708kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB writepending:64kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:4616kB local_pcp:3392kB free_cma:0kB
[  121.910075][T10417] lowmem_reserve[]: 0 0 0 0 0
[  121.911632][T10417] Node 0 DMA: 21*4kB (UM) 22*8kB (UME) 28*16kB (UM) 26*32kB (UME) 18*64kB (UM) 13*128kB (UME) 10*256kB (UME) 4*512kB (UME) 3*1024kB (UME) 1*2048kB (M) 0*4096kB = 14084kB
[  121.916909][T10417] Node 0 DMA32: 979*4kB (UME) 679*8kB (UME) 595*16kB (UME) 327*32kB (UME) 341*64kB (UME) 145*128kB (UME) 44*256kB (UME) 36*512kB (UE) 13*1024kB (UME) 2*2048kB (UM) 0*4096kB = 116820kB
[  121.922672][T10417] Node 1 Normal: 207*4kB (UME) 210*8kB (UME) 193*16kB (UME) 306*32kB (UME) 264*64kB (UME) 140*128kB (UME) 88*256kB (UME) 58*512kB (UME) 48*1024kB (UM) 17*2048kB (UM) 347*4096kB (UM) = 1607708kB
[  121.928695][T10417] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  121.931716][T10417] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  121.934629][T10417] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  121.937512][T10417] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  121.940506][T10417] 76410 total pagecache pages
[  121.941992][T10417] 2 pages in swap cache
[  121.943304][T10417] Free swap  = 123968kB
[  121.944629][T10417] Total swap = 124996kB
[  121.946028][T10417] 1048443 pages RAM
[  121.947261][T10417] 0 pages HighMem/MovableOnly
[  121.948843][T10417] 282931 pages reserved
[  121.950154][T10417] 0 pages cma reserved
[  122.025703][T10431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1471'.
[  122.028913][T10431] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1471'.
[  122.050420][T10431] input: syz1 as /devices/virtual/input/input15
[  122.087870][  T836] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  122.110674][T10431] SELinux:  policydb magic number 0x77359400 does not match expected magic number 0xf97cff8c
[  122.113873][T10431] SELinux: failed to load policy
[  122.200157][T10442] program syz.2.1475 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  122.205837][   T40] audit: type=1400 audit(1750519894.820:714): avc:  denied  { setopt } for  pid=10443 comm="syz.0.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  122.208908][T10444] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=10012 sclass=netlink_xfrm_socket pid=10444 comm=syz.0.1476
[  122.224264][T10444] sit0: entered allmulticast mode
[  122.236170][T10446] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1477'.
[  122.238077][T10447] vcan0: tx drop: invalid sa for name 0xfffffffffffffffd
[  122.249662][  T836] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  122.252378][  T836] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  122.256034][  T836] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  122.259873][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  122.263261][  T836] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  122.268106][  T836] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  122.270956][  T836] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  122.273432][  T836] usb 6-1: Product: syz
[  122.274977][  T836] usb 6-1: Manufacturer: syz
[  122.282287][  T836] cdc_wdm 6-1:1.0: skipping garbage
[  122.283959][  T836] cdc_wdm 6-1:1.0: skipping garbage
[  122.289180][  T836] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  122.291829][  T836] cdc_wdm 6-1:1.0: Unknown control protocol
[  122.429389][T10454] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  122.437854][T10454] CIFS mount error: No usable UNC path provided in device string!
[  122.437854][T10454] 
[  122.442518][T10454] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  122.488315][  T837] usb 6-1: USB disconnect, device number 4
[  122.787140][T10472] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  122.791184][T10472] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.1486'.
[  122.826599][T10479] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  123.070291][T10491] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[  123.073548][T10491] SELinux: failed to load policy
[  123.349507][T10519] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  123.418443][T10521] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1504'.
[  123.735367][T10552] SELinux: ebitmap: truncated map
[  123.778258][   T40] audit: type=1400 audit(1750519896.400:715): avc:  denied  { shutdown } for  pid=10556 comm="syz.2.1517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  123.784492][   T40] audit: type=1400 audit(1750519896.400:716): avc:  denied  { accept } for  pid=10556 comm="syz.2.1517" path="socket:[32676]" dev="sockfs" ino=32676 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  123.872866][T10567] program syz.2.1520 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.073827][T10573] batadv0: entered promiscuous mode
[  124.076200][T10573] batadv0: entered allmulticast mode
[  124.081713][T10573] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.349711][T10591] tmpfs: Bad value for 'mpol'
[  124.597835][   T40] audit: type=1326 audit(1750519897.220:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10554 comm="syz.0.1516" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7438e929 code=0x7fc00000
[  124.762410][T10605] bond0: entered promiscuous mode
[  124.764656][T10605] bond_slave_0: entered promiscuous mode
[  124.767256][T10605] bond_slave_1: entered promiscuous mode
[  124.770192][T10605] bridge_slave_1: entered promiscuous mode
[  124.818313][T10607] netlink: 'syz.1.1535': attribute type 2 has an invalid length.
[  125.009824][T10626] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  125.134646][T10632] fuse: root generation should be zero
[  125.166222][   T40] audit: type=1400 audit(1750519897.780:718): avc:  denied  { bind } for  pid=10634 comm="syz.1.1542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  125.376976][T10652] __nla_validate_parse: 2 callbacks suppressed
[  125.376987][T10652] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1548'.
[  125.431851][T10654] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1549'.
[  125.447397][T10654] input: syz1 as /devices/virtual/input/input16
[  125.485272][T10656] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1550'.
[  125.574731][   T40] audit: type=1400 audit(1750519898.190:719): avc:  denied  { getopt } for  pid=10662 comm="syz.0.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  125.606086][T10666] xt_connbytes: Forcing CT accounting to be enabled
[  125.608565][T10666] SET target dimension over the limit!
[  125.643788][T10669] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1554'.
[  125.674781][   T40] audit: type=1400 audit(1750519898.290:720): avc:  denied  { rename } for  pid=10655 comm="syz.1.1550" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  125.737237][T10671] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1555'.
[  125.845103][T10681] IPVS: Error connecting to the multicast addr
[  125.873694][T10687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1559'.
[  125.883472][T10687] xt_TPROXY: Can be used only with -p tcp or -p udp
[  125.921312][T10690] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=10690 comm=syz.2.1561
[  125.965128][   T40] audit: type=1400 audit(1750519898.580:721): avc:  denied  { read } for  pid=10692 comm="syz.2.1562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  126.095079][T10706] overlayfs: failed to resolve './file1': -2
[  126.105771][   T40] audit: type=1400 audit(1750519898.720:722): avc:  denied  { validate_trans } for  pid=10707 comm="syz.1.1569" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  126.788829][T10739] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  126.790191][T10737] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  126.807523][T10739] usb usb8: usbfs: process 10739 (syz.0.1579) did not claim interface 0 before use
[  126.917005][T10743] netlink: 'syz.0.1580': attribute type 13 has an invalid length.
[  126.975081][T10748] hugetlbfs: Unknown parameter 'inode32'
[  126.975081][   T40] audit: type=1400 audit(1750519899.590:723): avc:  denied  { remount } for  pid=10747 comm="syz.0.1582" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  127.490124][   T40] audit: type=1400 audit(1750519900.110:724): avc:  denied  { unmount } for  pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  127.538736][T10778] fuse: Bad value for 'group_id'
[  127.540554][T10778] fuse: Bad value for 'group_id'
[  127.568413][T10780] cgroup: name respecified
[  127.571062][T10781] cgroup: name respecified
[  127.607040][T10785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1594'.
[  127.666178][T10798] netlink: 204 bytes leftover after parsing attributes in process `syz.2.1595'.
[  127.719686][T10806] syzkaller0: entered promiscuous mode
[  127.721626][T10806] syzkaller0: entered allmulticast mode
[  127.758678][T10811] netlink: 'syz.2.1600': attribute type 4 has an invalid length.
[  127.823820][T10823] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1604'.
[  128.089863][T10843] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1613'.
[  128.233464][T10855] netlink: 'syz.2.1616': attribute type 30 has an invalid length.
[  128.239110][T10855] netdevsim netdevsim2 ชชชชชช: set [0, 0] type 1 family 0 port 8472 - 0
[  128.241743][T10855] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  128.244549][T10855] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  128.247278][T10855] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  128.482028][   T40] audit: type=1400 audit(1750519901.100:725): avc:  denied  { append } for  pid=10873 comm="syz.2.1622" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  128.558331][T10879] team0: Unable to change to the same mode the team is in
[  129.211575][T10931] pim6reg1: entered promiscuous mode
[  129.213310][T10931] pim6reg1: entered allmulticast mode
[  129.303215][T10933] fuse: Bad value for 'group_id'
[  129.305387][T10933] fuse: Bad value for 'group_id'
[  129.308496][T10933] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  129.589503][T10949] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  129.594771][   T34] IPVS: starting estimator thread 0...
[  129.677896][T10951] IPVS: using max 42 ests per chain, 100800 per kthread
[  129.944842][   T40] audit: type=1400 audit(1750519902.560:726): avc:  denied  { execute } for  pid=10955 comm="syz.2.1647" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  130.048511][T10968] pim6reg: entered allmulticast mode
[  130.205667][   T40] audit: type=1400 audit(1750519902.820:727): avc:  denied  { write } for  pid=10983 comm="syz.2.1654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  130.353610][T10993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=10993 comm=syz.2.1658
[  130.553537][   T61] nci: nci_ntf_packet: unsupported ntf opcode 0xf05
[  130.558051][T11011] syz.2.1661: attempt to access beyond end of device
[  130.558051][T11011] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0
[  130.562362][T11011] syz.2.1661: attempt to access beyond end of device
[  130.562362][T11011] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0
[  130.566688][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  130.570003][T11011] syz.2.1661: attempt to access beyond end of device
[  130.570003][T11011] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0
[  130.574046][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  130.577356][T11011] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  130.580515][T11011] UDF-fs: Scanning with blocksize 512 failed
[  130.583186][T11011] syz.2.1661: attempt to access beyond end of device
[  130.583186][T11011] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0
[  130.587384][T11011] syz.2.1661: attempt to access beyond end of device
[  130.587384][T11011] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0
[  130.591620][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  130.594594][T11011] syz.2.1661: attempt to access beyond end of device
[  130.594594][T11011] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  130.598865][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  130.601949][T11011] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  130.604298][T11011] UDF-fs: Scanning with blocksize 1024 failed
[  130.606477][T11011] syz.2.1661: attempt to access beyond end of device
[  130.606477][T11011] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0
[  130.610768][T11011] syz.2.1661: attempt to access beyond end of device
[  130.610768][T11011] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  130.614828][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  130.618056][T11011] syz.2.1661: attempt to access beyond end of device
[  130.618056][T11011] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  130.622512][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  130.626463][T11011] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  130.629230][T11011] UDF-fs: Scanning with blocksize 2048 failed
[  130.631458][T11011] syz.2.1661: attempt to access beyond end of device
[  130.631458][T11011] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  130.635749][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[  130.638900][T11011] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[  130.642041][T11011] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found
[  130.644402][T11011] UDF-fs: Scanning with blocksize 4096 failed
[  130.646321][T11011] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[  131.743351][T11032] __nla_validate_parse: 5 callbacks suppressed
[  131.743363][T11032] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1670'.
[  131.949206][T11044] Option 'อ'M•Oงฑ' to dns_resolver key: bad/missing value
[  131.952521][T11044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1675'.
[  132.175066][T11056] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1679'.
[  132.189289][T11056] bridge4: port 1(ip6gretap1) entered blocking state
[  132.191959][T11056] bridge4: port 1(ip6gretap1) entered disabled state
[  132.194293][T11056] ip6gretap1: entered allmulticast mode
[  132.197372][T11056] ip6gretap1: entered promiscuous mode
[  132.232294][T11056] veth5: entered promiscuous mode
[  132.234800][T11056] bridge4: port 2(veth5) entered blocking state
[  132.237520][T11056] bridge4: port 2(veth5) entered disabled state
[  132.240322][T11056] veth5: entered allmulticast mode
[  132.250843][   T40] audit: type=1400 audit(1750519904.870:728): avc:  denied  { setopt } for  pid=11055 comm="syz.1.1679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  132.288401][T11069] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1683'.
[  132.399631][T11084] overlayfs: failed to resolve './bus': -2
[  132.419294][T11078] 9pnet_fd: Insufficient options for proto=fd
[  132.539474][ T1425] ieee802154 phy1 wpan1: encryption failed: -22
[  132.579326][   T40] audit: type=1400 audit(1750519905.200:729): avc:  denied  { append } for  pid=11098 comm="syz.2.1694" name="pids.current" dev="9p" ino=35913969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  132.586740][   T40] audit: type=1400 audit(1750519905.200:730): avc:  denied  { map } for  pid=11098 comm="syz.2.1694" path="/503/file0/pids.current" dev="9p" ino=35913969 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  132.586804][T11099] netfs: Couldn't get user pages (rc=-14)
[  132.641822][   T40] audit: type=1400 audit(1750519905.260:731): avc:  denied  { ioctl } for  pid=11100 comm="syz.1.1695" path="/dev/input/mouse0" dev="devtmpfs" ino=946 ioctlcmd=0xaa04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  132.686010][T11104] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1697'.
[  132.691333][T11104] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1697'.
[  132.707811][   T24] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  132.711922][T11106] netlink: 292 bytes leftover after parsing attributes in process `syz.2.1696'.
[  132.752061][   T40] audit: type=1400 audit(1750519905.370:732): avc:  denied  { connect } for  pid=11112 comm="syz.2.1699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  132.759955][T11113] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1699'.
[  132.811842][T11120] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  132.852357][T11126] XFS (nullb0): Invalid superblock magic number
[  132.859741][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  132.863100][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  132.866690][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 65535, setting to 64
[  132.872128][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  132.878783][   T24] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  132.882040][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.884504][   T24] usb 5-1: Product: syz
[  132.885850][   T24] usb 5-1: Manufacturer: syz
[  132.893801][   T24] usb 5-1: SerialNumber: syz
[  132.896497][   T24] usb 5-1: config 0 descriptor??
[  132.899001][T11093] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  132.904687][   T24] input: KB Gear Tablet as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input18
[  132.920532][    C0] kbtab 5-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[  133.164331][   T24] usb 5-1: USB disconnect, device number 16
[  133.663950][   T40] audit: type=1400 audit(1750519906.280:733): avc:  denied  { read } for  pid=11195 comm="syz.2.1706" name="msr" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  133.665155][T11196] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  133.673344][   T40] audit: type=1400 audit(1750519906.280:734): avc:  denied  { open } for  pid=11195 comm="syz.2.1706" path="/dev/cpu/2/msr" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  133.755449][   T40] audit: type=1400 audit(1750519906.370:735): avc:  denied  { watch watch_reads } for  pid=11198 comm="syz.0.1707" path="/374/file0/file0" dev="9p" ino=35913877 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  133.827690][    C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  133.874759][T11204] ufs: You didn't specify the type of your ufs filesystem
[  133.874759][T11204] 
[  133.874759][T11204] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  133.874759][T11204] 
[  133.874759][T11204] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  133.885702][T11204] ufs: ufstype=old is supported read-only
[  133.905717][T11202] wg1: entered promiscuous mode
[  133.907393][T11202] wg1: entered allmulticast mode
[  134.035047][T11223] MINIX-fs: blocksize too small for device
[  134.090595][   T40] audit: type=1400 audit(1750519906.710:736): avc:  denied  { write } for  pid=11224 comm="syz.1.1715" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  134.130137][T11227] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  134.212158][T11230] pimreg11: entered allmulticast mode
[  134.363242][T11233] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1718'.
[  134.366212][T11233] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1718'.
[  134.499935][T11238] netlink: 'syz.2.1720': attribute type 4 has an invalid length.
[  134.504906][T11238] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  134.541317][T11240] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  134.543952][T11240] IPv6: NLM_F_CREATE should be set when creating new route
[  134.592139][T11246] xt_hashlimit: size too large, truncated to 1048576
[  134.936222][T11277] NILFS (nbd2): device size too small
[  135.255888][T11315] support for cryptoloop has been removed.  Use dm-crypt instead.
[  135.313900][T11303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  135.322708][T11303] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  135.378465][T11303] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.381444][T11303] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.384338][T11303] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.387256][T11303] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.526865][T11320] hsr_slave_1 (unregistering): left promiscuous mode
[  135.604965][T11326] overlayfs: missing 'lowerdir'
[  135.766812][T11350] veth0: entered promiscuous mode
[  135.770326][T11350] trusted_key: syz.2.1752 sent an empty control message without MSG_MORE.
[  135.773571][T11350] veth0: left promiscuous mode
[  135.776999][T11350] program syz.2.1752 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  135.937938][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  135.940704][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  135.943443][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  135.946180][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  135.949003][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  135.952142][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  136.048621][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  136.048830][   T40] audit: type=1400 audit(1750519908.670:738): avc:  denied  { accept } for  pid=11378 comm="syz.1.1763" lport=57274 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  136.207382][T11392] netem: unknown loss type 13
[  136.211087][T11392] netem: change failed
[  136.324469][   T40] audit: type=1400 audit(1750519908.940:739): avc:  denied  { execute } for  pid=11394 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  136.341263][   T40] audit: type=1400 audit(1750519908.940:740): avc:  denied  { execute_no_trans } for  pid=11394 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  136.467210][T11404] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11404 comm=syz.2.1772
[  136.483825][ T5942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  136.491338][ T5942] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  136.497456][ T5942] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  136.506408][ T5942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  136.513357][ T5942] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  136.670286][T11405] chnl_net:caif_netlink_parms(): no params data found
[  136.742089][T11442] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  136.784944][T11405] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.787295][T11405] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.789750][T11405] bridge_slave_0: entered allmulticast mode
[  136.792715][T11405] bridge_slave_0: entered promiscuous mode
[  136.797840][T11405] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.800326][T11405] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.802910][T11405] bridge_slave_1: entered allmulticast mode
[  136.805609][T11405] bridge_slave_1: entered promiscuous mode
[  136.842942][T11405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  136.852015][ T9765] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  136.859876][T11405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  136.894079][T11405] team0: Port device team_slave_0 added
[  136.897889][T11405] team0: Port device team_slave_1 added
[  136.929882][T11405] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.932155][T11405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.941157][T11405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.945657][T11405] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.949080][T11405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  136.957097][T11405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.001803][T11405] hsr_slave_0: entered promiscuous mode
[  137.004860][T11405] hsr_slave_1: entered promiscuous mode
[  137.007655][ T9765] usb 6-1: Using ep0 maxpacket: 32
[  137.007710][T11405] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.012750][T11405] Cannot create hsr debugfs directory
[  137.015265][ T9765] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.019990][ T9765] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  137.024347][ T9765] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  137.027176][ T9765] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.031353][ T9765] usb 6-1: Product: syz
[  137.032690][ T9765] usb 6-1: Manufacturer: ะท
[  137.034182][ T9765] usb 6-1: SerialNumber: syz
[  137.136633][T11405] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  137.141858][T11405] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  137.145851][T11405] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  137.152132][T11405] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  137.170542][T11405] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.173437][T11405] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.176093][T11405] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.178446][T11405] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.210072][T11405] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.221448][T11180] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.224876][T11180] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.243653][T11405] 8021q: adding VLAN 0 to HW filter on device team0
[  137.250974][ T9765] usb 6-1: 0:2 : does not exist
[  137.252593][T11177] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.254895][T11177] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.257441][ T9765] usb 6-1: USB disconnect, device number 5
[  137.260697][T11177] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.262990][T11177] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.383762][T11405] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.487764][ T6005] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  137.525774][T11405] veth0_vlan: entered promiscuous mode
[  137.531651][T11405] veth1_vlan: entered promiscuous mode
[  137.549797][T11405] veth0_macvtap: entered promiscuous mode
[  137.553837][T11405] veth1_macvtap: entered promiscuous mode
[  137.564202][T11405] batman_adv: batadv0: Interface activated: batadv_slave_0
[  137.572226][T11405] batman_adv: batadv0: Interface activated: batadv_slave_1
[  137.576713][T11405] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.580299][T11405] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.583067][T11405] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.585832][T11405] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  137.617426][T11178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.620213][T11178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.633033][T11178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.635597][T11178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.644105][   T40] audit: type=1400 audit(1750519910.260:741): avc:  denied  { mounton } for  pid=11405 comm="syz-executor" path="/syzkaller.FksggX/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  137.652614][ T6005] usb 5-1: Using ep0 maxpacket: 8
[  137.654061][   T40] audit: type=1400 audit(1750519910.270:742): avc:  denied  { mounton } for  pid=11405 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  137.655747][ T6005] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  137.665665][ T6005] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  137.669194][ T6005] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  137.672234][ T6005] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  137.675348][ T6005] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  137.679709][ T6005] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  137.682523][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.799837][T11486] trusted_key: encrypted_key: insufficient parameters specified
[  137.874971][T11494] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  137.880031][T11494] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  137.883848][T11494] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null.
[  137.890360][ T6005] usb 5-1: usb_control_msg returned -32
[  137.892286][ T6005] usbtmc 5-1:16.0: can't read capabilities
[  137.974170][T11505] __nla_validate_parse: 6 callbacks suppressed
[  137.974182][T11505] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1794'.
[  138.002231][   T40] audit: type=1400 audit(1750519910.620:743): avc:  denied  { mount } for  pid=11511 comm="syz.4.1796" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  138.030879][T11516] Process accounting resumed
[  138.146342][   T40] audit: type=1400 audit(1750519910.760:744): avc:  denied  { map } for  pid=11519 comm="syz.2.1800" path="socket:[39949]" dev="sockfs" ino=39949 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  138.147744][T11533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1800'.
[  138.162478][T11533] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1800'.
[  138.181487][T11537] netlink: 'syz.4.1804': attribute type 29 has an invalid length.
[  138.184333][T11537] netlink: 'syz.4.1804': attribute type 29 has an invalid length.
[  138.187097][T11537] netlink: 492 bytes leftover after parsing attributes in process `syz.4.1804'.
[  138.253118][   T24] usb 5-1: USB disconnect, device number 17
[  138.284405][T11548] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1808'.
[  138.309199][   T71] Bluetooth: hci5: Frame reassembly failed (-84)
[  138.315006][T11545] ip6t_srh: unknown srh invflags 7863
[  138.316986][T11548] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  138.322673][T11548] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65436 sclass=netlink_route_socket pid=11548 comm=syz.1.1808
[  138.451314][   T40] audit: type=1400 audit(1750519911.070:745): avc:  denied  { ioctl } for  pid=11563 comm="syz.0.1812" path="socket:[37777]" dev="sockfs" ino=37777 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  138.457521][T11564] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.462450][T11564] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.547948][ T5942] Bluetooth: hci4: command tx timeout
[  138.713038][   T40] audit: type=1400 audit(1750519911.330:746): avc:  denied  { connect } for  pid=11563 comm="syz.0.1812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  138.919255][T11575] xt_ecn: cannot match TCP bits for non-tcp packets
[  138.922275][T11576] tty tty1: ldisc open failed (-12), clearing slot 0
[  138.965894][T11579] xt_CT: You must specify a L4 protocol and not use inversions on it
[  139.021912][T11580] program syz.2.1815 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.186468][T11582] vlan2: entered allmulticast mode
[  139.188951][T11582] bond0: entered allmulticast mode
[  139.190680][T11582] bond_slave_0: entered allmulticast mode
[  139.192447][T11582] bond_slave_1: entered allmulticast mode
[  139.423986][T11593] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1819'.
[  139.432088][T11593] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  139.452674][T11611] xt_l2tp: v2 tid > 0xffff: 150994944
[  139.513888][   T40] audit: type=1400 audit(1750519912.130:747): avc:  denied  { ioctl } for  pid=11620 comm="syz.0.1825" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x1279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  139.601844][T11623] ptrace attach of "/syz-executor exec"[11625] was attempted by "/syz-executor exec"[11623]
[  139.605857][T11623] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  139.635507][T11627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1827'.
[  139.638906][T11627] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  139.641357][T11627] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  139.735547][T11641] tmpfs: Bad value for 'mpol'
[  139.903406][T11651] overlayfs: failed to resolve 'verity=require': -2
[  139.906656][T11652] netlink: 'syz.0.1837': attribute type 6 has an invalid length.
[  139.907771][T11651] netlink: 'syz.0.1837': attribute type 6 has an invalid length.
[  139.993479][T11660] syz.4.1840: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  139.998332][T11660] CPU: 0 UID: 0 PID: 11660 Comm: syz.4.1840 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  139.998349][T11660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  139.998357][T11660] Call Trace:
[  139.998361][T11660]  <TASK>
[  139.998366][T11660]  dump_stack_lvl+0x16c/0x1f0
[  139.998401][T11660]  warn_alloc+0x248/0x3a0
[  139.998417][T11660]  ? __pfx_warn_alloc+0x10/0x10
[  139.998431][T11660]  ? __pfx_stack_trace_save+0x10/0x10
[  139.998447][T11660]  ? stack_depot_save_flags+0x28/0xa40
[  139.998471][T11660]  ? kasan_save_stack+0x42/0x60
[  139.998485][T11660]  ? kasan_save_stack+0x33/0x60
[  139.998502][T11660]  ? kasan_save_track+0x14/0x30
[  139.998515][T11660]  ? xskq_create+0x52/0x1d0
[  139.998528][T11660]  ? xsk_setsockopt+0x640/0x840
[  139.998540][T11660]  ? do_sock_setsockopt+0x224/0x470
[  139.998554][T11660]  ? xskq_create+0xfb/0x1d0
[  139.998569][T11660]  __vmalloc_node_range_noprof+0xff5/0x14b0
[  139.998587][T11660]  ? xskq_create+0xfb/0x1d0
[  139.998605][T11660]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  139.998621][T11660]  ? xskq_create+0xfb/0x1d0
[  139.998635][T11660]  vmalloc_user_noprof+0x9e/0xe0
[  139.998647][T11660]  ? xskq_create+0xfb/0x1d0
[  139.998661][T11660]  xskq_create+0xfb/0x1d0
[  139.998688][T11660]  xsk_setsockopt+0x640/0x840
[  139.998703][T11660]  ? __pfx_xsk_setsockopt+0x10/0x10
[  139.998715][T11660]  ? __lock_acquire+0x622/0x1c90
[  139.998737][T11660]  ? selinux_socket_setsockopt+0x6a/0x80
[  139.998752][T11660]  ? __pfx_xsk_setsockopt+0x10/0x10
[  139.998765][T11660]  do_sock_setsockopt+0x224/0x470
[  139.998776][T11660]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  139.998796][T11660]  __sys_setsockopt+0x1a0/0x230
[  139.998814][T11660]  __x64_sys_setsockopt+0xbd/0x160
[  139.998828][T11660]  ? do_syscall_64+0x91/0x4c0
[  139.998844][T11660]  ? lockdep_hardirqs_on+0x7c/0x110
[  139.998860][T11660]  do_syscall_64+0xcd/0x4c0
[  139.998877][T11660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.998888][T11660] RIP: 0033:0x7f569858e929
[  139.998898][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.998909][T11660] RSP: 002b:00007f569939c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  139.998919][T11660] RAX: ffffffffffffffda RBX: 00007f56987b5fa0 RCX: 00007f569858e929
[  139.998926][T11660] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  139.998932][T11660] RBP: 00007f5698610b39 R08: 0000000000000004 R09: 0000000000000000
[  139.998938][T11660] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.998944][T11660] R13: 0000000000000000 R14: 00007f56987b5fa0 R15: 00007ffd9fdea2c8
[  139.998958][T11660]  </TASK>
[  139.998992][T11660] Mem-Info:
[  140.085789][T11660] active_anon:30595 inactive_anon:5239 isolated_anon:0
[  140.085789][T11660]  active_file:16389 inactive_file:42193 isolated_file:0
[  140.085789][T11660]  unevictable:1768 dirty:70 writeback:0
[  140.085789][T11660]  slab_reclaimable:10267 slab_unreclaimable:76520
[  140.085789][T11660]  mapped:31829 shmem:31874 pagetables:1441
[  140.085789][T11660]  sec_pagetables:311 bounce:0
[  140.085789][T11660]  kernel_misc_reclaimable:0
[  140.085789][T11660]  free:403485 free_pcp:14504 free_cma:0
[  140.108083][T11660] Node 0 active_anon:78856kB inactive_anon:20956kB active_file:63920kB inactive_file:164352kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:128056kB dirty:276kB writeback:0kB shmem:80868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:15184kB pagetables:5004kB sec_pagetables:1244kB all_unreclaimable? yes Balloon:0kB
[  140.118660][T11660] Node 1 active_anon:36456kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2112kB dirty:4kB writeback:0kB shmem:39560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:336kB pagetables:760kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  140.129168][T11660] Node 0 DMA free:10580kB boost:2048kB min:2388kB low:2472kB high:2556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:288kB inactive_anon:0kB active_file:584kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:316kB local_pcp:8kB free_cma:0kB
[  140.138487][ T6005] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  140.141742][T11660] lowmem_reserve[]: 0 1235 1235 1235 1235
[  140.143602][T11660] Node 0 DMA32 free:71120kB boost:22528kB min:50044kB low:56920kB high:63796kB reserved_highatomic:0KB free_highatomic:0KB active_anon:81080kB inactive_anon:20956kB active_file:63336kB inactive_file:164344kB unevictable:3536kB writepending:276kB present:2080628kB managed:1264732kB mlocked:0kB bounce:0kB free_pcp:23476kB local_pcp:7752kB free_cma:0kB
[  140.153772][T11660] lowmem_reserve[]: 0 0 0 0 0
[  140.155180][T11660] Node 1 Normal free:1535456kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:23436kB inactive_anon:0kB active_file:1636kB inactive_file:4420kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:49336kB local_pcp:1032kB free_cma:0kB
[  140.165053][T11660] lowmem_reserve[]: 0 0 0 0 0
[  140.166592][T11660] Node 0 DMA: 22*4kB (UM) 21*8kB (UM) 20*16kB (UM) 14*32kB (UM) 18*64kB (UM) 16*128kB (UM) 8*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 0*2048kB 0*4096kB = 10880kB
[  140.171824][T11660] Node 0 DMA32: 618*4kB (U) 141*8kB (UE) 64*16kB (UME) 59*32kB (UME) 130*64kB (UME) 69*128kB (UME) 59*256kB (UME) 43*512kB (UM) 10*1024kB (UM) 0*2048kB 0*4096kB = 71024kB
[  140.177219][T11660] Node 1 Normal: 3*4kB (UE) 6*8kB (ME) 11*16kB (UME) 2*32kB (E) 163*64kB (UME) 124*128kB (UE) 73*256kB (UME) 54*512kB (UME) 42*1024kB (UM) 7*2048kB (U) 343*4096kB (UM) = 1535212kB
[  140.182967][T11660] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  140.185904][T11660] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  140.188920][T11660] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  140.191851][T11660] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  140.194718][T11660] 82828 total pagecache pages
[  140.196196][T11660] 2 pages in swap cache
[  140.197660][T11660] Free swap  = 123968kB
[  140.199085][T11660] Total swap = 124996kB
[  140.200393][T11660] 1048443 pages RAM
[  140.201617][T11660] 0 pages HighMem/MovableOnly
[  140.203098][T11660] 282931 pages reserved
[  140.204416][T11660] 0 pages cma reserved
[  140.239107][T11668] openvswitch: netlink: Unknown key attributes 2
[  140.298023][ T6005] usb 7-1: Using ep0 maxpacket: 8
[  140.302314][ T6005] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  140.306191][T11670] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1844'.
[  140.309155][ T6005] usb 7-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  140.309280][T11670] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1844'.
[  140.312400][ T6005] usb 7-1: config 179 has no interface number 0
[  140.312435][ T6005] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  140.312446][ T6005] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.377658][ T5942] Bluetooth: hci5: command 0x1003 tx timeout
[  140.380212][ T5300] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  140.388808][T11687] cgroup: Invalid name
[  140.398392][T11681] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1847'.
[  140.407442][T11681] program syz.0.1847 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.428833][T11689] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[  140.431352][T11689] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  140.544635][T11698] kvm: user requested TSC rate below hardware speed
[  140.615012][T11702] ufs: You didn't specify the type of your ufs filesystem
[  140.615012][T11702] 
[  140.615012][T11702] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  140.615012][T11702] 
[  140.615012][T11702] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  140.626800][T11702] ufs: ufstype=old is supported read-only
[  140.627784][ T5300] Bluetooth: hci4: command tx timeout
[  140.629963][T11702] ufs: ufs_fill_super(): bad magic number
[  140.682007][ T9765] usb 7-1: USB disconnect, device number 10
[  140.688113][T11703] netlink: 'syz.4.1854': attribute type 1 has an invalid length.
[  140.699239][T11703] bond1: entered promiscuous mode
[  140.700918][T11703] bond1: entered allmulticast mode
[  140.708792][T11703] geneve2: entered allmulticast mode
[  140.712474][T11703] bond1: (slave geneve2): making interface the new active one
[  140.715088][T11703] geneve2: entered promiscuous mode
[  140.717437][T11703] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  140.737696][   T24] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  140.909030][   T24] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  140.911902][   T24] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  140.915166][   T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  140.918164][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  140.921670][   T24] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  140.926441][   T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  140.929406][   T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  140.932019][   T24] usb 5-1: Product: syz
[  140.933480][   T24] usb 5-1: Manufacturer: syz
[  140.939280][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  140.941100][   T24] cdc_wdm 5-1:1.0: skipping garbage
[  140.943614][   T24] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  140.945547][   T24] cdc_wdm 5-1:1.0: Unknown control protocol
[  141.139098][   T24] usb 5-1: USB disconnect, device number 18
[  141.238001][T11711] fuse: Unknown parameter 'gup_hd'
[  141.474351][ T5300] Bluetooth: hci4: unexpected Set CIG Parameters response data
[  141.722781][ T5942] Bluetooth: hci5: sending frame failed (-49)
[  141.726714][ T5300] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  142.502779][T11790] binder: Unknown parameter 'norecovery'
[  142.507500][T11791] binder: Unknown parameter 'norecovery'
[  142.588560][  T837] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  142.601266][T11810] bio_check_eod: 3 callbacks suppressed
[  142.601281][T11810] syz.2.1887: attempt to access beyond end of device
[  142.601281][T11810] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  142.609106][ T9765] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  142.609431][T11810] FAT-fs (nbd2): unable to read boot sector
[  142.610427][T11802] syz.2.1887: attempt to access beyond end of device
[  142.610427][T11802] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  142.620649][T11802] FAT-fs (nbd2): unable to read boot sector
[  142.639842][T11813] netem: incorrect ge model size
[  142.641847][T11813] netem: change failed
[  142.737741][  T837] usb 6-1: Using ep0 maxpacket: 16
[  142.742922][  T837] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  142.745751][  T837] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  142.748489][  T837] usb 6-1: Product: syz
[  142.749971][  T837] usb 6-1: Manufacturer: syz
[  142.751577][  T837] usb 6-1: SerialNumber: syz
[  142.754213][  T837] usb 6-1: config 0 descriptor??
[  142.760449][ T9765] usb 5-1: Using ep0 maxpacket: 16
[  142.764061][ T9765] usb 5-1: config 0 has no interfaces?
[  142.766081][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  142.766093][   T40] audit: type=1400 audit(1750519915.380:749): avc:  denied  { listen } for  pid=11825 comm="syz.4.1893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  142.768967][ T9765] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  142.780634][ T9765] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  142.784550][ T9765] usb 5-1: SerialNumber: syz
[  142.792218][ T9765] usb 5-1: config 0 descriptor??
[  142.863775][T11840] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  142.959760][ T6005] usb 6-1: USB disconnect, device number 6
[  142.977644][   T40] audit: type=1400 audit(1750519915.590:750): avc:  denied  { bind } for  pid=11850 comm="syz.2.1903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  142.980698][T11851] openvswitch: netlink: VXLAN extension 149 out of range max 1
[  142.991578][T11851] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  142.994649][T11851] IPv6: NLM_F_CREATE should be set when creating new route
[  143.001945][ T6114] usb 5-1: USB disconnect, device number 19
[  143.021407][T11853] ALSA: mixer_oss: invalid OSS volume ''
[  143.448550][T11872] __nla_validate_parse: 6 callbacks suppressed
[  143.448567][T11872] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1912'.
[  143.454419][T11872] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1912'.
[  143.515635][T11874] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[  143.622377][T11888] 9pnet_virtio: no channels available for device syz
[  143.644238][T11891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1917'.
[  143.703848][T11898] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1921'.
[  143.708277][T11902] tipc: Failed to obtain node identity
[  143.710170][T11902] tipc: Enabling of bearer <ib:veth1_to_team> rejected, failed to enable media
[  143.710204][T11905] No source specified
[  143.796463][T11916] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  143.976368][T11934] SELinux: syz.0.1933 (11934) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  144.036957][T11942] dlm: plock device version mismatch: kernel (1.2.0), user (4207687471.1574799195.3139252685)
[  144.068644][T11947] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1932'.
[  144.089852][T11951] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  144.092238][T11951] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  144.094948][T11951] vhci_hcd vhci_hcd.0: Device attached
[  144.096317][T11955] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  144.097164][T11953] vhci_hcd: connection closed
[  144.101647][T11178] vhci_hcd: stop threads
[  144.104541][T11178] vhci_hcd: release socket
[  144.111448][T11178] vhci_hcd: disconnect device
[  144.130798][T11941] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1932'.
[  144.136434][T11941] sctp: [Deprecated]: syz.2.1932 (pid 11941) Use of int in max_burst socket option.
[  144.136434][T11941] Use struct sctp_assoc_value instead
[  144.258002][T11966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1942'.
[  144.280161][T11967] mmap: syz.0.1943 (11967): VmData 37728256 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[  144.421244][T11974] netlink: 'syz.0.1944': attribute type 2 has an invalid length.
[  144.423982][T11974] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1944'.
[  144.426924][T11974] nbd: must specify a device to reconfigure
[  144.474408][T11979] netlink: 'syz.4.1947': attribute type 1 has an invalid length.
[  144.476851][T11979] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1947'.
[  144.511777][T11984] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1949'.
[  144.554472][T11991] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  144.812303][T12031] program syz.4.1965 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  144.897384][T12042] overlayfs: invalid origin (0000007900000000000000c002000000200000efbeadde0800000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  145.241540][   T40] audit: type=1400 audit(1750519917.860:751): avc:  denied  { remount } for  pid=12072 comm="syz.0.1977" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  145.409644][T12082] netlink: 'syz.1.1980': attribute type 4 has an invalid length.
[  145.416767][T12084] netlink: 'syz.1.1980': attribute type 4 has an invalid length.
[  145.446447][   T40] audit: type=1400 audit(1750519918.060:752): avc:  denied  { setattr } for  pid=12086 comm="syz.1.1981" name="sr0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  145.497784][ T5300] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  145.501811][ T5300] Bluetooth: hci4: Injecting HCI hardware error event
[  145.504169][T12091] No source specified
[  145.505686][ T5300] Bluetooth: hci4: hardware error 0x00
[  145.603522][   T40] audit: type=1400 audit(1750519918.220:753): avc:  denied  { map } for  pid=12102 comm="syz.1.1986" path="/dev/qat_adf_ctl" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  145.617673][   T40] audit: type=1400 audit(1750519918.220:754): avc:  denied  { execute } for  pid=12102 comm="syz.1.1986" path="/dev/qat_adf_ctl" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  145.712447][T12108] bond0: (slave bridge_slave_1): Releasing backup interface
[  145.714959][T12108] bridge_slave_1 (unregistering): left promiscuous mode
[  145.852014][T12115] syzkaller0: entered promiscuous mode
[  145.853926][T12115] syzkaller0: entered allmulticast mode
[  145.863827][T12115] netlink: 'syz.1.1990': attribute type 32 has an invalid length.
[  145.866553][T12115] (unnamed net_device) (uninitialized): option coupled_control: invalid value (12)
[  145.907978][ T9765] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  146.023046][   T40] audit: type=1400 audit(1750519918.640:755): avc:  denied  { unmount } for  pid=5936 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  146.058089][ T9765] usb 7-1: Using ep0 maxpacket: 8
[  146.070518][ T9765] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  146.073881][ T9765] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  146.076992][ T9765] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  146.081757][ T9765] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  146.086214][ T9765] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  146.090005][ T9765] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.295952][ T9765] usb 7-1: GET_CAPABILITIES returned 0
[  146.298080][ T9765] usbtmc 7-1:16.0: can't read capabilities
[  146.942843][  T837] usb 7-1: USB disconnect, device number 11
[  147.327877][  T838] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  147.389316][   T40] audit: type=1326 audit(1750519920.010:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12173 comm="syz.4.2005" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f569858e929 code=0x0
[  147.457694][  T838] usb 5-1: device descriptor read/64, error -71
[  147.528597][  T839] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  147.577753][ T5300] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  147.697617][  T838] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  147.697630][  T839] usb 6-1: Using ep0 maxpacket: 16
[  147.698911][  T839] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  147.706762][  T839] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  147.709742][  T839] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.712275][  T839] usb 6-1: Product: syz
[  147.713673][  T839] usb 6-1: Manufacturer: syz
[  147.715212][  T839] usb 6-1: SerialNumber: syz
[  147.718453][  T839] usb 6-1: config 0 descriptor??
[  147.721032][  T839] hub 6-1:0.0: bad descriptor, ignoring hub
[  147.722914][  T839] hub 6-1:0.0: probe with driver hub failed with error -5
[  147.726646][  T839] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input20
[  147.827783][  T838] usb 5-1: device descriptor read/64, error -71
[  147.948600][  T838] usb usb5-port1: attempt power cycle
[  148.029323][T12183] could not allocate digest TFM handle digest_null
[  148.078180][ T6114] usb 6-1: USB disconnect, device number 7
[  148.150103][T12193] ------------[ cut here ]------------
[  148.152508][T12193] WARNING: CPU: 0 PID: 12193 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.156756][T12193] Modules linked in:
[  148.158616][T12193] CPU: 0 UID: 0 PID: 12193 Comm: syz.2.2011 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  148.164375][T12193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.168344][T12193] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.171346][T12193] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 03 6e 7a 0e 00 75 0b c6 05 fa 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  148.179458][T12193] RSP: 0018:ffffc90004d9f4f8 EFLAGS: 00010246
[  148.182043][T12193] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  148.185394][T12193] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000040dc0
[  148.188966][T12193] RBP: 0000000004000000 R08: 0000000000000005 R09: 0000000000000000
[  148.192117][T12193] R10: 0000000000800000 R11: 0000000000000001 R12: 000000000000000e
[  148.194625][T12193] R13: 1ffff920009b3eb4 R14: 0000000004000000 R15: 000000000000000e
[  148.197123][T12193] FS:  00007f1cac3c86c0(0000) GS:ffff8880d6753000(0000) knlGS:0000000000000000
[  148.202300][T12193] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  148.205121][T12193] CR2: 0000200000001000 CR3: 00000000396c4000 CR4: 0000000000352ef0
[  148.208652][T12193] DR0: 0000000000000007 DR1: 0000000000004e6a DR2: 0000000000000007
[  148.212173][T12193] DR3: 00000000000002d5 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  148.215594][T12193] Call Trace:
[  148.217023][T12193]  <TASK>
[  148.218500][T12193]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  148.221225][T12193]  ? rcu_is_watching+0x12/0xc0
[  148.223250][T12193]  ? trace_kmem_cache_alloc+0x28/0xc0
[  148.225434][T12193]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  148.227841][T12193]  ? hashtab_init+0x1b1/0x290
[  148.229854][T12193]  __alloc_pages_noprof+0xb/0x1b0
[  148.231943][T12193]  ___kmalloc_large_node+0x84/0x1e0
[  148.234105][T12193]  ? hashtab_init+0x1b1/0x290
[  148.236182][T12193]  __kmalloc_large_node_noprof+0x1c/0x70
[  148.238587][T12193]  ? __pfx_ebitmap_read+0x10/0x10
[  148.240650][T12193]  __kmalloc_noprof.cold+0xc/0x61
[  148.242742][T12193]  hashtab_init+0x1b1/0x290
[  148.244707][T12193]  ? __asan_memcpy+0x3c/0x60
[  148.246674][T12193]  policydb_read+0x7b4/0x3220
[  148.248672][T12193]  ? __pfx_policydb_read+0x10/0x10
[  148.250844][T12193]  security_load_policy+0x15c/0x12c0
[  148.253051][T12193]  ? irqentry_exit+0x3b/0x90
[  148.254785][T12193]  ? __pfx_security_load_policy+0x10/0x10
[  148.256940][T12193]  ? _copy_from_user+0x93/0xd0
[  148.258853][T12193]  sel_write_load+0x332/0x1bd0
[  148.260628][T12193]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.262814][T12193]  ? __lock_acquire+0xb8a/0x1c90
[  148.264862][T12193]  ? __pfx_sel_write_load+0x10/0x10
[  148.266963][T12193]  ? __pfx_sel_write_load+0x10/0x10
[  148.268457][T12193]  vfs_write+0x2a0/0x1150
[  148.269721][T12193]  ? __pfx___mutex_lock+0x10/0x10
[  148.271118][T12193]  ? __pfx_vfs_write+0x10/0x10
[  148.272494][T12193]  ? __fget_files+0x20e/0x3c0
[  148.273879][T12193]  ksys_write+0x12a/0x250
[  148.275127][T12193]  ? __pfx_ksys_write+0x10/0x10
[  148.276526][T12193]  ? __x64_sys_dup2+0x8a/0x460
[  148.278019][T12193]  do_syscall_64+0xcd/0x4c0
[  148.279326][T12193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.280974][T12193] RIP: 0033:0x7f1cab58e929
[  148.282203][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.287634][T12193] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  148.289997][T12193] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  148.292233][T12193] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000007
[  148.294566][T12193] RBP: 00007f1cab610b39 R08: 0000000000000000 R09: 0000000000000000
[  148.296990][T12193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.299693][T12193] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  148.302101][T12193]  </TASK>
[  148.303301][T12193] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  148.305652][T12193] CPU: 0 UID: 0 PID: 12193 Comm: syz.2.2011 Not tainted 6.16.0-rc2-syzkaller-00278-g3f75bfff44be #0 PREEMPT(full) 
[  148.309037][T12193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  148.312057][T12193] Call Trace:
[  148.313025][T12193]  <TASK>
[  148.313909][T12193]  dump_stack_lvl+0x3d/0x1f0
[  148.315247][T12193]  panic+0x71c/0x800
[  148.316375][T12193]  ? __pfx_panic+0x10/0x10
[  148.317675][T12193]  ? show_trace_log_lvl+0x29b/0x3e0
[  148.319160][T12193]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.320882][T12193]  check_panic_on_warn+0xab/0xb0
[  148.322305][T12193]  __warn+0xf6/0x3c0
[  148.323438][T12193]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.325239][T12193]  report_bug+0x3c3/0x580
[  148.326487][T12193]  ? __alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.328209][T12193]  handle_bug+0x184/0x210
[  148.329458][T12193]  exc_invalid_op+0x17/0x50
[  148.330772][T12193]  asm_exc_invalid_op+0x1a/0x20
[  148.332171][T12193] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0
[  148.334233][T12193] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 03 6e 7a 0e 00 75 0b c6 05 fa 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8
[  148.339746][T12193] RSP: 0018:ffffc90004d9f4f8 EFLAGS: 00010246
[  148.341506][T12193] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  148.343755][T12193] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000040dc0
[  148.345996][T12193] RBP: 0000000004000000 R08: 0000000000000005 R09: 0000000000000000
[  148.348255][T12193] R10: 0000000000800000 R11: 0000000000000001 R12: 000000000000000e
[  148.350503][T12193] R13: 1ffff920009b3eb4 R14: 0000000004000000 R15: 000000000000000e
[  148.352655][T12193]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  148.354513][T12193]  ? rcu_is_watching+0x12/0xc0
[  148.355949][T12193]  ? trace_kmem_cache_alloc+0x28/0xc0
[  148.357543][T12193]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  148.359150][T12193]  ? hashtab_init+0x1b1/0x290
[  148.360474][T12193]  __alloc_pages_noprof+0xb/0x1b0
[  148.361945][T12193]  ___kmalloc_large_node+0x84/0x1e0
[  148.363422][T12193]  ? hashtab_init+0x1b1/0x290
[  148.364893][T12193]  __kmalloc_large_node_noprof+0x1c/0x70
[  148.366517][T12193]  ? __pfx_ebitmap_read+0x10/0x10
[  148.367970][T12193]  __kmalloc_noprof.cold+0xc/0x61
[  148.369433][T12193]  hashtab_init+0x1b1/0x290
[  148.370737][T12193]  ? __asan_memcpy+0x3c/0x60
[  148.372107][T12193]  policydb_read+0x7b4/0x3220
[  148.373486][T12193]  ? __pfx_policydb_read+0x10/0x10
[  148.375005][T12193]  security_load_policy+0x15c/0x12c0
[  148.376527][T12193]  ? irqentry_exit+0x3b/0x90
[  148.377870][T12193]  ? __pfx_security_load_policy+0x10/0x10
[  148.379503][T12193]  ? _copy_from_user+0x93/0xd0
[  148.380880][T12193]  sel_write_load+0x332/0x1bd0
[  148.382265][T12193]  ? lockdep_hardirqs_on+0x7c/0x110
[  148.383775][T12193]  ? __lock_acquire+0xb8a/0x1c90
[  148.385201][T12193]  ? __pfx_sel_write_load+0x10/0x10
[  148.386715][T12193]  ? __pfx_sel_write_load+0x10/0x10
[  148.388162][T12193]  vfs_write+0x2a0/0x1150
[  148.389392][T12193]  ? __pfx___mutex_lock+0x10/0x10
[  148.390841][T12193]  ? __pfx_vfs_write+0x10/0x10
[  148.392224][T12193]  ? __fget_files+0x20e/0x3c0
[  148.393622][T12193]  ksys_write+0x12a/0x250
[  148.394854][T12193]  ? __pfx_ksys_write+0x10/0x10
[  148.396200][T12193]  ? __x64_sys_dup2+0x8a/0x460
[  148.397658][T12193]  do_syscall_64+0xcd/0x4c0
[  148.398935][T12193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.400587][T12193] RIP: 0033:0x7f1cab58e929
[  148.402277][T12193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.407582][T12193] RSP: 002b:00007f1cac3c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  148.409883][T12193] RAX: ffffffffffffffda RBX: 00007f1cab7b5fa0 RCX: 00007f1cab58e929
[  148.412394][T12193] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000007
[  148.415103][T12193] RBP: 00007f1cab610b39 R08: 0000000000000000 R09: 0000000000000000
[  148.417244][T12193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.419488][T12193] R13: 0000000000000000 R14: 00007f1cab7b5fa0 R15: 00007ffd4ae6b1b8
[  148.421673][T12193]  </TASK>
[  148.423226][T12193] Kernel Offset: disabled
[  148.424449][T12193] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:31:59  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff855b8b95 RDI=ffffffff9b087320 RBP=ffffffff9b0872e0 RSP=ffffc90004d9ee60
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000032 R14=ffffffff9b0872e0 R15=ffffffff855b8b30
RIP=ffffffff855b8bbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f1cac3c86c0 ffffffff 00c00000
GS =0000 ffff8880d6753000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000200000001000 CR3=00000000396c4000 CR4=00352ef0
DR0=0000000000000007 DR1=0000000000004e6a DR2=0000000000000007 DR3=00000000000002d5 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000002fefc02 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab611c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab784488 00007f1cab784480 00007f1cab784478 00007f1cab784450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cac2ed100 00007f1cab784440 00007f1cab784458 00007f1cab7844a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1cab784498 00007f1cab784490 00007f1cab784488 00007f1cab784480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000046 RBX=0000000000000001 RCX=0000000000000001 RDX=0000000000000000
RSI=ffffffff8df0bee0 RDI=ffffffff8c157960 RBP=0000000000000002 RSP=ffffc900027b6fe8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000007c4f
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000
RIP=ffffffff8b8023ce RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6853000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fa021ae7d60 CR3=0000000032ab6000 CR4=00352ef0
DR0=0000000000000007 DR1=000000000000009b DR2=00040000ffffffff DR3=0000000000000009 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa020f846a3 00007fa020f846a3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdb373d750 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557443bc96 000055557443a340
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555574436572 0000555574435900
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010fffffffffffff 04048004019c1000 060171ce01000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000002fffd020000 0000000000000000 000002fc00871800 6c130360dd8615aa
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 aaaaaaaa010000c2 80016c0804800302 8e08001080808080 8086100014100006
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 016fd60010000380 0401080006015bc4 00080003e0030010 0003d00300100003
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2182a5c4376a7097 2933a8b04ad54b9d 1a8acf40f15cbca0 8e7837b4c7443623
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=000000000015d6f5 RBX=0000000000000002 RCX=ffffffff8b801c19 RDX=0000000000000000
RSI=ffffffff8de19fc0 RDI=ffffffff8c157960 RBP=ffffed1003bd6910 RSP=ffffc90000187df8
R8 =0000000000000001 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000001
R12=0000000000000002 R13=ffff88801deb4880 R14=ffffffff90a81550 R15=0000000000000000
RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6953000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3c5cd5 CR3=000000003b562000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004144 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000010000100 Opmask01=0000000000000000 Opmask02=0000000002fefefe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd9fdea650 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000167f4d RBX=0000000000000003 RCX=ffffffff8b801c19 RDX=0000000000000000
RSI=ffffffff8de19fc0 RDI=ffffffff8c157960 RBP=ffffed1003bd9000 RSP=ffffc90000197df8
R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001
R12=0000000000000003 R13=ffff88801dec8000 R14=ffffffff90a81550 R15=0000000000000000
RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d6a53000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000110c3be3ef CR3=0000000034adf000 CR4=00352ef0
DR0=0000000000000007 DR1=0000000000004e6a DR2=0000000000000007 DR3=00000000000002d5 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000014 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b12
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b1f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b19
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611b2d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611bb3
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698611c91
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698784488 00007f5698784480 00007f5698784478 00007f5698784450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f56992ed100 00007f5698784440 00007f5698780004 0008000f0010000a
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5698784498 00007f5698784490 00007f5698784488 00007f5698784480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000