last executing test programs:

18.698563898s ago: executing program 0 (id=1428):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x43, @empty}, 0x1c)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x32, 0x0, 0x0)
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x42, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x28, 0x66, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x7c56c988f0195595, 0x6071, 0x0, 0xe7, {[@generic={0x8, 0xa, "80000000001e004e"}]}}}}}}}, 0x0)

18.630170495s ago: executing program 0 (id=1429):
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0xc64, @empty, 0x80}}, 0x2, 0xfffd}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f00000002c0)=@ethtool_cmd={0x4f, 0x5, 0x8, 0x4fec, 0x4, 0x8, 0x1, 0x4, 0x2, 0x3, 0x95, 0x400, 0xfff7, 0x8, 0x6, 0xc3, [0x1, 0x9]}})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14"], 0x14}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @cgroup_sysctl=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x1, 0x64f, 0x6, 0x6, 0x0, 0x2, 0x6, 0x8]})
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, 0x1c)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 4)

18.629379988s ago: executing program 1 (id=1430):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00'}, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000faffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffc}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x200000}}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x2f}, 0x94)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000740)={0xffff1e9d, 0x8e, 0xf, 0x2, 0x2})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

18.541645558s ago: executing program 1 (id=1431):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002400)=ANY=[@ANYBLOB="400000003c0007010000000000400000017c00000400fc800c00018006000600800a000008000280040072801400070008"], 0x40}, 0x1, 0x0, 0x0, 0xc000}, 0x8d4)

18.470284725s ago: executing program 1 (id=1433):
r0 = open$dir(&(0x7f0000000380)='./file0\x00', 0x480, 0x20)
readlinkat(r0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000480)=""/219, 0xdb) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x11}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:mac\x00'}]}, 0x54}}, 0x4000000) (async)
sendmsg$IEEE802154_START_REQ(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000d0000000500070012000000050018007f00000006000800feff0000050017000000000005001a000000000006000a00ffff00000500190004000000050007000700000005001b00ff0000000500010001000000060008"], 0x6c}, 0x1, 0x0, 0x0, 0x18000}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, r2, 0x1, 0xffffffff, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000140)={0x0, 0x80000, <r7=>0xffffffffffffffff}) (async)
connect$netlink(r1, &(0x7f0000000200)=@kern={0x10, 0x0, 0x0, 0x4000}, 0xc) (async)
r8 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0)
lseek(r8, 0x7, 0x4) (async)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_DEFER_SETUP(r9, 0x112, 0x10, &(0x7f0000000040)=0xfffffffc, 0x4) (async)
ioctl$DRM_IOCTL_ADD_MAP(r7, 0xc0286415, &(0x7f0000000180)={&(0x7f0000ffd000/0x1000)=nil, 0x1, 0x0, 0x48})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000001340)=@framed={{0xbe, 0xa, 0xa, 0x0, 0x0, 0x79, 0x10, 0x8}}, &(0x7f0000000000)='syzkaller\x00', 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff06}, 0x94)

18.470042259s ago: executing program 1 (id=1434):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x2018018, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
unshare(0x22020400)
listxattr(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f0000000140)=""/4, 0x4)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(0xffffffffffffffff, 0x0, 0x40894)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x105000, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0xc}}, './file0/file0\x00'})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f00000002c0)={[0x7f, 0x0, 0x80, 0x9, 0x3, 0xc, 0x7, 0x81, 0x0, 0x68, 0xffff, 0x7, 0xa, 0x4, 0x100, 0x8, 0x5, 0x400, 0x9, 0x17ee, 0xd, 0x6, 0x8000, 0x4a, 0x80, 0x1, 0x3ff, 0xe7a, 0x5, 0x4, 0x7, 0xd, 0x4ed, 0x0, 0x3, 0x7, 0x10000, 0x6, 0x9, 0x10000, 0xe504, 0x2, 0x27, 0x1, 0xfffffffb, 0x2a3, 0x8000, 0x397, 0x0, 0x1, 0xc24, 0x6, 0x4, 0xe929, 0x4e468a6b, 0x9, 0x6, 0x3643, 0x4, 0x1, 0x10, 0x5, 0xfffffffc, 0x400, 0x0, 0x9, 0x6, 0x800, 0x6, 0x3, 0xfffffffb, 0x8001, 0x3, 0x1ff, 0xfffffffd, 0xfffffff7, 0x0, 0xe, 0x3, 0x1, 0x6, 0x3, 0x80000001, 0x9, 0x2, 0x2, 0xc3d, 0x143, 0x0, 0x1, 0x4, 0x8b82, 0x50, 0xfffffff9, 0x6, 0x8, 0x7, 0xaa62, 0x5, 0x1, 0x8, 0x8, 0x7, 0x32f2, 0x3ff, 0xbbb6, 0x1, 0x2, 0x7, 0x4, 0x7, 0x3, 0xb0b, 0xffff, 0x5, 0x5, 0xacb7, 0x24, 0x9, 0x1000, 0x4, 0x7, 0xfffffff7, 0x7, 0x7ff, 0x1, 0x2b13, 0x6, 0x2, 0x0, 0x8, 0x40, 0x401, 0x4, 0x8001, 0x0, 0x4, 0x7, 0x7ff, 0xe, 0x2, 0x4, 0x9, 0x4, 0x3, 0x7, 0xffffffff, 0x9, 0x8, 0x6, 0x2, 0x7, 0x3, 0x80000001, 0x2, 0x8000, 0x4, 0x9, 0xb861, 0x3, 0xfffffffd, 0x2d5, 0x5ac, 0x44, 0x24ce4ec7, 0x7, 0x9000, 0x2, 0x7, 0x5, 0xcc, 0x7fff, 0x0, 0xa84, 0x401, 0xfffffffa, 0x9cc, 0x0, 0x3, 0x1, 0x7, 0x80000, 0x9, 0x1, 0x7, 0xfff, 0x7fffffff, 0xffffffff, 0x6f63, 0xa0000000, 0x800, 0x6, 0x6, 0x1d, 0x80000000, 0x7ff, 0x60000000, 0xe, 0x2f, 0xfffffbff, 0x6, 0x8, 0x4, 0x4, 0x4, 0xf, 0x8, 0x71a7, 0x80000001, 0x6, 0x40, 0x2, 0x200, 0x80, 0x1, 0x4, 0x0, 0x2, 0x4, 0x49, 0x5, 0x9, 0x5, 0x2, 0x1ff, 0x100, 0x0, 0x2, 0xb, 0x4, 0x5, 0x3, 0x8d, 0x0, 0x101, 0x8, 0x0, 0x10000, 0xeef, 0x2, 0xfffffff7, 0x100, 0x7, 0x6, 0xe, 0x1, 0x8, 0x5, 0x2, 0xad, 0x1, 0x7, 0x5, 0x9, 0x80000000, 0x8, 0xff, 0x2, 0x7, 0x8, 0x2, 0x40, 0x200, 0x51, 0x1, 0x3, 0x7, 0x0, 0x200, 0xffffffda, 0xfffffffa, 0x100, 0x7, 0x8000d, 0x4, 0x9, 0x3, 0x7, 0x6, 0x10, 0xe, 0x7f, 0x3, 0x1, 0x5, 0xa, 0x6, 0x2, 0xfffffff7, 0x1ff, 0x7, 0x7fff, 0x3, 0x8, 0x6, 0xc, 0xc6, 0x40, 0x5, 0x7, 0x2c, 0x7, 0x81, 0x5, 0x6, 0xc1, 0xdae3, 0x5, 0x5, 0x1000, 0x9, 0x3, 0x2, 0x5, 0x300000, 0x1, 0xd, 0x1, 0x71, 0x1, 0x9, 0x8000, 0xc09, 0x9, 0x5, 0x3, 0xc, 0x17, 0x6, 0x9, 0x4, 0x2, 0x7, 0x8001, 0x9, 0x7, 0x6, 0x9, 0x6, 0x3, 0x1, 0xd, 0x8, 0x2, 0xd189, 0x4, 0x80000001, 0xfff, 0x9, 0x7e, 0x1, 0x50a, 0x6, 0x75, 0x3, 0x5, 0x5f4, 0x8001, 0x8, 0xd45e, 0x0, 0x7fffffff, 0x91, 0x87e0, 0x5, 0x0, 0x4, 0x9, 0x2, 0x80000000, 0x7ff, 0x9, 0xfb3, 0x1ff, 0x8, 0xf, 0x7, 0x3, 0x4, 0xfffffe01, 0x0, 0xc, 0x1ff, 0x40, 0x5, 0x7, 0x8, 0x80, 0xc, 0x451, 0x7fffffff, 0xfffffffd, 0xfffffff8, 0x8, 0x3, 0x9, 0x5, 0x0, 0x3, 0xffffff0d, 0xf, 0x8, 0x1, 0x9, 0x3a, 0x7, 0xe, 0xf, 0x6, 0x6, 0x7fffffff, 0xece3, 0x2, 0x4, 0xffff, 0x2, 0xfffffffd, 0x8, 0x0, 0x80, 0x81, 0x1b5, 0x3, 0xe, 0x2, 0x401, 0x3, 0x1, 0x5, 0x5, 0x80000000, 0x2, 0x3, 0x6, 0x1, 0x1, 0x7, 0xff, 0x7f, 0x2, 0x1, 0xd0000000, 0x3, 0x7, 0x4, 0x6, 0x4, 0xc6, 0x80, 0x100, 0xfffffffc, 0x6, 0x40, 0xc6, 0x5, 0x4, 0x4, 0x7f, 0x1160, 0x3, 0x8f69ebaa, 0xf115, 0x6, 0x9, 0x5, 0x9, 0x10000, 0x8b32, 0xf55f, 0x8a4, 0x2, 0x100, 0x8, 0xd, 0x7ff, 0x1c32, 0xe, 0xfffffff0, 0x9, 0x30000000, 0xe, 0x8, 0x4, 0x6, 0x3, 0x7, 0x7c4, 0x0, 0x6, 0x9, 0xb304, 0xd68, 0xb, 0x1, 0x98b, 0x9, 0x71d7, 0x100, 0x2c3c, 0x1ff, 0x0, 0x5, 0xf630, 0x9, 0x8001, 0x1, 0x3, 0x10, 0x5, 0x8001, 0x40000000, 0x8, 0x101, 0x7, 0xa, 0x4, 0x3, 0x5, 0x6, 0x401, 0x711, 0xc, 0x6, 0x5, 0x7fffffff, 0xffffffff, 0x2310, 0x4, 0x5, 0x9, 0x9, 0x4, 0x9, 0x91, 0xb2b, 0x9, 0x100, 0x3, 0x5, 0x100, 0x9, 0xb, 0x7a5d, 0x0, 0x4, 0x100, 0x300, 0x80, 0x9b8, 0xd, 0x1, 0xd, 0x7d5, 0x4, 0x1400, 0x7, 0xa40, 0x6, 0xfffffffc, 0x40, 0x6, 0x3, 0x8000, 0x4, 0x244a, 0x1, 0x8, 0x4, 0x6c, 0xbd, 0xed, 0xa0, 0xfffffff9, 0x5, 0x200, 0x4, 0x5, 0x2, 0x6, 0x2, 0x4, 0x0, 0x4, 0xa, 0x8b6, 0x9, 0x200, 0x80, 0x7, 0x9, 0x0, 0x6, 0x9, 0x4, 0xfffffff7, 0x8, 0x2, 0x9, 0x372, 0xc8, 0x1, 0x7, 0x4, 0x1000, 0x80000000, 0x2, 0x0, 0x3, 0x4, 0x7, 0x8, 0x1000, 0x81, 0x4, 0x8, 0xb971, 0x800, 0x5, 0x6, 0xe1, 0xdca, 0x3, 0x2, 0x1ff, 0x90, 0x200, 0x80000001, 0x1, 0x5, 0xb7, 0xbcaf, 0xffffffd5, 0x3ff, 0xfffffff8, 0x8, 0x1, 0x8, 0xc09, 0x800, 0x8, 0xd45c, 0xe8f, 0x400, 0x7, 0x9, 0xd135, 0x7, 0xc466, 0x8000, 0x6, 0x6, 0x2, 0x1, 0x7f, 0x7, 0x3, 0x4, 0x5, 0x6, 0xaf2, 0xffffffff, 0x2, 0x1, 0x63d2, 0x5, 0x9, 0xfffffff9, 0x2, 0x6, 0xb1b, 0x3, 0x8, 0x0, 0xc, 0x4, 0x0, 0x2, 0x5, 0xffffffff, 0x2, 0x0, 0x7fff, 0x80000000, 0x3, 0x1, 0xf, 0x4, 0x5, 0xfffff001, 0x0, 0x0, 0x8, 0x368, 0x10000, 0x9, 0x9, 0x65, 0x6, 0xd, 0x0, 0x10, 0x8, 0x320, 0x40000000, 0x8, 0x0, 0xbe6e, 0x1, 0x0, 0xffff, 0x3, 0xfffffc00, 0xffffffff, 0x2, 0x1, 0x0, 0x5, 0x6, 0x6, 0xffffffff, 0x1, 0xfffffff4, 0xabb, 0x3c000, 0x6, 0x8, 0x7fff, 0x8, 0x7fffffff, 0x4, 0x6, 0x9, 0xffff, 0x5, 0x0, 0x0, 0x8, 0x1, 0x9, 0x972, 0x28, 0x4, 0x1, 0x9, 0xb, 0xfffffff7, 0xb7, 0xa, 0x2, 0x5377, 0x2, 0x7, 0x5, 0x7fffffff, 0x1, 0x2, 0x1, 0xfffffffc, 0x9, 0x2e5fd874, 0x1, 0x1, 0x8, 0x40, 0x4, 0x9, 0x6, 0x7, 0x9, 0x0, 0x10000, 0x0, 0x231, 0x2, 0x1, 0x4, 0x0, 0xfffffffc, 0x4800, 0x2, 0x1, 0x4, 0x6100, 0x8, 0x80, 0x6, 0x2, 0x10, 0x9, 0x10, 0x1ff, 0x9, 0xe, 0xfffffffa, 0x4a5, 0x2, 0x8, 0x9, 0x4, 0x9, 0x63, 0x1000, 0x0, 0xa, 0x9c, 0x7, 0x9, 0x1, 0x4, 0x80000001, 0x7, 0x9, 0x7000000, 0x11, 0x7, 0x80000001, 0x5, 0x7ff, 0x4, 0x400, 0x4, 0x5, 0x4be, 0x439c, 0x2, 0x0, 0x3, 0x9, 0x7, 0xfff, 0x66a0de64, 0x2, 0x400, 0x5b, 0x0, 0x1, 0xc481, 0x7, 0xc0, 0x64d09d13, 0x1, 0x1e31f5b3, 0x0, 0x7, 0x3, 0x3, 0xa4, 0x55a7, 0x2, 0xfffffffc, 0xfffffff4, 0x8, 0x3, 0x6, 0x3, 0x6, 0x2, 0x4, 0x4, 0x5, 0x4, 0x2, 0x8, 0x80000000, 0x7, 0x10000, 0x7, 0x1, 0x7, 0x6, 0x0, 0x10, 0x80000001, 0x6, 0x6, 0xbe55, 0xfffffffb, 0x9, 0xffffff80, 0x1a6, 0x0, 0x80000000, 0xf208, 0x2, 0x6, 0x5, 0x8, 0x5ea, 0x8001, 0x3e, 0x2f9f, 0x4, 0xd, 0x9, 0xfffffff8, 0x2, 0x9, 0x3, 0x7, 0x3f1, 0x3, 0x6, 0xd, 0x5, 0x47e, 0x5, 0x6, 0x9, 0x8, 0x5, 0x3, 0xa1, 0x6, 0xfffffc01, 0x8, 0x8, 0x10, 0x6, 0x65af, 0x9, 0xd3965bf1, 0x5, 0x40, 0x4, 0x10001, 0xf, 0x7, 0x8, 0x70, 0xfffffff6, 0x33b, 0x80000000, 0xff, 0x2, 0xfffffffb, 0xb, 0xffffffff, 0x5, 0x5, 0x3f9, 0x1, 0x1f, 0x9, 0x1, 0x200, 0x9, 0x46c8a4cb, 0x7, 0x0, 0x1, 0x5, 0x6, 0x29c, 0xc67, 0x3e, 0x6, 0x1, 0x6de5, 0x0, 0x2, 0x1, 0xffff, 0xffff3b80, 0x1, 0x390, 0x5, 0x2, 0x8a, 0x4, 0xe, 0xa2e, 0x6, 0x4, 0xb8d, 0x9, 0xc, 0x3, 0x3, 0x3, 0x8, 0x0, 0x1, 0xfffffe00, 0x6, 0xf05, 0x5, 0x7, 0xfffffff5, 0xb, 0x800, 0x4, 0x800, 0xfffffffc, 0x4, 0x81, 0x5, 0x3, 0xa7, 0x1, 0x1, 0x4, 0x3c6, 0x5, 0xffff0000, 0xb0, 0x68, 0x2000b, 0xfffffffc, 0x3fe, 0x7e2c, 0x9, 0x6, 0x7f, 0x3, 0x6, 0x7fff, 0x8, 0x4, 0x6, 0x4, 0xa, 0x5, 0x4, 0x8]})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r5, &(0x7f0000006b40)={0x2020}, 0x206e)

18.420333455s ago: executing program 0 (id=1435):
syz_open_procfs(0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f0000000140)=[{0x6, 0x8, 0x8, 0x7}]}, 0x10)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x8})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r2, 0x100000000)
sendmsg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000780)="ea", 0x1}], 0x1}, 0xc010)
sendmsg$inet6(r1, &(0x7f0000000240)={&(0x7f0000000000)={0xa, 0x4e22, 0x6, @private2, 0x40}, 0x1c, &(0x7f00000005c0)=[{&(0x7f00000007c0)="352e483261098d68ed0ee11076fcf51c897902ade7424c81b4408060c6c43dd1a669c0eb16ef24781d9dbd60fb4dcd2199fbd4913bfead9f5e66f74445053afedfbae884180d69e08b01d03c56b51a561b918fd48eab29b40ab097fc389e95db85679249809d7637afde32356294f6071959a3db271519536a00bee02a5b8217add85f2261dedda32104540c977f9380d78b11d8c819127bbbf33837a658ccc5ce51ab40d9760cd325b76226f60c38f510b8f16e56555797e487c1c387c4ce27b9c434a73b07abf105b98443d8bd5e405b30447f32b0ede4a77a41b022f8de6cab298f663ac6d99e316d1b57943d076cffcf139e2cc193d4122d98dccbdf02944303508dbff2bde56c88d63a7a4c09b8737bc64e5acd2bc5ec4214491817f2055cdae4c1617bd6a948058302a50ea62309a339398b56d80e56b5f62b09a464192113f8a5bddb65f7eab6579281cadd60ea08c7fbaaccea85c843bdd2df380273a7584d2ab586015da4de1bafa38cb8ade667d3b56ef8eb34e913bc92bc13eb895759b7a047e85926940dee056066ffa105f81e69b4670bb1b120aab1b467f4aca84efc3a61f22a06a1c1a7476ade1737d3f8697637fa2a8fb7ce5c53b1f64c52f9c47587f8e867b7d1c2fb04a3203a0b1435d938dfa83594157719fe5b228b2bbba2c5d40cdf3ea8e8238d94dfafb14ae880c6335bf9935d3d63c4bd03a77f67655042a58b39408260968bad7e008539540ac35c77998faf8589fc9bf86c70e3914242b65a801c6abc5ce19abc27154573b7122b5651e3bdb6a1a1808b3323f46abeffeb1f03a1c631bc5d92b73b147bf2ff759d472ce0e86ef96190a365e6138f323a28053835d893aa5333cfd5558becaa05346d0108b59e253ee174e15e5f16a653eaa4937108d1a674b8df893485852bebf39ef487b88d8b52330a9b64df5bee7c37771d4897b2825d0167cebd103d37238ae68ba734b738bde0e5ffba9d9e6641e914ae32da6de904bfe7a8fd65ab9c9f9d9d123bd1b88fa326602638e8e474583a17bc4b57996a84b17defa363b6cc7b8eed1e5af99b205a33edac757f9c93c1a0a967cdb815a089bbca3c9d8f1f56bf99fae3d1240a215a12714d283ffe89b1ff64228b95680acdd45956accc13d6c175664765c3e4fd0d03939b93c06f031e4df130f0152ad2f935bd929f23c47d5c2badb2d8b4f3ca982972bacf577e438d359004114d704533dbddad1d5a8e568194f630fd211aa7f36c4ac2dbb265d06b67b044ab50bb2227e4f01b04670350e0de407da1c8bec8d17d5d44a255987dd0a8ce04eb726ee51ed4fee8fb4ee723ea270461a210db6f543d3a6a4265688b62d811e7e94c12d3e7616d9eaca004721cb0e2ffe31bed2a7bc0d2d33155bf633de685f739d0dfa695038d60c73ee103dd0ca1236dfc77431c3818719b4bb2b207dd801725fcbb4367c51205e34977050af99ad4f7848771f33ab1178e965495deb881629ba3e70526fd33ab583d74d7c191a799b7a00c820929f7e482676ed9aace54a4ef4de77292ecb344e57b4136367947858e2d78ee90fddd3dfa04730623e865ed34394b7e77172af8f3246242a004cf1fb497d66ce02c484d90af9cd10cdb15129aba7efb42b09360084e6978fbc2b9930162f25ca3b217140f6f26023cffe2e143d3851b5b89b871c095550e1b18d4afec5a6cd075c239e5fc8b81224cf05f393936bb2ea323128ff52e0f6ec0cfda199d877151b55b43cbfdc346585cc1435308b4c162e25b4a0659b680aa57dbda0dafc65c31da9f9ef23f232c5e3a542ae9ba207ed5458407d681d983d53ded68274cdc3479234dc5cca282b0b9ee1ea8ccae646d8b30dbe3af7c3932f3327ccabd3453328a2c87236b943db1cc12d94df2f0500b903386189b483834e96797ecaf9e8b6d42a67f9928c3820f03d6dfe1143da3cd01aa5a397acd195b329f1dcb37123e5ba591e8645237f2ae144104275ab41da2a3413983f41aa4855e4673227ad67fb78bffd54b2720775188c6edf2aaa92c34eb926145b637d3ed832ee9b1ba95379e1e45cd4388c93fd8e244ab1ce6fc5ca09fac526f573f8ae103b742205d5b54deaf9bede6ed415bfe7bd57013856a58aa9835a5764733001426369d3ee51cc67c93e03fa0ed5cf234515325dfc67f1dab7a05d9889a41274617853eb6ccfa968fd3137fee493cea64e6ae4ed552735fb01cdb90ec726ca7f4cc6ad01e8be79c8fe84c03ae14043c9d70d9b773038d13fac78eb9e7eba975408fd9b4fcbbef689427c94cf8b3e7faeb3bc6e7af11ac5aced507b8847c713b871afc70b4d899c515c13c5b71c71021af3aea217f66daf94482a3c594bd8fabc96fa5e99edefbc19fabcd391e055b887d302c9b1712c8bdf24a78b21931a361ad88010d7280d7221bc4e86f9e3fbbaada106b94d7e5f3e0b615356fc537ad2b8178e713cbd07ed3c980ccf4a00006dc5ceddecc55bb17d94f205f2f4dee3cabd3fa3d8f0415e75cb54d4b4cba86b75a035025197e81b9a1e2d71c98b16082b2004f6928d5cc21ebee213d3ebe8425c2499207e478f003b6c533f7260ee3774c5825b5886872dae5b165781e5ce935b3ff518dae242640a8fe7144960a07ca85e7f44bb4c422caea45d5672dab260ed6d37be4039eb7dc6d3ed9acd022798d6ad028282f0ffceee0d3f223cc8427fe21f57638a53d623d0750459c200bee014314e1b6b4deb4ba0d847009c73029fa4178db49f3dc8f2e0652d232e5d4663e8f72e5c7194bb69e35ff98c911dbddb3b2658468e322b024a524c51f22e96c5916dd7a2e37cbe9244f8647fe99c2fc295b40c27d0e6d80ee21770bba4fe9baa48c3ba26001472b3bcf644ff6ab566e668e339ae82f39ae411c4848ae9003f15aa5dd3239d7d314b858bf27a560217a9f5b9545fb860ed129c18b9a74ac96fe0f07c500d52742d344e1656020dd14503f76c72e95c80ed2cb847de70bef668fea49da36efcb9440ecbd3bdeb1e48367f9fed73a1a2b7b444075644baff0c8ec4d55ed59ba9ad0984d6c4151589a1a5f63f1507e77fd81835b9efdaf830f3ef1cef3ee6047573124ffccf09d494b340f2a9eb3ee992ab86cc7b5d51329f0b3d99e3bd0518f45afcbf7c32e1b1e2a99bb6129cb39cd772af7106c0b06504e8d4d193acd62f41cbbbb753966612190e9fa8d0851c89bae9ea5e368d12a0c935751a7f3cbe5ac1bec68418dcd4445d955454322bc683e78140fe92d19dc0210dcf9d0131635a75ab011d05ce031b84cd0be9c34b549c610bcc7f46e6ef4976a98cea520d47c58c6578da5f342588f15ac9cda6bf4a4cd2ae35aad9401c48f6ecc50fc137104bd9addf52f81d1c833c5751ee9ed99004f6d4d4ee2ce95587762440619fa4e4062eff79c302e97a2896d75eeae97e7f43e328ad34e129f3877677e91abbc170607e0705b690c0475cddff974a4ce457b0f6b7d71cdfd3e34345353ff951293ffa35e4c82570d8b3d40d417c1b072b6b4542dfc8b39369ddaec41a426263151f368dc7419d8e45f2fd3d5758c6f0fb00607317ff8c3c67f03812c7eea3da2ea087d7a6258b368d8daf13dbc519320cf14d988aa1b6f9460ff291a4093d5b6078481892fb245e8c6e3eddeee8fac35977e18ca0bd4b6f4220053a1b929d57aaee48091fae1167bb66c8e5967c129e5e3518bc64645ae1cfefda878d05128150e55a515551e2911e3f86fe6dd32df30ad5934f6481f1277c97f5937b7cfc3c71fd3d7238206a6a1f63ab998dde461ae3f49c771c1205ebcc90c4e1f6b84f57497bc1c8006ceb4b473c0158cb8bd0872eaadcf15b23ce0e6f40f65346ee3bd7e053447a3ac6a2f09dcef18b7ba4dfe6c4cae2a1ea28cf8bb583a2d08c165169dcb704e25c64af77a87f67506a1081877b0c9f1ea60cfb8d593e23f11c643805d70f75d39567ec5b363c84eb53ba989f190833235e72a0e887b02cba4175a8d63715f598953a2de9eaf7f2ac3d6a1bda0efd4fbac803f1f51ef16317b2b08ca79978c9bd486800e1d5543903c9c463226434a921f37de49e7a5c3ffe5ab0eb5f4cb8f6d772f88d27c6144d6fdbd1373e47d4cceba253f4c43eee6084be0ad45f56655b4e407197cf3a882cc29f553047911e6e494ea777414968ea551678304362b98101efe6613a0145822fbbc46f0ea1965e6ffdab362b678032fe1dcb5d07a77a747ad0be1beb1af28d5da5258d1577f54a294f28e39c46253525dbed3484cadae9d22bbd3bb8f5de2a7a2f670fcfe9209a3d9f8155c97b2ff5df3984cc42f7db7a96246c9dcbc4b60c138856a12c5d97f63daaa237b03e7971ba2b4d1bc1df033e17eb73e3799c5bbd7e266c7cd4317c68d56158dd87b789cc0cee9fcd30e9358b170c559237e81c2eba6089a177b7f9fbe1acc49478d20d76f0f27dae91c2fc0c5f477eb4622c29700bc373e2f8509a51817939e1c337b8b5e169192ca7b68ffd5fd6c6a271226dcc4f6db8ce3dd747e1fc0b9be0e9ef3fb238553caceb35d9277df7501f22b8124e80c139169e887b65e5764ad83129dbcd1f24ce45cff3fbf7a3c1d04c546aee8e90c13bce57ed3ab9e90cc1d588831095f8caa151ff12b5678249a993030ff1bec30412082889675205f43198f849cac021327ece494bbae8aa9a8acc9d057c88c16b1a0bfaedc4ccc5c9e26b0d0cbb094301c43e917fa20231045da2d58f3004fd5efb33e08cb1b52840baffa8fd3f2c498477d6499b466eb54a10d086072eea262d6017483d8854312407e2fb761c0d4b1ea88f88773dcd8149892fcab556f8cabb9b0cb79a061f6ac1e8673c1248d3c1716c5a2a0e4632f6cba723cccb2a64e34b84e33b95064ab563c8cbc17285858effea5067a6a0f53a541c7db64e18337c0cc86f111feefb1afbdbee997ef810a931bc8863578f52e8ddf372ae45774b98e06c0c9da4b0d799f7b6948b42cb634c9ba59b24bd38890a6aa4810010afd3254e0af8e30d70feb639b0faec6bea46c54b34656ae20a6931ec557b9a3dcbea7be5a18d6fef9a2ae655c0a6342d386aa68cb821b365624fad83d5cd860f8a18be788ee9b686c9cb5159f7e9e8fac465d0ea93700ecb7693d0d57c63f58717b95bb08447cf7a25740e46afea4ba60cfe13bae9b31f13a81e789db1c3a7a1822f95a1cfc4dd107d6b783381495e4427111417c75cebbad81e0aeeb561f387dfc70a2dfe408b96772b944f992eeb568737437318b5cc71201d471b0600b3dda14fe608a16208519282a20ef8854fc3b50925e9ab5a220d2c3e4289a03e1ab2fef3d42d24a4e8fda900cc22cfc6aa66fb58a4a21d03b31d9210be60aa37c6e90f0ad0f569d3726caf2484964b8e703fc2e83861fae62ecc24fef60648d3b2feba6b07fe51c2ede657ffef8cc486a5760aeb1f4a3b71716bd74dfcc692250112bbc92be25b100eee1f5b4c6f596e50969582d36fca8e0c6bfe4c050aecfae9daa99769e2e2cbf9661d7c88126e64bdc04738fbda7edd837a62d00e89134cefb83ece693dc6d4a0d3e07dd86af8ced062bac52169d061448f22ae7fd5d656c88e4924701f4bb7d99d7ff05ec5de5e5f32b4194b820447dbd2053c65a5201f360a30bd54b39a50f354c551314efdf186cfeafc6e9e8829e9362f13dc2b2eb33aa6cc8fc4c0f652f4382c87003ae0ec505396b07540774eb32f20afcc73469c81c4cbdea4398548a8b9685784873c6bba4c7e8e0acb55c17a1361d988911401dc88734ee4f0c10c060", 0x1000}, {&(0x7f0000000380)="ac1f4d252ab1f63acb486b52a7d3930ddd2ff62cc1cb1a3cb7b46c91632436145a36b1d67dc85f864c18d7fcd377729b5f0f0597ef079cac0de58bd9b7d6aa485c605c966d4116ed2ae585dadf3df5f68ed8e08a289bac32ead57eebd1da54925df2f476a1812e55b116f7a3a03138df1be388ece6a7b694db04396f80e4a840867bfbf418cf41a0f038f5a73503150d5db39d3e566ec1fc9dfc9c3b201460383058f6bc5330854683e66a9749b734deef312a59308ff709e3e63654a56a1a7476d647cf761b7d0978c1dd21ddc563765b59ce474202aa0ee738102e53a5ac4ef659221f318fc0f51bcef51b9c8d6bf628a87e0495b9c6496ac2d6e131ca61", 0xff}, {&(0x7f0000000040)="663c58191a938805af319224c09c9ab000f9", 0x12}, {&(0x7f0000000480)="380c1697fa2d38e05639da999c9c7656655e88f09e6b852f1d1efeb220666d766fdce94ffec7c6c0bcff18f609941d8a22cbbc48789c07c50bacea9c8c8113f296d34714633f5f3bedc3d64237ebd64ca0d5a1ed94a946b920fc7f4306a25e14ec7a6316e68595e6ffd5b2c891563ed5ec9083e4ff2f65a5f8ee562a989fb145e0cf1df88b080dcb963343fe7a42cafe7ea48ad4d4e14d1548c96427f24040161922f03178d65195ba8e7c1f3084dde20da7e9fa7e47cf5217d1dc43d0b409627efe343e77f8ddca4fd4413fc1728396622e2bb5cd4fa66b06a0f74d83c33c640c2fc1dd2b68f1a17fe607c0eb0245", 0xef}, {&(0x7f0000000080)="ed606a44220823ef734510a8211566a2ed34f2b45a94c44ba8750633c02143408101c9ed3735a78aa3a2b6e9596199feb3", 0x31}, {&(0x7f00000000c0)="f0fd7790e5b957e74f4d22253801f134e55e4acd4035be90c80bda2fdc7ca8541006712afa0fc63d784dbddf3e99bb36d36c191d", 0x34}, {&(0x7f0000000180)="030512", 0x3}, {&(0x7f00000002c0)="3251b8df5a1356ad56c1cf01e461055160ea5df831460fdb4ab898f2ebe2d21c5d9cd6daad01594bec97dab69f70c554f7d8c9fd03596e14ce2615effce8542276", 0x41}, {&(0x7f00000001c0)="e0733bbddbc8746e95c82f1994d1aa0f31b19e166806d83b71bd12e0597b62ef10d893cdd15c9ff5aa53b7f3db747a0dea2702727f", 0x35}], 0x9, &(0x7f00000017c0)=ANY=[@ANYBLOB="580000000000000029000000390000006c08000400000000fc000000000000000000000000000001ff010015000000000000000000000001ff010000000000000000b80000000000000029000000040000000013000000000000077ffa3743bc2c262a8e27800f12b717d0f01d19efb708ddce097c50b0546f99862b01adc2d445aa4f7c67f4ceae099fe726200ee94f10ad99b8e4fb1a32bc9623e65c347c8ed8aa5b93dfdf0e0ecd15aca1222bf365e02db05ad37639c6f4172aa5f3b6579f7a596b718c45e09ed6e8fc781208cebd2e4571c14b544f27b01db4000100c910fc020000000000000000000000000001010300"/258], 0x110}, 0x4000000)
close_range(r0, 0xffffffffffffffff, 0x0)

18.320222526s ago: executing program 1 (id=1437):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000002, 0x13, r0, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000002380), &(0x7f00000023c0)=0x4)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8880}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x2826e, 0x40, 0x2, 0xf1})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000740)=[{&(0x7f0000000d80)=""/122, 0x7a}, {0x0}], 0x2)
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
io_uring_register$IORING_REGISTER_FILES(r3, 0x1e, &(0x7f0000000000)=[r3], 0x1)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
syz_init_net_socket$ax25(0x3, 0x3, 0xce)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r4, &(0x7f0000000340)=""/212, 0xd4)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1400000001010101"], 0x14}}, 0x40)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x26, &(0x7f0000000000))
fcntl$lock(r6, 0x25, &(0x7f00000000c0)={0x2, 0x1, 0x7fff, 0x2e})
recvmsg$unix(r6, &(0x7f0000000480)={&(0x7f0000000080), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/110, 0x6e}, {&(0x7f0000000800)=""/169, 0xa9}, {&(0x7f00000001c0)=""/80, 0x50}], 0x3, &(0x7f0000000300)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x20000)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000340)={0x53, 0x6, 0x106, 0x8, @buffer={0x0, 0x8d, &(0x7f0000000500)=""/141}, &(0x7f00000005c0)="9eb07acda0b2313a0f0bf5d599415e1203ab7ae5aab29cdf88037a965ec7fe54fc469066dbccba990277b4f2dc031bb21133b63143620bb7232ffd8caa964305a2cc39d80d4e2101709dd98c8efdbb4ad8277c3509195e7a9ad7fc27dd792292f82d9e7c92a566633d00fb569fdbc191884215e0409d09551410c5fc702b5a23007dbbd2275803d40de887a9c05dbe1874afd35da5b42dc584e0970dcff45d663a5353becd46286b47492592e59b008994e16c75411b3c95061e202fb9460799f6bcdca9b66e5327af03da870cd6e2939f5e1a6ebfd13a5ccda48b1c9880e75da294a1160aa97d46d462ae0cff569de4b9e4741d25b5e13cb1978412848fdd7e115d8a6cd948", 0x0, 0x2, 0x2, 0x4, 0x0})

18.213251597s ago: executing program 1 (id=1438):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000500)={0xa4, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f00000001c0)=ANY=[@ANYRES64=r3], 0x6)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x2f, &(0x7f00000002c0)="c5469e3602c607ca68b5", 0xa)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r4)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000ffdbdf251f0000000a0001007770616e31"], 0x20}, 0x1, 0x0, 0x0, 0x48800}, 0x24000800)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xc, 0x7, 0x3, 0x1, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x1, 0x3], 0x8000000, 0x49340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18.176088712s ago: executing program 32 (id=1438):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000500)={0xa4, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f00000001c0)=ANY=[@ANYRES64=r3], 0x6)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x2f, &(0x7f00000002c0)="c5469e3602c607ca68b5", 0xa)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r4)
sendmsg$IEEE802154_LIST_IFACE(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000ffdbdf251f0000000a0001007770616e31"], 0x20}, 0x1, 0x0, 0x0, 0x48800}, 0x24000800)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xc, 0x7, 0x3, 0x1, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x1, 0x3], 0x8000000, 0x49340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17.520393938s ago: executing program 0 (id=1445):
mq_open(&(0x7f0000000a80)='\'\xf5@$*\x00', 0x40, 0xb, &(0x7f0000000ac0)={0x8, 0xffff, 0x1, 0x6})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r2, 0x6, 0x1, 0x0, &(0x7f0000000000))
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000000)={0x2c, 0x16, '\x00', [@hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @calipso={0x7, 0x20, {0x3, 0x6, 0x4, 0x7, [0x624, 0x3, 0x14]}}, @enc_lim={0x4, 0x1, 0xb6}, @generic={0x2, 0x75, "64700b73972af6918f5a2fa11a4898489faa6e8f89afef0ee5c0ecc2838b2f5b2eb452fe99dafffd1214a38f19b67bc9ece6dce1043d536368848ea8606a0108680da463fa76b7621fba9a95f42d13d7bfec6be9cdb3152ec7d4cbeb8d3323db2553842f40caec19ac0cfe66f4bb26421b3b762b89"}, @pad1]}, 0xc0)

17.519969905s ago: executing program 0 (id=1446):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1fe, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000200)="f0480fc7080fba6dde193ef083800060000000c442d0f3dcc4e1fd63e92e660fc7b6d25200000f01c8c4e16decdb0f20c035200000000f22c00f238f", 0x3c}], 0x1, 0x20, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 4)

17.250436067s ago: executing program 0 (id=1447):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x9, 0xa}, {0xfff3, 0xfff1}, {0xb, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080) (async)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000b00"], 0x10b8}, 0xff00)

17.196882823s ago: executing program 33 (id=1447):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x121, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x9, 0xa}, {0xfff3, 0xfff1}, {0xb, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000090}, 0x4041080) (async)
r4 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000b00"], 0x10b8}, 0xff00)

3.316948706s ago: executing program 2 (id=1685):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x4, 0x1}, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ac0200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000014001a80100005800c000580080001", @ANYRES8=r2, @ANYRESHEX=r3], 0x2ac}}, 0x0)

3.316184842s ago: executing program 2 (id=1686):
r0 = socket$nl_route(0x10, 0x3, 0x0)
migrate_pages(0x0, 0x6, 0x0, &(0x7f0000000100)=0x9)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r1}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

3.160048265s ago: executing program 2 (id=1690):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f00000002c0)='2', 0x1}], 0x2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000001180)=ANY=[@ANYBLOB='quota,usrquota_inode_hardlimit=7'])
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000002d000100000000090000000004000080350011802f"], 0x4c}], 0x1}, 0x20004840)
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000000)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x3)

3.060262197s ago: executing program 2 (id=1691):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1}, &(0x7f0000000200), &(0x7f0000000240)=r0}, 0x20) (fail_nth: 5)

2.739910644s ago: executing program 2 (id=1693):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="0fa2440f20c066350e000000440f22c0d21566b9800000c00f326635010000000f300f01c966b9800000c00f326635000100000f30660fda7600f2ab0fc77181660f001b", 0x44}], 0x1, 0x70, &(0x7f0000000000)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a00000c}], 0x1)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001500)=ANY=[@ANYBLOB="020300031a0200000000000000000000040019000000000004000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000080000000000000000000000bb000000000000000001020900008000009f457827197cdf3f602dac49322300ba3a95ecddbba9806cccbdcaa927c38329dce7a6b21a355716b1ef3ae34753706cfc27e219340d14d9cd7c2ea97920234bb8641295893bd10ed893cbbc5660c7b3b20dc71b503d4dd0f997ea68c66748745594be5bdb66f4002169ec18ec3c46c24fe043089a929aa428fa585bea30ff1fc5672a5d0f4954fbe336d8fd0a87e1bffe963a5d4b5c9d7ba36d67f1ca65567b448f8fd18608cdb1d690fede396adcd625fd54d423c1eee3fedeeca5f46599817a0bbc9ba2ef7dbfb1fcbb759649168913d5b5653051f574f798c4418635e6e4cdabdf86aa55c3911644a8c3192afd567ff13f0206e9b5c7d6e6468139d6aa3732845d08a0140f0e46c72ccb3a02f308276ffc0bd83f08cefa080dff064830f3d39b3f0a83b5241e758255b41c0911c5f79c8d52fbdbda32c762530adab8b21ad97cf328dbc1ff5713779b95a9101266fdd1a124dfeaa8f267b374a3b178c08a55c571611575c86fd808c63975d46f83de246a1c5ad4d69a722123cbd0d098be3bc354f4e88170adada25552ca65ddf8f37bcbda47b90a79f1b2b4b5253a978dc49487e50373a06d88ed3c1cf5214783a29b6aef9a2ab17b8d8465a482790d3e2b98fb5ef27bedb1ec5d4d8ce4e90c56f8c65ea28a47838456b74f6ca5f89cfad6efd0c0d93ade021edf89ddec19d669d43eb8cd25a1e503d3877c633682e1062d6777f266ab58cffc6998d0d84183b4b4b55b6456d4d98826088f3dc830bba9d4ffea46bd7cfbbcb16fcdd294732e7f4f5e9c504aee38c7d9127f093870371c84fb0029ff14f8c181367029f15fe74f7340027e24afc2729e682d5664d838b1ab75f8baa0bf29082014fca6c7b132fb2042a22c0a95e1952ca3b1eefdf8fe4c6b84d78552b2eb8789ad046b1f413d95e51edc8901fd5b3e2adc4ccf72eeb1955c0611551518c8e30cbc6e0b16ecee4a9a8cafd82351439a04735502833e969d1860f746568f2bd2e4799d51e0c83b5d1f6fa095f08d1f15ac44b838bce309d1bd23236eebdf4367ba2eb559f486b79b91104d1b1d76b5816f85d1544342941af9640f3ed5f352bb94d166b5ce13590704813c9bb4548f57ade90e8d3572c3fdbf7150fd54d4948b85e27e2687debace7f8a651a98b2f0f35476b053077b57fb2a2ee547a50d804e0c81d5983336c7b70ec4fe0613b4dccfa8c7b7a9009c9719d3d048a29334be093acb34685957e16021a881d1faa88e24112d1303eff7a505975f4d26e12fb457178157cef70ebef6e8f9d7d2602ce5b2e9ddb7df23d25c1612d847b84a00556fb5c571f5df8554ae66fd2af13fbd0b2f9681601f83d677440f0cedc44debc01ba2caaccad7f3c275c1837d521b2c299df408456e227987772074638917613acdb80197839e9adbfc4d89fd6b27f55834196fe4db948b147b2f18f6518ebde33e6eaca1c7768ac636b66454aa68876edf40f975e82edb51849fffe02e16a1067cb4fb76f27642c8bbc41e13db45d758ea43d44f231e23d991be4f4b3e5476b40fd2de549c6cdee52c3ae2fc0ae88a1153d688e40c1b153df41e86b665b16b83d838409890eb83514cce2e359f776cbce511ca09fc991401b55f0bef3e4ef6654094de00a8761e76f46433af97141af68d6a978b903f2f2b43f2e822d6e659ee66e95907a83f0a21cf5614576b670c73f4d7e31cd5ce183700245fb8cab169c62b43922827d1b6d29786b138f85a2f81edbe53b9a9c3d63f2df99808cf0406b3b34bf87364af5f0e6c95fcfd648773a064a905d10a714f2f38025ede1384f0d865f1887afac783d5af07dff119a2d257e8b1c4ae25050c27df96adabaa39945a5359de4b55b1693871f34095d0bb36b6b2c16d3333d67f1386dfe88cfeba883f1219f82e43aad5be6aa20b6b68b40af82494a33298df01f9de914a21d1fe3a46a6243c3eb31f741c41765b216ab941c231c247cece02af8111bd1f2c8a740bf842c78ff090da53e38040c42688f03feab9b744320723cd19a0234a7b54a49569020f3f2fbfc706e63907f0ee368bc329962da0030845d624f5a09fb7eaa02615aec00c4c752daf7858a9a531b3733f8ed7595796171e76bc69f6d3d71a270f87986f1521b0b882cc2827d16a69fce9b99c9102d896360b762045dcb44765dde2562a1afab08fc6fe96362c4f1dd08f1f6fe651a8fed13ec7e5bbf5a43f0563edf9b35d8f8619c881e96213ffc6d763314e5c9e4c6ece38e158e557c9ac32f6036fb458f0d1cdb27b600fdc53b3f412bd5982fed4c2cfbe51ed83985cfa26984867d0366ba822a537af43e5f48a596c1a87a099256c8e71f9bb40568a380cc0bd772c383a4410ca6b452fd0fa7262ccf63b1617b30fb3b4e5a1d08b037bfea54ebc970ce19fe609f954831f5463dfb5e8408bf44b4bd404fb05bfbd55a0a10f9b61d7c530ee8c9622f224d53e2e575c0b2778c908e5892e65d86498e380aad97f22b659ff0c35946b209da56aec351e9cf130faa661e0e3c5be114aa751c3eb4fa2f698ab17a157dbcd359d481c54d9d1ba3a46f0c9c9c7c622f6eff7008797bb63010e7879b4a3d54e97f3edfe6f8650ab4d6c07535c58f67b816ae304cd8a167c47cf03fccddda57655e2bc5020d35bac7486626221fcea7ebfeeefd8a3cd77aee1fcf89b46a56d59cd74b1ffcc7d81f92c7f5b70b44a85ce5dee902e1eb3c07465ebefd6d6c7e2edfbd527456ec3737ee45f6b10c323504a2dbbcfb4fba1df0f34455a5de4721e87ac3bf3b885f7c9e260caa4c1a0dfe78a9ea4f1539e265c0c7dc9a76bbff0457161e1280fe164405ea9a594339e0da7df125060b2394f9ed3b6695ae3396cafa59d8a20d4bf94923766e86123da4f358e6b18fa0f829e21ac3060ba6d68c71dcdafff803214ec817d43f9a1f0edc54c7b6cec87e8436a8891c786bb1e78411f6fc728a26b40156e15ba972597f0700ccc226e0d150ef61fc0c16f1dbfd529811d4cecd4e0ee8727a87f1f66390843fdea530a2a222d022985c76f37f2281f9320ab0f0cc068c33c5d008afbc9da0e8a294e71b3b662b9773457bb0574383633e7e25cb5679250011c13b259bd0fb71fc844c5825a3c723228d6d53139c23f846026816ec4c7b8fa610d0808291c3660a21f09351951ce5f9a19cb72c667d88f2b70932f4abfb8adfca6a23635dcb8ac85c8eb1934cf9edc6c96e3e9a4fd0953d6b00cc3c27f2f8bb5ea69780d981e0d7f30a0061f790d512a434888482cd4a4b9aebf7bdac56adfaca07cab8e7163ccdd8b049f2242b04e594374e82d8710b87051ab1bdf454e91005bd06c454cdd1a8308aba84d44c037246fbaa45b2b5b91a9728d5b4333abe74fbb67d0fda39be79267f43d97cb3e291d412a370791e31132879c277ffcffbd63cbb83800b9ef428a0fa30f935723273e6c7803b06db05c211c3c70223db365c5a15f0e62cd2eb2b451c66182f2a9cd49ec16ae279ab42e75ab0016a22d971fa6ae39375336acbd444e165912913e67dc5e06a44ece8a902d16d0080197d2c88b1a743c2711eca6ec1900c24dfd802d13e795780dfcbfa5a85bef3188f7421cc0cc02f3adc84e53809280c1be645f3fbffa45c75d7fb6a5babb24598c1743f0b2f5e7092828145f425ea013190021775c7647e86a7fb6d42dbfb4148187820ef7fed7a7863b2fefcac1b15d542fe4214869b5b3a5b2fc82b70e287f67e1d7f79e0dd0dd7eab61eafcc26d9cdde1545718af75d538c4c1689692e72752834dbc6c17e21b24cddd5f7d1f0f856ae9849184ea87d6b042d95f0ab2b20e50a9c639e2d69210f420797d7e902a527e195c732634be1ee48b4e4cfea126a74f091a514c69524fb76b989f827fd52244a5571ce716e52c6072c9cd69535bd7c1d6cd9c676659d07e5c59b3de9fca876abb0f0720471fe9755e44d38949ce68549dff9d40c5415387c51c87ea6ede496dfa2a6af396fe3bb5ec4daf7a02014488775ec04dc8036fe493df58c4c3f03eaa5a76de097d67ae7001b73fcfd68debd2d2ae1d1dfeac7dc5232c3c9c18d8e9e31f63efa5dae87ca5908e05a0d68574dd84ba9a0cb2e1c34bc4bf7cb3581548f97533023ae6951809534f1a99bc3d476248c101f7955a03479c919ff49b320a6902d1a6ffe0ff0fa335854eb0283aefcbb97b85ed5456cd238d5c5d67b55aff5310e0eba89c7aed3b4fb223ef0cec6d852a00ab2e8e05bcc27f73e1b3f3debd728d33389277a05ae09a7ccb271fa7551f4362bae89f4ee5e64fb553dd0c63ee2fe5fe0c09e06a093d2fb97ad01b0fedc41e20d4a97f5582b7a410f9254faa515bfd6a4889567469ee3cf49232ea8481770419d1182dcd517162aa91fe915b13d5c7de3b1f536c513e6f230d6f95ccf2d67d2301f87eba8fbf5ca8a458d098dae953ffc205b377ba7a84c9d4988c4960e0263c24bba7cd9544f4e30e98209844d83cc47a95517a3f43026a7a37d7b1a15f3d66e5f722f0be401eb292783acf574883bf1d773f7ec583fd71bf5ea8afb391eb11c9a5d788864ad2244f1062868f1fb0dbc3eea208fc7f1f10146b9035c2e12b087ef97879f9989d39afe55ca8c94fda81195ba4643e8083e80a739b1a3041c0499f4f7492c527befaf9ea37a4113fa3d5e6a57075ff27bfaebf058f1bb397f51ee0e29bf05e2ab7ac370afa6d8e0621914709679e390d06f00f9a4bf6f95a754eb7b1dca62cd486db7611080dc826ce2101e7fe5a2dc43b3013e459681deaa36446a17924ebad972202ac3a1d37aee5844349186730ed042f31ed2739ed78e9f03f884706ff7f960bb34276d6b75b0b9030babae3838291a35e11996420bb37fd114398c15ed3235b2f3e27165cfcd51b70635fd060bff85d82680625a229f7a1dc1b24bc43e9af3a0ed7369193d2f5dbb6a38d532d16d8d8c52695d66414d94be775d06654c03f9bc36d81d82e37142d43658e91834ce8b7d36c23a30a1210db79afb6a8abda1222dda5a5a68433136749804f8436faad0daa22252670caba28c23bfb3d988d841c1675608f6ec478e1c67c5d882caedddb9b44f668f3b807ccc0d60e2460b980e7a402790869878dade02e523686c650520395b95d2c0b898909a036e3407d798f0d2047489802e8af6d260c83621b6611f31ebc27e255cfba2ec39e9a1ed4fefe5580977894eae2327a96fcb0f53b73283e9ec6f84dbc75dca95e870b55e62d22a1f06cac3ae79a721c65afeaffcdf630cac40a1aecd91fd714ee1def90bd679cb65201e00ff629b9a79092de36c7b283d39a219772b90f19965e71239821fae770e5bed9afa1d854e039f00fa9562bb9d29b1f22376b9ef92565554cd2a2fe7a300d3c7aec8ed12d53b92d7b2ba94bd180855558376f44dc0c2109d6ce081ffc1d0ca9b44520a57e176443f8bcb79d9888a6aa22709accf7da3ff65621c9e78dc1f8ecc0b8cd3a2128643b4ca5e3a28a5a401daa4a29d12dfd55c1175e45c04a3c3a3aca9cd0e0702e7a15360b002c39959d3bfae08d20c89208176aad19c79e1cee8c4a2e03e617c39661d8a824c50d99a07791d30a399ae4563c28857c17ea3a46ac8f1e1bdd76c3a7b8b5cf90164006fb598a97dd4ce014968a9b9896f0f9dc04e241c9d25e63202c564ddd94ed9889dd8cef59f8e66841ee97925ecdd366c64a70d9f37d4a3fd35141f5a529c559f8094adf95e69eea9779fa4ee3ccb25af8fab17b1e0d870e5c8535b60cca0080e33632dfa4e330ae4977787064dae459a9b70200010000000000000000000000000005000500000000000a00000000000000fe880000000000000000000000000001000000000000000005000700000000000a00000000000000fc0100000000000000000000000000000000000000000000020013"], 0x10d0}}, 0x1050)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r4, &(0x7f00000001c0)=[{&(0x7f0000000040)="4f3bfde51b257f40", 0x8}], 0x1)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000440)=[@rdmsr={0x32, 0x18, {0x19a}}, @wrmsr={0x1e, 0x20, {0xbb9, 0x6}}, @code={0xa, 0x6a, {"2e400f01cf44d9f866baa00066b8000066ef410f088f0848ed34eaadc7442400d23f267cc7442402fe370000c7442406000000000f011c24660f3882a797683777670fc75cdbce460f38cd9a757b0000f30fc7b43cdcf50000"}}, @code={0xa, 0x5c, {"6747d9fb0f2373470f019b0000c0fe65d9f543008eeb7400003667f3466fc48119140fc441fc2bb70b000000c74424003ee100b9c7442402fd000000c7442406000000000f011c240fc72b"}}, @rdmsr={0x32, 0x18, {0xac9}}, @wr_crn={0x46, 0x20, {0x3, 0x81}}, @wrmsr={0x1e, 0x20, {0xa1d, 0x8}}, @wrmsr={0x1e, 0x20, {0xada, 0x13b}}, @code={0xa, 0x60, {"0f0139b805000000b9d9ab00000f01c148b8f91b0000000000000f23c00f21f83501000c000f23f8b9260a00000f3266ba2000ed420f3265410f30266636f23ef2460f90e12e440f01ca66bad004ed"}}, @wr_crn={0x46, 0x20, {0x8, 0x1}}, @wrmsr={0x1e, 0x20, {0x9cd, 0x3}}, @wrmsr={0x1e, 0x20, {0xb79, 0x8}}, @wrmsr={0x1e, 0x20, {0xc0000103}}, @wr_crn={0x46, 0x20, {0x8, 0x1000}}], 0x276})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)={0x38, 0x3e, 0x1, 0x7fffc, 0x4, {0x1}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@nested={0xc, 0xf, 0x0, 0x1, [@generic="12ccbd379ce6cd69"]}]}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00\t\x00'/20, @ANYRES32=0x0, @ANYBLOB="04000d800800010002"], 0x24}, 0x1, 0x5502000000000000}, 0x0)
r7 = socket(0x2a, 0x2, 0x0)
ioctl$SIOCSIFMTU(r7, 0x8932, &(0x7f0000000080)={'dummy0\x00'})
dup3(r2, r1, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="0fa2440f20c066350e000000440f22c0d21566b9800000c00f326635010000000f300f01c966b9800000c00f326635000100000f30660fda7600f2ab0fc77181660f001b", 0x44}], 0x1, 0x70, &(0x7f0000000000)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a00000c}], 0x1) (async)
socket$key(0xf, 0x3, 0x2) (async)
sendmsg$key(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001500)=ANY=[@ANYBLOB="020300031a0200000000000000000000040019000000000004000000000000000000000000000000000000000000000005000600000000000a00000000000000fe8000080000000000000000000000bb000000000000000001020900008000009f457827197cdf3f602dac49322300ba3a95ecddbba9806cccbdcaa927c38329dce7a6b21a355716b1ef3ae34753706cfc27e219340d14d9cd7c2ea97920234bb8641295893bd10ed893cbbc5660c7b3b20dc71b503d4dd0f997ea68c66748745594be5bdb66f4002169ec18ec3c46c24fe043089a929aa428fa585bea30ff1fc5672a5d0f4954fbe336d8fd0a87e1bffe963a5d4b5c9d7ba36d67f1ca65567b448f8fd18608cdb1d690fede396adcd625fd54d423c1eee3fedeeca5f46599817a0bbc9ba2ef7dbfb1fcbb759649168913d5b5653051f574f798c4418635e6e4cdabdf86aa55c3911644a8c3192afd567ff13f0206e9b5c7d6e6468139d6aa3732845d08a0140f0e46c72ccb3a02f308276ffc0bd83f08cefa080dff064830f3d39b3f0a83b5241e758255b41c0911c5f79c8d52fbdbda32c762530adab8b21ad97cf328dbc1ff5713779b95a9101266fdd1a124dfeaa8f267b374a3b178c08a55c571611575c86fd808c63975d46f83de246a1c5ad4d69a722123cbd0d098be3bc354f4e88170adada25552ca65ddf8f37bcbda47b90a79f1b2b4b5253a978dc49487e50373a06d88ed3c1cf5214783a29b6aef9a2ab17b8d8465a482790d3e2b98fb5ef27bedb1ec5d4d8ce4e90c56f8c65ea28a47838456b74f6ca5f89cfad6efd0c0d93ade021edf89ddec19d669d43eb8cd25a1e503d3877c633682e1062d6777f266ab58cffc6998d0d84183b4b4b55b6456d4d98826088f3dc830bba9d4ffea46bd7cfbbcb16fcdd294732e7f4f5e9c504aee38c7d9127f093870371c84fb0029ff14f8c181367029f15fe74f7340027e24afc2729e682d5664d838b1ab75f8baa0bf29082014fca6c7b132fb2042a22c0a95e1952ca3b1eefdf8fe4c6b84d78552b2eb8789ad046b1f413d95e51edc8901fd5b3e2adc4ccf72eeb1955c0611551518c8e30cbc6e0b16ecee4a9a8cafd82351439a04735502833e969d1860f746568f2bd2e4799d51e0c83b5d1f6fa095f08d1f15ac44b838bce309d1bd23236eebdf4367ba2eb559f486b79b91104d1b1d76b5816f85d1544342941af9640f3ed5f352bb94d166b5ce13590704813c9bb4548f57ade90e8d3572c3fdbf7150fd54d4948b85e27e2687debace7f8a651a98b2f0f35476b053077b57fb2a2ee547a50d804e0c81d5983336c7b70ec4fe0613b4dccfa8c7b7a9009c9719d3d048a29334be093acb34685957e16021a881d1faa88e24112d1303eff7a505975f4d26e12fb457178157cef70ebef6e8f9d7d2602ce5b2e9ddb7df23d25c1612d847b84a00556fb5c571f5df8554ae66fd2af13fbd0b2f9681601f83d677440f0cedc44debc01ba2caaccad7f3c275c1837d521b2c299df408456e227987772074638917613acdb80197839e9adbfc4d89fd6b27f55834196fe4db948b147b2f18f6518ebde33e6eaca1c7768ac636b66454aa68876edf40f975e82edb51849fffe02e16a1067cb4fb76f27642c8bbc41e13db45d758ea43d44f231e23d991be4f4b3e5476b40fd2de549c6cdee52c3ae2fc0ae88a1153d688e40c1b153df41e86b665b16b83d838409890eb83514cce2e359f776cbce511ca09fc991401b55f0bef3e4ef6654094de00a8761e76f46433af97141af68d6a978b903f2f2b43f2e822d6e659ee66e95907a83f0a21cf5614576b670c73f4d7e31cd5ce183700245fb8cab169c62b43922827d1b6d29786b138f85a2f81edbe53b9a9c3d63f2df99808cf0406b3b34bf87364af5f0e6c95fcfd648773a064a905d10a714f2f38025ede1384f0d865f1887afac783d5af07dff119a2d257e8b1c4ae25050c27df96adabaa39945a5359de4b55b1693871f34095d0bb36b6b2c16d3333d67f1386dfe88cfeba883f1219f82e43aad5be6aa20b6b68b40af82494a33298df01f9de914a21d1fe3a46a6243c3eb31f741c41765b216ab941c231c247cece02af8111bd1f2c8a740bf842c78ff090da53e38040c42688f03feab9b744320723cd19a0234a7b54a49569020f3f2fbfc706e63907f0ee368bc329962da0030845d624f5a09fb7eaa02615aec00c4c752daf7858a9a531b3733f8ed7595796171e76bc69f6d3d71a270f87986f1521b0b882cc2827d16a69fce9b99c9102d896360b762045dcb44765dde2562a1afab08fc6fe96362c4f1dd08f1f6fe651a8fed13ec7e5bbf5a43f0563edf9b35d8f8619c881e96213ffc6d763314e5c9e4c6ece38e158e557c9ac32f6036fb458f0d1cdb27b600fdc53b3f412bd5982fed4c2cfbe51ed83985cfa26984867d0366ba822a537af43e5f48a596c1a87a099256c8e71f9bb40568a380cc0bd772c383a4410ca6b452fd0fa7262ccf63b1617b30fb3b4e5a1d08b037bfea54ebc970ce19fe609f954831f5463dfb5e8408bf44b4bd404fb05bfbd55a0a10f9b61d7c530ee8c9622f224d53e2e575c0b2778c908e5892e65d86498e380aad97f22b659ff0c35946b209da56aec351e9cf130faa661e0e3c5be114aa751c3eb4fa2f698ab17a157dbcd359d481c54d9d1ba3a46f0c9c9c7c622f6eff7008797bb63010e7879b4a3d54e97f3edfe6f8650ab4d6c07535c58f67b816ae304cd8a167c47cf03fccddda57655e2bc5020d35bac7486626221fcea7ebfeeefd8a3cd77aee1fcf89b46a56d59cd74b1ffcc7d81f92c7f5b70b44a85ce5dee902e1eb3c07465ebefd6d6c7e2edfbd527456ec3737ee45f6b10c323504a2dbbcfb4fba1df0f34455a5de4721e87ac3bf3b885f7c9e260caa4c1a0dfe78a9ea4f1539e265c0c7dc9a76bbff0457161e1280fe164405ea9a594339e0da7df125060b2394f9ed3b6695ae3396cafa59d8a20d4bf94923766e86123da4f358e6b18fa0f829e21ac3060ba6d68c71dcdafff803214ec817d43f9a1f0edc54c7b6cec87e8436a8891c786bb1e78411f6fc728a26b40156e15ba972597f0700ccc226e0d150ef61fc0c16f1dbfd529811d4cecd4e0ee8727a87f1f66390843fdea530a2a222d022985c76f37f2281f9320ab0f0cc068c33c5d008afbc9da0e8a294e71b3b662b9773457bb0574383633e7e25cb5679250011c13b259bd0fb71fc844c5825a3c723228d6d53139c23f846026816ec4c7b8fa610d0808291c3660a21f09351951ce5f9a19cb72c667d88f2b70932f4abfb8adfca6a23635dcb8ac85c8eb1934cf9edc6c96e3e9a4fd0953d6b00cc3c27f2f8bb5ea69780d981e0d7f30a0061f790d512a434888482cd4a4b9aebf7bdac56adfaca07cab8e7163ccdd8b049f2242b04e594374e82d8710b87051ab1bdf454e91005bd06c454cdd1a8308aba84d44c037246fbaa45b2b5b91a9728d5b4333abe74fbb67d0fda39be79267f43d97cb3e291d412a370791e31132879c277ffcffbd63cbb83800b9ef428a0fa30f935723273e6c7803b06db05c211c3c70223db365c5a15f0e62cd2eb2b451c66182f2a9cd49ec16ae279ab42e75ab0016a22d971fa6ae39375336acbd444e165912913e67dc5e06a44ece8a902d16d0080197d2c88b1a743c2711eca6ec1900c24dfd802d13e795780dfcbfa5a85bef3188f7421cc0cc02f3adc84e53809280c1be645f3fbffa45c75d7fb6a5babb24598c1743f0b2f5e7092828145f425ea013190021775c7647e86a7fb6d42dbfb4148187820ef7fed7a7863b2fefcac1b15d542fe4214869b5b3a5b2fc82b70e287f67e1d7f79e0dd0dd7eab61eafcc26d9cdde1545718af75d538c4c1689692e72752834dbc6c17e21b24cddd5f7d1f0f856ae9849184ea87d6b042d95f0ab2b20e50a9c639e2d69210f420797d7e902a527e195c732634be1ee48b4e4cfea126a74f091a514c69524fb76b989f827fd52244a5571ce716e52c6072c9cd69535bd7c1d6cd9c676659d07e5c59b3de9fca876abb0f0720471fe9755e44d38949ce68549dff9d40c5415387c51c87ea6ede496dfa2a6af396fe3bb5ec4daf7a02014488775ec04dc8036fe493df58c4c3f03eaa5a76de097d67ae7001b73fcfd68debd2d2ae1d1dfeac7dc5232c3c9c18d8e9e31f63efa5dae87ca5908e05a0d68574dd84ba9a0cb2e1c34bc4bf7cb3581548f97533023ae6951809534f1a99bc3d476248c101f7955a03479c919ff49b320a6902d1a6ffe0ff0fa335854eb0283aefcbb97b85ed5456cd238d5c5d67b55aff5310e0eba89c7aed3b4fb223ef0cec6d852a00ab2e8e05bcc27f73e1b3f3debd728d33389277a05ae09a7ccb271fa7551f4362bae89f4ee5e64fb553dd0c63ee2fe5fe0c09e06a093d2fb97ad01b0fedc41e20d4a97f5582b7a410f9254faa515bfd6a4889567469ee3cf49232ea8481770419d1182dcd517162aa91fe915b13d5c7de3b1f536c513e6f230d6f95ccf2d67d2301f87eba8fbf5ca8a458d098dae953ffc205b377ba7a84c9d4988c4960e0263c24bba7cd9544f4e30e98209844d83cc47a95517a3f43026a7a37d7b1a15f3d66e5f722f0be401eb292783acf574883bf1d773f7ec583fd71bf5ea8afb391eb11c9a5d788864ad2244f1062868f1fb0dbc3eea208fc7f1f10146b9035c2e12b087ef97879f9989d39afe55ca8c94fda81195ba4643e8083e80a739b1a3041c0499f4f7492c527befaf9ea37a4113fa3d5e6a57075ff27bfaebf058f1bb397f51ee0e29bf05e2ab7ac370afa6d8e0621914709679e390d06f00f9a4bf6f95a754eb7b1dca62cd486db7611080dc826ce2101e7fe5a2dc43b3013e459681deaa36446a17924ebad972202ac3a1d37aee5844349186730ed042f31ed2739ed78e9f03f884706ff7f960bb34276d6b75b0b9030babae3838291a35e11996420bb37fd114398c15ed3235b2f3e27165cfcd51b70635fd060bff85d82680625a229f7a1dc1b24bc43e9af3a0ed7369193d2f5dbb6a38d532d16d8d8c52695d66414d94be775d06654c03f9bc36d81d82e37142d43658e91834ce8b7d36c23a30a1210db79afb6a8abda1222dda5a5a68433136749804f8436faad0daa22252670caba28c23bfb3d988d841c1675608f6ec478e1c67c5d882caedddb9b44f668f3b807ccc0d60e2460b980e7a402790869878dade02e523686c650520395b95d2c0b898909a036e3407d798f0d2047489802e8af6d260c83621b6611f31ebc27e255cfba2ec39e9a1ed4fefe5580977894eae2327a96fcb0f53b73283e9ec6f84dbc75dca95e870b55e62d22a1f06cac3ae79a721c65afeaffcdf630cac40a1aecd91fd714ee1def90bd679cb65201e00ff629b9a79092de36c7b283d39a219772b90f19965e71239821fae770e5bed9afa1d854e039f00fa9562bb9d29b1f22376b9ef92565554cd2a2fe7a300d3c7aec8ed12d53b92d7b2ba94bd180855558376f44dc0c2109d6ce081ffc1d0ca9b44520a57e176443f8bcb79d9888a6aa22709accf7da3ff65621c9e78dc1f8ecc0b8cd3a2128643b4ca5e3a28a5a401daa4a29d12dfd55c1175e45c04a3c3a3aca9cd0e0702e7a15360b002c39959d3bfae08d20c89208176aad19c79e1cee8c4a2e03e617c39661d8a824c50d99a07791d30a399ae4563c28857c17ea3a46ac8f1e1bdd76c3a7b8b5cf90164006fb598a97dd4ce014968a9b9896f0f9dc04e241c9d25e63202c564ddd94ed9889dd8cef59f8e66841ee97925ecdd366c64a70d9f37d4a3fd35141f5a529c559f8094adf95e69eea9779fa4ee3ccb25af8fab17b1e0d870e5c8535b60cca0080e33632dfa4e330ae4977787064dae459a9b70200010000000000000000000000000005000500000000000a00000000000000fe880000000000000000000000000001000000000000000005000700000000000a00000000000000fc0100000000000000000000000000000000000000000000020013"], 0x10d0}}, 0x1050) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
writev(r4, &(0x7f00000001c0)=[{&(0x7f0000000040)="4f3bfde51b257f40", 0x8}], 0x1) (async)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000440)=[@rdmsr={0x32, 0x18, {0x19a}}, @wrmsr={0x1e, 0x20, {0xbb9, 0x6}}, @code={0xa, 0x6a, {"2e400f01cf44d9f866baa00066b8000066ef410f088f0848ed34eaadc7442400d23f267cc7442402fe370000c7442406000000000f011c24660f3882a797683777670fc75cdbce460f38cd9a757b0000f30fc7b43cdcf50000"}}, @code={0xa, 0x5c, {"6747d9fb0f2373470f019b0000c0fe65d9f543008eeb7400003667f3466fc48119140fc441fc2bb70b000000c74424003ee100b9c7442402fd000000c7442406000000000f011c240fc72b"}}, @rdmsr={0x32, 0x18, {0xac9}}, @wr_crn={0x46, 0x20, {0x3, 0x81}}, @wrmsr={0x1e, 0x20, {0xa1d, 0x8}}, @wrmsr={0x1e, 0x20, {0xada, 0x13b}}, @code={0xa, 0x60, {"0f0139b805000000b9d9ab00000f01c148b8f91b0000000000000f23c00f21f83501000c000f23f8b9260a00000f3266ba2000ed420f3265410f30266636f23ef2460f90e12e440f01ca66bad004ed"}}, @wr_crn={0x46, 0x20, {0x8, 0x1}}, @wrmsr={0x1e, 0x20, {0x9cd, 0x3}}, @wrmsr={0x1e, 0x20, {0xb79, 0x8}}, @wrmsr={0x1e, 0x20, {0xc0000103}}, @wr_crn={0x46, 0x20, {0x8, 0x1000}}], 0x276}) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)={0x38, 0x3e, 0x1, 0x7fffc, 0x4, {0x1}, [@typed={0x4}, @nested={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x10, 0x0, 0x1, [@nested={0xc, 0xf, 0x0, 0x1, [@generic="12ccbd379ce6cd69"]}]}]}, @typed={0xc, 0x2, 0x0, 0x0, @u64}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00v\x00\t\x00'/20, @ANYRES32=0x0, @ANYBLOB="04000d800800010002"], 0x24}, 0x1, 0x5502000000000000}, 0x0) (async)
socket(0x2a, 0x2, 0x0) (async)
ioctl$SIOCSIFMTU(r7, 0x8932, &(0x7f0000000080)={'dummy0\x00'}) (async)
dup3(r2, r1, 0x0) (async)

2.63965647s ago: executing program 2 (id=1701):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f00000001c0), &(0x7f0000000240)=0xfffffeab)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xf)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x5)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)=0x3)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000400)=0x7)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r4 = memfd_create(&(0x7f00000009c0)='y\x105\xf3\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x2)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000100)={r4, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000000)=0x7)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000200)=0x6)

970.375862ms ago: executing program 4 (id=1728):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$inet6_udplite(0xa, 0x2, 0x88) (async)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x41, &(0x7f0000000200)={0xa, 0x4e23, 0x10003, @loopback, 0x7}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc) (async)
writev(r0, &(0x7f0000000540)=[{&(0x7f0000000000)="d901", 0x2}], 0x1) (async)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x100000}, 0xc) (async)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000340)=',', 0x34000}], 0x1)

969.163134ms ago: executing program 4 (id=1730):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$9p_virtio(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f0000000200), 0x800000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=vi'])
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10, 0x0, 0x0, 0x1}}}}}}}, 0x0)

840.229721ms ago: executing program 4 (id=1733):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @private=0xa010102}, 0x10)
listen(r0, 0x8)
accept4(r0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYRESOCT=r0], 0x0, 0x4e, 0x0, 0x8}, 0x28)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000240)={0x1f, 0xffff, 0x2}, 0x6)
recvmmsg(r1, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
write$bt_hci(r1, &(0x7f0000000000)={0x1, @set_reserved_lt_addr={{0xc74, 0x1}, {0x7}}}, 0x5)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010029bd7000ffdbdf2500000000", @ANYRES32=r4, @ANYBLOB="100804002010000024001280110001006272696467655f736c618c65000000000c0005800500194003"], 0x44}, 0x1, 0x0, 0x0, 0x404c1}, 0x40040d4)
syz_io_uring_setup(0x1a1d, &(0x7f0000000540)={0x0, 0x755e, 0x13080, 0x3, 0x2bc}, &(0x7f0000000080), 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x24044040)
write$bt_hci(r1, &(0x7f0000000580)={0x1, @le_set_scan_rsp_data={{0x2009, 0x20}, {0xff, "ad8b5a50a99c4f7bf40c544f5a5ce1666f549e4c74dc39e79dc96ea0833fe7"}}}, 0x24)

790.041296ms ago: executing program 5 (id=1735):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x22300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe2000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x56, &(0x7f00000001c0)=[@vmwrite={0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4004}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x18)

649.948146ms ago: executing program 5 (id=1737):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240))
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffffff00000000000000000dd8ebdd2aab2e0001007564703a7379"], 0x54}}, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x2, 0x2, 0x101, 0x0, 0x0, {0x2, 0x0, 0x5}, [@CTA_EXPECT_HELP_NAME={0x5, 0x6, '\x00'}, @CTA_EXPECT_TUPLE={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x1}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x4}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x40850}, 0x26004810)

649.800111ms ago: executing program 5 (id=1738):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {}, {0xa, 0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_VLAN_PRIO={0x5, 0x18, 0x1}, @TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8100}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) (fail_nth: 5)

535.239728ms ago: executing program 3 (id=1740):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000004180)={"0400", 0x0, 0x6, 0x2, 0x7fffffff, 0x8, "df930000000002000100", "037ec42b", '\x00\f\x00', '\x00', ["0000c40102000000001000", "3549ffffffd7f7ffff010800", "0fc7794386a7a0236a9cc1f0"]})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x515}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_MPLS={0x4}]}]}, 0x3c}}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@gettaction={0x14, 0x32, 0x200, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000140), &(0x7f0000000180)}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x844}, 0x4000000)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = accept$unix(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000400)=0x6e)
accept4$unix(r6, &(0x7f0000000500), &(0x7f0000000580)=0x6e, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
vmsplice(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r9, 0x0, r8, 0x0, 0x10000008ebc, 0x0)
splice(r7, 0x0, r10, 0x0, 0x25a5, 0x0)
r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r12 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r12, 0xc0205647, &(0x7f0000000100)={0xf020000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f911, 0x8000, '\x00', @p_u16=&(0x7f0000001b80)=0xa}})
close_range(r11, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r5, 0x0, 0x19, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0xa, &(0x7f0000000200)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @tail_call={{0x18, 0x2, 0x1, 0x0, r2}}]}, &(0x7f0000000100)='GPL\x00', 0xe1c00000}, 0x94)
syz_emit_ethernet(0xb8, &(0x7f0000000000)={@remote, @random="aea8b8c323f3", @void, {@llc_tr={0x11, {@llc={0xf0, 0x4, "123e", "ae738363e916de10f7c59b5fd2bb16e4ed68dc39bd2498687a3aa1209244b49aecf064fc13a50ef63d1a3167da432ab7e1de7150b3f571b91fdc0eaf8c230323109bcf10f3e4f2000d15c51f6d86c08bceca99214dad1ce5e95d6354dfb571d9441f53123a76fc43434a1e044826b6841fe03fd1e52d9f93fb5e737e859b1e2c497032a80c2d94890328e0496ae2f090210586ecc37457011694789b156de767e6919de611da"}}}}}, &(0x7f00000000c0)={0x1, 0x4, [0x4a, 0x108, 0x3a1, 0xcf8]})

471.027911ms ago: executing program 5 (id=1741):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = syz_open_dev$vivid(&(0x7f0000000300), 0x0, 0x2)
ioctl$VIDIOC_QUERYMENU(r1, 0xc02c5625, &(0x7f0000000440)={0x9, 0x38b7, @value=0x1})
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000840)={0x14, 0x1, 0x3, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8000}}, 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4080)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
mremap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
getresuid(&(0x7f0000000080), &(0x7f0000000180), &(0x7f0000000200)=<r5=>0x0)
quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000202, r5, &(0x7f0000000240)='./file0\x00')
write$binfmt_script(r4, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000325bd7000fbdbdf25050000000c000980080002000300000028000280080001"], 0x46}, 0x1, 0x0, 0x0, 0x8000}, 0x4004)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='omfs\x00', 0x200000, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wg0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0xa0, 0x30, 0x51b, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x7fffffff, 0x0, 0x0, 0xfffffffd}}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x6}]}, {0x4, 0x14}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x6}}}, @m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa0}}, 0x14008004)
fchmodat(r4, &(0x7f00000002c0)='./file0\x00', 0x0)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)=ANY=[@ANYBLOB="180100002e00010000000000fcdbdf250801f2800c00180008ac0f0000000000140001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x0)

399.091573ms ago: executing program 3 (id=1742):
r0 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000040), &(0x7f00000000c0)=0x10)
setsockopt$PNPIPE_ENCAP(r0, 0x113, 0x1, &(0x7f0000000100)=0x1, 0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x11, 0x98}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x94)

398.818617ms ago: executing program 3 (id=1743):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0xc15f0c76038c45c1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x11c)
mknodat$loop(r0, &(0x7f00000002c0)='./file1\x00', 0xc106, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x400)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x100)
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000480)='./bus\x00', r2, &(0x7f00000001c0)='./file0\x00', 0x0)

398.548411ms ago: executing program 5 (id=1744):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005b80)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000500)="69e183a2de2e20d7250f3165003f3d5989cb8c83644613d9e16f95dae3759442db55f9f73c54d5e6d845236108051b7b51d959db573f9f555ff8c9e138f9ee36c0518e1ac62ec327d0dfd5bcf6a692e508a39a9d00cb89534e83136dd56255cddc08e719be01cfe36eb01b368498", 0x6e}], 0x1, 0x0, 0x0, 0x28024000}}], 0x1, 0x20008804)
r3 = socket(0x28, 0x5, 0x0)
ioctl$KVM_CAP_X86_APIC_BUS_CYCLES_NS(0xffffffffffffffff, 0x4068aea3, 0x0)
connect$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10)
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000300))
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0xfb)
syz_open_dev$dri(&(0x7f0000000040), 0x4, 0x800)
listen(r3, 0x1c24)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x2c)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f00000003c0)='freezer.parent_freezing\x00', 0x0, 0x0)
preadv2(r6, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/211, 0xd3}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r4, 0x4018aebd, &(0x7f0000000140)={0x2, r6, 0x1})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$TIOCCBRK(r7, 0x5428)
ioctl$KVM_RESET_DIRTY_RINGS(r1, 0xaec7)
setsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000100)=@int=0x80000001, 0x4)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x7, 0x100000000, 0x0, 0x7dd, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
r8 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000000280)={0x4d, 0x2, 0x3, "8baadc000000000000ffffffff00000000c300000000000000001c00", 0x34565559})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x4, 0x0, 0x2, 0x4004, 0x2, 0x4, 0xf000000000000001, 0x0, 0xffffffffffffffff, 0x2000000, 0x0, 0x3346c4e8, 0x0, 0xffffffffffffffff, 0x6, 0x967], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

339.980184ms ago: executing program 3 (id=1745):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x22300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe2000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x56, &(0x7f00000001c0)=[@vmwrite={0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4004}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 4)

125.669916ms ago: executing program 3 (id=1746):
mremap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil)
r0 = socket(0x1a, 0x2, 0x3)
getsockopt$packet_buf(r0, 0x107, 0x1, 0x0, 0x0)

125.515784ms ago: executing program 4 (id=1747):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x22300, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x3)
r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x4000, 0x0)
ioctl$CDROMREADAUDIO(r2, 0x5392, &(0x7f0000000040)={@msf={0xb, 0x2, 0xfc}, 0x3, 0x0, 0x0})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200000001e00431b000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="001c000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x20004811}, 0x488d0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe2000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x56, &(0x7f00000001c0)=[@vmwrite={0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4004}], 0x1)
ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000040)={0x3, 0x4, 0x41b})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

125.264173ms ago: executing program 3 (id=1748):
r0 = socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r1 = fsopen(0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r5, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008004}, 0x4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYRES32=r1, @ANYRES16=r5, @ANYBLOB="010023010000340200000200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000040)={0x1000e, "61ad99873bbabd18cf5019ff9e974a2700000000000300000000000000006500"})
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
sendto$inet6(r6, 0x0, 0x0, 0x80, 0x0, 0x0)
r8 = fcntl$dupfd(r6, 0x0, r0)
setsockopt$inet_opts(r8, 0x0, 0xd, &(0x7f0000000100)="ac", 0x1)
recvmmsg$unix(r8, &(0x7f0000008340)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40010003, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r8)
sendmsg$NL80211_CMD_JOIN_IBSS(r8, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r9, 0x300, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44440}, 0x8000)

70.231747ms ago: executing program 5 (id=1749):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000300)={0x0, 0x0, 0x80000, 0x0, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$vim2m(&(0x7f0000000240), 0x2000a54, 0x2)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000002c0), 0xc0b40, 0x0)
ioctl$CDROMCLOSETRAY(r3, 0x5319)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000080)={0x0, 0x1, 0x2, "a722a0dd8c08fe49da33e92aa916a401bfca7f265bc44791756bdc4d9d751233", 0x494e4f4b})
syz_emit_ethernet(0x16, &(0x7f0000000440)=ANY=[], 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000180)={0x9, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
close(r0)
r4 = socket$netlink(0x10, 0x3, 0x10)
getxattr(0x0, 0x0, 0x0, 0x0)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r6)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021100000000000003b810000850000006d000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000480)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
add_key$user(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f00000004c0), &(0x7f0000000440)={'syz', 0x0}, &(0x7f00000001c0)='\a\x00\x00\x00\x00', 0x5, 0xfffffffffffffffd)
ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)=<r9=>0x0)
sendmsg$NFC_CMD_DEV_UP(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="00000100", @ANYRES16=r7, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r9, @ANYBLOB], 0x1c}}, 0x0)
write$nci(r5, &(0x7f0000000180)=ANY=[@ANYRES16=0x0], 0x13)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000340))
fsopen(&(0x7f0000001300)='jffs2\x00', 0x0)
bind$netlink(r4, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfe, 0x2}, 0xc)
getsockopt$IP_SET_OP_GET_BYNAME(r1, 0x1, 0x53, &(0x7f00000001c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000280)=0x28)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x4, @empty, 0x4e23, 0x4, 'rr\x00', 0x20, 0x7, 0x6a}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x4e22, 0x0, 0xfffffffe, 0xacf, 0x7eb}}, 0x44)
r10 = openat$nci(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r10, 0x0, &(0x7f0000000400))

204.238µs ago: executing program 4 (id=1750):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00'}, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000faffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffc}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x200000}}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x2f}, 0x94)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000740)={0xffff1e9d, 0x8e, 0xf, 0x2, 0x2})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0)

0s ago: executing program 4 (id=1751):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0xffffffffffff6ef2, 0x40000)
ioctl$SG_BLKTRACESTART(r0, 0x1274, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_elf64(r2, 0x0, 0x831)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x300, 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

17451][T10111]  ? __pfx___mutex_lock+0x10/0x10
[  150.917465][T10111]  ? __pfx_vfs_read+0x10/0x10
[  150.917479][T10111]  ? __fget_files+0x20e/0x3c0
[  150.917495][T10111]  ksys_read+0x12a/0x250
[  150.917505][T10111]  ? __pfx_ksys_read+0x10/0x10
[  150.917519][T10111]  do_syscall_64+0xcd/0x4c0
[  150.917535][T10111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.917546][T10111] RIP: 0033:0x7f389e38d5bc
[  150.917556][T10111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  150.917566][T10111] RSP: 002b:00007f389f24b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  150.917576][T10111] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38d5bc
[  150.917583][T10111] RDX: 000000000000000f RSI: 00007f389f24b0a0 RDI: 0000000000000004
[  150.917589][T10111] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  150.917595][T10111] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000001
[  150.917601][T10111] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  150.917614][T10111]  </TASK>
[  150.991812][T10036] veth1_macvtap: entered promiscuous mode
[  151.015951][T10036] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.020592][T10067] hsr_slave_0: entered promiscuous mode
[  151.022834][T10067] hsr_slave_1: entered promiscuous mode
[  151.027278][T10067] debugfs: 'hsr0' already exists in 'hsr'
[  151.029223][T10067] Cannot create hsr debugfs directory
[  151.039292][T10036] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.080171][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.089731][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.092467][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.102042][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.181822][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.188722][   T40] audit: type=1400 audit(1757568021.742:34563): avc:  denied  { bind } for  pid=10114 comm="syz.2.1461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  151.193288][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.221582][T10120] tc_dump_action: action bad kind
[  151.225487][ T5980] Bluetooth: hci1: command tx timeout
[  151.231722][ T1234] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.234206][ T1234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.247461][   T40] audit: type=1400 audit(1757568021.802:34564): avc:  denied  { mounton } for  pid=10036 comm="syz-executor" path="/syzkaller.2GjgHH/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  151.250671][T10067] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  151.263133][T10067] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  151.268248][T10067] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  151.272674][T10067] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  151.323976][T10067] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.343000][T10067] 8021q: adding VLAN 0 to HW filter on device team0
[  151.349534][ T1234] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.351976][ T1234] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.360992][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.364087][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.500671][T10067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  151.634946][T10067] veth0_vlan: entered promiscuous mode
[  151.643063][T10067] veth1_vlan: entered promiscuous mode
[  151.656898][T10067] veth0_macvtap: entered promiscuous mode
[  151.660679][T10067] veth1_macvtap: entered promiscuous mode
[  151.678677][T10067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.684102][T10067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.693859][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.697181][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.699958][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.703133][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.748941][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.752183][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.768506][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.771872][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.873556][T10152] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  151.876670][T10152] openvswitch: netlink: nsh attribute has 13 unknown bytes.
[  151.879020][T10152] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  151.915470][T10151] nbd0: detected capacity change from 0 to 127
[  152.019578][ T5980] block nbd0: Receive control failed (result -104)
[  152.185928][ T5980] Bluetooth: hci2: command tx timeout
[  152.325004][T10160] mkiss: ax0: crc mode is auto.
[  152.330393][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  152.330402][   T40] audit: type=1400 audit(1757568022.882:34567): avc:  denied  { read write } for  pid=10159 comm="syz.4.1467" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  152.340704][   T40] audit: type=1400 audit(1757568022.882:34568): avc:  denied  { open } for  pid=10159 comm="syz.4.1467" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  152.531454][T10183] FAULT_INJECTION: forcing a failure.
[  152.531454][T10183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.536941][T10183] CPU: 2 UID: 0 PID: 10183 Comm: syz.4.1475 Not tainted syzkaller #0 PREEMPT(full) 
[  152.536955][T10183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.536961][T10183] Call Trace:
[  152.536965][T10183]  <TASK>
[  152.536969][T10183]  dump_stack_lvl+0x16c/0x1f0
[  152.537002][T10183]  should_fail_ex+0x512/0x640
[  152.537022][T10183]  _copy_from_iter+0x29f/0x1720
[  152.537039][T10183]  ? __alloc_skb+0x200/0x380
[  152.537052][T10183]  ? __pfx__copy_from_iter+0x10/0x10
[  152.537066][T10183]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  152.537082][T10183]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  152.537102][T10183]  netlink_sendmsg+0x829/0xdd0
[  152.537118][T10183]  ? __pfx_netlink_sendmsg+0x10/0x10
[  152.537137][T10183]  ____sys_sendmsg+0xa98/0xc70
[  152.537154][T10183]  ? copy_msghdr_from_user+0x10a/0x160
[  152.537167][T10183]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.537189][T10183]  ___sys_sendmsg+0x134/0x1d0
[  152.537203][T10183]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.537235][T10183]  __sys_sendmsg+0x16d/0x220
[  152.537248][T10183]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.537279][T10183]  do_syscall_64+0xcd/0x4c0
[  152.537309][T10183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.537326][T10183] RIP: 0033:0x7fbcce98eba9
[  152.537342][T10183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.537358][T10183] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.537377][T10183] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  152.537386][T10183] RDX: 0000000024044040 RSI: 0000200000000200 RDI: 0000000000000003
[  152.537392][T10183] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  152.537398][T10183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.537404][T10183] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  152.537418][T10183]  </TASK>
[  152.738412][   T40] audit: type=1400 audit(1757568023.292:34569): avc:  denied  { mount } for  pid=10201 comm="syz.5.1482" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  152.747421][   T40] audit: type=1400 audit(1757568023.302:34570): avc:  denied  { read } for  pid=10201 comm="syz.5.1482" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  152.749439][T10202] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  152.754272][   T40] audit: type=1400 audit(1757568023.302:34571): avc:  denied  { open } for  pid=10201 comm="syz.5.1482" path="/9/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  152.764184][   T40] audit: type=1400 audit(1757568023.312:34572): avc:  denied  { remount } for  pid=10201 comm="syz.5.1482" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  152.778707][   T40] audit: type=1400 audit(1757568023.332:34573): avc:  denied  { unmount } for  pid=10067 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  152.791731][T10204] FAULT_INJECTION: forcing a failure.
[  152.791731][T10204] name failslab, interval 1, probability 0, space 0, times 0
[  152.795958][T10204] CPU: 1 UID: 0 PID: 10204 Comm: syz.4.1483 Not tainted syzkaller #0 PREEMPT(full) 
[  152.795972][T10204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.795978][T10204] Call Trace:
[  152.795983][T10204]  <TASK>
[  152.795988][T10204]  dump_stack_lvl+0x16c/0x1f0
[  152.796005][T10204]  should_fail_ex+0x512/0x640
[  152.796022][T10204]  should_failslab+0xc2/0x120
[  152.796035][T10204]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  152.796046][T10204]  ? sctp_get_port_local+0x54d/0x1670
[  152.796061][T10204]  sctp_get_port_local+0x54d/0x1670
[  152.796077][T10204]  ? __pfx_sctp_get_port_local+0x10/0x10
[  152.796089][T10204]  ? sctp_bind_addr_match+0x193/0x300
[  152.796102][T10204]  ? sctp_bind_addr_match+0x19d/0x300
[  152.796103][    T9] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  152.796114][T10204]  sctp_do_bind+0x223/0x700
[  152.796135][T10204]  sctp_connect_new_asoc+0x5e7/0x770
[  152.796152][T10204]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  152.796172][T10204]  sctp_sendmsg+0x1560/0x1e10
[  152.796191][T10204]  ? __pfx_sctp_sendmsg+0x10/0x10
[  152.796208][T10204]  ? __pfx_sock_has_perm+0x10/0x10
[  152.796228][T10204]  ? __pfx_sctp_sendmsg+0x10/0x10
[  152.796244][T10204]  inet_sendmsg+0x11c/0x140
[  152.796256][T10204]  ____sys_sendmsg+0x973/0xc70
[  152.796274][T10204]  ? __pfx_____sys_sendmsg+0x10/0x10
[  152.796296][T10204]  ___sys_sendmsg+0x134/0x1d0
[  152.796310][T10204]  ? __pfx____sys_sendmsg+0x10/0x10
[  152.796337][T10204]  __sys_sendmsg+0x16d/0x220
[  152.796350][T10204]  ? __pfx___sys_sendmsg+0x10/0x10
[  152.796371][T10204]  do_syscall_64+0xcd/0x4c0
[  152.796386][T10204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.796398][T10204] RIP: 0033:0x7fbcce98eba9
[  152.796407][T10204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.796418][T10204] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  152.796428][T10204] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  152.796435][T10204] RDX: 0000000020000000 RSI: 0000200000001640 RDI: 0000000000000004
[  152.796441][T10204] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  152.796448][T10204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.796454][T10204] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  152.796466][T10204]  </TASK>
[  152.859358][   T40] audit: type=1400 audit(1757568023.412:34574): avc:  denied  { setopt } for  pid=10208 comm="syz.5.1486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  153.006260][    T9] usb 8-1: device descriptor read/64, error -71
[  153.027705][T10227] FAULT_INJECTION: forcing a failure.
[  153.027705][T10227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.031842][T10227] CPU: 3 UID: 0 PID: 10227 Comm: syz.5.1492 Not tainted syzkaller #0 PREEMPT(full) 
[  153.031856][T10227] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.031863][T10227] Call Trace:
[  153.031867][T10227]  <TASK>
[  153.031871][T10227]  dump_stack_lvl+0x16c/0x1f0
[  153.031889][T10227]  should_fail_ex+0x512/0x640
[  153.031905][T10227]  _copy_from_user+0x2e/0xd0
[  153.031921][T10227]  ____sys_sendmsg+0x607/0xc70
[  153.031940][T10227]  ? __pfx_____sys_sendmsg+0x10/0x10
[  153.031962][T10227]  ___sys_sendmsg+0x134/0x1d0
[  153.031976][T10227]  ? __pfx____sys_sendmsg+0x10/0x10
[  153.032004][T10227]  __sys_sendmsg+0x16d/0x220
[  153.032017][T10227]  ? __pfx___sys_sendmsg+0x10/0x10
[  153.032039][T10227]  do_syscall_64+0xcd/0x4c0
[  153.032054][T10227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.032066][T10227] RIP: 0033:0x7f4ea8d8eba9
[  153.032075][T10227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.032085][T10227] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.032096][T10227] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  153.032107][T10227] RDX: 0000000004044810 RSI: 00002000000002c0 RDI: 0000000000000003
[  153.032114][T10227] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  153.032120][T10227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.032127][T10227] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  153.032140][T10227]  </TASK>
[  153.268463][    T9] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[  153.305562][ T5980] Bluetooth: hci1: command tx timeout
[  153.405376][    T9] usb 8-1: device descriptor read/64, error -71
[  153.516373][    T9] usb usb8-port1: attempt power cycle
[  153.865614][    T9] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  153.886107][    T9] usb 8-1: device descriptor read/8, error -71
[  154.004234][T10240] bridge: RTM_NEWNEIGH with invalid ether address
[  154.007985][T10240] bridge: RTM_NEWNEIGH with invalid ether address
[  154.096091][   T40] audit: type=1400 audit(1757568024.652:34575): avc:  denied  { bind } for  pid=10242 comm="syz.4.1496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  154.133493][T10251] FAULT_INJECTION: forcing a failure.
[  154.133493][T10251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.137754][T10251] CPU: 1 UID: 0 PID: 10251 Comm: syz.2.1500 Not tainted syzkaller #0 PREEMPT(full) 
[  154.137768][T10251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.137774][T10251] Call Trace:
[  154.137778][T10251]  <TASK>
[  154.137782][T10251]  dump_stack_lvl+0x16c/0x1f0
[  154.137800][T10251]  should_fail_ex+0x512/0x640
[  154.137817][T10251]  _copy_to_user+0x32/0xd0
[  154.137833][T10251]  simple_read_from_buffer+0xcb/0x170
[  154.137846][T10251]  proc_fail_nth_read+0x197/0x240
[  154.137859][T10251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  154.137873][T10251]  ? rw_verify_area+0xcf/0x6c0
[  154.137888][T10251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  154.137900][T10251]  vfs_read+0x1e1/0xcf0
[  154.137912][T10251]  ? __pfx___mutex_lock+0x10/0x10
[  154.137927][T10251]  ? __pfx_vfs_read+0x10/0x10
[  154.137941][T10251]  ? __fget_files+0x20e/0x3c0
[  154.137957][T10251]  ksys_read+0x12a/0x250
[  154.137967][T10251]  ? __pfx_ksys_read+0x10/0x10
[  154.137981][T10251]  do_syscall_64+0xcd/0x4c0
[  154.137997][T10251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.138008][T10251] RIP: 0033:0x7f389e38d5bc
[  154.138017][T10251] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  154.138027][T10251] RSP: 002b:00007f389f24b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  154.138037][T10251] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38d5bc
[  154.138044][T10251] RDX: 000000000000000f RSI: 00007f389f24b0a0 RDI: 0000000000000004
[  154.138051][T10251] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  154.138057][T10251] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  154.138063][T10251] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  154.138076][T10251]  </TASK>
[  154.145555][    T9] usb 8-1: new full-speed USB device number 8 using dummy_hcd
[  154.168723][T10253] sg_write: data in/out 10438218/1 bytes for SCSI command 0x6b-- guessing data in;
[  154.168723][T10253]    program syz.5.1499 not setting count and/or reply_len properly
[  154.184566][T10250] FAULT_INJECTION: forcing a failure.
[  154.184566][T10250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  154.219769][T10250] CPU: 0 UID: 0 PID: 10250 Comm: syz.4.1498 Not tainted syzkaller #0 PREEMPT(full) 
[  154.219784][T10250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.219790][T10250] Call Trace:
[  154.219795][T10250]  <TASK>
[  154.219799][T10250]  dump_stack_lvl+0x16c/0x1f0
[  154.219818][T10250]  should_fail_ex+0x512/0x640
[  154.219835][T10250]  __kvm_read_guest_page+0x186/0x250
[  154.219851][T10250]  kvm_vcpu_read_guest+0x6c/0xf0
[  154.219883][T10250]  read_emulate+0x2b/0x50
[  154.219899][T10250]  emulator_read_write_onepage+0x2e7/0xb30
[  154.219914][T10250]  emulator_read_write+0x1b9/0x5c0
[  154.219927][T10250]  read_emulated+0x12c/0x2a0
[  154.219945][T10250]  emulate_pop+0x313/0x3b0
[  154.219958][T10250]  ? __pfx_emulate_pop+0x10/0x10
[  154.219969][T10250]  ? vmx_segment_cache_test_set+0x14b/0x400
[  154.219983][T10250]  ? __pfx_em_ret_far_imm+0x10/0x10
[  154.219996][T10250]  ? vmx_read_guest_seg_ar+0x146/0x1a0
[  154.220010][T10250]  em_ret_far+0x1e4/0x590
[  154.220022][T10250]  ? __pfx_em_ret_far+0x10/0x10
[  154.220033][T10250]  ? __kernel_text_address+0xd/0x40
[  154.220045][T10250]  ? unwind_get_return_address+0x59/0xa0
[  154.220064][T10250]  ? stack_trace_save+0x8e/0xc0
[  154.220080][T10250]  ? __pfx_em_ret_far_imm+0x10/0x10
[  154.220093][T10250]  em_ret_far_imm+0x7e/0x4d0
[  154.220106][T10250]  ? f2fs_get_dnode_of_data+0x28b5/0x2e70
[  154.220122][T10250]  ? __pfx_em_ret_far_imm+0x10/0x10
[  154.220135][T10250]  ? kasan_save_stack+0x42/0x60
[  154.220146][T10250]  ? kasan_save_stack+0x33/0x60
[  154.220155][T10250]  ? kasan_save_track+0x14/0x30
[  154.220164][T10250]  ? kasan_save_free_info+0x3b/0x60
[  154.220178][T10250]  ? __kasan_slab_free+0x60/0x70
[  154.220188][T10250]  ? kfree+0x2b4/0x4d0
[  154.220202][T10250]  ? tomoyo_path_number_perm+0x470/0x580
[  154.220216][T10250]  ? vmx_vcpu_pi_load+0xfc/0x900
[  154.220230][T10250]  ? __pfx_em_ret_far_imm+0x10/0x10
[  154.220242][T10250]  x86_emulate_insn+0x5f5/0x39f0
[  154.220260][T10250]  ? __pfx_x86_emulate_insn+0x10/0x10
[  154.220276][T10250]  ? __mutex_trylock_common+0xe9/0x250
[  154.220292][T10250]  ? vmx_vcpu_load_vmcs+0x222/0x770
[  154.220308][T10250]  ? __lock_acquire+0xb97/0x1ce0
[  154.220329][T10250]  x86_emulate_instruction+0x43e/0x1a90
[  154.220348][T10250]  complete_emulated_mmio+0x65e/0x7f0
[  154.220364][T10250]  ? __pfx_complete_emulated_mmio+0x10/0x10
[  154.220378][T10250]  kvm_arch_vcpu_ioctl_run+0x14be/0x1980
[  154.220397][T10250]  kvm_vcpu_ioctl+0x5eb/0x1690
[  154.220412][T10250]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  154.220426][T10250]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  154.220440][T10250]  ? do_vfs_ioctl+0x128/0x14f0
[  154.220460][T10250]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  154.220476][T10250]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  154.220497][T10250]  ? hook_file_ioctl_common+0x145/0x410
[  154.220512][T10250]  ? selinux_file_ioctl+0x180/0x270
[  154.220527][T10250]  ? selinux_file_ioctl+0xb4/0x270
[  154.220543][T10250]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  154.220557][T10250]  __x64_sys_ioctl+0x18b/0x210
[  154.220574][T10250]  do_syscall_64+0xcd/0x4c0
[  154.220589][T10250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.220600][T10250] RIP: 0033:0x7fbcce98eba9
[  154.220610][T10250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.220621][T10250] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.220631][T10250] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  154.220638][T10250] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  154.220644][T10250] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  154.220650][T10250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.220656][T10250] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  154.220670][T10250]  </TASK>
[  154.220940][    T9] usb 8-1: device descriptor read/8, error -71
[  154.267449][ T5980] Bluetooth: hci2: command tx timeout
[  154.347681][T10266] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1504'.
[  154.375658][    T9] usb usb8-port1: unable to enumerate USB device
[  155.058278][T10275] FAULT_INJECTION: forcing a failure.
[  155.058278][T10275] name failslab, interval 1, probability 0, space 0, times 0
[  155.063837][T10275] CPU: 2 UID: 0 PID: 10275 Comm: syz.4.1508 Not tainted syzkaller #0 PREEMPT(full) 
[  155.063860][T10275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.063871][T10275] Call Trace:
[  155.063878][T10275]  <TASK>
[  155.063886][T10275]  dump_stack_lvl+0x16c/0x1f0
[  155.063914][T10275]  should_fail_ex+0x512/0x640
[  155.063936][T10275]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  155.063958][T10275]  should_failslab+0xc2/0x120
[  155.063978][T10275]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  155.063996][T10275]  ? __d_alloc+0x32/0xae0
[  155.064021][T10275]  __d_alloc+0x32/0xae0
[  155.064044][T10275]  d_alloc_parallel+0x111/0x1480
[  155.064076][T10275]  ? register_lock_class+0x41/0x4c0
[  155.064093][T10275]  ? __lock_acquire+0xb97/0x1ce0
[  155.064117][T10275]  ? __pfx_d_alloc_parallel+0x10/0x10
[  155.064145][T10275]  ? lockdep_init_map_type+0x5c/0x280
[  155.064161][T10275]  ? lockdep_init_map_type+0x5c/0x280
[  155.064181][T10275]  __lookup_slow+0x193/0x460
[  155.064207][T10275]  ? __pfx___lookup_slow+0x10/0x10
[  155.064249][T10275]  ? lookup_fast+0x156/0x610
[  155.064271][T10275]  walk_component+0x353/0x5b0
[  155.064289][T10275]  path_lookupat+0x142/0x6d0
[  155.064311][T10275]  filename_lookup+0x224/0x5f0
[  155.064333][T10275]  ? __pfx_filename_lookup+0x10/0x10
[  155.064376][T10275]  ? __might_fault+0xe3/0x190
[  155.064393][T10275]  ? __might_fault+0xe3/0x190
[  155.064408][T10275]  ? __might_fault+0x13b/0x190
[  155.064432][T10275]  filename_getxattr+0x9d/0x1a0
[  155.064454][T10275]  ? __pfx_filename_getxattr+0x10/0x10
[  155.064475][T10275]  ? getname_flags.part.0+0x1c5/0x550
[  155.064506][T10275]  path_getxattrat+0x203/0x2d0
[  155.064528][T10275]  ? __pfx_path_getxattrat+0x10/0x10
[  155.064549][T10275]  ? ksys_write+0x190/0x250
[  155.064571][T10275]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  155.064615][T10275]  ? __pfx_ksys_write+0x10/0x10
[  155.064641][T10275]  do_syscall_64+0xcd/0x4c0
[  155.064665][T10275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.064683][T10275] RIP: 0033:0x7fbcce98eba9
[  155.064698][T10275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.064714][T10275] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  155.064731][T10275] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  155.064743][T10275] RDX: 0000000000000000 RSI: 0000200000002880 RDI: 0000200000002840
[  155.064753][T10275] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  155.064763][T10275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.064773][T10275] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  155.064798][T10275]  </TASK>
[  155.220613][T10279] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  155.223588][T10279] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  155.228599][T10279] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  155.228605][   T40] audit: type=1400 audit(1757568025.782:34576): avc:  denied  { firmware_load } for  pid=10278 comm="syz.4.1510" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  155.386605][ T5980] Bluetooth: hci1: command tx timeout
[  155.871798][T10301] loop6: detected capacity change from 0 to 63
[  155.878248][ T8707] buffer_io_error: 25 callbacks suppressed
[  155.878258][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.883620][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.886657][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.889437][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.892301][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.896677][ T8707] Buffer I/O error on dev loop6, logical block 0, async page read
[  155.900757][ T8707] Buffer I/O error on dev loop6, logical block 3, async page read
[  156.116628][T10307] block nbd4: NBD_DISCONNECT
[  156.119258][T10307] block nbd4: Send disconnect failed -107
[  156.122029][T10307] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1521'.
[  156.126503][T10306] block nbd4: Disconnected due to user request.
[  156.129282][T10306] block nbd4: shutting down sockets
[  156.336724][T10316] FAULT_INJECTION: forcing a failure.
[  156.336724][T10316] name failslab, interval 1, probability 0, space 0, times 0
[  156.341506][T10316] CPU: 2 UID: 0 PID: 10316 Comm: syz.2.1525 Not tainted syzkaller #0 PREEMPT(full) 
[  156.341521][T10316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.341528][T10316] Call Trace:
[  156.341533][T10316]  <TASK>
[  156.341537][T10316]  dump_stack_lvl+0x16c/0x1f0
[  156.341554][T10316]  should_fail_ex+0x512/0x640
[  156.341569][T10316]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  156.341582][T10316]  should_failslab+0xc2/0x120
[  156.341595][T10316]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  156.341606][T10316]  ? __d_alloc+0x32/0xae0
[  156.341622][T10316]  __d_alloc+0x32/0xae0
[  156.341636][T10316]  d_alloc_parallel+0x111/0x1480
[  156.341654][T10316]  ? avc_has_perm_noaudit+0x117/0x3b0
[  156.341668][T10316]  ? map_id_range_up+0x2ce/0x3b0
[  156.341681][T10316]  ? __pfx_d_alloc_parallel+0x10/0x10
[  156.341724][T10316]  ? lockdep_init_map_type+0x5c/0x280
[  156.341736][T10316]  ? lockdep_init_map_type+0x5c/0x280
[  156.341748][T10316]  __lookup_slow+0x193/0x460
[  156.341765][T10316]  ? __pfx___lookup_slow+0x10/0x10
[  156.341782][T10316]  ? pcpu_next_md_free_region+0x270/0x380
[  156.341801][T10316]  ? pcpu_next_md_free_region+0x270/0x380
[  156.341816][T10316]  ? d_lookup+0xe7/0x190
[  156.341834][T10316]  lookup_one_unlocked+0xd4/0x120
[  156.341851][T10316]  ovl_lookup_single+0x2ed/0x1270
[  156.341865][T10316]  ? __lock_acquire+0x581/0x1ce0
[  156.341882][T10316]  ? __pfx_ovl_lookup_single+0x10/0x10
[  156.341894][T10316]  ? find_held_lock+0x2b/0x80
[  156.341910][T10316]  ovl_lookup_layer+0x3d4/0x480
[  156.341925][T10316]  ? __pfx_ovl_lookup_layer+0x10/0x10
[  156.341936][T10316]  ? __lock_acquire+0xb97/0x1ce0
[  156.341956][T10316]  ovl_lookup+0x5bc/0x21a0
[  156.341971][T10316]  ? find_held_lock+0x2b/0x80
[  156.341985][T10316]  ? __pfx_ovl_lookup+0x10/0x10
[  156.341998][T10316]  ? d_alloc_parallel+0x828/0x1480
[  156.342018][T10316]  ? register_lock_class+0x41/0x4c0
[  156.342027][T10316]  ? __lock_acquire+0xb97/0x1ce0
[  156.342047][T10316]  ? lockdep_init_map_type+0x5c/0x280
[  156.342059][T10316]  __lookup_slow+0x251/0x460
[  156.342075][T10316]  ? __pfx___lookup_slow+0x10/0x10
[  156.342099][T10316]  ? lookup_fast+0x156/0x610
[  156.342111][T10316]  walk_component+0x353/0x5b0
[  156.342122][T10316]  path_lookupat+0x142/0x6d0
[  156.342132][T10316]  ? __lock_acquire+0xb97/0x1ce0
[  156.342148][T10316]  filename_lookup+0x224/0x5f0
[  156.342161][T10316]  ? __pfx_filename_lookup+0x10/0x10
[  156.342183][T10316]  ? getname_flags.part.0+0x1c5/0x550
[  156.342201][T10316]  user_path_at+0x3a/0x60
[  156.342213][T10316]  do_fchownat+0xf9/0x200
[  156.342227][T10316]  ? __pfx_do_fchownat+0x10/0x10
[  156.342239][T10316]  ? ksys_write+0x1ac/0x250
[  156.342249][T10316]  ? __pfx_ksys_write+0x10/0x10
[  156.342262][T10316]  __x64_sys_lchown+0x7e/0xc0
[  156.342275][T10316]  ? lockdep_hardirqs_on+0x7c/0x110
[  156.342288][T10316]  do_syscall_64+0xcd/0x4c0
[  156.342303][T10316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.342314][T10316] RIP: 0033:0x7f389e38eba9
[  156.342323][T10316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.342333][T10316] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  156.342348][T10316] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  156.342354][T10316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  156.342361][T10316] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  156.342367][T10316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.342373][T10316] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  156.342386][T10316]  </TASK>
[  156.347334][T10317] No control pipe specified
[  156.427263][ T5980] Bluetooth: hci2: command tx timeout
[  156.457475][T10318] SELinux:  policydb string length 8200 does not match expected length 8
[  156.506085][T10318] SELinux: failed to load policy
[  156.527413][T10320] FAULT_INJECTION: forcing a failure.
[  156.527413][T10320] name failslab, interval 1, probability 0, space 0, times 0
[  156.532781][T10320] CPU: 1 UID: 0 PID: 10320 Comm: syz.2.1526 Not tainted syzkaller #0 PREEMPT(full) 
[  156.532804][T10320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.532816][T10320] Call Trace:
[  156.532823][T10320]  <TASK>
[  156.532830][T10320]  dump_stack_lvl+0x16c/0x1f0
[  156.532856][T10320]  should_fail_ex+0x512/0x640
[  156.532879][T10320]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  156.532901][T10320]  should_failslab+0xc2/0x120
[  156.532922][T10320]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  156.532941][T10320]  ? security_file_alloc+0x34/0x2b0
[  156.532973][T10320]  security_file_alloc+0x34/0x2b0
[  156.533000][T10320]  init_file+0x93/0x4c0
[  156.533025][T10320]  alloc_empty_file+0x73/0x1e0
[  156.533049][T10320]  path_openat+0xda/0x2cb0
[  156.533068][T10320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.533096][T10320]  ? __pfx_path_openat+0x10/0x10
[  156.533123][T10320]  do_filp_open+0x20b/0x470
[  156.533143][T10320]  ? __pfx_do_filp_open+0x10/0x10
[  156.533181][T10320]  ? alloc_fd+0x471/0x7d0
[  156.533208][T10320]  do_sys_openat2+0x11b/0x1d0
[  156.533233][T10320]  ? __pfx_do_sys_openat2+0x10/0x10
[  156.533258][T10320]  ? __fget_files+0x20e/0x3c0
[  156.533282][T10320]  __x64_sys_openat+0x174/0x210
[  156.533307][T10320]  ? __pfx___x64_sys_openat+0x10/0x10
[  156.533330][T10320]  ? ksys_write+0x1ac/0x250
[  156.533357][T10320]  do_syscall_64+0xcd/0x4c0
[  156.533383][T10320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.533400][T10320] RIP: 0033:0x7f389e38eba9
[  156.533414][T10320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.533437][T10320] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  156.533455][T10320] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  156.533466][T10320] RDX: 0000000000002000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  156.533477][T10320] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  156.533488][T10320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.533499][T10320] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  156.533522][T10320]  </TASK>
[  156.688972][T10324] netlink: 'syz.4.1528': attribute type 3 has an invalid length.
[  156.692324][T10324] netlink: 'syz.4.1528': attribute type 1 has an invalid length.
[  156.727965][T10334] FAULT_INJECTION: forcing a failure.
[  156.727965][T10334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  156.732025][T10334] CPU: 2 UID: 0 PID: 10334 Comm: syz.2.1531 Not tainted syzkaller #0 PREEMPT(full) 
[  156.732039][T10334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.732046][T10334] Call Trace:
[  156.732050][T10334]  <TASK>
[  156.732054][T10334]  dump_stack_lvl+0x16c/0x1f0
[  156.732072][T10334]  should_fail_ex+0x512/0x640
[  156.732092][T10334]  _copy_from_iter+0x29f/0x1720
[  156.732109][T10334]  ? __alloc_skb+0x200/0x380
[  156.732122][T10334]  ? __pfx__copy_from_iter+0x10/0x10
[  156.732139][T10334]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  156.732158][T10334]  netlink_sendmsg+0x829/0xdd0
[  156.732174][T10334]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.732193][T10334]  ____sys_sendmsg+0xa98/0xc70
[  156.732210][T10334]  ? copy_msghdr_from_user+0x10a/0x160
[  156.732223][T10334]  ? __pfx_____sys_sendmsg+0x10/0x10
[  156.732246][T10334]  ___sys_sendmsg+0x134/0x1d0
[  156.732259][T10334]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.732288][T10334]  __sys_sendmsg+0x16d/0x220
[  156.732302][T10334]  ? __pfx___sys_sendmsg+0x10/0x10
[  156.732323][T10334]  do_syscall_64+0xcd/0x4c0
[  156.732338][T10334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.732350][T10334] RIP: 0033:0x7f389e38eba9
[  156.732359][T10334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.732369][T10334] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.732380][T10334] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  156.732387][T10334] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000006
[  156.732393][T10334] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  156.732399][T10334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.732405][T10334] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  156.732418][T10334]  </TASK>
[  156.810116][T10339] atomic_op ffff88805ebef198 conn xmit_atomic 0000000000000000
[  157.030528][T10354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1537'.
[  157.033385][T10354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1537'.
[  157.410683][T10324] Bluetooth: hci0: Opcode 0x080f failed: -4
[  157.445387][T10363] FAULT_INJECTION: forcing a failure.
[  157.445387][T10363] name failslab, interval 1, probability 0, space 0, times 0
[  157.450289][T10363] CPU: 2 UID: 0 PID: 10363 Comm: syz.4.1541 Not tainted syzkaller #0 PREEMPT(full) 
[  157.450304][T10363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.450311][T10363] Call Trace:
[  157.450315][T10363]  <TASK>
[  157.450320][T10363]  dump_stack_lvl+0x16c/0x1f0
[  157.450339][T10363]  should_fail_ex+0x512/0x640
[  157.450352][T10363]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  157.450366][T10363]  should_failslab+0xc2/0x120
[  157.450378][T10363]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  157.450389][T10363]  ? alloc_inode+0xc3/0x240
[  157.450407][T10363]  alloc_inode+0xc3/0x240
[  157.450422][T10363]  iget_locked+0x2e4/0x830
[  157.450439][T10363]  ? __pfx_iget_locked+0x10/0x10
[  157.450455][T10363]  ? find_held_lock+0x2b/0x80
[  157.450469][T10363]  ? kernfs_root+0xee/0x2a0
[  157.450486][T10363]  kernfs_get_inode+0x48/0x460
[  157.450500][T10363]  kernfs_iop_lookup+0x1a7/0x2d0
[  157.450516][T10363]  lookup_one_qstr_excl+0x1ce/0x250
[  157.450532][T10363]  ? mnt_want_write+0x161/0x450
[  157.450543][T10363]  do_rmdir+0x245/0x3c0
[  157.450556][T10363]  ? __pfx_do_rmdir+0x10/0x10
[  157.450567][T10363]  ? strncpy_from_user+0x203/0x2e0
[  157.450581][T10363]  ? getname_flags.part.0+0x1c5/0x550
[  157.450596][T10363]  ? __pfx_ksys_write+0x10/0x10
[  157.450609][T10363]  __x64_sys_unlinkat+0xef/0x130
[  157.450623][T10363]  do_syscall_64+0xcd/0x4c0
[  157.450638][T10363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.450649][T10363] RIP: 0033:0x7fbcce98eba9
[  157.450658][T10363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.450668][T10363] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  157.450679][T10363] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  157.450685][T10363] RDX: 0000000000000200 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  157.450692][T10363] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  157.450698][T10363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.450704][T10363] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  157.450717][T10363]  </TASK>
[  157.465478][ T5980] Bluetooth: hci1: command tx timeout
[  157.509489][T10367] netlink: 'syz.4.1543': attribute type 1 has an invalid length.
[  157.533014][T10367] netlink: 228 bytes leftover after parsing attributes in process `syz.4.1543'.
[  157.602793][T10371] FAULT_INJECTION: forcing a failure.
[  157.602793][T10371] name failslab, interval 1, probability 0, space 0, times 0
[  157.608584][T10371] CPU: 0 UID: 0 PID: 10371 Comm: syz.4.1544 Not tainted syzkaller #0 PREEMPT(full) 
[  157.608599][T10371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.608605][T10371] Call Trace:
[  157.608609][T10371]  <TASK>
[  157.608613][T10371]  dump_stack_lvl+0x16c/0x1f0
[  157.608631][T10371]  should_fail_ex+0x512/0x640
[  157.608646][T10371]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  157.608659][T10371]  should_failslab+0xc2/0x120
[  157.608671][T10371]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  157.608682][T10371]  ? copy_process+0x4b6/0x7690
[  157.608697][T10371]  ? _raw_spin_unlock_irq+0x23/0x50
[  157.608711][T10371]  copy_process+0x4b6/0x7690
[  157.608731][T10371]  ? __pfx_copy_process+0x10/0x10
[  157.608748][T10371]  ? lockdep_init_map_type+0x5c/0x280
[  157.608759][T10371]  ? lockdep_init_map_type+0x5c/0x280
[  157.608769][T10371]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  157.608784][T10371]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  157.608801][T10371]  vhost_task_create+0x1d2/0x2e0
[  157.608813][T10371]  ? __pfx_vhost_task_create+0x10/0x10
[  157.608828][T10371]  ? __pfx_vhost_task_fn+0x10/0x10
[  157.608845][T10371]  kvm_mmu_post_init_vm+0x1b7/0x380
[  157.608858][T10371]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  157.608874][T10371]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  157.608892][T10371]  kvm_vcpu_ioctl+0x5eb/0x1690
[  157.608907][T10371]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.608921][T10371]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.608935][T10371]  ? do_vfs_ioctl+0x128/0x14f0
[  157.608952][T10371]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  157.608968][T10371]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  157.608989][T10371]  ? hook_file_ioctl_common+0x145/0x410
[  157.609004][T10371]  ? selinux_file_ioctl+0x180/0x270
[  157.609018][T10371]  ? selinux_file_ioctl+0xb4/0x270
[  157.609034][T10371]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.609049][T10371]  __x64_sys_ioctl+0x18b/0x210
[  157.609066][T10371]  do_syscall_64+0xcd/0x4c0
[  157.609081][T10371]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.609092][T10371] RIP: 0033:0x7fbcce98eba9
[  157.609101][T10371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.609111][T10371] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.609122][T10371] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  157.609133][T10371] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  157.609140][T10371] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  157.609146][T10371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  157.609152][T10371] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  157.609165][T10371]  </TASK>
[  157.728022][   T40] kauditd_printk_skb: 9 callbacks suppressed
[  157.728032][   T40] audit: type=1400 audit(1757568028.272:34586): avc:  denied  { setattr } for  pid=10374 comm="syz.3.1546" name="SCTP" dev="sockfs" ino=46572 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  157.771507][T10377] overlayfs: failed to resolve './file1': -2
[  157.834559][T10381] can0: slcan on ttyprintk.
[  157.839205][T10381] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10381 comm=syz.3.1549
[  157.849274][   T40] audit: type=1400 audit(1757568028.402:34587): avc:  denied  { accept } for  pid=10380 comm="syz.3.1549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  157.982398][   T40] audit: type=1400 audit(1757568028.532:34588): avc:  denied  { create } for  pid=10397 comm="syz.2.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  157.989397][   T40] audit: type=1400 audit(1757568028.532:34589): avc:  denied  { ioctl } for  pid=10397 comm="syz.2.1552" path="socket:[47578]" dev="sockfs" ino=47578 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  157.998232][   T40] audit: type=1400 audit(1757568028.532:34590): avc:  denied  { bind } for  pid=10397 comm="syz.2.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  158.033824][T10402] FAULT_INJECTION: forcing a failure.
[  158.033824][T10402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.039572][T10402] CPU: 0 UID: 0 PID: 10402 Comm: syz.4.1553 Not tainted syzkaller #0 PREEMPT(full) 
[  158.039587][T10402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.039605][T10402] Call Trace:
[  158.039611][T10402]  <TASK>
[  158.039616][T10402]  dump_stack_lvl+0x16c/0x1f0
[  158.039634][T10402]  should_fail_ex+0x512/0x640
[  158.039650][T10402]  _copy_to_user+0x32/0xd0
[  158.039668][T10402]  simple_read_from_buffer+0xcb/0x170
[  158.039681][T10402]  proc_fail_nth_read+0x197/0x240
[  158.039694][T10402]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.039707][T10402]  ? rw_verify_area+0xcf/0x6c0
[  158.039724][T10402]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.039736][T10402]  vfs_read+0x1e1/0xcf0
[  158.039748][T10402]  ? __pfx___mutex_lock+0x10/0x10
[  158.039763][T10402]  ? __pfx_vfs_read+0x10/0x10
[  158.039777][T10402]  ? __fget_files+0x20e/0x3c0
[  158.039793][T10402]  ksys_read+0x12a/0x250
[  158.039804][T10402]  ? __pfx_ksys_read+0x10/0x10
[  158.039814][T10402]  ? fput+0x9b/0xd0
[  158.039830][T10402]  do_syscall_64+0xcd/0x4c0
[  158.039846][T10402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.039858][T10402] RIP: 0033:0x7fbcce98d5bc
[  158.039866][T10402] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  158.039877][T10402] RSP: 002b:00007fbccf893030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  158.039887][T10402] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98d5bc
[  158.039893][T10402] RDX: 000000000000000f RSI: 00007fbccf8930a0 RDI: 0000000000000005
[  158.039900][T10402] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  158.039906][T10402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.039911][T10402] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  158.039925][T10402]  </TASK>
[  158.124307][T10408] netlink: 'syz.4.1555': attribute type 10 has an invalid length.
[  158.131437][T10408] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.135036][T10408] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.143025][T10408] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.146054][T10408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.149164][T10408] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.152071][T10408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.159556][T10408] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  158.164613][T10411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1557'.
[  158.289177][T10416] could not allocate digest TFM handle cryptd(blake2b-160)
[  158.295686][T10382] can0 (unregistered): slcan off ttyprintk.
[  158.452333][T10432] FAULT_INJECTION: forcing a failure.
[  158.452333][T10432] name failslab, interval 1, probability 0, space 0, times 0
[  158.460291][T10432] CPU: 1 UID: 0 PID: 10432 Comm: syz.2.1560 Not tainted syzkaller #0 PREEMPT(full) 
[  158.460314][T10432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.460323][T10432] Call Trace:
[  158.460331][T10432]  <TASK>
[  158.460338][T10432]  dump_stack_lvl+0x16c/0x1f0
[  158.460371][T10432]  should_fail_ex+0x512/0x640
[  158.460394][T10432]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  158.460412][T10432]  should_failslab+0xc2/0x120
[  158.460430][T10432]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  158.460450][T10432]  ? copy_process+0x4b6/0x7690
[  158.460475][T10432]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.460498][T10432]  copy_process+0x4b6/0x7690
[  158.460531][T10432]  ? __pfx_copy_process+0x10/0x10
[  158.460558][T10432]  ? lockdep_init_map_type+0x5c/0x280
[  158.460575][T10432]  ? lockdep_init_map_type+0x5c/0x280
[  158.460589][T10432]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  158.460613][T10432]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  158.460641][T10432]  vhost_task_create+0x1d2/0x2e0
[  158.460661][T10432]  ? __pfx_vhost_task_create+0x10/0x10
[  158.460687][T10432]  ? __pfx_vhost_task_fn+0x10/0x10
[  158.460717][T10432]  kvm_mmu_post_init_vm+0x1b7/0x380
[  158.460759][T10432]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  158.460784][T10432]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  158.460813][T10432]  kvm_vcpu_ioctl+0x5eb/0x1690
[  158.460838][T10432]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.460861][T10432]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.460882][T10432]  ? do_vfs_ioctl+0x128/0x14f0
[  158.460908][T10432]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  158.460932][T10432]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  158.460966][T10432]  ? hook_file_ioctl_common+0x145/0x410
[  158.460994][T10432]  ? selinux_file_ioctl+0x180/0x270
[  158.461016][T10432]  ? selinux_file_ioctl+0xb4/0x270
[  158.461042][T10432]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.461066][T10432]  __x64_sys_ioctl+0x18b/0x210
[  158.461092][T10432]  do_syscall_64+0xcd/0x4c0
[  158.461116][T10432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.461134][T10432] RIP: 0033:0x7f389e38eba9
[  158.461149][T10432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.461164][T10432] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.461180][T10432] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  158.461191][T10432] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  158.461201][T10432] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  158.461213][T10432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.461224][T10432] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  158.461247][T10432]  </TASK>
[  158.569386][    C1] vkms_vblank_simulate: vblank timer overrun
[  158.571949][ T5980] Bluetooth: hci2: command tx timeout
[  158.705930][T10439] FAULT_INJECTION: forcing a failure.
[  158.705930][T10439] name failslab, interval 1, probability 0, space 0, times 0
[  158.709998][T10439] CPU: 2 UID: 0 PID: 10439 Comm: syz.2.1562 Not tainted syzkaller #0 PREEMPT(full) 
[  158.710015][T10439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.710022][T10439] Call Trace:
[  158.710026][T10439]  <TASK>
[  158.710031][T10439]  dump_stack_lvl+0x16c/0x1f0
[  158.710050][T10439]  should_fail_ex+0x512/0x640
[  158.710064][T10439]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  158.710077][T10439]  should_failslab+0xc2/0x120
[  158.710089][T10439]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  158.710100][T10439]  ? copy_process+0x4b6/0x7690
[  158.710115][T10439]  ? _raw_spin_unlock_irq+0x23/0x50
[  158.710129][T10439]  copy_process+0x4b6/0x7690
[  158.710149][T10439]  ? __pfx_copy_process+0x10/0x10
[  158.710165][T10439]  ? lockdep_init_map_type+0x5c/0x280
[  158.710177][T10439]  ? lockdep_init_map_type+0x5c/0x280
[  158.710186][T10439]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  158.710202][T10439]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  158.710219][T10439]  vhost_task_create+0x1d2/0x2e0
[  158.710230][T10439]  ? __pfx_vhost_task_create+0x10/0x10
[  158.710244][T10439]  ? __pfx_vhost_task_fn+0x10/0x10
[  158.710261][T10439]  kvm_mmu_post_init_vm+0x1b7/0x380
[  158.710274][T10439]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  158.710290][T10439]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  158.710306][T10439]  kvm_vcpu_ioctl+0x5eb/0x1690
[  158.710322][T10439]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.710336][T10439]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.710349][T10439]  ? do_vfs_ioctl+0x128/0x14f0
[  158.710365][T10439]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  158.710385][T10439]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  158.710406][T10439]  ? hook_file_ioctl_common+0x145/0x410
[  158.710422][T10439]  ? selinux_file_ioctl+0x180/0x270
[  158.710436][T10439]  ? selinux_file_ioctl+0xb4/0x270
[  158.710452][T10439]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.710467][T10439]  __x64_sys_ioctl+0x18b/0x210
[  158.710484][T10439]  do_syscall_64+0xcd/0x4c0
[  158.710499][T10439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.710510][T10439] RIP: 0033:0x7f389e38eba9
[  158.710519][T10439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.710529][T10439] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.710540][T10439] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  158.710547][T10439] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  158.710553][T10439] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  158.710559][T10439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.710565][T10439] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  158.710578][T10439]  </TASK>
[  158.745479][ T5980] Bluetooth: hci0: command 0x080f tx timeout
[  158.933180][T10443] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  158.968766][T10454] FAULT_INJECTION: forcing a failure.
[  158.968766][T10454] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  158.972864][T10454] CPU: 2 UID: 0 PID: 10454 Comm: syz.3.1566 Not tainted syzkaller #0 PREEMPT(full) 
[  158.972878][T10454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.972884][T10454] Call Trace:
[  158.972888][T10454]  <TASK>
[  158.972893][T10454]  dump_stack_lvl+0x16c/0x1f0
[  158.972910][T10454]  should_fail_ex+0x512/0x640
[  158.972926][T10454]  _copy_to_user+0x32/0xd0
[  158.972944][T10454]  simple_read_from_buffer+0xcb/0x170
[  158.972956][T10454]  proc_fail_nth_read+0x197/0x240
[  158.972970][T10454]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.972983][T10454]  ? rw_verify_area+0xcf/0x6c0
[  158.972999][T10454]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  158.973011][T10454]  vfs_read+0x1e1/0xcf0
[  158.973023][T10454]  ? __pfx___mutex_lock+0x10/0x10
[  158.973038][T10454]  ? __pfx_vfs_read+0x10/0x10
[  158.973051][T10454]  ? __fget_files+0x20e/0x3c0
[  158.973067][T10454]  ksys_read+0x12a/0x250
[  158.973077][T10454]  ? __pfx_ksys_read+0x10/0x10
[  158.973091][T10454]  do_syscall_64+0xcd/0x4c0
[  158.973106][T10454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.973118][T10454] RIP: 0033:0x7fc47d98d5bc
[  158.973127][T10454] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  158.973138][T10454] RSP: 002b:00007fc47e764030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  158.973149][T10454] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98d5bc
[  158.973156][T10454] RDX: 000000000000000f RSI: 00007fc47e7640a0 RDI: 0000000000000003
[  158.973162][T10454] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  158.973168][T10454] R10: 000000000000007a R11: 0000000000000246 R12: 0000000000000001
[  158.973174][T10454] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  158.973187][T10454]  </TASK>
[  159.794394][T10471] FAULT_INJECTION: forcing a failure.
[  159.794394][T10471] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.800541][T10471] CPU: 3 UID: 0 PID: 10471 Comm: syz.3.1573 Not tainted syzkaller #0 PREEMPT(full) 
[  159.800564][T10471] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.800576][T10471] Call Trace:
[  159.800582][T10471]  <TASK>
[  159.800589][T10471]  dump_stack_lvl+0x16c/0x1f0
[  159.800631][T10471]  should_fail_ex+0x512/0x640
[  159.800662][T10471]  _copy_to_user+0x32/0xd0
[  159.800690][T10471]  simple_read_from_buffer+0xcb/0x170
[  159.800710][T10471]  proc_fail_nth_read+0x197/0x240
[  159.800732][T10471]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  159.800754][T10471]  ? rw_verify_area+0xcf/0x6c0
[  159.800780][T10471]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  159.800800][T10471]  vfs_read+0x1e1/0xcf0
[  159.800822][T10471]  ? __pfx___mutex_lock+0x10/0x10
[  159.800849][T10471]  ? __pfx_vfs_read+0x10/0x10
[  159.800873][T10471]  ? __fget_files+0x20e/0x3c0
[  159.800900][T10471]  ksys_read+0x12a/0x250
[  159.800917][T10471]  ? __pfx_ksys_read+0x10/0x10
[  159.800935][T10471]  ? fput+0x9b/0xd0
[  159.800961][T10471]  do_syscall_64+0xcd/0x4c0
[  159.800986][T10471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.801004][T10471] RIP: 0033:0x7fc47d98d5bc
[  159.801019][T10471] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  159.801035][T10471] RSP: 002b:00007fc47e764030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  159.801057][T10471] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98d5bc
[  159.801068][T10471] RDX: 000000000000000f RSI: 00007fc47e7640a0 RDI: 0000000000000006
[  159.801079][T10471] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  159.801089][T10471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.801098][T10471] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  159.801120][T10471]  </TASK>
[  159.919830][T10484] FAULT_INJECTION: forcing a failure.
[  159.919830][T10484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.924243][T10484] CPU: 1 UID: 0 PID: 10484 Comm: syz.2.1575 Not tainted syzkaller #0 PREEMPT(full) 
[  159.924258][T10484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.924265][T10484] Call Trace:
[  159.924269][T10484]  <TASK>
[  159.924273][T10484]  dump_stack_lvl+0x16c/0x1f0
[  159.924292][T10484]  should_fail_ex+0x512/0x640
[  159.924308][T10484]  _copy_from_iter+0x29f/0x1720
[  159.924326][T10484]  ? __alloc_skb+0x200/0x380
[  159.924339][T10484]  ? __pfx__copy_from_iter+0x10/0x10
[  159.924361][T10484]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  159.924379][T10484]  netlink_sendmsg+0x829/0xdd0
[  159.924395][T10484]  ? __pfx_netlink_sendmsg+0x10/0x10
[  159.924414][T10484]  ____sys_sendmsg+0xa98/0xc70
[  159.924431][T10484]  ? copy_msghdr_from_user+0x10a/0x160
[  159.924445][T10484]  ? __pfx_____sys_sendmsg+0x10/0x10
[  159.924467][T10484]  ___sys_sendmsg+0x134/0x1d0
[  159.924492][T10484]  ? __pfx____sys_sendmsg+0x10/0x10
[  159.924523][T10484]  __sys_sendmsg+0x16d/0x220
[  159.924537][T10484]  ? __pfx___sys_sendmsg+0x10/0x10
[  159.924559][T10484]  do_syscall_64+0xcd/0x4c0
[  159.924574][T10484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.924585][T10484] RIP: 0033:0x7f389e38eba9
[  159.924594][T10484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.924605][T10484] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  159.924616][T10484] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  159.924623][T10484] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  159.924629][T10484] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  159.924635][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.924641][T10484] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  159.924655][T10484]  </TASK>
[  159.983988][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.038583][T10494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1581'.
[  160.041805][T10494] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1581'.
[  160.106869][   T40] audit: type=1400 audit(1757568030.662:34591): avc:  denied  { setopt } for  pid=10498 comm="syz.2.1584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  160.113304][   T40] audit: type=1400 audit(1757568030.662:34592): avc:  denied  { listen } for  pid=10498 comm="syz.2.1584" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  160.158948][T10509] batadv_slave_0: entered promiscuous mode
[  160.160830][T10509] batadv_slave_0: entered allmulticast mode
[  160.165612][T10509] dlm: no locking on control device
[  160.195839][T10514] FAULT_INJECTION: forcing a failure.
[  160.195839][T10514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.199939][T10514] CPU: 0 UID: 0 PID: 10514 Comm: syz.2.1590 Not tainted syzkaller #0 PREEMPT(full) 
[  160.199953][T10514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.199959][T10514] Call Trace:
[  160.199963][T10514]  <TASK>
[  160.199967][T10514]  dump_stack_lvl+0x16c/0x1f0
[  160.199999][T10514]  should_fail_ex+0x512/0x640
[  160.200019][T10514]  _copy_from_iter+0x29f/0x1720
[  160.200037][T10514]  ? __alloc_skb+0x200/0x380
[  160.200052][T10514]  ? __pfx__copy_from_iter+0x10/0x10
[  160.200069][T10514]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  160.200087][T10514]  netlink_sendmsg+0x829/0xdd0
[  160.200104][T10514]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.200126][T10514]  ____sys_sendmsg+0xa98/0xc70
[  160.200143][T10514]  ? copy_msghdr_from_user+0x10a/0x160
[  160.200156][T10514]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.200177][T10514]  ___sys_sendmsg+0x134/0x1d0
[  160.200191][T10514]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.200233][T10514]  __sys_sendmsg+0x16d/0x220
[  160.200247][T10514]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.200270][T10514]  do_syscall_64+0xcd/0x4c0
[  160.200289][T10514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.200300][T10514] RIP: 0033:0x7f389e38eba9
[  160.200309][T10514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.200319][T10514] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.200330][T10514] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  160.200337][T10514] RDX: 0000000000040000 RSI: 0000200000000200 RDI: 0000000000000005
[  160.200344][T10514] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  160.200350][T10514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.200356][T10514] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  160.200369][T10514]  </TASK>
[  160.276200][T10518] syzkaller1: entered promiscuous mode
[  160.278298][T10518] syzkaller1: entered allmulticast mode
[  160.330723][   T40] audit: type=1400 audit(1757568030.882:34593): avc:  denied  { accept } for  pid=10519 comm="syz.2.1593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  160.353587][   T40] audit: type=1400 audit(1757568030.902:34594): avc:  denied  { create } for  pid=10527 comm="syz.2.1594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  160.361964][   T40] audit: type=1400 audit(1757568030.912:34595): avc:  denied  { bind } for  pid=10527 comm="syz.2.1594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  160.385088][T10532] FAULT_INJECTION: forcing a failure.
[  160.385088][T10532] name failslab, interval 1, probability 0, space 0, times 0
[  160.389325][T10532] CPU: 2 UID: 0 PID: 10532 Comm: syz.2.1595 Not tainted syzkaller #0 PREEMPT(full) 
[  160.389345][T10532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.389352][T10532] Call Trace:
[  160.389356][T10532]  <TASK>
[  160.389361][T10532]  dump_stack_lvl+0x16c/0x1f0
[  160.389379][T10532]  should_fail_ex+0x512/0x640
[  160.389393][T10532]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  160.389412][T10532]  should_failslab+0xc2/0x120
[  160.389425][T10532]  __kmalloc_cache_noprof+0x6a/0x3e0
[  160.389442][T10532]  ? init_srcu_struct_fields+0x97a/0xde0
[  160.389457][T10532]  init_srcu_struct_fields+0x97a/0xde0
[  160.389470][T10532]  ? lockdep_init_map_type+0x5c/0x280
[  160.389483][T10532]  hci_alloc_dev_priv+0x45/0x28a0
[  160.389497][T10532]  hci_uart_tty_ioctl+0x38f/0xc30
[  160.389514][T10532]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  160.389528][T10532]  tty_ioctl+0x6fd/0x1680
[  160.389542][T10532]  ? __pfx_tty_ioctl+0x10/0x10
[  160.389556][T10532]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  160.389578][T10532]  ? hook_file_ioctl_common+0x145/0x410
[  160.389595][T10532]  ? selinux_file_ioctl+0x180/0x270
[  160.389610][T10532]  ? selinux_file_ioctl+0xb4/0x270
[  160.389627][T10532]  ? __pfx_tty_ioctl+0x10/0x10
[  160.389641][T10532]  __x64_sys_ioctl+0x18b/0x210
[  160.389688][T10532]  do_syscall_64+0xcd/0x4c0
[  160.389705][T10532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.389717][T10532] RIP: 0033:0x7f389e38eba9
[  160.389726][T10532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.389737][T10532] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.389748][T10532] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  160.389755][T10532] RDX: 000000000000000b RSI: 00000000400455c8 RDI: 0000000000000003
[  160.389761][T10532] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  160.389768][T10532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.389775][T10532] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  160.389789][T10532]  </TASK>
[  160.389801][T10532] Bluetooth: Can't allocate HCI device
[  160.474312][T10539] fuse: Unknown parameter 'rootmoe'
[  160.491424][T10542] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1598'.
[  160.495231][T10539] 8021q: adding VLAN 0 to HW filter on device bond1
[  160.603382][T10563] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1605'.
[  160.607786][T10563] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1605'.
[  160.670429][T10568] FAULT_INJECTION: forcing a failure.
[  160.670429][T10568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.674523][T10568] CPU: 0 UID: 0 PID: 10568 Comm: syz.4.1607 Not tainted syzkaller #0 PREEMPT(full) 
[  160.674537][T10568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  160.674543][T10568] Call Trace:
[  160.674548][T10568]  <TASK>
[  160.674552][T10568]  dump_stack_lvl+0x16c/0x1f0
[  160.674570][T10568]  should_fail_ex+0x512/0x640
[  160.674586][T10568]  _copy_from_iter+0x29f/0x1720
[  160.674603][T10568]  ? __alloc_skb+0x200/0x380
[  160.674616][T10568]  ? __pfx__copy_from_iter+0x10/0x10
[  160.674633][T10568]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  160.674652][T10568]  netlink_sendmsg+0x829/0xdd0
[  160.674668][T10568]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.674687][T10568]  ____sys_sendmsg+0xa98/0xc70
[  160.674704][T10568]  ? copy_msghdr_from_user+0x10a/0x160
[  160.674717][T10568]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.674739][T10568]  ___sys_sendmsg+0x134/0x1d0
[  160.674753][T10568]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.674781][T10568]  __sys_sendmsg+0x16d/0x220
[  160.674794][T10568]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.674816][T10568]  do_syscall_64+0xcd/0x4c0
[  160.674830][T10568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.674842][T10568] RIP: 0033:0x7fbcce98eba9
[  160.674851][T10568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.674861][T10568] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.674871][T10568] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  160.674878][T10568] RDX: 0000000000000844 RSI: 0000200000000040 RDI: 0000000000000004
[  160.674884][T10568] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  160.674890][T10568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.674896][T10568] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  160.674909][T10568]  </TASK>
[  160.769591][T10569] netlink: 144 bytes leftover after parsing attributes in process `syz.3.1604'.
[  161.061807][T10597] VFS: Not enough memory to send quota warning.
[  161.155834][T10604] kvm: kvm [10603]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x200000000240
[  161.257192][T10616] sch_tbf: burst 1023 is lower than device lo mtu (65550) !
[  161.266884][T10616] FAULT_INJECTION: forcing a failure.
[  161.266884][T10616] name failslab, interval 1, probability 0, space 0, times 0
[  161.272213][T10616] CPU: 3 UID: 0 PID: 10616 Comm: syz.4.1623 Not tainted syzkaller #0 PREEMPT(full) 
[  161.272236][T10616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.272248][T10616] Call Trace:
[  161.272254][T10616]  <TASK>
[  161.272261][T10616]  dump_stack_lvl+0x16c/0x1f0
[  161.272289][T10616]  should_fail_ex+0x512/0x640
[  161.272311][T10616]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  161.272340][T10616]  should_failslab+0xc2/0x120
[  161.272360][T10616]  __kmalloc_cache_noprof+0x6a/0x3e0
[  161.272385][T10616]  ? __genradix_ptr_alloc+0x340/0x5f0
[  161.272409][T10616]  ? sctp_auth_shkey_create+0x9e/0x210
[  161.272434][T10616]  sctp_auth_shkey_create+0x9e/0x210
[  161.272456][T10616]  sctp_auth_asoc_copy_shkeys+0x1f2/0x360
[  161.272481][T10616]  sctp_association_new+0x19ad/0x2a00
[  161.272510][T10616]  sctp_connect_new_asoc+0x1a8/0x770
[  161.272536][T10616]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  161.272560][T10616]  ? selinux_sctp_bind_connect+0x112/0x2c0
[  161.272588][T10616]  sctp_sendmsg+0x1560/0x1e10
[  161.272620][T10616]  ? __pfx_sctp_sendmsg+0x10/0x10
[  161.272647][T10616]  ? __pfx_sock_has_perm+0x10/0x10
[  161.272680][T10616]  ? __pfx_sctp_sendmsg+0x10/0x10
[  161.272717][T10616]  inet_sendmsg+0x11c/0x140
[  161.272733][T10616]  __sys_sendto+0x43c/0x520
[  161.272749][T10616]  ? __pfx___sys_sendto+0x10/0x10
[  161.272780][T10616]  ? ksys_write+0x1ac/0x250
[  161.272795][T10616]  ? __pfx_ksys_write+0x10/0x10
[  161.272811][T10616]  __x64_sys_sendto+0xe0/0x1c0
[  161.272825][T10616]  ? do_syscall_64+0x91/0x4c0
[  161.272842][T10616]  ? lockdep_hardirqs_on+0x7c/0x110
[  161.272858][T10616]  do_syscall_64+0xcd/0x4c0
[  161.272877][T10616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.272890][T10616] RIP: 0033:0x7fbcce98eba9
[  161.272901][T10616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.272914][T10616] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  161.272928][T10616] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  161.272937][T10616] RDX: 000000000000fee4 RSI: 0000200000847fff RDI: 0000000000000009
[  161.272945][T10616] RBP: 00007fbccf893090 R08: 000020000005ffe4 R09: 000000000000001c
[  161.272954][T10616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.272962][T10616] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  161.272981][T10616]  </TASK>
[  161.413942][T10621] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1625'.
[  161.443706][T10623] FAULT_INJECTION: forcing a failure.
[  161.443706][T10623] name failslab, interval 1, probability 0, space 0, times 0
[  161.447864][T10623] CPU: 0 UID: 0 PID: 10623 Comm: syz.4.1626 Not tainted syzkaller #0 PREEMPT(full) 
[  161.447887][T10623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.447898][T10623] Call Trace:
[  161.447905][T10623]  <TASK>
[  161.447912][T10623]  dump_stack_lvl+0x16c/0x1f0
[  161.447939][T10623]  should_fail_ex+0x512/0x640
[  161.447962][T10623]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  161.447991][T10623]  should_failslab+0xc2/0x120
[  161.448011][T10623]  __kmalloc_cache_noprof+0x6a/0x3e0
[  161.448036][T10623]  ? find_held_lock+0x2b/0x80
[  161.448056][T10623]  ? udmabuf_create+0xbf/0x11a0
[  161.448078][T10623]  udmabuf_create+0xbf/0x11a0
[  161.448092][T10623]  ? __lock_acquire+0xb97/0x1ce0
[  161.448114][T10623]  ? __pfx_udmabuf_create+0x10/0x10
[  161.448127][T10623]  ? find_held_lock+0x2b/0x80
[  161.448139][T10623]  ? __might_fault+0xe3/0x190
[  161.448149][T10623]  ? __might_fault+0xe3/0x190
[  161.448159][T10623]  ? __might_fault+0x13b/0x190
[  161.448173][T10623]  udmabuf_ioctl+0x192/0x310
[  161.448187][T10623]  ? __pfx_udmabuf_ioctl+0x10/0x10
[  161.448205][T10623]  ? selinux_file_ioctl+0xb4/0x270
[  161.448222][T10623]  ? __pfx_udmabuf_ioctl+0x10/0x10
[  161.448236][T10623]  __x64_sys_ioctl+0x18b/0x210
[  161.448253][T10623]  do_syscall_64+0xcd/0x4c0
[  161.448268][T10623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.448280][T10623] RIP: 0033:0x7fbcce98eba9
[  161.448288][T10623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.448299][T10623] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.448310][T10623] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  161.448316][T10623] RDX: 0000200000000040 RSI: 0000000040187542 RDI: 0000000000000004
[  161.448322][T10623] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  161.448329][T10623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.448335][T10623] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  161.448347][T10623]  </TASK>
[  161.590799][T10629] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  161.631248][T10632] FAULT_INJECTION: forcing a failure.
[  161.631248][T10632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  161.635543][T10632] CPU: 2 UID: 0 PID: 10632 Comm: syz.5.1630 Not tainted syzkaller #0 PREEMPT(full) 
[  161.635557][T10632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  161.635563][T10632] Call Trace:
[  161.635567][T10632]  <TASK>
[  161.635572][T10632]  dump_stack_lvl+0x16c/0x1f0
[  161.635589][T10632]  should_fail_ex+0x512/0x640
[  161.635604][T10632]  strncpy_from_user+0x3b/0x2e0
[  161.635618][T10632]  getname_flags.part.0+0x8f/0x550
[  161.635637][T10632]  getname_flags+0x93/0xf0
[  161.635648][T10632]  __x64_sys_renameat2+0xd4/0x130
[  161.635663][T10632]  do_syscall_64+0xcd/0x4c0
[  161.635677][T10632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.635688][T10632] RIP: 0033:0x7f4ea8d8eba9
[  161.635697][T10632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  161.635708][T10632] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  161.635718][T10632] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  161.635725][T10632] RDX: ffffffffffffff9c RSI: 0000200000000000 RDI: ffffffffffffff9c
[  161.635731][T10632] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  161.635737][T10632] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  161.635743][T10632] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  161.635756][T10632]  </TASK>
[  161.690938][ T5980] Bluetooth: hci1: Unable to find connection with handle 0xa557
[  161.889969][T10638] fuse: Unknown parameter '�ser_id'
[  162.012604][T10640] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  162.015742][T10640] overlayfs: missing 'lowerdir'
[  162.018602][T10640] xt_l2tp: wrong L2TP version: 0
[  162.048147][T10642] netlink: 'syz.3.1634': attribute type 1 has an invalid length.
[  162.061111][T10642] 8021q: adding VLAN 0 to HW filter on device bond2
[  162.064070][T10642] FAULT_INJECTION: forcing a failure.
[  162.064070][T10642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  162.069189][T10642] CPU: 0 UID: 0 PID: 10642 Comm: syz.3.1634 Not tainted syzkaller #0 PREEMPT(full) 
[  162.069203][T10642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.069209][T10642] Call Trace:
[  162.069213][T10642]  <TASK>
[  162.069217][T10642]  dump_stack_lvl+0x16c/0x1f0
[  162.069234][T10642]  should_fail_ex+0x512/0x640
[  162.069250][T10642]  _copy_from_iter+0x29f/0x1720
[  162.069268][T10642]  ? __alloc_skb+0x200/0x380
[  162.069281][T10642]  ? __pfx__copy_from_iter+0x10/0x10
[  162.069296][T10642]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  162.069311][T10642]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  162.069330][T10642]  netlink_sendmsg+0x829/0xdd0
[  162.069351][T10642]  ? __pfx_netlink_sendmsg+0x10/0x10
[  162.069370][T10642]  ____sys_sendmsg+0xa98/0xc70
[  162.069386][T10642]  ? copy_msghdr_from_user+0x10a/0x160
[  162.069400][T10642]  ? __pfx_____sys_sendmsg+0x10/0x10
[  162.069422][T10642]  ___sys_sendmsg+0x134/0x1d0
[  162.069435][T10642]  ? __pfx____sys_sendmsg+0x10/0x10
[  162.069464][T10642]  __sys_sendmsg+0x16d/0x220
[  162.069477][T10642]  ? __pfx___sys_sendmsg+0x10/0x10
[  162.069499][T10642]  do_syscall_64+0xcd/0x4c0
[  162.069514][T10642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.069526][T10642] RIP: 0033:0x7fc47d98eba9
[  162.069535][T10642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.069545][T10642] RSP: 002b:00007fc47e764038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  162.069555][T10642] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98eba9
[  162.069562][T10642] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  162.069568][T10642] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  162.069574][T10642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.069580][T10642] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  162.069593][T10642]  </TASK>
[  162.213452][T10653] 8021q: adding VLAN 0 to HW filter on device bond3
[  162.689754][T10676] FAULT_INJECTION: forcing a failure.
[  162.689754][T10676] name failslab, interval 1, probability 0, space 0, times 0
[  162.693697][T10676] CPU: 1 UID: 0 PID: 10676 Comm: syz.5.1647 Not tainted syzkaller #0 PREEMPT(full) 
[  162.693711][T10676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.693718][T10676] Call Trace:
[  162.693722][T10676]  <TASK>
[  162.693726][T10676]  dump_stack_lvl+0x16c/0x1f0
[  162.693759][T10676]  should_fail_ex+0x512/0x640
[  162.693777][T10676]  ? __kmalloc_noprof+0xbf/0x510
[  162.693789][T10676]  ? ioctl_standard_iw_point+0x414/0xca0
[  162.693802][T10676]  should_failslab+0xc2/0x120
[  162.693814][T10676]  __kmalloc_noprof+0xd2/0x510
[  162.693828][T10676]  ioctl_standard_iw_point+0x414/0xca0
[  162.693842][T10676]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  162.693854][T10676]  ? __pfx_ioctl_standard_iw_point+0x10/0x10
[  162.693867][T10676]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[  162.693888][T10676]  ? __pfx___mutex_lock+0x10/0x10
[  162.693910][T10676]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  162.693920][T10676]  ioctl_standard_call+0x166/0x1d0
[  162.693933][T10676]  ? __pfx_ioctl_standard_call+0x10/0x10
[  162.693945][T10676]  ? __pfx_cfg80211_wext_siwessid+0x10/0x10
[  162.693955][T10676]  wireless_process_ioctl.constprop.0+0x291/0x3d0
[  162.693971][T10676]  wext_handle_ioctl+0x226/0x2a0
[  162.693984][T10676]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  162.693999][T10676]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  162.694018][T10676]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  162.694036][T10676]  sock_ioctl+0x3a1/0x6b0
[  162.694048][T10676]  ? __pfx_sock_ioctl+0x10/0x10
[  162.694056][T10676]  ? hook_file_ioctl_common+0x145/0x410
[  162.694071][T10676]  ? selinux_file_ioctl+0x180/0x270
[  162.694086][T10676]  ? selinux_file_ioctl+0xb4/0x270
[  162.694102][T10676]  ? __pfx_sock_ioctl+0x10/0x10
[  162.694112][T10676]  __x64_sys_ioctl+0x18b/0x210
[  162.694128][T10676]  do_syscall_64+0xcd/0x4c0
[  162.694144][T10676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.694156][T10676] RIP: 0033:0x7f4ea8d8eba9
[  162.694164][T10676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.694175][T10676] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.694189][T10676] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  162.694195][T10676] RDX: 0000200000000000 RSI: 0000000000008b1a RDI: 0000000000000004
[  162.694202][T10676] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  162.694208][T10676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.694214][T10676] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  162.694227][T10676]  </TASK>
[  162.777071][    C1] vkms_vblank_simulate: vblank timer overrun
[  162.801118][T10681] FAULT_INJECTION: forcing a failure.
[  162.801118][T10681] name fail_iommufd, interval 1, probability 0, space 0, times 1
[  162.804752][T10681] CPU: 2 UID: 0 PID: 10681 Comm: syz.5.1649 Not tainted syzkaller #0 PREEMPT(full) 
[  162.804766][T10681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  162.804773][T10681] Call Trace:
[  162.804777][T10681]  <TASK>
[  162.804781][T10681]  dump_stack_lvl+0x16c/0x1f0
[  162.804798][T10681]  should_fail_ex+0x512/0x640
[  162.804815][T10681]  iommufd_get_object+0x7a/0x440
[  162.804830][T10681]  ? __pfx_iommufd_get_object+0x10/0x10
[  162.804847][T10681]  iommufd_ioas_map+0x222/0x6c0
[  162.804858][T10681]  ? __might_fault+0xe3/0x190
[  162.804869][T10681]  ? __might_fault+0x13b/0x190
[  162.804880][T10681]  ? __pfx_iommufd_ioas_map+0x10/0x10
[  162.804895][T10681]  iommufd_fops_ioctl+0x34a/0x540
[  162.804909][T10681]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  162.804924][T10681]  ? hook_file_ioctl_common+0x145/0x410
[  162.804940][T10681]  ? selinux_file_ioctl+0x180/0x270
[  162.804955][T10681]  ? selinux_file_ioctl+0xb4/0x270
[  162.804976][T10681]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  162.804990][T10681]  __x64_sys_ioctl+0x18b/0x210
[  162.805023][T10681]  do_syscall_64+0xcd/0x4c0
[  162.805038][T10681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.805049][T10681] RIP: 0033:0x7f4ea8d8eba9
[  162.805059][T10681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.805069][T10681] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.805079][T10681] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  162.805086][T10681] RDX: 00002000000000c0 RSI: 0000000000003b85 RDI: 0000000000000003
[  162.805092][T10681] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  162.805098][T10681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  162.805104][T10681] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  162.805117][T10681]  </TASK>
[  162.810272][   T40] kauditd_printk_skb: 5 callbacks suppressed
[  162.810285][   T40] audit: type=1400 audit(1757568033.362:34601): avc:  denied  { listen } for  pid=10682 comm="syz.4.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  162.842405][T10685] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1651'.
[  162.984149][T10693] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1654'.
[  163.048010][T10698] FAULT_INJECTION: forcing a failure.
[  163.048010][T10698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.049379][T10699] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1656'.
[  163.052046][T10698] CPU: 3 UID: 0 PID: 10698 Comm: syz.3.1657 Not tainted syzkaller #0 PREEMPT(full) 
[  163.052060][T10698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.052066][T10698] Call Trace:
[  163.052070][T10698]  <TASK>
[  163.052075][T10698]  dump_stack_lvl+0x16c/0x1f0
[  163.052092][T10698]  should_fail_ex+0x512/0x640
[  163.052108][T10698]  _copy_from_iter+0x29f/0x1720
[  163.052125][T10698]  ? __alloc_skb+0x200/0x380
[  163.052138][T10698]  ? __pfx__copy_from_iter+0x10/0x10
[  163.052155][T10698]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  163.052174][T10698]  netlink_sendmsg+0x829/0xdd0
[  163.052190][T10698]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.052209][T10698]  ____sys_sendmsg+0xa98/0xc70
[  163.052226][T10698]  ? copy_msghdr_from_user+0x10a/0x160
[  163.052239][T10698]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.052261][T10698]  ___sys_sendmsg+0x134/0x1d0
[  163.052274][T10698]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.052303][T10698]  __sys_sendmsg+0x16d/0x220
[  163.052316][T10698]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.052337][T10698]  do_syscall_64+0xcd/0x4c0
[  163.052353][T10698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.052364][T10698] RIP: 0033:0x7fc47d98eba9
[  163.052373][T10698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.052384][T10698] RSP: 002b:00007fc47e764038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.052394][T10698] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98eba9
[  163.052401][T10698] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  163.052407][T10698] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  163.052413][T10698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.052419][T10698] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  163.052432][T10698]  </TASK>
[  163.111507][   T40] audit: type=1400 audit(1757568033.662:34602): avc:  denied  { mounton } for  pid=10703 comm="syz.3.1659" path="/file0" dev="ramfs" ino=50105 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  163.169928][T10713] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  163.177469][T10712] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  163.182072][T10713] netlink: 'syz.5.1662': attribute type 21 has an invalid length.
[  163.184584][   T40] audit: type=1400 audit(1757568033.732:34603): avc:  denied  { write } for  pid=10710 comm="syz.2.1661" name="usbmon5" dev="devtmpfs" ino=753 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  163.186988][T10712] netlink: 'syz.2.1661': attribute type 10 has an invalid length.
[  163.194410][T10712] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  163.208932][   T40] audit: type=1400 audit(1757568033.762:34604): avc:  denied  { ioctl } for  pid=10716 comm="syz.3.1664" path="socket:[51329]" dev="sockfs" ino=51329 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  163.232180][T10719] FAULT_INJECTION: forcing a failure.
[  163.232180][T10719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  163.237180][T10719] CPU: 3 UID: 0 PID: 10719 Comm: syz.2.1665 Not tainted syzkaller #0 PREEMPT(full) 
[  163.237196][T10719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.237202][T10719] Call Trace:
[  163.237206][T10719]  <TASK>
[  163.237226][T10719]  dump_stack_lvl+0x16c/0x1f0
[  163.237244][T10719]  should_fail_ex+0x512/0x640
[  163.237260][T10719]  _copy_from_iter+0x29f/0x1720
[  163.237277][T10719]  ? __alloc_skb+0x200/0x380
[  163.237291][T10719]  ? __pfx__copy_from_iter+0x10/0x10
[  163.237307][T10719]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  163.237326][T10719]  netlink_sendmsg+0x829/0xdd0
[  163.237344][T10719]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.237363][T10719]  ____sys_sendmsg+0xa98/0xc70
[  163.237380][T10719]  ? copy_msghdr_from_user+0x10a/0x160
[  163.237394][T10719]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.237416][T10719]  ___sys_sendmsg+0x134/0x1d0
[  163.237435][T10719]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.237482][T10719]  __sys_sendmsg+0x16d/0x220
[  163.237504][T10719]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.237537][T10719]  do_syscall_64+0xcd/0x4c0
[  163.237553][T10719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.237565][T10719] RIP: 0033:0x7f389e38eba9
[  163.237574][T10719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.237584][T10719] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.237595][T10719] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  163.237602][T10719] RDX: 0000000000040084 RSI: 0000200000000080 RDI: 0000000000000003
[  163.237608][T10719] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  163.237614][T10719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.237621][T10719] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  163.237650][T10719]  </TASK>
[  163.243010][T10721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=55 sclass=netlink_route_socket pid=10721 comm=syz.5.1666
[  163.290040][T10725] FAULT_INJECTION: forcing a failure.
[  163.290040][T10725] name failslab, interval 1, probability 0, space 0, times 0
[  163.315392][T10729] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  163.318430][T10725] CPU: 3 UID: 0 PID: 10725 Comm: syz.2.1668 Not tainted syzkaller #0 PREEMPT(full) 
[  163.318453][T10725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.318464][T10725] Call Trace:
[  163.318470][T10725]  <TASK>
[  163.318478][T10725]  dump_stack_lvl+0x16c/0x1f0
[  163.318505][T10725]  should_fail_ex+0x512/0x640
[  163.318527][T10725]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  163.318550][T10725]  should_failslab+0xc2/0x120
[  163.318570][T10725]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  163.318589][T10725]  ? copy_process+0x4b6/0x7690
[  163.318615][T10725]  ? _raw_spin_unlock_irq+0x23/0x50
[  163.318638][T10725]  copy_process+0x4b6/0x7690
[  163.318673][T10725]  ? __pfx_copy_process+0x10/0x10
[  163.318699][T10725]  ? lockdep_init_map_type+0x5c/0x280
[  163.318717][T10725]  ? lockdep_init_map_type+0x5c/0x280
[  163.318733][T10725]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  163.318756][T10725]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  163.318783][T10725]  vhost_task_create+0x1d2/0x2e0
[  163.318801][T10725]  ? __pfx_vhost_task_create+0x10/0x10
[  163.318826][T10725]  ? __pfx_vhost_task_fn+0x10/0x10
[  163.318856][T10725]  kvm_mmu_post_init_vm+0x1b7/0x380
[  163.318878][T10725]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  163.318903][T10725]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  163.318933][T10725]  kvm_vcpu_ioctl+0x5eb/0x1690
[  163.318958][T10725]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.318981][T10725]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  163.319003][T10725]  ? do_vfs_ioctl+0x128/0x14f0
[  163.319029][T10725]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  163.319055][T10725]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  163.319095][T10725]  ? hook_file_ioctl_common+0x145/0x410
[  163.319121][T10725]  ? selinux_file_ioctl+0x180/0x270
[  163.319145][T10725]  ? selinux_file_ioctl+0xb4/0x270
[  163.319171][T10725]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  163.319194][T10725]  __x64_sys_ioctl+0x18b/0x210
[  163.319221][T10725]  do_syscall_64+0xcd/0x4c0
[  163.319245][T10725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.319262][T10725] RIP: 0033:0x7f389e38eba9
[  163.319277][T10725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.319292][T10725] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.319308][T10725] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  163.319319][T10725] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  163.319329][T10725] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  163.319338][T10725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.319348][T10725] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  163.319371][T10725]  </TASK>
[  163.366427][T10730] comedi comedi0: s526: I/O port conflict (0xfffffffffffffbff,64)
[  163.450464][   T40] audit: type=1400 audit(1757568034.002:34605): avc:  denied  { nlmsg_read } for  pid=10733 comm="syz.5.1671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  163.481918][T10737] FAULT_INJECTION: forcing a failure.
[  163.481918][T10737] name failslab, interval 1, probability 0, space 0, times 0
[  163.486164][T10737] CPU: 2 UID: 0 PID: 10737 Comm: syz.2.1672 Not tainted syzkaller #0 PREEMPT(full) 
[  163.486186][T10737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  163.486197][T10737] Call Trace:
[  163.486205][T10737]  <TASK>
[  163.486213][T10737]  dump_stack_lvl+0x16c/0x1f0
[  163.486240][T10737]  should_fail_ex+0x512/0x640
[  163.486268][T10737]  should_failslab+0xc2/0x120
[  163.486289][T10737]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  163.486302][T10737]  ? skb_clone+0x190/0x3f0
[  163.486318][T10737]  skb_clone+0x190/0x3f0
[  163.486332][T10737]  netlink_deliver_tap+0xabd/0xd30
[  163.486348][T10737]  netlink_unicast+0x64c/0x870
[  163.486364][T10737]  ? __pfx_netlink_unicast+0x10/0x10
[  163.486380][T10737]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  163.486398][T10737]  netlink_sendmsg+0x8d1/0xdd0
[  163.486414][T10737]  ? __pfx_netlink_sendmsg+0x10/0x10
[  163.486433][T10737]  ____sys_sendmsg+0xa98/0xc70
[  163.486450][T10737]  ? copy_msghdr_from_user+0x10a/0x160
[  163.486464][T10737]  ? __pfx_____sys_sendmsg+0x10/0x10
[  163.486486][T10737]  ___sys_sendmsg+0x134/0x1d0
[  163.486499][T10737]  ? __pfx____sys_sendmsg+0x10/0x10
[  163.486528][T10737]  __sys_sendmsg+0x16d/0x220
[  163.486542][T10737]  ? __pfx___sys_sendmsg+0x10/0x10
[  163.486563][T10737]  do_syscall_64+0xcd/0x4c0
[  163.486578][T10737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.486590][T10737] RIP: 0033:0x7f389e38eba9
[  163.486599][T10737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.486610][T10737] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  163.486620][T10737] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  163.486627][T10737] RDX: 0000000004000080 RSI: 00002000000002c0 RDI: 0000000000000004
[  163.486633][T10737] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  163.486640][T10737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.486646][T10737] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  163.486659][T10737]  </TASK>
[  163.489242][T10738] overlay: filesystem on ./bus not supported as upperdir
[  163.603391][T10746] input: syz1 as /devices/virtual/input/input9
[  163.710681][T10755] openvswitch: netlink: Unknown nsh attribute 0
[  163.712696][T10755] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  163.739183][T10759] tmpfs: Bad value for 'mpol'
[  163.854668][T10776] policy can only be matched on NF_INET_PRE_ROUTING
[  163.854680][T10776] unable to load match
[  163.934662][T10783] hsr_slave_1 (unregistering): left promiscuous mode
[  164.024836][   T40] audit: type=1400 audit(1757568034.572:34606): avc:  denied  { audit_control } for  pid=10799 comm="syz.2.1690" capability=30  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  164.034103][T10800] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  164.037649][T10800] CPU: 1 UID: 0 PID: 10800 Comm: syz.2.1690 Not tainted syzkaller #0 PREEMPT(full) 
[  164.037674][T10800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.037687][T10800] Call Trace:
[  164.037694][T10800]  <TASK>
[  164.037701][T10800]  dump_stack_lvl+0x16c/0x1f0
[  164.037731][T10800]  sysfs_warn_dup+0x7f/0xa0
[  164.037755][T10800]  sysfs_do_create_link_sd+0x124/0x140
[  164.037777][T10800]  sysfs_create_link+0x61/0xc0
[  164.037799][T10800]  device_add+0x62c/0x1aa0
[  164.037826][T10800]  ? __pfx_device_add+0x10/0x10
[  164.037849][T10800]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.037870][T10800]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  164.037896][T10800]  wiphy_register+0x1df4/0x29f0
[  164.037918][T10800]  ? netdev_run_todo+0x864/0x1320
[  164.037942][T10800]  ? __dev_printk+0x270/0x270
[  164.037967][T10800]  ? __pfx_wiphy_register+0x10/0x10
[  164.037996][T10800]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  164.038021][T10800]  ieee80211_register_hw+0x2546/0x4120
[  164.038051][T10800]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  164.038078][T10800]  ? find_held_lock+0x2b/0x80
[  164.038098][T10800]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.038117][T10800]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  164.038139][T10800]  ? __hrtimer_setup+0x176/0x280
[  164.038160][T10800]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  164.038196][T10800]  ? trace_kmalloc+0x2b/0xd0
[  164.038217][T10800]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  164.038236][T10800]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  164.038259][T10800]  ? hwsim_new_radio_nl+0xa0e/0x12c0
[  164.038287][T10800]  ? __asan_memcpy+0x3c/0x60
[  164.038325][T10800]  hwsim_new_radio_nl+0xb51/0x12c0
[  164.038357][T10800]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  164.038396][T10800]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  164.038426][T10800]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  164.038461][T10800]  genl_family_rcv_msg_doit+0x206/0x2f0
[  164.038491][T10800]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  164.038526][T10800]  ? bpf_lsm_capable+0x9/0x10
[  164.038551][T10800]  ? security_capable+0x7e/0x260
[  164.038574][T10800]  ? ns_capable+0xd7/0x110
[  164.038599][T10800]  genl_rcv_msg+0x55c/0x800
[  164.038629][T10800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.038657][T10800]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  164.038689][T10800]  ? __lock_acquire+0x62e/0x1ce0
[  164.038723][T10800]  netlink_rcv_skb+0x155/0x420
[  164.038748][T10800]  ? __pfx_genl_rcv_msg+0x10/0x10
[  164.038777][T10800]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  164.038814][T10800]  ? netlink_deliver_tap+0x1ae/0xd30
[  164.038835][T10800]  ? selinux_netlink_send+0x578/0x830
[  164.038859][T10800]  ? is_vmalloc_addr+0x86/0xa0
[  164.038881][T10800]  genl_rcv+0x28/0x40
[  164.038905][T10800]  netlink_unicast+0x5aa/0x870
[  164.038957][T10800]  ? __pfx_netlink_unicast+0x10/0x10
[  164.038984][T10800]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  164.039014][T10796] FAULT_INJECTION: forcing a failure.
[  164.039014][T10796] name failslab, interval 1, probability 0, space 0, times 0
[  164.039018][T10800]  netlink_sendmsg+0x8d1/0xdd0
[  164.039056][T10800]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.039093][T10800]  ____sys_sendmsg+0xa98/0xc70
[  164.039123][T10800]  ? copy_msghdr_from_user+0x10a/0x160
[  164.039146][T10800]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.039186][T10800]  ___sys_sendmsg+0x134/0x1d0
[  164.039211][T10800]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.039269][T10800]  __sys_sendmsg+0x16d/0x220
[  164.039293][T10800]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.039326][T10800]  ? __x64_sys_futex+0x1e0/0x4c0
[  164.039374][T10800]  do_syscall_64+0xcd/0x4c0
[  164.039400][T10800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.039418][T10800] RIP: 0033:0x7f389e38eba9
[  164.039434][T10800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.039451][T10800] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.039470][T10800] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  164.039483][T10800] RDX: 0000000020004840 RSI: 0000200000000040 RDI: 0000000000000005
[  164.039494][T10800] RBP: 00007f389e411e19 R08: 0000000000000000 R09: 0000000000000000
[  164.039505][T10800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.039516][T10800] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  164.039541][T10800]  </TASK>
[  164.176451][T10796] CPU: 1 UID: 0 PID: 10796 Comm: syz.4.1689 Not tainted syzkaller #0 PREEMPT(full) 
[  164.176467][T10796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.176473][T10796] Call Trace:
[  164.176478][T10796]  <TASK>
[  164.176482][T10796]  dump_stack_lvl+0x16c/0x1f0
[  164.176500][T10796]  should_fail_ex+0x512/0x640
[  164.176516][T10796]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  164.176530][T10796]  should_failslab+0xc2/0x120
[  164.176542][T10796]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  164.176553][T10796]  ? copy_process+0x4b6/0x7690
[  164.176568][T10796]  ? _raw_spin_unlock_irq+0x23/0x50
[  164.176582][T10796]  copy_process+0x4b6/0x7690
[  164.176603][T10796]  ? __pfx_copy_process+0x10/0x10
[  164.176619][T10796]  ? lockdep_init_map_type+0x5c/0x280
[  164.176631][T10796]  ? lockdep_init_map_type+0x5c/0x280
[  164.176641][T10796]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  164.176656][T10796]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  164.176673][T10796]  vhost_task_create+0x1d2/0x2e0
[  164.176684][T10796]  ? __pfx_vhost_task_create+0x10/0x10
[  164.176698][T10796]  ? __pfx_vhost_task_fn+0x10/0x10
[  164.176715][T10796]  kvm_mmu_post_init_vm+0x1b7/0x380
[  164.176728][T10796]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  164.176744][T10796]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  164.176761][T10796]  kvm_vcpu_ioctl+0x5eb/0x1690
[  164.176776][T10796]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.176790][T10796]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.176804][T10796]  ? do_vfs_ioctl+0x128/0x14f0
[  164.176821][T10796]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  164.176837][T10796]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  164.176858][T10796]  ? hook_file_ioctl_common+0x145/0x410
[  164.176873][T10796]  ? selinux_file_ioctl+0x180/0x270
[  164.176888][T10796]  ? selinux_file_ioctl+0xb4/0x270
[  164.176904][T10796]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.176918][T10796]  __x64_sys_ioctl+0x18b/0x210
[  164.176934][T10796]  do_syscall_64+0xcd/0x4c0
[  164.176949][T10796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.176960][T10796] RIP: 0033:0x7fbcce98eba9
[  164.176969][T10796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.176979][T10796] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.176991][T10796] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  164.176997][T10796] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  164.177003][T10796] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  164.177009][T10796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.177015][T10796] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  164.177029][T10796]  </TASK>
[  164.283852][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.307214][T10815] FAULT_INJECTION: forcing a failure.
[  164.307214][T10815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.311180][T10815] CPU: 1 UID: 0 PID: 10815 Comm: syz.2.1691 Not tainted syzkaller #0 PREEMPT(full) 
[  164.311194][T10815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.311201][T10815] Call Trace:
[  164.311205][T10815]  <TASK>
[  164.311209][T10815]  dump_stack_lvl+0x16c/0x1f0
[  164.311227][T10815]  should_fail_ex+0x512/0x640
[  164.311244][T10815]  _copy_from_user+0x2e/0xd0
[  164.311260][T10815]  map_update_elem+0x578/0x930
[  164.311274][T10815]  ? __pfx_map_update_elem+0x10/0x10
[  164.311287][T10815]  ? selinux_bpf+0xee/0x130
[  164.311304][T10815]  __sys_bpf+0x161a/0x4de0
[  164.311320][T10815]  ? __pfx___sys_bpf+0x10/0x10
[  164.311334][T10815]  ? ksys_write+0x190/0x250
[  164.311347][T10815]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  164.311368][T10815]  ? fput+0x9b/0xd0
[  164.311382][T10815]  ? ksys_write+0x1ac/0x250
[  164.311392][T10815]  ? __pfx_ksys_write+0x10/0x10
[  164.311405][T10815]  __x64_sys_bpf+0x78/0xc0
[  164.311419][T10815]  ? lockdep_hardirqs_on+0x7c/0x110
[  164.311432][T10815]  do_syscall_64+0xcd/0x4c0
[  164.311447][T10815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.311458][T10815] RIP: 0033:0x7f389e38eba9
[  164.311467][T10815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.311477][T10815] RSP: 002b:00007f389f24b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  164.311487][T10815] RAX: ffffffffffffffda RBX: 00007f389e5d5fa0 RCX: 00007f389e38eba9
[  164.311494][T10815] RDX: 0000000000000020 RSI: 0000200000000380 RDI: 0000000000000002
[  164.311500][T10815] RBP: 00007f389f24b090 R08: 0000000000000000 R09: 0000000000000000
[  164.311506][T10815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.311512][T10815] R13: 00007f389e5d6038 R14: 00007f389e5d5fa0 R15: 00007ffc496991d8
[  164.311526][T10815]  </TASK>
[  164.381424][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.429262][T10819] openvswitch: netlink: IP tunnel dst address not specified
[  164.437481][   T40] audit: type=1400 audit(1757568034.992:34607): avc:  denied  { ioctl } for  pid=10818 comm="syz.2.1693" path="socket:[53285]" dev="sockfs" ino=53285 ioctlcmd=0x8932 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  164.505044][T10835] syzkaller1: entered promiscuous mode
[  164.508244][T10835] syzkaller1: entered allmulticast mode
[  164.560906][T10833] kvm: kvm [10832]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0
[  164.810516][T10851] netlink: 'syz.5.1705': attribute type 5 has an invalid length.
[  164.847333][T10856] FAULT_INJECTION: forcing a failure.
[  164.847333][T10856] name failslab, interval 1, probability 0, space 0, times 0
[  164.851285][T10856] CPU: 2 UID: 0 PID: 10856 Comm: syz.4.1706 Not tainted syzkaller #0 PREEMPT(full) 
[  164.851300][T10856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.851307][T10856] Call Trace:
[  164.851311][T10856]  <TASK>
[  164.851315][T10856]  dump_stack_lvl+0x16c/0x1f0
[  164.851348][T10856]  should_fail_ex+0x512/0x640
[  164.851367][T10856]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  164.851392][T10856]  should_failslab+0xc2/0x120
[  164.851407][T10856]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  164.851418][T10856]  ? d_instantiate+0x77/0x90
[  164.851432][T10856]  ? alloc_empty_file+0x55/0x1e0
[  164.851449][T10856]  alloc_empty_file+0x55/0x1e0
[  164.851464][T10856]  alloc_file_pseudo+0x13a/0x230
[  164.851480][T10856]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  164.851495][T10856]  ? find_held_lock+0x2b/0x80
[  164.851511][T10856]  __anon_inode_getfile+0xe8/0x280
[  164.851527][T10856]  bpf_link_prime+0x10f/0x290
[  164.851542][T10856]  bpf_xdp_link_attach+0x27a/0x930
[  164.851558][T10856]  ? __pfx_bpf_xdp_link_attach+0x10/0x10
[  164.851571][T10856]  ? find_held_lock+0x2b/0x80
[  164.851584][T10856]  ? __fget_files+0x204/0x3c0
[  164.851601][T10856]  ? fput+0x9b/0xd0
[  164.851613][T10856]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.851629][T10856]  __sys_bpf+0x2926/0x4de0
[  164.851644][T10856]  ? __pfx___sys_bpf+0x10/0x10
[  164.851658][T10856]  ? ksys_write+0x190/0x250
[  164.851672][T10856]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  164.851699][T10856]  ? fput+0x9b/0xd0
[  164.851712][T10856]  ? ksys_write+0x1ac/0x250
[  164.851722][T10856]  ? __pfx_ksys_write+0x10/0x10
[  164.851736][T10856]  __x64_sys_bpf+0x78/0xc0
[  164.851749][T10856]  ? lockdep_hardirqs_on+0x7c/0x110
[  164.851762][T10856]  do_syscall_64+0xcd/0x4c0
[  164.851777][T10856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.851788][T10856] RIP: 0033:0x7fbcce98eba9
[  164.851797][T10856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.851808][T10856] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  164.851818][T10856] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  164.851825][T10856] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 000000000000001c
[  164.851831][T10856] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  164.851838][T10856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.851844][T10856] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  164.851858][T10856]  </TASK>
[  164.988231][T10862] FAULT_INJECTION: forcing a failure.
[  164.988231][T10862] name failslab, interval 1, probability 0, space 0, times 0
[  164.992194][T10862] CPU: 1 UID: 0 PID: 10862 Comm: syz.4.1709 Not tainted syzkaller #0 PREEMPT(full) 
[  164.992209][T10862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  164.992216][T10862] Call Trace:
[  164.992220][T10862]  <TASK>
[  164.992224][T10862]  dump_stack_lvl+0x16c/0x1f0
[  164.992241][T10862]  should_fail_ex+0x512/0x640
[  164.992257][T10862]  should_failslab+0xc2/0x120
[  164.992274][T10862]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  164.992286][T10862]  ? skb_clone+0x190/0x3f0
[  164.992302][T10862]  skb_clone+0x190/0x3f0
[  164.992315][T10862]  netlink_deliver_tap+0xabd/0xd30
[  164.992332][T10862]  netlink_unicast+0x64c/0x870
[  164.992348][T10862]  ? __pfx_netlink_unicast+0x10/0x10
[  164.992362][T10862]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  164.992380][T10862]  netlink_sendmsg+0x8d1/0xdd0
[  164.992396][T10862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  164.992416][T10862]  ____sys_sendmsg+0xa98/0xc70
[  164.992432][T10862]  ? copy_msghdr_from_user+0x10a/0x160
[  164.992446][T10862]  ? __pfx_____sys_sendmsg+0x10/0x10
[  164.992468][T10862]  ___sys_sendmsg+0x134/0x1d0
[  164.992482][T10862]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.992511][T10862]  __sys_sendmsg+0x16d/0x220
[  164.992524][T10862]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.992546][T10862]  do_syscall_64+0xcd/0x4c0
[  164.992561][T10862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.992572][T10862] RIP: 0033:0x7fbcce98eba9
[  164.992581][T10862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.992591][T10862] RSP: 002b:00007fbccf893038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.992602][T10862] RAX: ffffffffffffffda RBX: 00007fbccebd5fa0 RCX: 00007fbcce98eba9
[  164.992608][T10862] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  164.992615][T10862] RBP: 00007fbccf893090 R08: 0000000000000000 R09: 0000000000000000
[  164.992621][T10862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.992627][T10862] R13: 00007fbccebd6038 R14: 00007fbccebd5fa0 R15: 00007ffccd779608
[  164.992640][T10862]  </TASK>
[  165.060878][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.092553][T10866] overlay: filesystem on ./bus not supported as upperdir
[  165.120861][T10869] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  165.121995][T10868] FAULT_INJECTION: forcing a failure.
[  165.121995][T10868] name failslab, interval 1, probability 0, space 0, times 0
[  165.127531][T10868] CPU: 2 UID: 0 PID: 10868 Comm: syz.3.1712 Not tainted syzkaller #0 PREEMPT(full) 
[  165.127545][T10868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.127552][T10868] Call Trace:
[  165.127556][T10868]  <TASK>
[  165.127561][T10868]  dump_stack_lvl+0x16c/0x1f0
[  165.127579][T10868]  should_fail_ex+0x512/0x640
[  165.127596][T10868]  should_failslab+0xc2/0x120
[  165.127609][T10868]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  165.127620][T10868]  ? skb_clone+0x190/0x3f0
[  165.127636][T10868]  skb_clone+0x190/0x3f0
[  165.127650][T10868]  netlink_deliver_tap+0xabd/0xd30
[  165.127666][T10868]  netlink_unicast+0x64c/0x870
[  165.127682][T10868]  ? __pfx_netlink_unicast+0x10/0x10
[  165.127696][T10868]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  165.127714][T10868]  netlink_sendmsg+0x8d1/0xdd0
[  165.127730][T10868]  ? __pfx_netlink_sendmsg+0x10/0x10
[  165.127749][T10868]  ____sys_sendmsg+0xa98/0xc70
[  165.127766][T10868]  ? copy_msghdr_from_user+0x10a/0x160
[  165.127779][T10868]  ? __pfx_____sys_sendmsg+0x10/0x10
[  165.127802][T10868]  ___sys_sendmsg+0x134/0x1d0
[  165.127815][T10868]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.127845][T10868]  __sys_sendmsg+0x16d/0x220
[  165.127858][T10868]  ? __pfx___sys_sendmsg+0x10/0x10
[  165.127879][T10868]  do_syscall_64+0xcd/0x4c0
[  165.127894][T10868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.127906][T10868] RIP: 0033:0x7fc47d98eba9
[  165.127914][T10868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.127924][T10868] RSP: 002b:00007fc47e764038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.127934][T10868] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98eba9
[  165.127941][T10868] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000a
[  165.127948][T10868] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  165.127954][T10868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.127960][T10868] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  165.127973][T10868]  </TASK>
[  165.183848][T10874] 9pnet_fd: Insufficient options for proto=fd
[  165.362730][T10890] FAULT_INJECTION: forcing a failure.
[  165.362730][T10890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.368109][T10890] CPU: 0 UID: 0 PID: 10890 Comm: syz.3.1721 Not tainted syzkaller #0 PREEMPT(full) 
[  165.368124][T10890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  165.368131][T10890] Call Trace:
[  165.368136][T10890]  <TASK>
[  165.368140][T10890]  dump_stack_lvl+0x16c/0x1f0
[  165.368158][T10890]  should_fail_ex+0x512/0x640
[  165.368174][T10890]  _copy_to_user+0x32/0xd0
[  165.368191][T10890]  simple_read_from_buffer+0xcb/0x170
[  165.368204][T10890]  proc_fail_nth_read+0x197/0x240
[  165.368217][T10890]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.368230][T10890]  ? rw_verify_area+0xcf/0x6c0
[  165.368246][T10890]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  165.368258][T10890]  vfs_read+0x1e1/0xcf0
[  165.368271][T10890]  ? __pfx___mutex_lock+0x10/0x10
[  165.368285][T10890]  ? __pfx_vfs_read+0x10/0x10
[  165.368299][T10890]  ? __fget_files+0x20e/0x3c0
[  165.368316][T10890]  ksys_read+0x12a/0x250
[  165.368331][T10890]  ? __pfx_ksys_read+0x10/0x10
[  165.368345][T10890]  do_syscall_64+0xcd/0x4c0
[  165.368360][T10890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.368372][T10890] RIP: 0033:0x7fc47d98d5bc
[  165.368381][T10890] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  165.368391][T10890] RSP: 002b:00007fc47e764030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  165.368402][T10890] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98d5bc
[  165.368408][T10890] RDX: 000000000000000f RSI: 00007fc47e7640a0 RDI: 0000000000000004
[  165.368414][T10890] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  165.368420][T10890] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001
[  165.368427][T10890] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  165.368440][T10890]  </TASK>
[  165.462276][T10893] overlay: filesystem on ./bus not supported as upperdir
[  165.588472][T10898] openvswitch: netlink: Missing key (keys=40, expected=100)
[  165.592728][   T40] audit: type=1400 audit(1757568036.142:34608): avc:  denied  { mounton } for  pid=10896 comm="syz.3.1724" path="/435/file0" dev="autofs" ino=50812 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  165.592823][T10898] overlay: Unknown parameter 'dont_hash'
[  165.705473][ T5980] Bluetooth: hci0: command 0x0c1a tx timeout
[  165.705634][ T6059] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  165.711010][ T6059] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  166.030835][T10902] __nla_validate_parse: 8 callbacks suppressed
[  166.030852][T10902] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1726'.
[  166.087184][T10904] FAULT_INJECTION: forcing a failure.
[  166.087184][T10904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.092460][T10904] CPU: 0 UID: 0 PID: 10904 Comm: syz.5.1727 Not tainted syzkaller #0 PREEMPT(full) 
[  166.092483][T10904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.092495][T10904] Call Trace:
[  166.092502][T10904]  <TASK>
[  166.092510][T10904]  dump_stack_lvl+0x16c/0x1f0
[  166.092537][T10904]  should_fail_ex+0x512/0x640
[  166.092565][T10904]  _copy_from_iter+0x29f/0x1720
[  166.092594][T10904]  ? __alloc_skb+0x200/0x380
[  166.092615][T10904]  ? __pfx__copy_from_iter+0x10/0x10
[  166.092643][T10904]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  166.092674][T10904]  netlink_sendmsg+0x829/0xdd0
[  166.092702][T10904]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.092734][T10904]  ____sys_sendmsg+0xa98/0xc70
[  166.092762][T10904]  ? copy_msghdr_from_user+0x10a/0x160
[  166.092781][T10904]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.092815][T10904]  ___sys_sendmsg+0x134/0x1d0
[  166.092839][T10904]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.092889][T10904]  __sys_sendmsg+0x16d/0x220
[  166.092911][T10904]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.092943][T10904]  do_syscall_64+0xcd/0x4c0
[  166.092963][T10904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.092980][T10904] RIP: 0033:0x7f4ea8d8eba9
[  166.092994][T10904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.093009][T10904] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.093026][T10904] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  166.093037][T10904] RDX: 0000000000000004 RSI: 0000200000003740 RDI: 0000000000000003
[  166.093047][T10904] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  166.093066][T10904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.093076][T10904] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  166.093099][T10904]  </TASK>
[  166.197208][T10911] FAULT_INJECTION: forcing a failure.
[  166.197208][T10911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  166.201503][T10911] CPU: 1 UID: 0 PID: 10911 Comm: syz.5.1729 Not tainted syzkaller #0 PREEMPT(full) 
[  166.201518][T10911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.201525][T10911] Call Trace:
[  166.201529][T10911]  <TASK>
[  166.201534][T10911]  dump_stack_lvl+0x16c/0x1f0
[  166.201552][T10911]  should_fail_ex+0x512/0x640
[  166.201568][T10911]  _copy_from_iter+0x29f/0x1720
[  166.201586][T10911]  ? __alloc_skb+0x200/0x380
[  166.201624][T10911]  ? __pfx__copy_from_iter+0x10/0x10
[  166.201646][T10911]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  166.201664][T10911]  netlink_sendmsg+0x829/0xdd0
[  166.201681][T10911]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.201703][T10911]  ____sys_sendmsg+0xa98/0xc70
[  166.201720][T10911]  ? copy_msghdr_from_user+0x10a/0x160
[  166.201733][T10911]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.201755][T10911]  ___sys_sendmsg+0x134/0x1d0
[  166.201769][T10911]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.201797][T10911]  __sys_sendmsg+0x16d/0x220
[  166.201811][T10911]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.201832][T10911]  do_syscall_64+0xcd/0x4c0
[  166.201847][T10911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.201859][T10911] RIP: 0033:0x7f4ea8d8eba9
[  166.201869][T10911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.201879][T10911] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.201890][T10911] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  166.201896][T10911] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  166.201903][T10911] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  166.201913][T10911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.201922][T10911] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  166.201942][T10911]  </TASK>
[  166.218869][T10912] 9pnet: Could not find request transport: vi
[  166.284867][T10918] overlay: filesystem on ./bus not supported as upperdir
[  166.315383][   T40] audit: type=1400 audit(1757568036.862:34609): avc:  denied  { read } for  pid=10919 comm="syz.4.1733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  166.321553][T10922] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1734'.
[  166.326232][T10922] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1734'.
[  166.554657][T10936] FAULT_INJECTION: forcing a failure.
[  166.554657][T10936] name failslab, interval 1, probability 0, space 0, times 0
[  166.561851][T10936] CPU: 2 UID: 0 PID: 10936 Comm: syz.5.1738 Not tainted syzkaller #0 PREEMPT(full) 
[  166.561875][T10936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.561886][T10936] Call Trace:
[  166.561892][T10936]  <TASK>
[  166.561901][T10936]  dump_stack_lvl+0x16c/0x1f0
[  166.561926][T10936]  should_fail_ex+0x512/0x640
[  166.561953][T10936]  should_failslab+0xc2/0x120
[  166.561974][T10936]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  166.561993][T10936]  ? skb_clone+0x190/0x3f0
[  166.562019][T10936]  skb_clone+0x190/0x3f0
[  166.562041][T10936]  netlink_deliver_tap+0xabd/0xd30
[  166.562068][T10936]  netlink_unicast+0x64c/0x870
[  166.562096][T10936]  ? __pfx_netlink_unicast+0x10/0x10
[  166.562129][T10936]  netlink_sendmsg+0x8d1/0xdd0
[  166.562157][T10936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.562188][T10936]  ____sys_sendmsg+0xa98/0xc70
[  166.562215][T10936]  ? copy_msghdr_from_user+0x10a/0x160
[  166.562242][T10936]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.562277][T10936]  ___sys_sendmsg+0x134/0x1d0
[  166.562300][T10936]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.562353][T10936]  __sys_sendmsg+0x16d/0x220
[  166.562376][T10936]  ? __pfx___sys_sendmsg+0x10/0x10
[  166.562415][T10936]  do_syscall_64+0xcd/0x4c0
[  166.562441][T10936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.562460][T10936] RIP: 0033:0x7f4ea8d8eba9
[  166.562474][T10936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.562492][T10936] RSP: 002b:00007f4ea9c45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.562509][T10936] RAX: ffffffffffffffda RBX: 00007f4ea8fd5fa0 RCX: 00007f4ea8d8eba9
[  166.562520][T10936] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[  166.562532][T10936] RBP: 00007f4ea9c45090 R08: 0000000000000000 R09: 0000000000000000
[  166.562542][T10936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.562552][T10936] R13: 00007f4ea8fd6038 R14: 00007f4ea8fd5fa0 R15: 00007fff39de0d78
[  166.562575][T10936]  </TASK>
[  166.732747][   T40] audit: type=1400 audit(1757568037.282:34610): avc:  denied  { add_name } for  pid=10941 comm="syz.5.1741" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  166.781126][T10946] overlay: filesystem on ./bus not supported as upperdir
[  166.840142][T10948] FAULT_INJECTION: forcing a failure.
[  166.840142][T10948] name failslab, interval 1, probability 0, space 0, times 0
[  166.844237][T10948] CPU: 0 UID: 0 PID: 10948 Comm: syz.3.1745 Not tainted syzkaller #0 PREEMPT(full) 
[  166.844261][T10948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.844272][T10948] Call Trace:
[  166.844278][T10948]  <TASK>
[  166.844283][T10948]  dump_stack_lvl+0x16c/0x1f0
[  166.844303][T10948]  should_fail_ex+0x512/0x640
[  166.844318][T10948]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  166.844331][T10948]  should_failslab+0xc2/0x120
[  166.844344][T10948]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  166.844354][T10948]  ? copy_process+0x4b6/0x7690
[  166.844370][T10948]  ? _raw_spin_unlock_irq+0x23/0x50
[  166.844384][T10948]  copy_process+0x4b6/0x7690
[  166.844404][T10948]  ? __pfx_copy_process+0x10/0x10
[  166.844420][T10948]  ? lockdep_init_map_type+0x5c/0x280
[  166.844432][T10948]  ? lockdep_init_map_type+0x5c/0x280
[  166.844442][T10948]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  166.844457][T10948]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  166.844474][T10948]  vhost_task_create+0x1d2/0x2e0
[  166.844485][T10948]  ? __pfx_vhost_task_create+0x10/0x10
[  166.844500][T10948]  ? __pfx_vhost_task_fn+0x10/0x10
[  166.844517][T10948]  kvm_mmu_post_init_vm+0x1b7/0x380
[  166.844531][T10948]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  166.844546][T10948]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  166.844563][T10948]  kvm_vcpu_ioctl+0x5eb/0x1690
[  166.844578][T10948]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.844592][T10948]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.844605][T10948]  ? do_vfs_ioctl+0x128/0x14f0
[  166.844622][T10948]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  166.844638][T10948]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.844659][T10948]  ? hook_file_ioctl_common+0x145/0x410
[  166.844675][T10948]  ? selinux_file_ioctl+0x180/0x270
[  166.844689][T10948]  ? selinux_file_ioctl+0xb4/0x270
[  166.844705][T10948]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.844720][T10948]  __x64_sys_ioctl+0x18b/0x210
[  166.844737][T10948]  do_syscall_64+0xcd/0x4c0
[  166.844752][T10948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.844763][T10948] RIP: 0033:0x7fc47d98eba9
[  166.844772][T10948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.844783][T10948] RSP: 002b:00007fc47e764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.844793][T10948] RAX: ffffffffffffffda RBX: 00007fc47dbd5fa0 RCX: 00007fc47d98eba9
[  166.844799][T10948] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  166.844805][T10948] RBP: 00007fc47e764090 R08: 0000000000000000 R09: 0000000000000000
[  166.844812][T10948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.844818][T10948] R13: 00007fc47dbd6038 R14: 00007fc47dbd5fa0 R15: 00007ffe70158f08
[  166.844831][T10948]  </TASK>
[  167.789326][ T6059] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  167.791919][ T6059] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  167.795314][    C0] ------------[ cut here ]------------
[  167.797433][    C0] workqueue: cannot queue hci_cmd_timeout on wq hci3
[  167.799575][    C0] WARNING: CPU: 0 PID: 0 at kernel/workqueue.c:2255 __queue_work+0xd03/0x1160
[  167.802321][    C0] Modules linked in:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  167.803788][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  167.808111][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.811361][    C0] RIP: 0010:__queue_work+0xd03/0x1160
[  167.813058][    C0] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 20 01 ac 8b e8 be 1e f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 8f 7b 38 00 90 0f 0b 90 e9 b4 f5 ff
[  167.819007][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010082
[  167.820887][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3388
[  167.823292][    C0] RDX: ffffffff8e2977c0 RSI: ffffffff817a3395 RDI: 0000000000000001
[  167.825701][    C0] RBP: ffff88802c9b0970 R08: 0000000000000001 R09: 0000000000000000
[  167.828110][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff92000000f8f
[  167.830528][    C0] R13: 0000000080000101 R14: ffffffff81832490 R15: ffff888105823178
[  167.832925][    C0] FS:  0000000000000000(0000) GS:ffff8880d66b5000(0000) knlGS:0000000000000000
[  167.835634][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  167.837673][    C0] CR2: 000055dded9aa168 CR3: 0000000050e7d000 CR4: 0000000000352ef0
[  167.840095][    C0] DR0: 000000000000a7d0 DR1: 0000000000000000 DR2: 0000000000000000
[  167.842519][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  167.844925][    C0] Call Trace:
[  167.845976][    C0]  <IRQ>
[  167.846897][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  167.848704][    C0]  call_timer_fn+0x197/0x620
[  167.850142][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  167.851821][    C0]  ? __run_timers+0x559/0x960
[  167.853293][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  167.855078][    C0]  __run_timers+0x569/0x960
[  167.856453][    C0]  ? __pfx___run_timers+0x10/0x10
[  167.858015][    C0]  run_timer_base+0x114/0x190
[  167.859442][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  167.861036][    C0]  ? rcu_is_watching+0x12/0xc0
[  167.862538][    C0]  run_timer_softirq+0x1a/0x40
[  167.864036][    C0]  handle_softirqs+0x219/0x8e0
[  167.865528][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  167.867164][    C0]  __irq_exit_rcu+0x109/0x170
[  167.868626][    C0]  irq_exit_rcu+0x9/0x30
[  167.869970][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  167.871705][    C0]  </IRQ>
[  167.872637][    C0]  <TASK>
[  167.873570][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  167.875429][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  167.877177][    C0] Code: bc 61 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 a3 15 00 fb f4 <e9> 8c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  167.883067][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000282
[  167.884951][    C0] RAX: 000000000019e8a9 RBX: 0000000000000000 RCX: ffffffff8b946c29
[  167.887378][    C0] RDX: 0000000000000000 RSI: ffffffff8de52618 RDI: ffffffff8c162d00
[  167.889804][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed100d486655
[  167.892231][    C0] R10: ffff88806a4332ab R11: 0000000000000000 R12: 0000000000000000
[  167.894674][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab6d90 R15: 0000000000000000
[  167.897078][    C0]  ? ct_kernel_exit+0x139/0x190
[  167.898592][    C0]  default_idle+0x13/0x20
[  167.899923][    C0]  default_idle_call+0x6d/0xb0
[  167.901414][    C0]  do_idle+0x391/0x510
[  167.902684][    C0]  ? __pfx_do_idle+0x10/0x10
[  167.904106][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[  167.905737][    C0]  cpu_startup_entry+0x4f/0x60
[  167.907220][    C0]  rest_init+0x16b/0x2b0
[  167.908548][    C0]  ? acpi_subsystem_init+0x133/0x180
[  167.910259][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  167.911865][    C0]  start_kernel+0x3ee/0x4d0
[  167.913133][    C0]  x86_64_start_reservations+0x18/0x30
[  167.914814][    C0]  x86_64_start_kernel+0x130/0x190
[  167.916447][    C0]  common_startup_64+0x13e/0x148
[  167.918014][    C0]  </TASK>
[  167.919001][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  167.921284][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  167.924064][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  167.927383][    C0] Call Trace:
[  167.928459][    C0]  <IRQ>
[  167.929381][    C0]  dump_stack_lvl+0x3d/0x1f0
[  167.930857][    C0]  vpanic+0x6e8/0x7a0
[  167.932128][    C0]  ? __pfx_vpanic+0x10/0x10
[  167.933564][    C0]  ? __queue_work+0xd03/0x1160
[  167.935075][    C0]  panic+0xca/0xd0
[  167.936275][    C0]  ? __pfx_panic+0x10/0x10
[  167.937693][    C0]  ? check_panic_on_warn+0x1f/0xb0
[  167.939305][    C0]  check_panic_on_warn+0xab/0xb0
[  167.940894][    C0]  __warn+0xf6/0x3c0
[  167.942147][    C0]  ? __queue_work+0xd03/0x1160
[  167.943649][    C0]  report_bug+0x3c3/0x580
[  167.945027][    C0]  ? __queue_work+0xd03/0x1160
[  167.946549][    C0]  handle_bug+0x184/0x210
[  167.947955][    C0]  exc_invalid_op+0x17/0x50
[  167.949415][    C0]  asm_exc_invalid_op+0x1a/0x20
[  167.950978][    C0] RIP: 0010:__queue_work+0xd03/0x1160
[  167.952674][    C0] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 20 01 ac 8b e8 be 1e f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 8f 7b 38 00 90 0f 0b 90 e9 b4 f5 ff
[  167.958618][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010082
[  167.960489][    C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3388
[  167.962801][    C0] RDX: ffffffff8e2977c0 RSI: ffffffff817a3395 RDI: 0000000000000001
[  167.965270][    C0] RBP: ffff88802c9b0970 R08: 0000000000000001 R09: 0000000000000000
[  167.967721][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff92000000f8f
[  167.970197][    C0] R13: 0000000080000101 R14: ffffffff81832490 R15: ffff888105823178
[  167.972677][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  167.974522][    C0]  ? __warn_printk+0x198/0x350
[  167.976030][    C0]  ? __warn_printk+0x1a5/0x350
[  167.977549][    C0]  ? __queue_work+0xd02/0x1160
[  167.979063][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  167.980892][    C0]  call_timer_fn+0x197/0x620
[  167.982365][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  167.983977][    C0]  ? __run_timers+0x559/0x960
[  167.985485][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  167.987327][    C0]  __run_timers+0x569/0x960
[  167.988757][    C0]  ? __pfx___run_timers+0x10/0x10
[  167.990362][    C0]  run_timer_base+0x114/0x190
[  167.991850][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  167.993489][    C0]  ? rcu_is_watching+0x12/0xc0
[  167.995022][    C0]  run_timer_softirq+0x1a/0x40
[  167.996561][    C0]  handle_softirqs+0x219/0x8e0
[  167.998127][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  167.999800][    C0]  __irq_exit_rcu+0x109/0x170
[  168.001291][    C0]  irq_exit_rcu+0x9/0x30
[  168.002642][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  168.004402][    C0]  </IRQ>
[  168.005367][    C0]  <TASK>
[  168.006307][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  168.008097][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  168.009858][    C0] Code: bc 61 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 a3 15 00 fb f4 <e9> 8c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  168.015788][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000282
[  168.017691][    C0] RAX: 000000000019e8a9 RBX: 0000000000000000 RCX: ffffffff8b946c29
[  168.020140][    C0] RDX: 0000000000000000 RSI: ffffffff8de52618 RDI: ffffffff8c162d00
[  168.022602][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed100d486655
[  168.025063][    C0] R10: ffff88806a4332ab R11: 0000000000000000 R12: 0000000000000000
[  168.027542][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab6d90 R15: 0000000000000000
[  168.030025][    C0]  ? ct_kernel_exit+0x139/0x190
[  168.031583][    C0]  default_idle+0x13/0x20
[  168.032957][    C0]  default_idle_call+0x6d/0xb0
[  168.034484][    C0]  do_idle+0x391/0x510
[  168.035808][    C0]  ? __pfx_do_idle+0x10/0x10
[  168.037283][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[  168.038910][    C0]  cpu_startup_entry+0x4f/0x60
[  168.040453][    C0]  rest_init+0x16b/0x2b0
[  168.041808][    C0]  ? acpi_subsystem_init+0x133/0x180
[  168.043474][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  168.045219][    C0]  start_kernel+0x3ee/0x4d0
[  168.046665][    C0]  x86_64_start_reservations+0x18/0x30
[  168.048376][    C0]  x86_64_start_kernel+0x130/0x190
[  168.049991][    C0]  common_startup_64+0x13e/0x148
[  168.051561][    C0]  </TASK>
[  168.053193][    C0] Kernel Offset: disabled
[  168.054574][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:20:38  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85647c75 RDI=ffffffff9b1150a0 RBP=ffffffff9b115060 RSP=ffffc90000007550
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000
R12=0000000000000000 R13=0000000000000038 R14=ffffffff9b115060 R15=ffffffff85647c10
RIP=ffffffff85647c9f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d66b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055dded9aa168 CR3=0000000050e7d000 CR4=00352ef0
DR0=000000000000a7d0 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000020080810 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe70159290 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe70159416
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe70159416 00007ffe7015941c
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc47da12fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffff88806a53b540 RCX=ffffffff81afa673 RDX=ffff88801deb4880
RSI=ffffffff81afa64d RDI=0000000000000005 RBP=ffffc90000157d08 RSP=ffffc90000157bc0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1cb981e
R12=1ffff9200002af80 R13=0000000000000003 R14=0000000000000001 R15=ffffed100d4a76a9
RIP=ffffffff81afa653 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d67b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000055dde2fc6660 CR3=000000004edba000 CR4=00352ef0
DR0=0000000000000001 DR1=000000000000064f DR2=0000000000000006 DR3=0000000000000006 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000080040001 Opmask01=0000000002fefce0 Opmask02=0000000002fefcfe Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc49699560 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc496996e6
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc496996e6 00007ffc496996ec
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412e46
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412e53
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412e4d
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412e61
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412ee7
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f389e412fc5
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=00005646a6171e80 RCX=00000000000014a0 RDX=00007ffcba29bbe0
RSI=0000000000000000 RDI=00007ffcba29e740 RBP=00005646a6177390 RSP=00007ffcba29bbc8
R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000000 R11=0000000000000000
R12=0000000000000050 R13=00005646a6172020 R14=00007ffcba29bbe0 R15=00005646a6171e80
RIP=00007ffa3f17f0d3 RFL=00010287 [--S--PC] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ffa3f757300 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f7c24be16c8 CR3=000000003ba59000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000d92 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000
Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000006df 0000001000000000 0000000000000000 0000000000000015
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d7d5ee39148a4db e265d2a79c529901 808008038f80033c 0000dcb500000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 07c6c70951fc4761 2dc5d1a38163f0de edb4dea87ceeb1b4 2a94b0f6b1c0b89e
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b68d350706f4fea7 dc3bd51518f8141f ef8cd7405b9b1f9b c9668f6fb8d13ed5
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba8e9dc54b3689c1 1725d42930911276 743c6f9723d75c97 86c1fa3cb1c52344
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cd2eb17977cfb790 3e3750ddc029f0f8 256af8bc259a994e cd6e4330b72179ab
ZMM24=56d1270356d12703 56d1270356d12703 56d1270356d12703 56d1270356d12703 56d1270356d12703 56d1270356d12703 56d1270356d12703 56d1270356d12703
ZMM25=1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37 1efbcb371efbcb37
ZMM26=9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9 9dfbecb99dfbecb9
ZMM27=0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76 0ec76c760ec76c76
ZMM28=000001800000017f 0000017e0000017d 0000017c0000017b 0000017a00000179 0000017800000177 0000017600000175 0000017400000173 0000017200000171
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=340b0000340b0000 340b0000340b0000 340b0000340b0000 340b0000340b0000 340b0000340b0000 340b0000340b0000 340b0000340b0000 340b0000340b0000
info registers vcpu 3

CPU#3
RAX=0000000000000000 RBX=ffff88806a441ec0 RCX=ffffffff81af8f21 RDX=ffff888029028000
RSI=ffffffff81af8efb RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000346f4d0
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000
R12=dffffc0000000000 R13=ffffed100d4883d9 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81af8efd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880d69b5000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f2182b07d60 CR3=000000000e380000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000d92 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000002020004 Opmask01=000000000000007f Opmask02=00000000000000ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f2181fa76c3 00007f2181fa76c3
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff6b769090 0000003000000010
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555691e77b8 00005555691e74f0
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555569200735 00005555691f2a80
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0006d0030fffffff ffffff0406c0030f ffffffffffff0406 b0030fffffffffff
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010680041883c392 f808000100000208 06060113dc001000 06e00300100006d0
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030fffffffffffff 0406c0030fffffff ffffff0406b0030f ffffffffffff0406
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a0030fffffffffff ff04069003000800 0688030c80080006 800320e210000fff
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff040100 0004080606017cc6 0004000208000180 0401c7100008044a
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000