last executing test programs:

54.851973337s ago: executing program 3 (id=719):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0d, &(0x7f0000000040))

51.749548392s ago: executing program 3 (id=736):
r0 = io_uring_setup(0x342d, &(0x7f0000000200)={0x0, 0x0, 0x1000})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}], 0x0}, 0x20)
io_uring_enter(r0, 0x10ac, 0x44b4, 0x23, &(0x7f0000000040)={[0xe]}, 0x8)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2, 0x0, @void, @value}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000))
ioctl$HIDIOCGRDESCSIZE(r2, 0x80044801, &(0x7f0000000000))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r9, 0x4004ae8b, &(0x7f0000000100)=ANY=[@ANYBLOB='\b'])
pread64(r1, &(0x7f00000043c0)=""/148, 0x94, 0xd)

50.862620081s ago: executing program 3 (id=738):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="4c0000000206010100000000000000000000000005000100070000000900020073797a3100000000050005000a0000000500040000000000110003"], 0x4c}}, 0x0) (fail_nth: 3)

50.210285373s ago: executing program 3 (id=746):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="010000000000000008001b"], 0x28}}, 0x0)

23.327079427s ago: executing program 3 (id=746):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="010000000000000008001b"], 0x28}}, 0x0)

4.497651202s ago: executing program 0 (id=864):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x84, @remote, 0x0, 0x1, 'sh\x00'}, 0x2c)
setsockopt(r0, 0x6, 0xd2f2, &(0x7f00000004c0)="569fa15c2d3dcb81773d91726e68c3bc7319143662372cabda59beae51b09244f0bbfef9abb4d64858c47f0f2330322e2280b0b3133eda4d81f65d9bfc835370c3f90ba9842a41577b8203222895816c2c2aefd3eaa2de0f1c33d2695fa019c139edfffe8986e8eb700a7f2e17df7aae2daf5a9ad865f1efa1e0ec040f0bc90005da127e9c778384dd6ca7dc91a0cd8a0400a2244bfa547eca0faf44a0703e0d5d08b3c686b0a4bbe2063789744b767f70957da5629ba86ba28f2142568ec8c7758cc7a38b6e6b7a58849970142f8e6df8c3d2ee4c34d29cdbcb3ce1bd70ea38e925e00a02cd5e8f3fda5099b07cf2b39fbea50d12a3fb896901ef2eadece94b70b20fcbdc3fcf0573c13be30fa4995c73a9c3df10545e68a57fdbc61b769bdca5e39ef65faa40fda39c537cef6fb0078c9251b7eb994281b1443d7f39aa6b3c2c83b19635c28520fde0f1f0c73df62fa6bdf30ebc3baa40bd42a5a9fea8c3f3cc7637cc58e13e2819c2b015ef8bf9e4f570aabe61978ebdefc488353a02ba83cf52df13c1da79405709c9d2e5d973b1caff68050ef42e5793194d8e922a0a693edfddb329b7b76137ae9352082fed06fb5241ac4f735ab885538cb92d5a4aafc879b61a214d0df49fc34f142b32ffce2d6392057f0b844958921608a4c9485445244427076e202ced1f655610ac20176a58b5ea6b6fd4e72d2e725e1ffdb145182dfdf242936cac3ac18a996ed1dc92eea1640bcbebb3939877f278fbf8726e6fa5c5705eb22711252a8a6ad4fa66a57a393c608176c01e3aacfeb7b9f623bf5e01ad717acba7c4f7778e2bb9f2c8571701667948a7d4cedad177c9771dab4ccf481a204b88bd227e4fb41412c265370de1ac9903858d1881d87102c681cfe99ff369567238dfe7826ed4ab666d30dd037f05f3529b27fa36b4a5c656394937aad5a8ed2f504baada963c7624149736942db3c85608c6d4950917f2f221f026f4fa51cb32385ecac30582a399a808785f22138e7f133caed48bc85e20f53204a940e12e7c028f62b6ff6fa8a972534d54e7498f215becea3b9d6405c74fba7d1f1d1f3b9a102ab7ee65b7e6a9957c22db96d25f8eeafe0f3b5c04e1273799511eb645f07a37660b1832e707a789656a31419412a4304f02dc610c48dbbe3350cb5b433f2ddf05fff88a45af34acaac37d040ec015755411c5e6a53c17a33d380a27cc42b818ac488f16b5866e107a1ef693272a74a9f062a25915cf8aad9e0b1aacd70c43448331b4d454617177885b7bf0aa55efb5b9912cbfee0e56d2a95c60b5163ab5d7bc25da28a46d044c69f0f49ee46529d99008ec7f403b1fe80863adcbfa0ca99430e097461f077eec05e6969fb9b262c1f54d8f4b3abca5542bd8ca3e36d468f95393b89e5dad3894a6fc031145f023aa5a237c048e02d3b3db922d329b7347d9bd2399cef06c34b455b5cf60c96faef4c9b00b7a1fe540f445449b91b0f4ac9bdf9dd38a702f132605c7b5b0bbc4fbfe81bf9e2f3b8cd0f0ddab8f75699b80c45c3d2242b81df5fcd59da88046afae02c7332d6ae965ace6f1c3f07bf6515382228ed3507f140df4352cda6f32982e6cab45bf828eb07fe07ee9c4bb0385dd9cbb158d2cc4e9caf1531845570c58820462bdddb38c0d589536e75d296225209679b008baeba7001e29c05ec62f5fe289a696f752f21b8baf9838380fbe2fede6fb0e57a19352fd851f15445965fe9137adb1b90848e5884dd5a5da00f52ceb42a978bc63f7a129d6312e58d032886f90f48a475d65b3e681cb51d2acfe75406e5434bab87ab3166aea6fbfe0faf17b0dad522db0c1e38d25db4ab0212cfca70dbf8cb58d1eb88d496ca567ae203007e949b4299be99125452baf0897df38c78b6137be0ed8e4fe243d3292d8058bf76daf98da86477f6caf79f5bac8bce0c0d9b9b598e45193fb2808cd59c2db843c52915dead731a74ba74553e3205fadcf9477c477a789353ae44ab02b58cda7b62c9f98769974a0a7fd411e7489963a3888035b482363c0b90359b4ec6be9779b75a73f97aef6034b3e5734e72a09e7778fd236adadd8602c05ce8ecc5f3933d8de489e686c711eff9c903ac11c65a942156862860d6aba5c11a951958555e4e1a4d3d538ab714e73d33391e46f0be7602bb6ceb3ecca69005072bfefb612274fd17741b4faf4999b1ece973bbaeca486acee44984cb73fcf930c72e969d38ebe9d5b4fd8f049c40db92237e49d8388295b7c015387492125cb422fc04e8702e321aedd3b4d10ab98d9b66a642e4c4c64b4904866caf27c34c264495584376bd58a8ac430b7c99288406da45f0ab7881f1cef65e75b0745cd516ffb039fe55bac515316f4b3335a251790d92694f44e6c1369c1da2fb6699c7d9aea9eba39453cffbb30c6328810a7abc6492fe2bd3cfabe047b8f17c204f7806b31a41ac3375423d591b83b5e5840abef924acfe517cf93f3d6ca2d563b0f52b5d691ce75e8ada5d24515121bc24f93f9067af8ab767b5b55dc902353726c9d93915813ceed7106c2ad21a50755189889aacfade5ff0d4bdfcee2484df21eba3413f1a0b87edb335ea74de132408da538e672df95bed1671517b2d091739b3ee87b071626f3191de6c45fb83a30a2f01c14dcbfc3c87138556996b50026168249764b5e20c85a1206bef928ae80a20f0c156a8281de78951640514f7057dcf5e6d5537f3bbf7169d01801d1ec2c8af9007792e3d7ace60d881224cc97317e634a22b22b1febbb1cab444722ae2219167255b25a9bf91ff5b5541517c68339b079200c0b67fa8e8c1bef52c0be0eac3cd34e5104c792cbcbe74d394271983d8b5b1aeb18779b446e2b6a6f3fcdfd385171295f2809ad70b0011b6879d3d5c6a847e672647047ec239aec8b87269eb0c3d27bbc61fb457d433d6f5afa06345be627550a08e1bedd56e9473b53664d8eaff4f62f5749fb934396e5b5b79b8e5237f7ce6cc8c37763a43d4ec3241e0547ced0ccea12fd861fcfec99b02a213b8015b00bcaeee71299e8790a638a4f9b44e41a84303802a67448569f0bb1677d13ae82f67f3e103f7bd3e4ee309b137d10fe2cca73d708651aed6b239f4bf211f7cc28c1c51ae5bace95eac45f34772f0b35cdae51fe78849f4c65120f3a9ee2e47d60c8d9eac67183a9bae50bdeaa4ec4a655d82bc39387167ef1034b59068c601b37d7ed365f73e31fe2dc006c9c96b0cd6582aedf66e3aead30069926a96a7bd33b10e4986d46ad2ce0c74df1897b808cf277c930a16a05f19e29044e8b1e1e1cf476957f984f6852d5f6abb85246df4a797224f020b152d12db374918e769f438586c4a43ff6a16689acf7d07aeb214c3d71c6173f3fd2b881cd7216978aa2db5f28dfb8006e8de27c0d3fb7803ad309bf7fb9b0eef55d79b65b52b17d6e5678f80b25e9b6dedad3f0a4803df2f4234b95f4d515fde1a691eb97bec20faebcf87a33e199ca218201b1cbdcda7b950214e1048089e256f224fe807a605b8db254ab190d71c7d296a60a5e3abdba41f2f193cb4a5ac93e069ae90b357c358643aa7ba857668204f1e697f3d4378690856192cabac5e346816c3107a9979d1bf9faef18aececa22005af277284848c280ed28ee6b80928c3c6280f5df1374c22bf9adfe82302a30f621e0f1eac25c385bf26a467a5d12641b509f0e381c508fd23b64648a9c8b641f7e3c9cf3428fc7c8116de5aece52b0a6a281f125cba540946932b0d6365e2b636da50c5499b4484e74561c8adbfe7db2ca52d70745ecdc21fb5eca889b6ecc4c46c1f2afb9fe0b1d4b6f27636ee54a2170b8a55b1ccc452b1a1a01bd988c6186e3e0aebbddc7567d8cc46446df20e9f06f9b62f5fe15fcaab320abf2689b7c3e6b2e620bc9fca072ccd9dc510f173b1aed451510a13bcdf074e7120a5b994411ea891aa749fa46857075ef7f5fcb9df25c0a373ec7497e5dad2258e4a07fb1db6b30913c21c7a950c7a841162652696e656c01b2c72b2d40e1b502d931f11636f6488cd48a62396980d2d8c216b840aee8242b4bf14fbd5393c9587ddad1f583fd2c9f7ad5b3015c37be1343f1803a124f84d5c29cad0a9a0321527e1b14ffdc876acfe3ae4726cd86e0fbe077a1631d0297a95ae0b7d36443eaec9b222a66cf87c0fd905a8ccc269a6e83baa94cc09d79fa36833e309e4fa3d133cca26486b0aa1cb075d607ed91698ce019fcd85f1907b152c453676931dcb5a41d464eaecb6d7dda1a7639e9056a33da5be05df9f6f5c78014883752196ad8fec607edf20e0a91c65302965e198669bc27073d40d6fd8148dcb6f8b63effa456884a814e9ea428e712ba5c4c923eb2a3e1c6f772d5daecaaf297af7afdfce0b5b2ddf8e80f79c4a6bf6c081d1ed3ac005da26ff8b01f027d080a11a6e3e4292a3f451aa92746dcf963d181d41ee65d831d60205262b504d63718f0adfb4c4f6ce10d14809504c7ac1e0b5f2df7c3f28cd210a850625d7d49e3587172207a85632c0aa79784fdf3826cb71812c5cf896549ad8745b66f95f91ae1e95e078bfef81f460d6b3ed916ee781305f8afbd897f011f530b29329c427b1b179c57c41a621777283bcdbf1306eb799bb5de88f93f7f1bc400781e45852006525ae56434bb75caaca940b7e7763a1294559d88923b6dab520f63c7afede21f47c27833872655b468c324b6ab3d25a40d75420364ea35a93472bd3a061de627b607ffb3eaa50b7d4335dd033df774ee372146d7d932c5c91913d5558fd448fa3af99205e6b65bf6e781e23939a9c70250961659d4a98a0ae20d06327d1ac1ad4fdf82413f41239c11fbbd924740f7ffc14174a48d6692347682e501067a744939a00fadc5ccbdc426de46aae952d44691daf3f2534879e54b5680a9293e73bb746ca58e27063f1ba30a43e30e10cecde24596c59e41ea9f811fbbc2afd98b251da0fcd00f079b161e309393027ff1c241e42337c0fad9b8db453d64686ee7a34dfff8c8749462a9819487391bd5dfacd279f553e8ee64c18a4a223bed6bb46ab0e3f96ebc5fded23103ba7f7725c3ea0dd92c0414a0232d1482cbd50870908c0e3f52f7a78131835700df3b1420941f11bc71328d46866877392ba584517fab40508c1ed69f3ab3bc281e671ce2d6df58547ffbc20dbe9837be7e64811660bfb98f96bab05cf30b5981b12e198fd51df9e21e35e421081a0fe7d6aa3d39d8a679bf3e555a3f448b1c86fcaaa8c5e77c675873bcad226e2cbcd7fe4928f25ce5ec75bf1c1c928d938f729c5ca38d10f5909352021244675f6d06c048b94528be7bdd91e632804ffe201624836fcde4ea531563ef5ce1174366818d11dde6d86235615fa89aed058150604331e7d525ffb512ce822ebe42e9ef38031d3235b6c80bda04f34c0735722dc9233829667fba625fa082eebe7e31dd5b3556c2f340db87649e46672b184b69e141dfdcf4e92b42ecc74b37279cf684d01e25c03526e779f721a6ee02103312b8f1131cbe631301ded81e59434b8cc31fefce54ff021ea1d188072217c2275c5b7429a1a6ba6e34fc93fba5e606287d17bcb74cffb78b25f99508daf09e4c50edea13a1b1270fc7bf9617881f095e9ef2dc8b7ef1c02176f95e5972091956ae9f1038f2eff5ad7b02ce93c5a79d70a096a51a77643a60d412d4914436e1795b2b980788b044e900f0811f4dc4b5c68105182afee3161e8a63c328bb1aa53e22ad2c7763b12c693c2853b3f113", 0x1000)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f00000001c0)={0x20000000000084, @broadcast, 0x0, 0x200000001, 'ovf\x00'}, 0x2c)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={<r3=>0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000080)=0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000200)={r3, 0x80}, 0x8)
write$char_usb(r1, 0x0, 0x0)

3.579436301s ago: executing program 3 (id=746):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="010000000000000008001b"], 0x28}}, 0x0)

3.237249941s ago: executing program 1 (id=873):
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000083c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000100)={0x2, 0x9, 0x2, 0x8, 0x8, 0x40})

2.893499867s ago: executing program 0 (id=874):
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
r2 = socket$kcm(0x10, 0x2, 0x4)
close(r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x9000}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @tcp}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x34}}, 0x40000d0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x40448c0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100, 0x0, 0x16e}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x30}})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_GET(r3, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="8c00000000030000060800064000000001700002000c000280050001003a0000002c00018014000300ff02000000000000000000000000000114000400ff01000000000000000000000000000106000340000000002c00018014000300fc01000000000000000000000000000014000400fe80000000000000000000000000001b"], 0x8c}, 0x1, 0x0, 0x0, 0x4004140}, 0x48094)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

2.328872558s ago: executing program 1 (id=875):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38010000100033060000000000000000ac1e0001000000000000000000000000fe8000"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000010000000000000000000000000000000032000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000ffff00000000000000000000000000002000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000207000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009cfd6ec74c9bf199f6f430e3162d38640ec750678daa333d760e6f508e85c15996bd656cd7defab3e1b8f6ce83d645c1477f3550cd6766721efddf405068e2a02b842c428be9cf4de1bc82f36e3a4505a156a0571a03cd6373c5913b28437b8ae53b47f51fed5972dfc497f63cc9e8e010ca211c738db723968ab7bee5ff"], 0x138}}, 0x0)

2.237453006s ago: executing program 0 (id=876):
socketpair(0x27, 0x800, 0x6, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000002c0)=@nat={'nat\x00', 0x1b, 0x5, 0x3e8, 0x0, 0x1a0, 0xffffffff, 0x248, 0x248, 0x350, 0x350, 0xffffffff, 0x350, 0x350, 0x5, &(0x7f0000000040), {[{{@ip={@broadcast, @private=0xa010100, 0xffffffff, 0xffffffff, 'veth0\x00', 'ipvlan0\x00', {0xff}, {0xff}, 0x5c, 0x2, 0x2}, 0x0, 0xb0, 0xe8, 0x0, {}, [@common=@socket0={{0x20}}, @common=@socket0={{0x20}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @private=0xa010101, @local, @icmp_id=0x67, @port=0x4e20}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x10, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, @ipv4=@multicast1, @port=0x4e24, @gre_key=0x4}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, 0xffffffff, 0xff000000, 'veth1\x00', 'macvlan0\x00', {}, {}, 0x11, 0x2, 0x5}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x6, @multicast2, @private=0xa010101, @port=0x4e22, @port=0x4e21}}}}, {{@uncond, 0x0, 0xd0, 0x108, 0x0, {}, [@common=@addrtype={{0x30}, {0x609, 0x0, 0x0, 0x1}}, @common=@addrtype={{0x30}, {0x2, 0x9b8, 0x0, 0x1}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x2, @rand_addr=0x64010102, @empty, @gre_key=0x7ff, @gre_key=0x644}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0x11, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @local}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8, 0xd, 0xff000000}]}}]}, 0x44}}, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x3, 0xc4)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x50, 0x0, &(0x7f0000000980))
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r6, 0x9, 0x0)
ioctl$sock_ax25_SIOCADDRT(r5, 0x890b, &(0x7f0000000240)={@default, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]})
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='limits\x00')
lseek(r7, 0x9, 0x0)
getsockname$packet(r7, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14)

2.154414891s ago: executing program 1 (id=877):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a801800048014000380"], 0x3c}}, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
pipe(&(0x7f0000000200))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r5, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)

2.080040384s ago: executing program 2 (id=878):
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)

1.978213015s ago: executing program 2 (id=879):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x1c, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x44050)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$IMSETDEVNAME(r3, 0x80184947, &(0x7f0000005480)={0x0, 'syz1\x00'})
r4 = syz_open_dev$usbmon(&(0x7f0000001b80), 0x4, 0x400)
ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff)
io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2})
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.703847213s ago: executing program 0 (id=880):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0xcef, @none}, 0xe)
setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, r4, 0x1, 0x0, 0x100000, {{}, {}, {0x14, 0x19, {0x2, 0x1, 0x0, 0x2000000}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4008000}, 0x1004)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000d0a1ede72a05b3fb447e701fe4ce7177d000"/36, @ANYRES16=r0, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r5, @ANYBLOB="080026006c0900000800b70000000000"], 0x2c}}, 0x0)

1.529829742s ago: executing program 2 (id=881):
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet(0x2, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c000000020601030000000000010000000000000900020073797a300000000005000100060000000500050000000000050004000000000014000780080011400000000005001500000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
socket$kcm(0x2, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x13)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES16=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
openat2(r1, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x101000, 0x4, 0xa}, 0x18)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

1.150261354s ago: executing program 2 (id=882):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xf0)
ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@default, @default, 0x0, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null]}) (fail_nth: 4)

1.14988441s ago: executing program 1 (id=883):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x80010, 0xffffffffffffffff, 0x1000)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f0000000080)=0x1)
ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, &(0x7f0000000080)=ANY=[])
ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000080))
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000002a82, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000500000ac4010000060a0b040000000000000000020000004c000480340001800b000100746172676574000024000280090001004d41524b000000000c00030002b51112d439c5920800024000000002140001800b0001006c6f6f6b75700000040002800900010073797a30000000000900020073797a32"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000840}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000000)={0x4f, 0x2, 0x1, "8baadc000000000000ffffffff00000000c300000000000000001c00", 0x51424752})
mlock(&(0x7f0000002000/0x2000)=nil, 0x2000)
semtimedop(0x0, &(0x7f0000000180)=[{0x4, 0x7, 0x1000}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
read$FUSE(r0, &(0x7f0000000640)={0x2020}, 0x2020)

1.0297696s ago: executing program 2 (id=884):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xf0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000004eff2c9902403435d1f8f78c30278b8ea3c91aaa881877246582eb0e986db38d7e82e361d9140dc40441c34ec85012c3c3174742d59c6f164edd651bee942a81f13ae4af3712569008ee9d6f3af1f3107d5c7312fd09466b164132bf8c54d7f3bf208265d3f6f018c06eade3fcc2d2d40b59e00c6b3225b8c0a08de35c0ebc8ebdd76e59ca71d680fef9afd47955cd9a9cadf3f95a74297b2fbaa47196a72509192e1481b803456475d044f8e8d0affd348dab6bcb4ca6d00472a0f486", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socket$inet6(0xa, 0x1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32=r5, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r4, @ANYRES32=r6], 0x44}}, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r7, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r8, &(0x7f0000000200)=[{&(0x7f0000000080)='/', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r8, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r10 = io_uring_setup(0x168e, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xffffffff})
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
io_uring_register$IORING_REGISTER_BUFFERS(r10, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
close(r9)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000), 0xfffffecc)
splice(r1, 0x0, r9, 0x0, 0x4ffe6, 0x0)
ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@default, @default, 0x0, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @null]})

820.301826ms ago: executing program 0 (id=885):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0x1c, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x44050)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 3)

664.523806ms ago: executing program 0 (id=886):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r0, &(0x7f0000000080)={0xa, 0x17, 0x1, {0x1, '.'}}, 0xa)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r1, &(0x7f0000000080)={0xa, 0x17, 0x1, {0x1, '.'}}, 0xa) (fail_nth: 4)

404.149952ms ago: executing program 1 (id=887):
r0 = socket(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000300)={0x0, 0xfad6}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0xb, 0x0, @fd_index=0x7})
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x8e, r0, 0x23, {0x3b4, 0x6d3}, 0x6}, 0x1)

295.029609ms ago: executing program 1 (id=888):
r0 = socket(0x2b, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0xb, 0x0, @fd_index=0x7})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00', <r5=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000100)={r5, 0x2, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f00000000c0)={r5, 0x2, 0x4, @local}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_PIT2(r8, 0x4040ae77, &(0x7f0000000040))
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r8, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r8, r9, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000480)=[@text64={0x40, &(0x7f0000000300)="450f01df4a0f7e8753df0000420f01f80f01c5440f786ce30766b811018ee8b805000000b90e2c84030f01c166baf80cb84068588eef66bafc0cecf3f00fc01ba12a3026f5ea6ae621", 0x49}], 0x1, 0x5a, &(0x7f00000004c0)=[@dstype0={0x6, 0x3}, @dstype3={0x7, 0x7}], 0x2)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x5, 0x800000000000, 0x0, 0x2004cb, 0x200000000000, 0x5, 0x0, 0xfffffffffffffffd], 0x0, 0x40200})
ioctl$KVM_RUN(r9, 0xae80, 0x0)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1080002}, 0xc, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400660020ca37cbf6dcad3e680f858ec97bf74eb9b9490a12357fb7e2f6ffc1390145b872a455280100ac8caba1c80c765c272e5324ee49df9df55233867e854c8c3e87d4ecd21a4ac2f510b5088db3b688297681000000000000000a0381969035cedd79b07ea1e036e38511ed5c72797a6f0ef1abd48b0c745ffac0d18698323026b2fdcac65b3d4e", @ANYRES16=r6, @ANYRES8=r2], 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x10)
mount_setattr(0xffffffffffffff9c, 0x0, 0x100, &(0x7f0000000000)={0x0, 0x100001, 0x160000}, 0x20)
io_uring_enter(0xffffffffffffffff, 0xdb4, 0x0, 0x0, 0x0, 0x0)
gettid()
timer_create(0x0, &(0x7f0000000500)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000540)="5688e0e003e00dce633ea797d3c4170c221ea6b373eb60c2a4262b6534792378121516603ca92eb6c001b7ec3a05af0b4ed063a08a1b5dfe7debbe11e6e478adc9857d36113245f92604c8d7f04714919d64c500b934b13f00ac1fb3bee5c28fd810e46efc7cbb5469e37c0748d3c89cd02e796f37703ff600d925f03f5dc37d06f986f2cbd32e68e42e4e305ccadb961fa0cd46e78ae4c78da404e924a967243147cf263eb5da2a7a5b344235c463bca4fcd68ec57129787a7408f00033f12a45b160e9b21da7f94c23e9d0bcd60462e358c0cb2ebde040b38bba30629f83c0e1506a8deaadb93657423dc91ea8ef810a29f46cff6e62b4dd54109932f713abd7994eb93e011efe8b9b6979b8a01c63dae595350ebe675ee705e049e01f8cb29980eb7f91851b294c6ecd3fb1bdd26c460371156c0e6125f2bbbe02e8d6e4eecf67017e1c19147bfc318a8ff8f030fd0c12f82875021bd3221cf7560b775945dcdf5e35f26ee62d96dad424783d370620a01a5d76003ff144fae032724ddeeb4e323d7f3f5fc7d3ea87aeb5823e77bea0f87e84dbdd29e6b56d3a1a1c4e123f86ebe2d438b842365ffc947301eb81c91e4211dd360fe38241cab71fb914c205fa4a9fd86cc7b7ba8e214a5793481d7965925959f6aebf751790cecd22c6ab9acb768817e3552cc3040f590cfa079688ce5841cc2cb9b91291e1cd0a6924d352672ef002b89a446ef1ea74acc099eb5ed9a33e68f2284267049ad3342e2f2bc6cb570399e5e91bb7bc7603a9197d904397077baeaaa31dcb7722c5b3dad233fecf5fb6c2242ee8a7cfe53fa5c264a31124957434f76abea9346d0157dbf49b8686ecf2fc0982d07e12cab3cb1b23837c638393d12152308b53c13f099d9cb54a1b37005606a4b600f2fce71b3721582dbcb2d2c89a9c5d45bea899949afbec40431d2f90b620d64fea7d452b6231e0b0a44cec9c08e9f843e27fb05258c47b59da02b00d5af1634d65bdd2fff281b1923474b9d749acbeb893b4128ab456c52373eb85252c2516a3a365c02b98fd5ccb3b99bd70a1c81db96708f97eb5622cc8d09d7e7f8106e4336ec52302cecce0784f3ebcb573e213bee3f9db75dfb2c3310f3a8cf08699218e8bee6b8f0b33910e1e8b233256c52ace4277a765489c3d72940294655c64d9740eb5ebe35bca533e27c4cbb63186e2c6fbe07f729cd6107aab734eb23516684a449de7baf7f857756b1c2201bb71e0b783f21394eba7d61cfc4f0224563d7c7dfa2101f0c76f08fc4d8c4c6d6468c9a8bcb1fecff11c102894be30eee2ae185a7749389185caf9f8533c45a492d1f4f86be2d451a2bc76bc8f0282de0aef168e1db7a3289090ca9bf9f460270d9ae2a84746ef444cd06dffc571f3f9361080a840426a94c92c14651cf2706002560bcc11de80dd79aa3de3b71e6ef529e4fe7cb6fb7cfb6a372c4a0ae17bb48f648825fe26e5dd1791d2dbc2ef16297c2b9ca2df2d516ebdfc2b28c36893839f450e381e5abb8d56b6cd5d84a7a2078782892ede9c83a16dde250ccad5cec01f15766b56dbbf54082f1cbb6c17c6845175f4d3b1708c3f0c8834ea1de9dc41da777e6ce418d115e922be22cc6fb508ead6289d2e879b2d127bea6d2478feadc87408f39fc0d4dcc3fb6dd85b044f709b4d0f998dfb56c134942d34bd09f22858a0574cc778a0138520507fe546394f27635006c21faeef742538da4022d3a3313b7b6a505dc140c445dae6d2fa4a67cbc49ad5a52e612765a5fd2ab1973a8d9694563e50d9d7048fb56d58834c822681d8a6f64a5609e30e5a5be12fa4ba76de2127e1fb664ed4bfe590064dbbefd5a5f3b1eee3d025d75ec923064f7cc65fd63ae43057f1b805c483209e14488ec0a8b6e8b29edf85548bb38209f6411744cfa53cf037d71a390399a6f5aa49554fc60449e53179de8d21e8a76cf929cd3a676533d8cd8ce66bf1cfb94424aada62dbfc06095a4fa8dd487a30ddadf0a10cce15a56a15d5ece4c94fee7e6fb8de5a11a1e916a98aa430a61639959d27ba80f67e130a790d6ef397440fd9a80cbb273ec1eb9ce9ae32970cdd95bb9c0848f4c0081bd4f8d6b499974b42352a43472ae0aeb8768c524e88b0cd4128721f67afcf956d5686a4fe534375cd92e8e2851c3caeeecd87896a5cce89aec094c9f115f875d112d91ea7ab9f8517eae3b182c566f5b044989f8fde648a8089faade2fd6f889cf934d21472a7cbc9e8784275fd7056e32472c1868132d9e93d9084a99016b482fa901fbdffffc8963a2764364028ce21f2ecb3d2847030e3b1d725fee4b34f29470b1656f61ef3c3695b0f534a66040713061efba3681cf87cadb82d7aa7ea34256316ddfe9416d8b5844ff7298e5743830798765ac2ee5cb9543e78fe70880d3ff268dfac5fc3d1a5ad63ab0cf5eb52c47b054c7a7bcc2e2cc2844d969fbc2dcfb4bbc41cbacaff622a521033cbe8a6495b9403c61582b966ae28f00f9ee8a25836612e11841da59c2cc29003fcde2ffb52dd6532e771aa8b9bda0adebd93fab645289def7c1e089307ce181879497b9432870d1cd1d85f570cb755b401e26001a15adf53243f7053834514adc10a5d412895fa7a17a5f67b80b2cf0b91c69533fd49c516369f316c8913ab2a68bdabcc509a02cb595aa9c6dee2db15624faf1d593b88916a0036306cc7fba4d8653d0c1831edb5bf42fa12e5226e29854b345e04be24c02788bb0dc53b78d630909cd304e96b68b1161fcef69c93c6cecb487b5b21d27af369e40602a98d3e02b96e3eb9d0f50094062fcbcf7a9e137129c41f5161713d4a341053d79de62992a6c5881f5c980c97eba7ad52cc5ede487153bb1e4778cd160400291e8c8202b187ff4be3db91d527bdb342c4e742878110e9a808c0d0fd76f74a52985702489fa830e36578bfa9cd12daa59b4fc3d820941d746be621a567130e899a53e13562ba58ed54efe38f216667e372ebf5e3432e60e4e626e93ef0e537de5d05ce0bb980931dbd68a6939fe460c6357a29a4a03acf84eaf845a25070448c7861a8420b139448bce81aec1beb8a31de4ec46b2c745f72df2da49581882b72545b1fdf7f686fa71f8b40569910c64b916fcb8f8bb28a2df2c1e86a30485046332dddbc95f0be342e2da642aad71abc2c018d418d2b017a5410c714f458708bda22c40517783cca3e4d05d95a42b1bd0b04178e13c7cb299ffd5b2c236fa02cfd49f5ed368cf55a5495a23abc72bd5567978af38abec6f1b3c287f098f96360a66ff33873d4d565ae543a4ccaa5230dd6e6eda204cd78e49f2a957a73cc7405f7ac828ec0c6dd78086eac3727217abcb18b62801d04138f4e830167adc60393a503eef2c27229b2c14c58d1b09a70d3b967e48b9fb337d9455a5823b2a87867944e92a2ed1cce010cf814177bafc85144cd15aa246c1535a29c3c3e2b8c3e0e77f2fc85758ab68807daa7bc3b7704ab242466b1a5149c6df0e5a176f6cb7d4f5e3c9a344d367edbc7f58d41c5d90f2f290e433f0b450e1870b7bf1043e108868327a565a7cb3819ab41c58656ef6b56ad494b49504bd74189630e2c62154f77f984db471eaf9acf130a650d43423e97c89110c4b87e07507b260f95a4a078c0fef4d58cacf8fc7fc2a9c31cf7c8c532db4583646137f327c61f918481daf8fbabbc0f8049ca55974137362c651b7ac6d1558bca001482fbc0813cc23b274a9948348d14071d4ff66adf5829246009c77be78a7003ac1b31739149cfc8fbec082abcaf8333cf979c52040325358d4d14b65726b3360a9039e72d9d7c2a893962a5260278647d596925852c5da5926fb1f96cd63fb4d66e9caef01897a1735661b1f3302031393159d59779405b5691b2c988e13a6e1cba69d30d97ddb20a668790d1514e539f8dcb008aa3dbfbce13e6d54792d2da063d184750d7460f8261bfb1cc29cbb2c0f3f7ccc9baa83d2860e1e6c41466f9a9dc8c91fb759655948971c4a54da5b477b3367d2169ba6dbe5ca4c18c3563b8ae73509089beb8756754a054a04a9add9e023274cbf9ecc7329804ffc24b224714f4f5949d645a9b0647780fc742c157f56ed69162bbf834f97db130d32718d2ce0e03b8f2d0f12287c0b0376e20fd44d811c985adde1374ec08c3ee185fb450abb436c6e77f77f2a99244c039e6e77a148299a89465c49da545ebee08a6207d770da7ec26edd924a82614b4e85f99b2dd882fe907c2c932124610c8957ecfd4681276b32dba2be9d3bd26005c2ace573d1ec661e824128d7a5bab54a67b76ba68d530673dc9cf673adc8ad9d1cd085c908e45f3ee0c12be132d86e4187dcee04e2ee4dc6e40b073ba77bf1e80f9619d7885a3811e3c3b7064c3b28007e559eac28f23ed3d32ac9c7545dfcc67f2dc2ff1c71e92550f15a7e0bd01e9a0ea9be6b4df8b9582f85c0117a99189db0a69d1e1e40700faaaa79cda9d1009208bfb3f5e45e9fca1f86099adb97ba50560d411cf4ed0ac7c0ec7b9e8b99bf5bad3813438ffd8e917325fee6de7b380fd98a87ea643f66efd13e4926c6f649a4b04e6fbfc10431ae456a1ece73e8e1f7b1cae3dcc6d7887444f11392e6fa1fc3f596245cd0ffcc133d68ac41e1b71cc7819b29f6c05657bb653efb836e8747d271061d9e77706f4ff644f9cc7dd00d1571ee0f414d1fbb6939b6f62d6ecd5f7b01181deca2d3d360b86ae851474de791439af0812a7037b55ae9b06056d4148ffbb687e57e258b119fcef45d6ec5483d25638f8788e90ae91182e7baf5c1a275e39cce36c0a0f6f699c1f97099f6fce126c9c5bd9abac544f2a368562f890569e420413ae6d75027690003b264c61b657c64072f295c30b655b651ef6527b07db6919828420de5a6a34832e0d880e3b4054b01f366a73a3e304fa918672e776cb20dfbc739cd893d258afeadae47f2cdd0c5bdb69d3a1a5d6dd8b9a69996e624793ee7c4cd0266a57367298fadea6101c3c9d3a579795aa9f464b76cde209892b2c695e54a2cc4cfb2d45984b7ba8ad640e8a755b811f9b5ac402f4e1b2cb0877779c5701bbbd22a36dbf1789eba1be564ac45f67f91644f8d5b8c0cb243d74f8e30d181a895a313580986fc32b6e9e72cd12a59d1e4340d52c8969a08240faff4811a0cea9f5cd78618068573936ecf467965d72b1fdfe7c7c5a33c48f83874ce14cea89bd881a95ff9ef0fd2216114fffdf7c9852ef943fb10064ffd8cc699bb0b103021683003e12f8db64d51fe3f9b8980a4aa3b2346a7fdc63ec0f71af25db3b65ffc200f69c3f05113b18fbc28035f1c0a17a9cd33d79f58987ebeea0b7d84cba2153cf429d36763953e43f74c21ba4becb1d7da2791fef5a5296d460e39e71d63a2f80addcfe35b95d80620722d4ab10a24a11ca5fdfc0b108af15f4b24b0a87859f9b04f1fbb0ea3270d1462525b569c579430272b5a7ed862be7e017b88f916f63bb491b8299d7db3df1b68daa837a1e7f0510842539ce5737a995aed3a6fa1ca41343a524c85046a1539819df3c2572c9608968e7c357552d31e7fe7645608aafe709842a016fa7a30898c0fbe95e918d38ddc93005a35e3e6a16cdb77e375ef10308902ef6d751535c9ebfd4a92a9192c414196c8da7387efd7e1dc59b041459121cd08917e5035bde841bc1371411ab174f21d2c46809cc6e99058448a02e167d12633db51bd5e9a14666f84b3e50e45f359e03556c8ccfec1adddb9d29deaa77e8d7fd4efde361d1", &(0x7f0000001540)="bea841aed364b1d690bc2b44f72d2802901fac7adde3220fca9a9688dcf2000d27745a264471e17d951a83a1d218da14a20139ece39b38e44ea1cc2d3b041cb5f3e728040d5a9067f866b9e5c71de3f708d71ceacc003ec9be854900e50da43949027b3c3f6d07a819aa0311aacb10b5373de130eb04f628fe4d42f6eb8731c2d6ac5aa0f4e0de3debcd94e517017cce1404e7eb"}}, &(0x7f0000bbdffc))

0s ago: executing program 2 (id=889):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f00000000c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r0, &(0x7f0000000080)={0xa, 0x17, 0x1, {0x1, '.'}}, 0xa)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x62881, 0x19d)
write$P9_RREADLINK(r1, &(0x7f0000000080)={0xf80, 0x17, 0x1, {0x1, '.'}}, 0xa)

kernel console output (not intermixed with test programs):

al 255, changing to 11
[  166.061515][ T6021] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  166.069077][ T8024] can0 (unregistered): slcan off ptm0.
[  166.078411][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  166.087533][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  166.124765][ T6021] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  166.130823][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  166.149318][ T6021] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  166.156311][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  166.161610][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  166.178451][ T6021] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  166.181793][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  166.187447][ T6021] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  166.195573][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  166.203384][ T6021] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  166.219179][ T6021] usb 5-1: string descriptor 0 read error: -22
[  166.223070][ T6021] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  166.233306][ T6021] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.243536][ T6021] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  166.412956][ T8042] netlink: 'syz.1.708': attribute type 4 has an invalid length.
[  166.447921][ T5951] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  166.452459][ T5951] Bluetooth: hci0: Injecting HCI hardware error event
[  166.456759][ T8042] netlink: 'syz.1.708': attribute type 4 has an invalid length.
[  166.461349][ T5293] Bluetooth: hci0: hardware error 0x00
[  166.465351][   T63] usb 5-1: USB disconnect, device number 29
[  166.480491][ T8042] FAULT_INJECTION: forcing a failure.
[  166.480491][ T8042] name failslab, interval 1, probability 0, space 0, times 0
[  166.528035][ T8042] CPU: 0 UID: 0 PID: 8042 Comm: syz.1.708 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  166.528066][ T8042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  166.528078][ T8042] Call Trace:
[  166.528085][ T8042]  <TASK>
[  166.528093][ T8042]  dump_stack_lvl+0x16c/0x1f0
[  166.528126][ T8042]  should_fail_ex+0x50a/0x650
[  166.528192][ T8042]  ? fs_reclaim_acquire+0xae/0x150
[  166.528222][ T8042]  ? sock_kmalloc+0x111/0x170
[  166.528248][ T8042]  should_failslab+0xc2/0x120
[  166.528270][ T8042]  __kmalloc_noprof+0xcb/0x510
[  166.528316][ T8042]  ? lock_acquire+0x2f/0xb0
[  166.528346][ T8042]  sock_kmalloc+0x111/0x170
[  166.528373][ T8042]  ip_mc_msfilter+0x4e4/0xc10
[  166.528398][ T8042]  ? __pfx_ip_mc_msfilter+0x10/0x10
[  166.528419][ T8042]  ? do_softirq+0xe1/0xf0
[  166.528445][ T8042]  ? ip_setsockopt+0x59/0xf0
[  166.528471][ T8042]  do_ip_setsockopt+0x24eb/0x3680
[  166.528496][ T8042]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  166.528519][ T8042]  ? sock_has_perm+0x25a/0x2f0
[  166.528538][ T8042]  ? __pfx_sock_has_perm+0x10/0x10
[  166.528556][ T8042]  ? selinux_netlbl_socket_setsockopt+0x184/0x470
[  166.528579][ T8042]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  166.528610][ T8042]  ip_setsockopt+0x59/0xf0
[  166.528635][ T8042]  udp_setsockopt+0x7d/0xd0
[  166.528658][ T8042]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  166.528688][ T8042]  do_sock_setsockopt+0x222/0x480
[  166.528715][ T8042]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  166.528743][ T8042]  ? lock_acquire+0x2f/0xb0
[  166.528777][ T8042]  __sys_setsockopt+0x1a0/0x230
[  166.528797][ T8042]  __x64_sys_setsockopt+0xbd/0x160
[  166.528813][ T8042]  ? do_syscall_64+0x91/0x250
[  166.528833][ T8042]  ? lockdep_hardirqs_on+0x7c/0x110
[  166.528851][ T8042]  do_syscall_64+0xcd/0x250
[  166.528871][ T8042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.528894][ T8042] RIP: 0033:0x7fcbd418cde9
[  166.528910][ T8042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.528927][ T8042] RSP: 002b:00007fcbd5071038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  166.528944][ T8042] RAX: ffffffffffffffda RBX: 00007fcbd43a5fa0 RCX: 00007fcbd418cde9
[  166.528955][ T8042] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000004
[  166.528964][ T8042] RBP: 00007fcbd5071090 R08: 0000000000000057 R09: 0000000000000000
[  166.528973][ T8042] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[  166.528982][ T8042] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  166.529004][ T8042]  </TASK>
[  166.784194][ T5316] usb 8-1: USB disconnect, device number 30
[  166.827430][ T8051] overlayfs: failed to verify upper (174/file0, ino=948, err=-116)
[  166.832440][ T8051] overlayfs: failed to verify index dir 'upper' xattr
[  166.864027][ T8051] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  166.899140][   T39] audit: type=1400 audit(1739972060.881:488): avc:  denied  { ioctl } for  pid=8053 comm="syz.3.711" path="socket:[19144]" dev="sockfs" ino=19144 ioctlcmd=0x89b0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  167.111377][ T8065] usb usb8: usbfs: process 8065 (syz.1.715) did not claim interface 0 before use
[  167.118290][ T5951] Bluetooth: hci3: unexpected cc 0x1004 length: 39 > 11
[  167.124859][ T8067] fuse: Bad value for 'fd'
[  167.125188][ T6003] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  167.127206][ T8065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8065 comm=syz.1.715
[  167.129377][ T8065] netlink: 'syz.1.715': attribute type 1 has an invalid length.
[  167.161153][ T8065] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.222395][ T8069] 8021q: adding VLAN 0 to HW filter on device bond3
[  167.225891][ T8069] bond3: (slave vcan2): The slave device specified does not support setting the MAC address
[  167.241828][ T8069] bond3: (slave vcan2): Error -95 calling set_mac_address
[  167.278309][ T6003] usb 7-1: Using ep0 maxpacket: 8
[  167.288502][ T6003] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  167.304594][ T6003] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  167.308929][ T6003] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  167.312626][ T6003] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  167.331324][ T6003] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  167.347947][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.347994][   T30] net_ratelimit: 4 callbacks suppressed
[  167.348011][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.437915][ T5316] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  167.577901][ T5951] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  167.583890][ T5951] Bluetooth: hci3: Injecting HCI hardware error event
[  167.591928][ T5951] Bluetooth: hci3: hardware error 0x00
[  167.604181][ T5316] usb 5-1: Using ep0 maxpacket: 32
[  167.619843][ T6003] usb 7-1: GET_CAPABILITIES returned 0
[  167.622138][ T6003] usbtmc 7-1:16.0: can't read capabilities
[  167.636328][ T5316] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  167.640314][ T5316] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  167.643303][ T5316] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  167.646837][ T5316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  167.662794][ T5316] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  167.669403][ T5316] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  167.674382][ T5316] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  167.692472][ T5316] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  167.698932][   T35] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  167.701553][ T5316] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  167.725933][ T5316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.745224][ T5316] usb 5-1: config 0 descriptor??
[  167.847806][   T35] usb 6-1: Using ep0 maxpacket: 32
[  167.858303][ T6003] usb 7-1: USB disconnect, device number 24
[  167.860063][   T35] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  167.867548][   T35] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  167.890138][   T35] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  167.901313][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  167.910815][   T35] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  167.922217][   T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  167.932209][   T35] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  167.944211][   T35] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  167.953468][   T35] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  167.959241][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.965428][   T35] usb 6-1: config 0 descriptor??
[  167.985267][ T5316] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  168.174011][   T35] usblp 6-1:0.0: usblp1: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  168.194947][   T30] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  168.229170][   T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.249020][   T63] usb 5-1: USB disconnect, device number 30
[  168.261533][   T63] usblp0: removed
[  168.377618][ T8073] FAULT_INJECTION: forcing a failure.
[  168.377618][ T8073] name failslab, interval 1, probability 0, space 0, times 0
[  168.444326][ T5316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.448722][   T30] usb 8-1: Using ep0 maxpacket: 8
[  168.451385][ T8073] CPU: 1 UID: 0 PID: 8073 Comm: syz.1.718 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  168.451410][ T8073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  168.451420][ T8073] Call Trace:
[  168.451440][ T8073]  <TASK>
[  168.451454][ T8073]  dump_stack_lvl+0x16c/0x1f0
[  168.451489][ T8073]  should_fail_ex+0x50a/0x650
[  168.451513][ T8073]  ? fs_reclaim_acquire+0xae/0x150
[  168.451540][ T8073]  should_failslab+0xc2/0x120
[  168.451560][ T8073]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  168.451578][ T8073]  ? getname_flags.part.0+0x4c/0x550
[  168.451602][ T8073]  ? vfs_write+0x306/0x1150
[  168.451629][ T8073]  getname_flags.part.0+0x4c/0x550
[  168.451652][ T8073]  getname+0x8d/0xe0
[  168.451675][ T8073]  do_sys_openat2+0x104/0x1e0
[  168.451693][ T8073]  ? __pfx_do_sys_openat2+0x10/0x10
[  168.451716][ T8073]  ? __fget_files+0x206/0x3a0
[  168.451737][ T8073]  __x64_sys_openat+0x175/0x210
[  168.451757][ T8073]  ? __pfx___x64_sys_openat+0x10/0x10
[  168.451776][ T8073]  ? ksys_write+0x1ba/0x250
[  168.451807][ T8073]  do_syscall_64+0xcd/0x250
[  168.451832][ T8073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.451857][ T8073] RIP: 0033:0x7fcbd418b750
[  168.451872][ T8073] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  168.451889][ T8073] RSP: 002b:00007fcbd5070b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  168.451906][ T8073] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fcbd418b750
[  168.451918][ T8073] RDX: 0000000000000002 RSI: 00007fcbd5070c10 RDI: 00000000ffffff9c
[  168.451928][ T8073] RBP: 00007fcbd5070c10 R08: 0000000000000000 R09: 00007fcbd5070987
[  168.451939][ T8073] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  168.451948][ T8073] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  168.451969][ T8073]  </TASK>
[  168.454200][ T6026] usb 6-1: USB disconnect, device number 30
[  168.456461][   T30] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  168.511334][ T6026] usblp1: removed
[  168.519531][   T30] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  168.519560][   T30] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  168.519577][   T30] usb 8-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  168.519603][   T30] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  168.519619][   T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.528684][   T30] usbtmc 8-1:16.0: bulk endpoints not found
[  168.864963][ T5293] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  168.999284][ T8077] e1000e 0000:00:02.0 eth1: NIC Link is Down
[  169.144823][ T8091] FAULT_INJECTION: forcing a failure.
[  169.144823][ T8091] name failslab, interval 1, probability 0, space 0, times 0
[  169.150550][ T8091] CPU: 1 UID: 0 PID: 8091 Comm: syz.0.722 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  169.150571][ T8091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.150583][ T8091] Call Trace:
[  169.150589][ T8091]  <TASK>
[  169.150595][ T8091]  dump_stack_lvl+0x16c/0x1f0
[  169.150623][ T8091]  should_fail_ex+0x50a/0x650
[  169.150648][ T8091]  ? fs_reclaim_acquire+0xae/0x150
[  169.150675][ T8091]  should_failslab+0xc2/0x120
[  169.150694][ T8091]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  169.150713][ T8091]  ? __alloc_skb+0x2b1/0x380
[  169.150737][ T8091]  __alloc_skb+0x2b1/0x380
[  169.150757][ T8091]  ? __pfx___alloc_skb+0x10/0x10
[  169.150779][ T8091]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  169.150803][ T8091]  netlink_alloc_large_skb+0x69/0x130
[  169.150825][ T8091]  netlink_sendmsg+0x689/0xd70
[  169.150848][ T8091]  ? __pfx_netlink_sendmsg+0x10/0x10
[  169.150875][ T8091]  ____sys_sendmsg+0xaaf/0xc90
[  169.150892][ T8091]  ? copy_msghdr_from_user+0x10b/0x160
[  169.150913][ T8091]  ? __pfx_____sys_sendmsg+0x10/0x10
[  169.150938][ T8091]  ___sys_sendmsg+0x135/0x1e0
[  169.150960][ T8091]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.150990][ T8091]  ? __pfx_lock_release+0x10/0x10
[  169.151015][ T8091]  ? trace_lock_acquire+0x14e/0x1f0
[  169.151040][ T8091]  ? __fget_files+0x206/0x3a0
[  169.151062][ T8091]  __sys_sendmsg+0x16e/0x220
[  169.151083][ T8091]  ? __pfx___sys_sendmsg+0x10/0x10
[  169.151123][ T8091]  do_syscall_64+0xcd/0x250
[  169.151144][ T8091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.151167][ T8091] RIP: 0033:0x7f734fb8cde9
[  169.151180][ T8091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.151196][ T8091] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  169.151211][ T8091] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  169.151221][ T8091] RDX: 0000000000000000 RSI: 00004000000010c0 RDI: 0000000000000004
[  169.151230][ T8091] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  169.151240][ T8091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.151249][ T8091] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  169.151269][ T8091]  </TASK>
[  169.384469][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.724'.
[  169.493102][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.582450][ T5293] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  169.587837][ T5293] Bluetooth: hci2: Injecting HCI hardware error event
[  169.712202][ T8111] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  169.714479][ T8111] overlayfs: failed to set xattr on upper
[  169.716205][ T8111] overlayfs: ...falling back to redirect_dir=nofollow.
[  169.719044][ T8111] overlayfs: ...falling back to index=off.
[  169.721201][ T8111] overlayfs: ...falling back to uuid=null.
[  169.726002][ T8111] FAULT_INJECTION: forcing a failure.
[  169.726002][ T8111] name failslab, interval 1, probability 0, space 0, times 0
[  169.727843][ T5951] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  169.778229][ T8111] CPU: 3 UID: 0 PID: 8111 Comm: syz.2.726 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  169.778259][ T8111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  169.778270][ T8111] Call Trace:
[  169.778276][ T8111]  <TASK>
[  169.778283][ T8111]  dump_stack_lvl+0x16c/0x1f0
[  169.778313][ T8111]  should_fail_ex+0x50a/0x650
[  169.778338][ T8111]  ? fs_reclaim_acquire+0xae/0x150
[  169.778365][ T8111]  should_failslab+0xc2/0x120
[  169.778385][ T8111]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  169.778404][ T8111]  ? __d_alloc+0x31/0xaa0
[  169.778427][ T8111]  __d_alloc+0x31/0xaa0
[  169.778447][ T8111]  d_alloc+0x4a/0x1e0
[  169.778467][ T8111]  lookup_one_qstr_excl+0xcb/0x190
[  169.778489][ T8111]  ? mnt_want_write+0x161/0x450
[  169.778514][ T8111]  filename_create+0x1ed/0x530
[  169.778539][ T8111]  ? __pfx_filename_create+0x10/0x10
[  169.778562][ T8111]  ? lock_acquire+0x2f/0xb0
[  169.778584][ T8111]  ? __virt_addr_valid+0x1a4/0x590
[  169.778605][ T8111]  ? __virt_addr_valid+0x5e/0x590
[  169.778622][ T8111]  do_mkdirat+0xab/0x3a0
[  169.778638][ T8111]  ? __pfx_do_mkdirat+0x10/0x10
[  169.778655][ T8111]  ? getname_flags.part.0+0x1c5/0x550
[  169.778677][ T8111]  __x64_sys_mkdir+0xef/0x140
[  169.778693][ T8111]  do_syscall_64+0xcd/0x250
[  169.778714][ T8111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.778739][ T8111] RIP: 0033:0x7f7db458cde9
[  169.778755][ T8111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.778772][ T8111] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  169.778790][ T8111] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  169.778802][ T8111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000300
[  169.778812][ T8111] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  169.778823][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.778833][ T8111] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  169.778851][ T8111]  </TASK>
[  169.952046][ T8097] debugfs: Directory 'ptm0' with parent 'caif_serial' already present!
[  170.083246][ T8102] IPVS: Error joining to the multicast group
[  170.306786][ T8129] FAULT_INJECTION: forcing a failure.
[  170.306786][ T8129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  170.318693][ T8129] CPU: 0 UID: 0 PID: 8129 Comm: syz.0.728 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  170.318718][ T8129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  170.318729][ T8129] Call Trace:
[  170.318735][ T8129]  <TASK>
[  170.318742][ T8129]  dump_stack_lvl+0x16c/0x1f0
[  170.318772][ T8129]  should_fail_ex+0x50a/0x650
[  170.318800][ T8129]  strncpy_from_user+0x3b/0x2d0
[  170.318824][ T8129]  getname_flags.part.0+0x8f/0x550
[  170.319138][ T8129]  getname_flags+0x93/0xf0
[  170.319167][ T8129]  user_path_create+0x24/0x50
[  170.319191][ T8129]  bpf_obj_pin_user+0xc4/0x340
[  170.319216][ T8129]  ? __might_fault+0xe3/0x190
[  170.319237][ T8129]  ? __pfx_bpf_obj_pin_user+0x10/0x10
[  170.319259][ T8129]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  170.319286][ T8129]  ? selinux_bpf+0xee/0x130
[  170.319306][ T8129]  __sys_bpf+0x401a/0x49c0
[  170.319324][ T8129]  ? __pfx_lock_release+0x10/0x10
[  170.319350][ T8129]  ? __pfx___sys_bpf+0x10/0x10
[  170.319366][ T8129]  ? vfs_write+0x306/0x1150
[  170.319396][ T8129]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  170.319430][ T8129]  ? fput+0x67/0x440
[  170.319455][ T8129]  ? ksys_write+0x1ba/0x250
[  170.319478][ T8129]  ? __pfx_ksys_write+0x10/0x10
[  170.319506][ T8129]  __x64_sys_bpf+0x78/0xc0
[  170.319524][ T8129]  ? lockdep_hardirqs_on+0x7c/0x110
[  170.319543][ T8129]  do_syscall_64+0xcd/0x250
[  170.319563][ T8129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.319587][ T8129] RIP: 0033:0x7f734fb8cde9
[  170.319602][ T8129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.319618][ T8129] RSP: 002b:00007f734d9d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  170.319636][ T8129] RAX: ffffffffffffffda RBX: 00007f734fda6080 RCX: 00007f734fb8cde9
[  170.319646][ T8129] RDX: 0000000000000018 RSI: 0000400000000240 RDI: 0000000000000006
[  170.319656][ T8129] RBP: 00007f734d9d5090 R08: 0000000000000000 R09: 0000000000000000
[  170.319666][ T8129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.319676][ T8129] R13: 0000000000000000 R14: 00007f734fda6080 R15: 00007ffecea88e38
[  170.319698][ T8129]  </TASK>
[  170.546999][   T39] audit: type=1400 audit(1739972064.331:489): avc:  denied  { block_suspend } for  pid=8123 comm="syz.1.729" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  170.615838][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.802476][ T8145] netlink: 8 bytes leftover after parsing attributes in process `syz.1.732'.
[  170.859694][ T5951] Bluetooth: hci2: command 0x0406 tx timeout
[  170.981003][ T5942] Bluetooth: hci2: hardware error 0x00
[  170.991888][   T30] usb 8-1: USB disconnect, device number 31
[  171.214753][   T39] audit: type=1400 audit(1739972065.211:490): avc:  denied  { create } for  pid=8146 comm="syz.0.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  171.266045][ T6026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.353634][ T8151] FAULT_INJECTION: forcing a failure.
[  171.353634][ T8151] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  171.363056][ T8151] CPU: 1 UID: 0 PID: 8151 Comm: syz.1.734 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  171.363198][ T8151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  171.363209][ T8151] Call Trace:
[  171.363216][ T8151]  <TASK>
[  171.363225][ T8151]  dump_stack_lvl+0x16c/0x1f0
[  171.363258][ T8151]  should_fail_ex+0x50a/0x650
[  171.363286][ T8151]  ? __pfx___might_resched+0x10/0x10
[  171.363319][ T8151]  should_fail_alloc_page+0xe7/0x130
[  171.363342][ T8151]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  171.363374][ T8151]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  171.363395][ T8151]  ? hlock_class+0x4e/0x130
[  171.363412][ T8151]  ? mark_lock+0xb5/0xc60
[  171.363439][ T8151]  ? __pfx_mark_lock+0x10/0x10
[  171.363462][ T8151]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  171.363483][ T8151]  ? mark_lock+0xb5/0xc60
[  171.363504][ T8151]  ? hlock_class+0x4e/0x130
[  171.363528][ T8151]  ? hlock_class+0x4e/0x130
[  171.363545][ T8151]  ? __lock_acquire+0xcc5/0x3c40
[  171.363569][ T8151]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  171.363599][ T8151]  ? policy_nodemask+0xea/0x4e0
[  171.363622][ T8151]  alloc_pages_mpol+0x1fc/0x540
[  171.363642][ T8151]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  171.363661][ T8151]  ? __lock_acquire+0x15a9/0x3c40
[  171.363690][ T8151]  folio_alloc_mpol_noprof+0x36/0x2f0
[  171.363714][ T8151]  vma_alloc_folio_noprof+0xee/0x1b0
[  171.363735][ T8151]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  171.363757][ T8151]  ? find_held_lock+0x2d/0x110
[  171.363781][ T8151]  do_pte_missing+0x202f/0x3e10
[  171.363806][ T8151]  __handle_mm_fault+0x1166/0x2c60
[  171.363831][ T8151]  ? __pfx___handle_mm_fault+0x10/0x10
[  171.363848][ T8151]  ? follow_page_pte+0x3ac/0x1490
[  171.363875][ T8151]  ? __pfx_lock_release+0x10/0x10
[  171.363916][ T8151]  handle_mm_fault+0x3fa/0xaa0
[  171.363937][ T8151]  __get_user_pages+0x773/0x36f0
[  171.363959][ T8151]  ? __pfx_mt_find+0x10/0x10
[  171.363977][ T8151]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  171.364000][ T8151]  ? __pfx___get_user_pages+0x10/0x10
[  171.364035][ T8151]  populate_vma_page_range+0x27f/0x3a0
[  171.364055][ T8151]  ? __pfx_populate_vma_page_range+0x10/0x10
[  171.364072][ T8151]  ? __pfx_find_vma_intersection+0x10/0x10
[  171.364123][ T8151]  ? rcu_is_watching+0x12/0xc0
[  171.364154][ T8151]  __mm_populate+0x1d6/0x380
[  171.364173][ T8151]  ? __pfx___mm_populate+0x10/0x10
[  171.364190][ T8151]  ? up_write+0x1b2/0x520
[  171.364217][ T8151]  do_mlock+0x448/0x810
[  171.364236][ T8151]  ? __fget_files+0x206/0x3a0
[  171.364254][ T8151]  ? __pfx_do_mlock+0x10/0x10
[  171.364273][ T8151]  ? fput+0x67/0x440
[  171.364291][ T8151]  ? ksys_write+0x1ba/0x250
[  171.364315][ T8151]  ? __pfx_ksys_write+0x10/0x10
[  171.364343][ T8151]  __x64_sys_mlock+0x59/0x80
[  171.364361][ T8151]  do_syscall_64+0xcd/0x250
[  171.364383][ T8151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.364405][ T8151] RIP: 0033:0x7fcbd418cde9
[  171.364421][ T8151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.364437][ T8151] RSP: 002b:00007fcbd5071038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  171.364454][ T8151] RAX: ffffffffffffffda RBX: 00007fcbd43a5fa0 RCX: 00007fcbd418cde9
[  171.364464][ T8151] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000400000000000
[  171.364474][ T8151] RBP: 00007fcbd5071090 R08: 0000000000000000 R09: 0000000000000000
[  171.364484][ T8151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.364493][ T8151] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  171.364516][ T8151]  </TASK>
[  171.715710][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.903432][ T8160] syzkaller1: entered promiscuous mode
[  171.906228][ T8160] syzkaller1: entered allmulticast mode
[  172.130069][   T39] audit: type=1400 audit(1739972066.131:491): avc:  denied  { create } for  pid=8162 comm="syz.1.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.164552][   T39] audit: type=1400 audit(1739972066.141:492): avc:  denied  { ioctl } for  pid=8162 comm="syz.1.740" path="socket:[20612]" dev="sockfs" ino=20612 ioctlcmd=0x89a1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.196115][   T39] audit: type=1400 audit(1739972066.191:493): avc:  denied  { bind } for  pid=8162 comm="syz.1.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.207973][ T8165] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[  172.254078][   T39] audit: type=1400 audit(1739972066.251:494): avc:  denied  { write } for  pid=8162 comm="syz.1.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  172.451748][ T5949] syz_tun (unregistering): left promiscuous mode
[  172.544012][ T5951] Bluetooth: hci2: unexpected cc 0x1004 length: 39 > 11
[  172.547377][ T5951] Bluetooth: hci2: unexpected event for opcode 0x1004
[  172.653903][ T1147] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.757967][   T30] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  172.791294][ T5316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.813661][ T1147] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.857518][   T39] audit: type=1400 audit(1739972066.851:495): avc:  denied  { execute } for  pid=8184 comm="syz-executor" name="syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  172.884422][   T39] audit: type=1400 audit(1739972066.861:496): avc:  denied  { execute_no_trans } for  pid=8184 comm="syz-executor" path="/syz-executor" dev="sda1" ino=1924 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1
[  172.972405][   T30] usb 6-1: Using ep0 maxpacket: 8
[  172.996569][ T1147] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.001887][   T30] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  173.019092][   T30] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  173.022847][   T30] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  173.027264][   T30] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  173.049464][   T30] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  173.053795][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.094535][ T5942] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  173.105407][   T30] usbtmc 6-1:16.0: bulk endpoints not found
[  173.154547][ T1147] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.318065][ T6003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.376258][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  173.442119][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  173.456906][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  173.485377][ T8198] netlink: 204 bytes leftover after parsing attributes in process `syz.2.751'.
[  173.545388][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  173.578032][ T5951] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  173.585079][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  173.648038][   T39] audit: type=1400 audit(1739972067.631:497): avc:  denied  { mounton } for  pid=8191 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  173.820485][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.849792][ T8216] autofs: Unknown parameter './file1'
[  173.853928][ T8217] autofs: Unknown parameter './file1'
[  173.895839][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.960302][   T35] hid-generic 0D31:0002:0040.0012: item fetching failed at offset 0/2
[  173.964287][   T35] hid-generic 0D31:0002:0040.0012: probe with driver hid-generic failed with error -22
[  174.298331][ T6026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.746732][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.764658][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.793604][ T1147] bond0 (unregistering): Released all slaves
[  174.853547][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.921076][ T8230] syzkaller1: entered promiscuous mode
[  174.924123][ T8230] syzkaller1: entered allmulticast mode
[  175.560127][ T6003] usb 6-1: USB disconnect, device number 31
[  175.736833][ T5942] Bluetooth: hci3: command tx timeout
[  175.813478][   T39] audit: type=1400 audit(1739972069.811:498): avc:  denied  { create } for  pid=8236 comm="syz.1.758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  175.890936][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.943132][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.339685][ T6026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.817423][ T5942] Bluetooth: hci3: command tx timeout
[  177.985971][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.037173][ T6026] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.052765][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.901300][ T5942] Bluetooth: hci3: command tx timeout
[  180.137383][ T5316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.177829][ T5316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.824227][ T8255] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.987817][ T5942] Bluetooth: hci3: command tx timeout
[  182.070998][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.094718][ T8273] openvswitch: netlink: ct_state flags 010000e0 unsupported
[  182.123672][ T8191] chnl_net:caif_netlink_parms(): no params data found
[  182.158278][ T6021] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  182.177171][ T1147] batadv_slave_0: left promiscuous mode
[  182.221950][ T8277] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=45 sclass=netlink_audit_socket pid=8277 comm=syz.1.767
[  182.239875][ T8277] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  182.244565][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.249672][ T1147] hsr_slave_0: left promiscuous mode
[  182.311179][ T1147] hsr_slave_1: left promiscuous mode
[  182.315197][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.324231][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.337831][ T6021] usb 5-1: Using ep0 maxpacket: 8
[  182.373610][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.377000][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  182.392108][ T6021] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  182.407126][ T6021] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  182.413132][ T6021] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  182.435179][ T6021] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  182.441403][ T6021] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.442631][ T1147] veth1_macvtap: left promiscuous mode
[  182.466494][ T6021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.486157][ T1147] veth0_macvtap: left promiscuous mode
[  182.486268][ T1147] veth1_vlan: left promiscuous mode
[  182.486665][ T1147] veth0_vlan: left promiscuous mode
[  182.520691][ T6021] usbtmc 5-1:16.0: bulk endpoints not found
[  182.608093][   T30] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[  182.770410][   T30] usb 7-1: Using ep0 maxpacket: 8
[  182.866665][   T30] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  182.867945][ T6003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  182.881172][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  182.881203][   T30] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  182.881221][   T30] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  182.881251][   T30] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  182.881266][   T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.162069][   T30] usb 7-1: GET_CAPABILITIES returned 0
[  183.167491][   T30] usbtmc 7-1:16.0: can't read capabilities
[  183.275950][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.377009][ T8281] FAULT_INJECTION: forcing a failure.
[  183.377009][ T8281] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.397957][ T8281] CPU: 2 UID: 0 PID: 8281 Comm: syz.2.768 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  183.397986][ T8281] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  183.397996][ T8281] Call Trace:
[  183.398004][ T8281]  <TASK>
[  183.398013][ T8281]  dump_stack_lvl+0x16c/0x1f0
[  183.398041][ T8281]  should_fail_ex+0x50a/0x650
[  183.398068][ T8281]  _copy_from_user+0x2e/0xd0
[  183.398083][ T8281]  usbtmc_write+0x637/0xcc0
[  183.398107][ T8281]  ? __pfx_usbtmc_write+0x10/0x10
[  183.398121][ T8281]  ? bpf_lsm_file_permission+0x9/0x10
[  183.398140][ T8281]  ? security_file_permission+0x71/0x210
[  183.398166][ T8281]  ? rw_verify_area+0xcf/0x680
[  183.398191][ T8281]  ? __pfx_usbtmc_write+0x10/0x10
[  183.398206][ T8281]  vfs_write+0x24c/0x1150
[  183.398231][ T8281]  ? __fget_files+0x1fc/0x3a0
[  183.398248][ T8281]  ? __pfx_lock_release+0x10/0x10
[  183.398275][ T8281]  ? __pfx_vfs_write+0x10/0x10
[  183.398304][ T8281]  ? lock_acquire+0x2f/0xb0
[  183.398332][ T8281]  ? __fget_files+0x40/0x3a0
[  183.398351][ T8281]  ? __fget_files+0x206/0x3a0
[  183.398375][ T8281]  ksys_write+0x12b/0x250
[  183.398399][ T8281]  ? __pfx_ksys_write+0x10/0x10
[  183.398431][ T8281]  do_syscall_64+0xcd/0x250
[  183.398453][ T8281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.398479][ T8281] RIP: 0033:0x7f7db458cde9
[  183.398631][ T8281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.398648][ T8281] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  183.398665][ T8281] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  183.398677][ T8281] RDX: 00000000000003f6 RSI: 00004000000003c0 RDI: 0000000000000004
[  183.398688][ T8281] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  183.398699][ T8281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  183.398710][ T8281] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  183.398734][ T8281]  </TASK>
[  183.415743][ T6021] usb 7-1: USB disconnect, device number 25
[  183.621305][ T1147] team0 (unregistering): Port device vlan0 removed
[  184.134297][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.303328][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.929049][    T8] usb 5-1: USB disconnect, device number 31
[  185.102422][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.203629][   T39] audit: type=1800 audit(1739972079.161:499): pid=8293 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.2.771" name="bus" dev="overlay" ino=1246 res=0 errno=0
[  185.341449][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.628167][ T8299] netlink: 'syz.2.772': attribute type 10 has an invalid length.
[  186.398364][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.482929][ T1147] team0 (unregistering): Port device team_slave_1 removed
[  186.760365][ T1147] team0 (unregistering): Port device team_slave_0 removed
[  187.420691][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.138166][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.464060][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.276143][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.314781][   T76] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.320148][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.344636][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.488365][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.031313][ T8299] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  190.169728][ T6003] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  190.285527][ T8316] FAULT_INJECTION: forcing a failure.
[  190.285527][ T8316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.304994][ T8316] CPU: 3 UID: 0 PID: 8316 Comm: syz.2.776 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  190.305025][ T8316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  190.305034][ T8316] Call Trace:
[  190.305040][ T8316]  <TASK>
[  190.305048][ T8316]  dump_stack_lvl+0x16c/0x1f0
[  190.305078][ T8316]  should_fail_ex+0x50a/0x650
[  190.305114][ T8316]  _copy_from_iter+0x2a1/0x1560
[  190.305131][ T8316]  ? trace_lock_acquire+0x14e/0x1f0
[  190.305150][ T8316]  ? __alloc_skb+0x1fe/0x380
[  190.305173][ T8316]  ? __pfx__copy_from_iter+0x10/0x10
[  190.305184][ T8316]  ? __virt_addr_valid+0x1a4/0x590
[  190.305201][ T8316]  ? __virt_addr_valid+0x5e/0x590
[  190.305216][ T8316]  ? __phys_addr_symbol+0x30/0x80
[  190.305231][ T8316]  ? __check_object_size+0x488/0x710
[  190.305256][ T8316]  netlink_sendmsg+0x813/0xd70
[  190.305280][ T8316]  ? __pfx_netlink_sendmsg+0x10/0x10
[  190.305306][ T8316]  ____sys_sendmsg+0xaaf/0xc90
[  190.305322][ T8316]  ? copy_msghdr_from_user+0x10b/0x160
[  190.305344][ T8316]  ? __pfx_____sys_sendmsg+0x10/0x10
[  190.305368][ T8316]  ___sys_sendmsg+0x135/0x1e0
[  190.305390][ T8316]  ? __pfx____sys_sendmsg+0x10/0x10
[  190.305420][ T8316]  ? __pfx_lock_release+0x10/0x10
[  190.305436][ T8316]  ? trace_lock_acquire+0x14e/0x1f0
[  190.305460][ T8316]  ? __fget_files+0x206/0x3a0
[  190.305483][ T8316]  __sys_sendmsg+0x16e/0x220
[  190.305504][ T8316]  ? __pfx___sys_sendmsg+0x10/0x10
[  190.305529][ T8316]  do_syscall_64+0xcd/0x250
[  190.305544][ T8316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.305560][ T8316] RIP: 0033:0x7f7db458cde9
[  190.305571][ T8316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.305582][ T8316] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.305594][ T8316] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  190.305601][ T8316] RDX: 0000000000000000 RSI: 00004000000005c0 RDI: 0000000000000004
[  190.305607][ T8316] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  190.305613][ T8316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.305619][ T8316] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  190.305631][ T8316]  </TASK>
[  190.317265][ T8191] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.386194][ T6003] usb 6-1: Using ep0 maxpacket: 8
[  190.392333][ T8191] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.396329][ T6003] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  190.396578][ T8191] bridge_slave_0: entered allmulticast mode
[  190.398732][ T6003] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  190.402009][ T8191] bridge_slave_0: entered promiscuous mode
[  190.403459][ T6003] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  190.440330][ T8191] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.470562][   T39] audit: type=1400 audit(1739972084.471:500): avc:  denied  { create } for  pid=8319 comm="syz.2.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  190.477777][ T6003] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  190.488357][ T8191] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.488544][ T8191] bridge_slave_1: entered allmulticast mode
[  190.489486][ T8191] bridge_slave_1: entered promiscuous mode
[  190.506693][   T39] audit: type=1400 audit(1739972084.481:501): avc:  denied  { bind } for  pid=8319 comm="syz.2.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  190.507367][ T6003] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  190.516188][   T39] audit: type=1400 audit(1739972084.491:502): avc:  denied  { sqpoll } for  pid=8319 comm="syz.2.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  190.518040][ T6003] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.528256][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.605542][   T39] audit: type=1400 audit(1739972084.521:503): avc:  denied  { create } for  pid=8319 comm="syz.2.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  190.844373][ T6003] usb 6-1: GET_CAPABILITIES returned 0
[  190.848052][ T6003] usbtmc 6-1:16.0: can't read capabilities
[  190.935459][ T8191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.034293][ T8191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.169488][    T8] usb 6-1: USB disconnect, device number 32
[  191.207120][   T39] audit: type=1400 audit(1739972085.191:504): avc:  denied  { sys_chroot } for  pid=8334 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  191.228846][   T39] audit: type=1400 audit(1739972085.191:505): avc:  denied  { setgid } for  pid=8334 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  191.265646][ T8191] team0: Port device team_slave_0 added
[  191.267398][ T8191] team0: Port device team_slave_1 added
[  191.308015][ T1019] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  191.387405][ T8191] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.390820][ T8191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.407652][ T8191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.416868][ T8337] pimreg: entered allmulticast mode
[  191.443498][ T8191] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.443516][ T8191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.443537][ T8191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.507795][ T1019] usb 5-1: Using ep0 maxpacket: 8
[  191.519246][ T1019] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  191.524659][ T1019] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  191.531904][ T1019] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  191.538855][ T1019] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  191.547491][ T1019] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  191.554747][ T1019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.575423][ T8191] hsr_slave_0: entered promiscuous mode
[  191.576652][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  191.585598][ T8191] hsr_slave_1: entered promiscuous mode
[  191.593809][ T8191] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.596360][ T1019] usbtmc 5-1:16.0: bulk endpoints not found
[  191.608697][ T8191] Cannot create hsr debugfs directory
[  191.701916][ T8340] netlink: 'syz.2.780': attribute type 9 has an invalid length.
[  191.706056][ T8340] netlink: 28 bytes leftover after parsing attributes in process `syz.2.780'.
[  191.718351][   T39] audit: type=1400 audit(1739972085.701:506): avc:  denied  { accept } for  pid=8338 comm="syz.2.780" path="socket:[21821]" dev="sockfs" ino=21821 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  192.037856][    T8] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  192.198373][    T8] usb 6-1: Using ep0 maxpacket: 8
[  192.215764][    T8] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  192.228127][    T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  192.247413][    T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  192.261119][    T8] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.273324][    T8] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  192.282224][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.373374][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.452938][ T6003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.538023][    T8] usb 6-1: GET_CAPABILITIES returned 0
[  192.541380][    T8] usbtmc 6-1:16.0: can't read capabilities
[  192.744290][    T8] usb 6-1: USB disconnect, device number 33
[  192.861245][ T8191] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  192.898171][ T8191] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  192.906296][ T8191] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  192.942112][ T8191] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  193.062690][ T8191] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.094293][ T8191] 8021q: adding VLAN 0 to HW filter on device team0
[  193.110409][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.131489][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.179385][ T1179] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.182532][ T1179] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.271984][ T8191] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  193.303917][   T39] audit: type=1400 audit(1739972087.281:507): avc:  denied  { module_request } for  pid=8191 comm="syz-executor" kmod="netdev-nicvf0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  193.677923][   T30] net_ratelimit: 1 callbacks suppressed
[  193.677940][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.706027][ T8191] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.764303][ T8374] netlink: 'syz.1.783': attribute type 1 has an invalid length.
[  193.793827][ T8191] veth0_vlan: entered promiscuous mode
[  193.803472][ T8191] veth1_vlan: entered promiscuous mode
[  193.856492][ T8191] veth0_macvtap: entered promiscuous mode
[  193.891851][ T8191] veth1_macvtap: entered promiscuous mode
[  193.923102][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.958291][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.985744][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.005288][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.012328][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.021546][ T8396] FAULT_INJECTION: forcing a failure.
[  194.021546][ T8396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.026757][ T8396] CPU: 1 UID: 0 PID: 8396 Comm: syz.1.787 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  194.026784][ T8396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  194.026795][ T8396] Call Trace:
[  194.026801][ T8396]  <TASK>
[  194.026808][ T8396]  dump_stack_lvl+0x16c/0x1f0
[  194.026838][ T8396]  should_fail_ex+0x50a/0x650
[  194.026866][ T8396]  _copy_from_iter+0x2a1/0x1560
[  194.026908][ T8396]  ? trace_lock_acquire+0x14e/0x1f0
[  194.026928][ T8396]  ? __alloc_skb+0x1fe/0x380
[  194.026949][ T8396]  ? __pfx__copy_from_iter+0x10/0x10
[  194.026963][ T8396]  ? __virt_addr_valid+0x1a4/0x590
[  194.026983][ T8396]  ? __virt_addr_valid+0x5e/0x590
[  194.026998][ T8396]  ? __phys_addr_symbol+0x30/0x80
[  194.027012][ T8396]  ? __check_object_size+0x488/0x710
[  194.027035][ T8396]  netlink_sendmsg+0x813/0xd70
[  194.027059][ T8396]  ? __pfx_netlink_sendmsg+0x10/0x10
[  194.027086][ T8396]  ____sys_sendmsg+0xaaf/0xc90
[  194.027102][ T8396]  ? copy_msghdr_from_user+0x10b/0x160
[  194.027128][ T8396]  ? __pfx_____sys_sendmsg+0x10/0x10
[  194.027155][ T8396]  ___sys_sendmsg+0x135/0x1e0
[  194.027180][ T8396]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.027214][ T8396]  ? __pfx_lock_release+0x10/0x10
[  194.027238][ T8396]  ? trace_lock_acquire+0x14e/0x1f0
[  194.027267][ T8396]  ? __fget_files+0x206/0x3a0
[  194.027293][ T8396]  __sys_sendmsg+0x16e/0x220
[  194.027319][ T8396]  ? __pfx___sys_sendmsg+0x10/0x10
[  194.027356][ T8396]  do_syscall_64+0xcd/0x250
[  194.027378][ T8396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.027403][ T8396] RIP: 0033:0x7fcbd418cde9
[  194.027418][ T8396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.027434][ T8396] RSP: 002b:00007fcbd5071038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.027452][ T8396] RAX: ffffffffffffffda RBX: 00007fcbd43a5fa0 RCX: 00007fcbd418cde9
[  194.027495][ T8396] RDX: 0000000004040800 RSI: 00004000000002c0 RDI: 0000000000000004
[  194.027507][ T8396] RBP: 00007fcbd5071090 R08: 0000000000000000 R09: 0000000000000000
[  194.027517][ T8396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.027527][ T8396] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  194.027550][ T8396]  </TASK>
[  194.048636][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.093955][   T30] usb 5-1: USB disconnect, device number 32
[  194.102632][ T8191] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.208718][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.218123][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.223223][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.231473][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.232094][ T8400] netlink: 12 bytes leftover after parsing attributes in process `syz.1.788'.
[  194.237510][ T8191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.255254][ T8191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.263300][ T8191] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.310996][ T8191] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.317476][ T8191] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.329679][ T8191] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.340329][ T8191] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.366635][ T8409] netlink: 'syz.1.790': attribute type 1 has an invalid length.
[  194.394212][ T1418] ieee802154 phy0 wpan0: encryption failed: -22
[  194.411803][ T1418] ieee802154 phy1 wpan1: encryption failed: -22
[  194.414550][ T8409] bond1: (slave vcan2): The slave device specified does not support setting the MAC address
[  194.434464][ T8409] bond1: (slave vcan2): Enslaving as a backup interface with an up link
[  194.641252][ T1179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.646430][ T1179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.708883][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.711278][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  194.758798][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  194.818746][   T39] audit: type=1400 audit(1739972088.811:508): avc:  denied  { mounton } for  pid=8191 comm="syz-executor" path="/syzkaller.xoUekr/syz-tmp" dev="sda1" ino=1942 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[  194.855176][   T39] audit: type=1400 audit(1739972088.841:509): avc:  denied  { mounton } for  pid=8191 comm="syz-executor" path="/syzkaller.xoUekr/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  195.008807][ T1147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.031973][ T6021] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.055650][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.418072][ T5950] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  195.597981][ T5950] usb 6-1: Using ep0 maxpacket: 8
[  195.623403][ T5950] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  195.656823][ T5950] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  195.667383][ T5950] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.677268][ T8452] ALSA: mixer_oss: invalid OSS volume ''
[  195.742160][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.812876][ T8455] 9pnet_fd: Insufficient options for proto=fd
[  196.037407][ T8462] FAULT_INJECTION: forcing a failure.
[  196.037407][ T8462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.054457][ T8462] CPU: 2 UID: 0 PID: 8462 Comm: syz.0.801 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  196.054482][ T8462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  196.054603][ T8462] Call Trace:
[  196.054613][ T8462]  <TASK>
[  196.054622][ T8462]  dump_stack_lvl+0x16c/0x1f0
[  196.054652][ T8462]  should_fail_ex+0x50a/0x650
[  196.054680][ T8462]  _copy_from_user+0x2e/0xd0
[  196.054698][ T8462]  input_event_from_user+0x134/0x3b0
[  196.054720][ T8462]  ? __pfx_input_event_from_user+0x10/0x10
[  196.054737][ T8462]  ? __pfx___might_resched+0x10/0x10
[  196.054764][ T8462]  ? input_inject_event+0x51/0x380
[  196.054784][ T8462]  evdev_write+0x377/0x750
[  196.054805][ T8462]  ? __pfx_evdev_write+0x10/0x10
[  196.054822][ T8462]  ? bpf_lsm_file_permission+0x9/0x10
[  196.054841][ T8462]  ? security_file_permission+0x71/0x210
[  196.054874][ T8462]  ? rw_verify_area+0xcf/0x680
[  196.054899][ T8462]  ? __pfx_evdev_write+0x10/0x10
[  196.054915][ T8462]  vfs_write+0x24c/0x1150
[  196.054941][ T8462]  ? __fget_files+0x1fc/0x3a0
[  196.054958][ T8462]  ? __pfx_lock_release+0x10/0x10
[  196.054984][ T8462]  ? __pfx_vfs_write+0x10/0x10
[  196.055011][ T8462]  ? lock_acquire+0x2f/0xb0
[  196.055034][ T8462]  ? __fget_files+0x40/0x3a0
[  196.055055][ T8462]  ? __fget_files+0x206/0x3a0
[  196.055081][ T8462]  ksys_write+0x207/0x250
[  196.055106][ T8462]  ? __pfx_ksys_write+0x10/0x10
[  196.055140][ T8462]  do_syscall_64+0xcd/0x250
[  196.055165][ T8462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.055187][ T8462] RIP: 0033:0x7f734fb8cde9
[  196.055203][ T8462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.055219][ T8462] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  196.055236][ T8462] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  196.055247][ T8462] RDX: 0000000000000918 RSI: 0000400000000040 RDI: 0000000000000004
[  196.055257][ T8462] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  196.055267][ T8462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.055278][ T8462] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  196.055299][ T8462]  </TASK>
[  196.340494][ T8466] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 581
[  196.433663][   T39] kauditd_printk_skb: 3 callbacks suppressed
[  196.433679][   T39] audit: type=1400 audit(1739972090.431:513): avc:  denied  { create } for  pid=8470 comm="syz.0.804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  196.770264][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.229349][   T39] audit: type=1400 audit(1739972091.231:514): avc:  denied  { map } for  pid=8474 comm="syz.0.805" path="socket:[22456]" dev="sockfs" ino=22456 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  197.239636][   T39] audit: type=1400 audit(1739972091.231:515): avc:  denied  { read accept } for  pid=8474 comm="syz.0.805" path="socket:[22456]" dev="sockfs" ino=22456 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  197.814259][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.108021][ T8478] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.163065][ T5950] usb 6-1: USB disconnect, device number 34
[  198.858219][ T5950] net_ratelimit: 1 callbacks suppressed
[  198.858242][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.242512][ T8488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.809'.
[  199.339653][ T8490] FAULT_INJECTION: forcing a failure.
[  199.339653][ T8490] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.344076][ T8490] CPU: 0 UID: 0 PID: 8490 Comm: syz.1.810 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  199.344098][ T8490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  199.344107][ T8490] Call Trace:
[  199.344113][ T8490]  <TASK>
[  199.344119][ T8490]  dump_stack_lvl+0x16c/0x1f0
[  199.344147][ T8490]  should_fail_ex+0x50a/0x650
[  199.344175][ T8490]  _copy_from_user+0x2e/0xd0
[  199.344191][ T8490]  get_user_ifreq+0xf1/0x250
[  199.344217][ T8490]  sock_do_ioctl+0x16c/0x280
[  199.344232][ T8490]  ? __pfx_sock_do_ioctl+0x10/0x10
[  199.344251][ T8490]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  199.344276][ T8490]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  199.344301][ T8490]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  199.344329][ T8490]  sock_ioctl+0x228/0x6c0
[  199.344345][ T8490]  ? __pfx_sock_ioctl+0x10/0x10
[  199.344366][ T8490]  ? selinux_file_ioctl+0x180/0x270
[  199.344388][ T8490]  ? selinux_file_ioctl+0xb4/0x270
[  199.344411][ T8490]  ? __pfx_sock_ioctl+0x10/0x10
[  199.344428][ T8490]  __x64_sys_ioctl+0x190/0x200
[  199.344454][ T8490]  do_syscall_64+0xcd/0x250
[  199.344475][ T8490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.344498][ T8490] RIP: 0033:0x7fcbd418cde9
[  199.344510][ T8490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.344526][ T8490] RSP: 002b:00007fcbd5071038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  199.344541][ T8490] RAX: ffffffffffffffda RBX: 00007fcbd43a5fa0 RCX: 00007fcbd418cde9
[  199.344551][ T8490] RDX: 0000400000000000 RSI: 0000000000008914 RDI: 0000000000000007
[  199.344561][ T8490] RBP: 00007fcbd5071090 R08: 0000000000000000 R09: 0000000000000000
[  199.344570][ T8490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.344579][ T8490] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  199.344600][ T8490]  </TASK>
[  199.418488][ T8493] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.475818][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.847926][   T30] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  199.864773][    C2] vkms_vblank_simulate: vblank timer overrun
[  199.888118][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.009221][   T30] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  200.016651][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.036712][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.050207][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.063976][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.068989][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.079659][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.085312][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.091618][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.106974][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.114095][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.123540][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.129503][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  200.131318][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.164068][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  200.169283][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.169844][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  200.173771][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.173804][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.176058][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.200723][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  200.210910][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.210939][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.217448][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.250253][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.255438][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.261067][ T5951] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  200.271166][   T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.275578][   T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.281413][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  200.283631][   T30] usb 6-1: config 0 interface 0 has no altsetting 0
[  200.328340][   T30] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  200.342680][   T30] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  200.352367][ T1022] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  200.369028][   T30] usb 6-1: Product: syz
[  200.389942][   T30] usb 6-1: Manufacturer: syz
[  200.391659][   T30] usb 6-1: SerialNumber: syz
[  200.396570][   T99] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.406561][   T30] usb 6-1: config 0 descriptor??
[  200.467404][   T30] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0
[  200.516029][    C2] vkms_vblank_simulate: vblank timer overrun
[  200.549238][ T1022] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.553912][ T1022] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  200.574607][ T1022] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.580411][   T99] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.586689][ T1022] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.598378][ T1022] usb 5-1: Product: syz
[  200.616575][ T1022] usb 5-1: Manufacturer: syz
[  200.619042][ T1022] usb 5-1: SerialNumber: syz
[  200.687141][   T25] usb 6-1: USB disconnect, device number 35
[  200.697142][   T25] yurex 6-1:0.0: USB YUREX #0 now disconnected
[  200.780280][   T99] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.869671][ T8503] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  200.952492][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.952492][   T99] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.990982][ T8504] chnl_net:caif_netlink_parms(): no params data found
[  201.198946][   T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.244250][   T25] usb 6-1: new low-speed USB device number 36 using dummy_hcd
[  201.248865][ T8504] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.261125][ T8504] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.263615][ T8504] bridge_slave_0: entered allmulticast mode
[  201.276529][ T8504] bridge_slave_0: entered promiscuous mode
[  201.323973][    C2] vkms_vblank_simulate: vblank timer overrun
[  201.328143][ T8504] bridge0: port 2(bridge_slave_1) entered blocking state
[  201.331669][ T8504] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.339236][ T8504] bridge_slave_1: entered allmulticast mode
[  201.345531][ T8504] bridge_slave_1: entered promiscuous mode
[  201.413596][   T25] usb 6-1: device descriptor read/64, error -71
[  201.483248][ T8504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.520879][ T8504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.529316][ T8503] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  201.610236][   T99] bridge_slave_1: left allmulticast mode
[  201.612483][   T99] bridge_slave_1: left promiscuous mode
[  201.617835][   T99] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.641477][   T99] bridge_slave_0: left allmulticast mode
[  201.658619][   T99] bridge_slave_0: left promiscuous mode
[  201.677919][   T25] usb 6-1: new low-speed USB device number 37 using dummy_hcd
[  201.689358][   T99] bridge0: port 1(bridge_slave_0) entered disabled state
[  201.739913][ T1022] cdc_mbim 5-1:1.0: MAC-Address: 42:42:42:42:42:42
[  201.746346][ T1022] cdc_mbim 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  201.754633][ T1022] cdc_mbim 5-1:1.0: setting rx_max = 2048
[  201.852253][   T25] usb 6-1: device descriptor read/64, error -71
[  201.963505][ T1022] cdc_mbim 5-1:1.0: setting tx_max = 184
[  201.969136][   T25] usb usb6-port1: attempt power cycle
[  201.975701][ T1022] cdc_mbim 5-1:1.0: cdc-wdm0: USB WDM device
[  201.997908][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.007466][ T1022] wwan wwan0: port wwan0mbim0 attached
[  202.110525][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.342964][   T25] usb 6-1: new low-speed USB device number 38 using dummy_hcd
[  202.362983][    C2] vkms_vblank_simulate: vblank timer overrun
[  202.368188][ T5951] Bluetooth: hci3: command tx timeout
[  202.396442][   T25] usb 6-1: device descriptor read/8, error -71
[  202.598833][    C2] vkms_vblank_simulate: vblank timer overrun
[  202.667968][   T25] usb 6-1: new low-speed USB device number 39 using dummy_hcd
[  202.815627][    C2] vkms_vblank_simulate: vblank timer overrun
[  202.880926][   T25] usb 6-1: device not accepting address 39, error -71
[  202.913898][   T25] usb usb6-port1: unable to enumerate USB device
[  203.019234][   T99] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.023117][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  203.069326][   T99] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.092289][   T99] bond0 (unregistering): Released all slaves
[  203.180181][ T1022] cdc_mbim 5-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 42:42:42:42:42:42
[  203.293298][ T1022] usb 5-1: USB disconnect, device number 33
[  203.296681][ T1022] cdc_mbim 5-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  203.362714][ T8504] team0: Port device team_slave_0 added
[  203.388802][ T8504] team0: Port device team_slave_1 added
[  203.583785][ T1022] wwan wwan0: port wwan0mbim0 disconnected
[  203.614326][ T8542] netlink: 2 bytes leftover after parsing attributes in process `syz.1.821'.
[  203.672995][   T39] audit: type=1400 audit(1739972097.651:516): avc:  denied  { watch watch_reads } for  pid=8541 comm="syz.1.821" path="/203/file0" dev="tmpfs" ino=1110 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  203.713373][ T8546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.821'.
[  203.762673][ T8546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.821'.
[  203.788984][ T8504] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.791569][ T8504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.805112][ T8504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.806614][ T8550] FAULT_INJECTION: forcing a failure.
[  203.806614][ T8550] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  203.816278][ T8504] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.818415][ T8550] CPU: 1 UID: 0 PID: 8550 Comm: syz.0.823 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  203.818440][ T8550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  203.818450][ T8550] Call Trace:
[  203.818456][ T8550]  <TASK>
[  203.818463][ T8550]  dump_stack_lvl+0x16c/0x1f0
[  203.818492][ T8550]  should_fail_ex+0x50a/0x650
[  203.818513][ T8550]  ? __pfx___might_resched+0x10/0x10
[  203.818540][ T8550]  should_fail_alloc_page+0xe7/0x130
[  203.818560][ T8550]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  203.818583][ T8550]  ? mark_lock+0xb5/0xc60
[  203.818606][ T8550]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  203.818623][ T8550]  ? __pfx_mark_lock+0x10/0x10
[  203.818638][ T8550]  ? mark_lock+0xb5/0xc60
[  203.818657][ T8550]  ? hlock_class+0x4e/0x130
[  203.818672][ T8550]  ? __lock_acquire+0xcc5/0x3c40
[  203.818692][ T8550]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  203.818721][ T8550]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  203.818747][ T8550]  ? policy_nodemask+0xea/0x4e0
[  203.818766][ T8550]  alloc_pages_mpol+0x1fc/0x540
[  203.818794][ T8550]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  203.818812][ T8550]  ? filemap_get_read_batch+0xd7/0x960
[  203.818838][ T8550]  folio_alloc_noprof+0x20/0x2d0
[  203.818857][ T8550]  filemap_alloc_folio_noprof+0x39b/0x470
[  203.818876][ T8550]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  203.818893][ T8550]  ? page_cache_sync_ra+0x158/0xa30
[  203.818918][ T8550]  filemap_get_pages+0xd22/0x1c30
[  203.818946][ T8550]  ? __pfx_filemap_get_pages+0x10/0x10
[  203.818971][ T8550]  ? __pfx___might_resched+0x10/0x10
[  203.818992][ T8550]  ? mlock_drain_local+0x24c/0x4f0
[  203.819014][ T8550]  filemap_splice_read+0x5cc/0xd00
[  203.819034][ T8550]  ? __pfx_filemap_splice_read+0x10/0x10
[  203.819070][ T8550]  ? lockdep_init_map_type+0x16d/0x7d0
[  203.819098][ T8550]  ? __pfx_filemap_splice_read+0x10/0x10
[  203.819113][ T8550]  do_splice_read+0x282/0x370
[  203.819139][ T8550]  splice_direct_to_actor+0x2a4/0xa40
[  203.819160][ T8550]  ? __pfx_direct_splice_actor+0x10/0x10
[  203.819185][ T8550]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  203.819207][ T8550]  ? __pfx___might_resched+0x10/0x10
[  203.819232][ T8550]  do_splice_direct+0x178/0x250
[  203.819254][ T8550]  ? __pfx_do_splice_direct+0x10/0x10
[  203.819276][ T8550]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  203.819301][ T8550]  ? rw_verify_area+0xcf/0x680
[  203.819326][ T8550]  do_sendfile+0xafb/0xe40
[  203.819351][ T8550]  ? __pfx_do_sendfile+0x10/0x10
[  203.819372][ T8550]  ? __fget_files+0x206/0x3a0
[  203.819391][ T8550]  __x64_sys_sendfile64+0x1da/0x220
[  203.819407][ T8550]  ? ksys_write+0x1ba/0x250
[  203.819428][ T8550]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  203.819452][ T8550]  do_syscall_64+0xcd/0x250
[  203.819474][ T8550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.819498][ T8550] RIP: 0033:0x7f734fb8cde9
[  203.819513][ T8550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.819529][ T8550] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  203.819546][ T8550] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  203.819557][ T8550] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  203.819567][ T8550] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  203.819577][ T8550] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001
[  203.819586][ T8550] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  203.819606][ T8550]  </TASK>
[  203.887928][    C2] vkms_vblank_simulate: vblank timer overrun
[  203.890725][ T8504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.064219][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.084278][ T8504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.100020][    C2] vkms_vblank_simulate: vblank timer overrun
[  204.245853][    C2] vkms_vblank_simulate: vblank timer overrun
[  204.253311][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.447926][ T5951] Bluetooth: hci3: command tx timeout
[  204.631931][    C2] vkms_vblank_simulate: vblank timer overrun
[  204.997013][   T39] audit: type=1800 audit(1739972098.921:517): pid=8563 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.825" name="file1" dev="tmpfs" ino=1117 res=0 errno=0
[  205.088048][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.113435][   T39] audit: type=1400 audit(1739972099.111:518): avc:  denied  { setopt } for  pid=8564 comm="syz.0.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  205.114820][   T99] hsr_slave_0: left promiscuous mode
[  205.127871][   T99] hsr_slave_1: left promiscuous mode
[  205.130103][   T99] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.133035][   T99] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.138186][   T99] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.140995][   T99] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.179962][    C2] vkms_vblank_simulate: vblank timer overrun
[  205.263298][   T99] veth1_macvtap: left promiscuous mode
[  205.286749][   T99] veth0_macvtap: left promiscuous mode
[  205.306782][   T99] veth1_vlan: left promiscuous mode
[  205.309787][   T99] veth0_vlan: left promiscuous mode
[  206.137312][    C2] vkms_vblank_simulate: vblank timer overrun
[  206.148164][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.559203][ T5951] Bluetooth: hci3: command tx timeout
[  207.095963][    C2] vkms_vblank_simulate: vblank timer overrun
[  207.176900][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.302942][    C2] vkms_vblank_simulate: vblank timer overrun
[  207.352026][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.219017][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.619572][ T5951] Bluetooth: hci3: command tx timeout
[  208.697191][   T99] team0 (unregistering): Port device team_slave_1 removed
[  209.211312][   T99] team0 (unregistering): Port device team_slave_0 removed
[  209.254899][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.302658][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.368913][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.333231][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.676895][ T6003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.329238][ T8504] hsr_slave_0: entered promiscuous mode
[  212.333015][ T8504] hsr_slave_1: entered promiscuous mode
[  212.336693][ T8504] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.347544][ T8504] Cannot create hsr debugfs directory
[  212.368043][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  212.459489][ T5950] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  212.470431][ T8569] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  212.589186][ T8589] FAULT_INJECTION: forcing a failure.
[  212.589186][ T8589] name failslab, interval 1, probability 0, space 0, times 0
[  212.604161][ T8589] CPU: 0 UID: 0 PID: 8589 Comm: syz.2.832 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  212.604191][ T8589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  212.604202][ T8589] Call Trace:
[  212.604208][ T8589]  <TASK>
[  212.604217][ T8589]  dump_stack_lvl+0x16c/0x1f0
[  212.604248][ T8589]  should_fail_ex+0x50a/0x650
[  212.604275][ T8589]  ? sctp_add_bind_addr+0x9a/0x3d0
[  212.604313][ T8589]  should_failslab+0xc2/0x120
[  212.604332][ T8589]  __kmalloc_cache_noprof+0x68/0x410
[  212.604354][ T8589]  ? __pfx_sctp_get_port_local+0x10/0x10
[  212.604368][ T8589]  ? lock_acquire+0x2f/0xb0
[  212.604387][ T8589]  ? sctp_bind_addr_match+0x43/0x300
[  212.604410][ T8589]  sctp_add_bind_addr+0x9a/0x3d0
[  212.604432][ T8589]  sctp_do_bind+0x2d6/0x700
[  212.604453][ T8589]  sctp_connect_new_asoc+0x5ff/0x790
[  212.604473][ T8589]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  212.604496][ T8589]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  212.604515][ T8589]  sctp_sendmsg+0x1610/0x1eb0
[  212.604532][ T8589]  ? avc_has_perm+0x11b/0x1c0
[  212.604552][ T8589]  ? __pfx_sctp_sendmsg+0x10/0x10
[  212.604573][ T8589]  ? __pfx_sock_has_perm+0x10/0x10
[  212.604592][ T8589]  ? import_ubuf+0x1b6/0x220
[  212.604619][ T8589]  ? __pfx_sctp_sendmsg+0x10/0x10
[  212.604638][ T8589]  inet_sendmsg+0x119/0x140
[  212.604659][ T8589]  ____sys_sendmsg+0x98c/0xc90
[  212.604675][ T8589]  ? copy_msghdr_from_user+0x10b/0x160
[  212.604693][ T8589]  ? __pfx_____sys_sendmsg+0x10/0x10
[  212.604705][ T8589]  ? __lock_acquire+0xcc5/0x3c40
[  212.604741][ T8589]  ___sys_sendmsg+0x135/0x1e0
[  212.604760][ T8589]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.604788][ T8589]  ? trace_lock_acquire+0x14e/0x1f0
[  212.604819][ T8589]  __sys_sendmmsg+0x201/0x420
[  212.604840][ T8589]  ? __pfx___sys_sendmmsg+0x10/0x10
[  212.604866][ T8589]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  212.604892][ T8589]  ? fput+0x67/0x440
[  212.604910][ T8589]  ? ksys_write+0x1ba/0x250
[  212.604931][ T8589]  ? __pfx_ksys_write+0x10/0x10
[  212.604955][ T8589]  __x64_sys_sendmmsg+0x9c/0x100
[  212.604973][ T8589]  ? lockdep_hardirqs_on+0x7c/0x110
[  212.604988][ T8589]  do_syscall_64+0xcd/0x250
[  212.605006][ T8589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.605027][ T8589] RIP: 0033:0x7f7db458cde9
[  212.605040][ T8589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.605054][ T8589] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  212.605069][ T8589] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  212.605079][ T8589] RDX: 0000000000000001 RSI: 0000400000003a00 RDI: 0000000000000003
[  212.605088][ T8589] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  212.605096][ T8589] R10: 000000000004c040 R11: 0000000000000246 R12: 0000000000000001
[  212.605105][ T8589] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  212.605124][ T8589]  </TASK>
[  212.755545][ T8593] IPVS: set_ctl: invalid protocol: 47 100.1.1.1:20004
[  212.900227][ T8597] netlink: 24 bytes leftover after parsing attributes in process `syz.2.836'.
[  212.920688][ T8597] Bluetooth: MGMT ver 1.23
[  213.150568][ T8602] FAULT_INJECTION: forcing a failure.
[  213.150568][ T8602] name failslab, interval 1, probability 0, space 0, times 0
[  213.173651][ T8602] CPU: 2 UID: 0 PID: 8602 Comm: syz.2.837 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  213.173674][ T8602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.173685][ T8602] Call Trace:
[  213.173691][ T8602]  <TASK>
[  213.173698][ T8602]  dump_stack_lvl+0x16c/0x1f0
[  213.173728][ T8602]  should_fail_ex+0x50a/0x650
[  213.173760][ T8602]  ? trace_contention_end+0xee/0x140
[  213.173791][ T8602]  should_failslab+0xc2/0x120
[  213.173811][ T8602]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  213.173829][ T8602]  ? hci_sock_sendmsg+0xdee/0x25e0
[  213.173854][ T8602]  ? __alloc_skb+0x2b1/0x380
[  213.173876][ T8602]  ? __pfx___mutex_lock+0x10/0x10
[  213.173899][ T8602]  __alloc_skb+0x2b1/0x380
[  213.173919][ T8602]  ? __pfx___alloc_skb+0x10/0x10
[  213.173949][ T8602]  hci_sock_sendmsg+0x1a47/0x25e0
[  213.173976][ T8602]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  213.174005][ T8602]  sock_write_iter+0x4fe/0x5b0
[  213.174023][ T8602]  ? __pfx_sock_write_iter+0x10/0x10
[  213.174048][ T8602]  ? bpf_lsm_file_permission+0x9/0x10
[  213.174067][ T8602]  ? security_file_permission+0x71/0x210
[  213.174093][ T8602]  ? rw_verify_area+0xcf/0x680
[  213.174120][ T8602]  vfs_write+0x5ae/0x1150
[  213.174146][ T8602]  ? __pfx_sock_write_iter+0x10/0x10
[  213.174164][ T8602]  ? __pfx_vfs_write+0x10/0x10
[  213.174191][ T8602]  ? __fget_files+0x40/0x3a0
[  213.174218][ T8602]  ksys_write+0x207/0x250
[  213.174240][ T8602]  ? __pfx_ksys_write+0x10/0x10
[  213.174273][ T8602]  do_syscall_64+0xcd/0x250
[  213.174294][ T8602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.174318][ T8602] RIP: 0033:0x7f7db458cde9
[  213.174332][ T8602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.174347][ T8602] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  213.174361][ T8602] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  213.174370][ T8602] RDX: 0000000000000007 RSI: 0000400000000080 RDI: 0000000000000004
[  213.174379][ T8602] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  213.174386][ T8602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.174395][ T8602] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  213.174412][ T8602]  </TASK>
[  213.424816][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.438001][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.452698][   T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  213.707568][ T8619] FAULT_INJECTION: forcing a failure.
[  213.707568][ T8619] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  213.745343][ T8619] CPU: 0 UID: 0 PID: 8619 Comm: syz.2.841 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  213.745370][ T8619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  213.745381][ T8619] Call Trace:
[  213.745387][ T8619]  <TASK>
[  213.745419][ T8619]  dump_stack_lvl+0x16c/0x1f0
[  213.745450][ T8619]  should_fail_ex+0x50a/0x650
[  213.745479][ T8619]  _copy_from_user+0x2e/0xd0
[  213.745496][ T8619]  copy_msghdr_from_user+0x99/0x160
[  213.745519][ T8619]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  213.745547][ T8619]  ___sys_sendmsg+0xff/0x1e0
[  213.745567][ T8619]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.745595][ T8619]  ? __pfx_lock_release+0x10/0x10
[  213.745617][ T8619]  ? trace_lock_acquire+0x14e/0x1f0
[  213.745641][ T8619]  ? __fget_files+0x206/0x3a0
[  213.745662][ T8619]  __sys_sendmsg+0x16e/0x220
[  213.745681][ T8619]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.745711][ T8619]  do_syscall_64+0xcd/0x250
[  213.745730][ T8619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.745754][ T8619] RIP: 0033:0x7f7db458cde9
[  213.745768][ T8619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.745783][ T8619] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.745799][ T8619] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  213.745808][ T8619] RDX: 0000000004000084 RSI: 0000400000000000 RDI: 0000000000000003
[  213.745817][ T8619] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  213.745826][ T8619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.745835][ T8619] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  213.745854][ T8619]  </TASK>
[  214.564814][ T5950] net_ratelimit: 2 callbacks suppressed
[  214.564835][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  214.862813][ T8649] netlink: 'syz.0.847': attribute type 1 has an invalid length.
[  214.873343][ T8649] netlink: 8 bytes leftover after parsing attributes in process `syz.0.847'.
[  214.892131][ T8649] netlink: 1256 bytes leftover after parsing attributes in process `syz.0.847'.
[  214.928832][ T8649] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  215.089723][ T8504] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  215.099098][ T8504] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  215.126230][ T8504] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  215.130583][ T8504] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  215.287101][ T8504] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.301661][ T8504] 8021q: adding VLAN 0 to HW filter on device team0
[  215.328669][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.331305][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.350443][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.353054][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.434244][ T8504] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  215.577998][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  215.795666][ T8504] 8021q: adding VLAN 0 to HW filter on device batadv0
[  215.845094][ T8504] veth0_vlan: entered promiscuous mode
[  215.871279][ T8504] veth1_vlan: entered promiscuous mode
[  215.899857][ T8504] veth0_macvtap: entered promiscuous mode
[  215.924865][ T8504] veth1_macvtap: entered promiscuous mode
[  215.948971][   T39] audit: type=1400 audit(1739972109.931:519): avc:  denied  { mount } for  pid=8684 comm="syz.1.853" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  215.956373][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.998996][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.003366][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.008450][ T8686] FAULT_INJECTION: forcing a failure.
[  216.008450][ T8686] name failslab, interval 1, probability 0, space 0, times 0
[  216.035973][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.035993][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.036008][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.037080][ T8504] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.055746][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.055772][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.055782][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.055793][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.055801][ T8504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.055812][ T8504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.056689][ T8504] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.082284][ T8504] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.096230][ T8686] CPU: 1 UID: 0 PID: 8686 Comm: syz.0.852 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  216.096253][ T8686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.096261][ T8686] Call Trace:
[  216.096265][ T8686]  <TASK>
[  216.096271][ T8686]  dump_stack_lvl+0x16c/0x1f0
[  216.096297][ T8686]  should_fail_ex+0x50a/0x650
[  216.096318][ T8686]  ? fs_reclaim_acquire+0xae/0x150
[  216.096339][ T8686]  should_failslab+0xc2/0x120
[  216.096354][ T8686]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  216.096369][ T8686]  ? alloc_empty_file+0x73/0x1e0
[  216.096388][ T8686]  alloc_empty_file+0x73/0x1e0
[  216.096407][ T8686]  path_openat+0xe1/0x2d80
[  216.096420][ T8686]  ? hlock_class+0x4e/0x130
[  216.096437][ T8686]  ? __lock_acquire+0x15a9/0x3c40
[  216.096463][ T8686]  ? __pfx_path_openat+0x10/0x10
[  216.096477][ T8686]  ? __pfx___lock_acquire+0x10/0x10
[  216.096494][ T8686]  ? lock_acquire.part.0+0x11b/0x380
[  216.096512][ T8686]  ? find_held_lock+0x2d/0x110
[  216.096528][ T8686]  do_filp_open+0x20c/0x470
[  216.096541][ T8686]  ? __pfx_do_filp_open+0x10/0x10
[  216.096551][ T8686]  ? find_held_lock+0x2d/0x110
[  216.096578][ T8686]  ? alloc_fd+0x41f/0x760
[  216.096596][ T8686]  do_sys_openat2+0x17a/0x1e0
[  216.096613][ T8686]  ? __pfx_do_sys_openat2+0x10/0x10
[  216.096631][ T8686]  ? __fget_files+0x206/0x3a0
[  216.096647][ T8686]  __x64_sys_openat+0x175/0x210
[  216.096663][ T8686]  ? __pfx___x64_sys_openat+0x10/0x10
[  216.096678][ T8686]  ? ksys_write+0x1ba/0x250
[  216.096705][ T8686]  do_syscall_64+0xcd/0x250
[  216.096722][ T8686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.096741][ T8686] RIP: 0033:0x7f734fb8cde9
[  216.096753][ T8686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.096766][ T8686] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  216.096785][ T8686] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  216.096793][ T8686] RDX: 000000000000275a RSI: 0000400000019600 RDI: ffffffffffffff9c
[  216.096805][ T8686] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  216.096813][ T8686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.096821][ T8686] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  216.096838][ T8686]  </TASK>
[  216.318896][ T8504] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.339813][ T8504] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.353534][ T8504] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.457946][ T1022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.458716][ T8693] netlink: 48 bytes leftover after parsing attributes in process `syz.1.853'.
[  216.647937][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  216.678095][   T99] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.719138][   T99] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.736490][ T8707] FAULT_INJECTION: forcing a failure.
[  216.736490][ T8707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.747475][ T8707] CPU: 2 UID: 0 PID: 8707 Comm: syz.0.854 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  216.747500][ T8707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  216.747512][ T8707] Call Trace:
[  216.747517][ T8707]  <TASK>
[  216.747524][ T8707]  dump_stack_lvl+0x16c/0x1f0
[  216.747553][ T8707]  should_fail_ex+0x50a/0x650
[  216.747582][ T8707]  _copy_to_user+0x32/0xd0
[  216.747602][ T8707]  simple_read_from_buffer+0xd0/0x160
[  216.747628][ T8707]  proc_fail_nth_read+0x198/0x270
[  216.747653][ T8707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.747725][ T8707]  ? rw_verify_area+0xcf/0x680
[  216.747748][ T8707]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.747770][ T8707]  vfs_read+0x1df/0xbf0
[  216.747793][ T8707]  ? __fget_files+0x1fc/0x3a0
[  216.747809][ T8707]  ? __pfx___mutex_lock+0x10/0x10
[  216.747829][ T8707]  ? __pfx_vfs_read+0x10/0x10
[  216.747857][ T8707]  ? __fget_files+0x206/0x3a0
[  216.747879][ T8707]  ksys_read+0x12b/0x250
[  216.747903][ T8707]  ? __pfx_ksys_read+0x10/0x10
[  216.747931][ T8707]  do_syscall_64+0xcd/0x250
[  216.747952][ T8707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.747976][ T8707] RIP: 0033:0x7f734fb8b7fc
[  216.747989][ T8707] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  216.748005][ T8707] RSP: 002b:00007f734d9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  216.748022][ T8707] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8b7fc
[  216.748032][ T8707] RDX: 000000000000000f RSI: 00007f734d9f60a0 RDI: 000000000000000d
[  216.748042][ T8707] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  216.748051][ T8707] R10: 000000000000004c R11: 0000000000000246 R12: 0000000000000001
[  216.748059][ T8707] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  216.748081][ T8707]  </TASK>
[  216.789454][ T1179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.929405][ T1179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.650219][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  217.654695][ T8724] FAULT_INJECTION: forcing a failure.
[  217.654695][ T8724] name failslab, interval 1, probability 0, space 0, times 0
[  217.663748][ T8724] CPU: 1 UID: 0 PID: 8724 Comm: syz.2.859 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  217.663771][ T8724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  217.663781][ T8724] Call Trace:
[  217.663787][ T8724]  <TASK>
[  217.663794][ T8724]  dump_stack_lvl+0x16c/0x1f0
[  217.663823][ T8724]  should_fail_ex+0x50a/0x650
[  217.663847][ T8724]  ? fs_reclaim_acquire+0xae/0x150
[  217.663872][ T8724]  should_failslab+0xc2/0x120
[  217.663891][ T8724]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  217.663907][ T8724]  ? __alloc_skb+0x2b1/0x380
[  217.663937][ T8724]  __alloc_skb+0x2b1/0x380
[  217.663954][ T8724]  ? __pfx___alloc_skb+0x10/0x10
[  217.663976][ T8724]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  217.664000][ T8724]  netlink_alloc_large_skb+0x69/0x130
[  217.664019][ T8724]  netlink_sendmsg+0x689/0xd70
[  217.664041][ T8724]  ? __pfx_netlink_sendmsg+0x10/0x10
[  217.664068][ T8724]  ____sys_sendmsg+0xaaf/0xc90
[  217.664085][ T8724]  ? copy_msghdr_from_user+0x10b/0x160
[  217.664105][ T8724]  ? __pfx_____sys_sendmsg+0x10/0x10
[  217.664128][ T8724]  ___sys_sendmsg+0x135/0x1e0
[  217.664148][ T8724]  ? __pfx____sys_sendmsg+0x10/0x10
[  217.664175][ T8724]  ? __pfx_lock_release+0x10/0x10
[  217.664196][ T8724]  ? trace_lock_acquire+0x14e/0x1f0
[  217.664219][ T8724]  ? __fget_files+0x206/0x3a0
[  217.664239][ T8724]  __sys_sendmsg+0x16e/0x220
[  217.664258][ T8724]  ? __pfx___sys_sendmsg+0x10/0x10
[  217.664291][ T8724]  do_syscall_64+0xcd/0x250
[  217.664406][ T8724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.664430][ T8724] RIP: 0033:0x7f7db458cde9
[  217.664445][ T8724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.664460][ T8724] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  217.664477][ T8724] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  217.664488][ T8724] RDX: 0000000000000000 RSI: 0000400000001200 RDI: 0000000000000003
[  217.664498][ T8724] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  217.664507][ T8724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.664516][ T8724] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  217.664537][ T8724]  </TASK>
[  218.140410][ T8737] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  218.145000][ T8737] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  218.343254][ T1022] IPVS: starting estimator thread 0...
[  218.447995][ T8742] IPVS: using max 25 ests per chain, 60000 per kthread
[  218.623908][ T1022] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  218.710661][ T5316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  218.787854][ T1022] usb 5-1: Using ep0 maxpacket: 8
[  218.796168][ T1022] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  218.800150][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  218.804141][ T1022] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  218.808735][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  218.812967][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  218.818199][ T1022] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  218.820806][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  218.829859][ T1022] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  218.839852][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  218.849935][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  218.856624][ T1022] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  218.877771][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  218.882320][ T1022] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  218.909622][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  218.922880][ T1022] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  218.930614][ T8758] FAULT_INJECTION: forcing a failure.
[  218.930614][ T8758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.960708][ T1022] usb 5-1: string descriptor 0 read error: -22
[  218.965595][ T1022] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  218.969365][ T1022] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.977314][ T8758] CPU: 1 UID: 0 PID: 8758 Comm: syz.1.868 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  218.977341][ T8758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  218.977352][ T8758] Call Trace:
[  218.977359][ T8758]  <TASK>
[  218.977369][ T8758]  dump_stack_lvl+0x16c/0x1f0
[  218.977399][ T8758]  should_fail_ex+0x50a/0x650
[  218.977426][ T8758]  _copy_from_iter+0x2a1/0x1560
[  218.977443][ T8758]  ? trace_lock_acquire+0x14e/0x1f0
[  218.977463][ T8758]  ? __alloc_skb+0x1fe/0x380
[  218.977485][ T8758]  ? __pfx__copy_from_iter+0x10/0x10
[  218.977498][ T8758]  ? __virt_addr_valid+0x1a4/0x590
[  218.977520][ T8758]  ? __virt_addr_valid+0x5e/0x590
[  218.977536][ T8758]  ? __phys_addr_symbol+0x30/0x80
[  218.977551][ T8758]  ? __check_object_size+0x488/0x710
[  218.977574][ T8758]  netlink_sendmsg+0x813/0xd70
[  218.977600][ T8758]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.977627][ T8758]  ____sys_sendmsg+0xaaf/0xc90
[  218.977645][ T8758]  ? copy_msghdr_from_user+0x10b/0x160
[  218.977690][ T8758]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.977718][ T8758]  ___sys_sendmsg+0x135/0x1e0
[  218.977740][ T8758]  ? __pfx____sys_sendmsg+0x10/0x10
[  218.977770][ T8758]  ? __pfx_lock_release+0x10/0x10
[  218.977791][ T8758]  ? trace_lock_acquire+0x14e/0x1f0
[  218.977815][ T8758]  ? __fget_files+0x206/0x3a0
[  218.977834][ T8758]  __sys_sendmsg+0x16e/0x220
[  218.977852][ T8758]  ? __pfx___sys_sendmsg+0x10/0x10
[  218.977885][ T8758]  do_syscall_64+0xcd/0x250
[  218.977907][ T8758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.977931][ T8758] RIP: 0033:0x7fcbd418cde9
[  218.977945][ T8758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.977961][ T8758] RSP: 002b:00007fcbd5071038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.977979][ T8758] RAX: ffffffffffffffda RBX: 00007fcbd43a5fa0 RCX: 00007fcbd418cde9
[  218.977990][ T8758] RDX: 0000000000000000 RSI: 0000400000000200 RDI: 0000000000000003
[  218.978001][ T8758] RBP: 00007fcbd5071090 R08: 0000000000000000 R09: 0000000000000000
[  218.978010][ T8758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.978019][ T8758] R13: 0000000000000000 R14: 00007fcbd43a5fa0 R15: 00007fffd1b7bf08
[  218.978040][ T8758]  </TASK>
[  218.999866][ T1022] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  219.128225][ T8762] netlink: 256 bytes leftover after parsing attributes in process `syz.1.870'.
[  219.176340][   T39] audit: type=1400 audit(1739972113.161:520): avc:  denied  { read } for  pid=8761 comm="syz.1.870" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  219.269386][ T1022] usb 5-1: USB disconnect, device number 34
[  219.332799][ T8766] netlink: 'syz.1.872': attribute type 4 has an invalid length.
[  219.376714][ T8766] netlink: 'syz.1.872': attribute type 4 has an invalid length.
[  219.437877][ T6003] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[  219.453562][ T1139] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.488663][   T63] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.588551][ T6003] usb 7-1: Using ep0 maxpacket: 8
[  219.592777][ T6003] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  219.600313][ T6003] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  219.616989][ T6003] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  219.621467][ T6003] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  219.646616][ T6003] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  219.650488][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.733114][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  219.772076][ T5942] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  219.784881][ T5942] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  219.797965][ T5942] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  219.807454][ T5942] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  219.826341][ T5942] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  219.834145][ T5942] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  219.885479][ T6003] usb 7-1: GET_CAPABILITIES returned 0
[  219.894414][ T6003] usbtmc 7-1:16.0: can't read capabilities
[  220.114990][ T8764] FAULT_INJECTION: forcing a failure.
[  220.114990][ T8764] name failslab, interval 1, probability 0, space 0, times 0
[  220.128147][ T8764] CPU: 0 UID: 0 PID: 8764 Comm: syz.2.871 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  220.128191][ T8764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  220.128202][ T8764] Call Trace:
[  220.128208][ T8764]  <TASK>
[  220.128215][ T8764]  dump_stack_lvl+0x16c/0x1f0
[  220.128244][ T8764]  should_fail_ex+0x50a/0x650
[  220.128269][ T8764]  ? fs_reclaim_acquire+0xae/0x150
[  220.128295][ T8764]  ? usb_alloc_urb+0x69/0xa0
[  220.128316][ T8764]  should_failslab+0xc2/0x120
[  220.128336][ T8764]  __kmalloc_noprof+0xcb/0x510
[  220.128359][ T8764]  usb_alloc_urb+0x69/0xa0
[  220.128380][ T8764]  usbtmc_create_urb+0x13/0x140
[  220.128398][ T8764]  usbtmc_generic_write+0x28e/0xab0
[  220.128425][ T8764]  usbtmc_ioctl+0xdcd/0x2850
[  220.128445][ T8764]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  220.128471][ T8764]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  220.128494][ T8764]  ? __pfx_usbtmc_ioctl+0x10/0x10
[  220.128509][ T8764]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  220.128535][ T8764]  ? __pfx_lock_release+0x10/0x10
[  220.128567][ T8764]  ? selinux_file_ioctl+0x180/0x270
[  220.128589][ T8764]  ? selinux_file_ioctl+0xb4/0x270
[  220.128614][ T8764]  ? __pfx_usbtmc_ioctl+0x10/0x10
[  220.128632][ T8764]  __x64_sys_ioctl+0x190/0x200
[  220.128657][ T8764]  do_syscall_64+0xcd/0x250
[  220.128679][ T8764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.128700][ T8764] RIP: 0033:0x7f7db458cde9
[  220.128713][ T8764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.128728][ T8764] RSP: 002b:00007f7db5409038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  220.128750][ T8764] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458cde9
[  220.128760][ T8764] RDX: 0000400000000040 RSI: 00000000c0145b0d RDI: 0000000000000004
[  220.128770][ T8764] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  220.128780][ T8764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.128790][ T8764] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  220.128812][ T8764]  </TASK>
[  220.129606][ T6003] usb 7-1: USB disconnect, device number 26
[  220.218152][ T8771] chnl_net:caif_netlink_parms(): no params data found
[  220.645566][ T8771] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.648503][ T8771] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.655254][ T8771] bridge_slave_0: entered allmulticast mode
[  220.665808][ T8771] bridge_slave_0: entered promiscuous mode
[  220.756491][ T8771] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.759805][ T8771] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.763141][ T8771] bridge_slave_1: entered allmulticast mode
[  220.780488][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  220.785633][ T8771] bridge_slave_1: entered promiscuous mode
[  220.790348][ T8787] netlink: 16 bytes leftover after parsing attributes in process `syz.1.877'.
[  220.800646][   T39] audit: type=1400 audit(1739972114.801:521): avc:  denied  { name_bind } for  pid=8786 comm="syz.1.877" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  220.855755][   T39] audit: type=1400 audit(1739972114.851:522): avc:  denied  { ioctl } for  pid=8792 comm="syz.2.879" path="socket:[23205]" dev="sockfs" ino=23205 ioctlcmd=0x4947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  220.859432][ T8789] netlink: 'syz.1.877': attribute type 4 has an invalid length.
[  220.889726][   T39] audit: type=1400 audit(1739972114.861:523): avc:  denied  { append } for  pid=8792 comm="syz.2.879" name="usbmon4" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  220.928475][ T8795] netlink: 'syz.1.877': attribute type 4 has an invalid length.
[  220.986265][ T1139] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.105684][   T39] audit: type=1400 audit(1739972115.101:524): avc:  denied  { connect } for  pid=8798 comm="syz.0.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  221.170617][ T8771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.262220][ T6003] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.299722][   T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.306391][ T1139] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.312309][ T1019] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.377500][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.408218][ T8771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.568592][ T1139] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.665943][ T8806] FAULT_INJECTION: forcing a failure.
[  221.665943][ T8806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.691419][ T8806] CPU: 1 UID: 0 PID: 8806 Comm: syz.2.882 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  221.691449][ T8806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  221.691460][ T8806] Call Trace:
[  221.691466][ T8806]  <TASK>
[  221.691474][ T8806]  dump_stack_lvl+0x16c/0x1f0
[  221.691505][ T8806]  should_fail_ex+0x50a/0x650
[  221.691535][ T8806]  _copy_to_user+0x32/0xd0
[  221.691554][ T8806]  simple_read_from_buffer+0xd0/0x160
[  221.691583][ T8806]  proc_fail_nth_read+0x198/0x270
[  221.691606][ T8806]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.691631][ T8806]  ? rw_verify_area+0xcf/0x680
[  221.691683][ T8806]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  221.691705][ T8806]  vfs_read+0x1df/0xbf0
[  221.691734][ T8806]  ? __fget_files+0x1fc/0x3a0
[  221.691750][ T8806]  ? __pfx___mutex_lock+0x10/0x10
[  221.691771][ T8806]  ? __pfx_vfs_read+0x10/0x10
[  221.691801][ T8806]  ? __fget_files+0x206/0x3a0
[  221.691825][ T8806]  ksys_read+0x12b/0x250
[  221.691849][ T8806]  ? __pfx_ksys_read+0x10/0x10
[  221.691880][ T8806]  do_syscall_64+0xcd/0x250
[  221.691901][ T8806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.691926][ T8806] RIP: 0033:0x7f7db458b7fc
[  221.691939][ T8806] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  221.691955][ T8806] RSP: 002b:00007f7db5409030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  221.691972][ T8806] RAX: ffffffffffffffda RBX: 00007f7db47a5fa0 RCX: 00007f7db458b7fc
[  221.691983][ T8806] RDX: 000000000000000f RSI: 00007f7db54090a0 RDI: 0000000000000003
[  221.691992][ T8806] RBP: 00007f7db5409090 R08: 0000000000000000 R09: 0000000000000000
[  221.692002][ T8806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.692012][ T8806] R13: 0000000000000000 R14: 00007f7db47a5fa0 R15: 00007ffca8bc3fb8
[  221.692034][ T8806]  </TASK>
[  221.721455][ T8771] team0: Port device team_slave_0 added
[  221.820199][   T30] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  221.827293][ T8771] team0: Port device team_slave_1 added
[  221.921631][ T8808] netlink: 332 bytes leftover after parsing attributes in process `syz.1.883'.
[  221.968240][ T5951] Bluetooth: hci3: command tx timeout
[  222.022160][   T39] audit: type=1400 audit(1739972116.001:525): avc:  denied  { append } for  pid=8809 comm="syz.2.884" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  222.121276][ T8771] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.128562][ T8771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.152850][ T8771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.175001][ T8771] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.181808][ T8771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  222.201809][ T8771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.215480][ T8817] FAULT_INJECTION: forcing a failure.
[  222.215480][ T8817] name failslab, interval 1, probability 0, space 0, times 0
[  222.225335][ T8817] CPU: 3 UID: 0 PID: 8817 Comm: syz.0.886 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  222.225359][ T8817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.225369][ T8817] Call Trace:
[  222.225376][ T8817]  <TASK>
[  222.225384][ T8817]  dump_stack_lvl+0x16c/0x1f0
[  222.225414][ T8817]  should_fail_ex+0x50a/0x650
[  222.225442][ T8817]  ? fs_reclaim_acquire+0xae/0x150
[  222.225471][ T8817]  should_failslab+0xc2/0x120
[  222.225492][ T8817]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  222.225512][ T8817]  ? p9_tag_alloc+0x9c/0x660
[  222.225535][ T8817]  p9_tag_alloc+0x9c/0x660
[  222.225551][ T8817]  ? mark_lock+0xb5/0xc60
[  222.225578][ T8817]  ? __pfx_p9_tag_alloc+0x10/0x10
[  222.225593][ T8817]  ? __pfx_mark_lock+0x10/0x10
[  222.225625][ T8817]  p9_client_prepare_req+0x19f/0x4d0
[  222.225646][ T8817]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  222.225666][ T8817]  ? hlock_class+0x4e/0x130
[  222.225683][ T8817]  ? mark_lock+0xb5/0xc60
[  222.225717][ T8817]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  222.225741][ T8817]  p9_client_rpc+0x1c3/0xc10
[  222.225761][ T8817]  ? mark_lock+0xb5/0xc60
[  222.225782][ T8817]  ? __pfx_p9_client_rpc+0x10/0x10
[  222.225801][ T8817]  ? __pfx_register_lock_class+0x10/0x10
[  222.225825][ T8817]  ? __pfx_mark_lock+0x10/0x10
[  222.225856][ T8817]  ? hlock_class+0x4e/0x130
[  222.225873][ T8817]  ? __lock_acquire+0x15a9/0x3c40
[  222.225905][ T8817]  ? __pfx_p9_virtio_zc_request+0x10/0x10
[  222.225930][ T8817]  p9_client_write+0x31f/0x680
[  222.225955][ T8817]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  222.225978][ T8817]  ? __pfx_p9_client_write+0x10/0x10
[  222.225999][ T8817]  ? find_held_lock+0x2d/0x110
[  222.226024][ T8817]  v9fs_issue_write+0xe4/0x1b0
[  222.226050][ T8817]  ? __pfx_v9fs_issue_write+0x10/0x10
[  222.226071][ T8817]  ? rcu_is_watching+0x12/0xc0
[  222.226096][ T8817]  netfs_do_issue_write+0x92/0x110
[  222.226120][ T8817]  netfs_advance_write+0x387/0xc40
[  222.226148][ T8817]  netfs_write_folio+0xb56/0x1760
[  222.226182][ T8817]  netfs_writepages+0x29a/0x8f0
[  222.226207][ T8817]  ? __pfx_netfs_writepages+0x10/0x10
[  222.226230][ T8817]  ? __pfx___lock_acquire+0x10/0x10
[  222.226259][ T8817]  ? __pfx_netfs_writepages+0x10/0x10
[  222.226278][ T8817]  do_writepages+0x1b3/0x820
[  222.226304][ T8817]  ? find_held_lock+0x2d/0x110
[  222.226329][ T8817]  ? __pfx_do_writepages+0x10/0x10
[  222.226350][ T8817]  ? wbc_attach_fdatawrite_inode+0x13a/0x190
[  222.226376][ T8817]  ? __pfx_lock_release+0x10/0x10
[  222.226401][ T8817]  ? do_raw_spin_lock+0x12d/0x2c0
[  222.226420][ T8817]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  222.226439][ T8817]  ? lock_acquire+0x2f/0xb0
[  222.226462][ T8817]  ? wbc_attach_fdatawrite_inode+0x24/0x190
[  222.226487][ T8817]  ? do_raw_spin_unlock+0x172/0x230
[  222.226507][ T8817]  ? _raw_spin_unlock+0x28/0x50
[  222.226527][ T8817]  filemap_fdatawrite_wbc+0x104/0x160
[  222.226553][ T8817]  __filemap_fdatawrite_range+0xb3/0xf0
[  222.226580][ T8817]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  222.226606][ T8817]  ? find_held_lock+0x2d/0x110
[  222.226660][ T8817]  ? folio_wait_stable+0x59/0x90
[  222.226680][ T8817]  ? __filemap_get_folio+0x333/0xbd0
[  222.226717][ T8817]  filemap_write_and_wait_range+0xa3/0x130
[  222.226747][ T8817]  netfs_perform_write+0xbd1/0x2140
[  222.226792][ T8817]  ? __pfx_netfs_perform_write+0x10/0x10
[  222.226856][ T8817]  ? inode_needs_update_time.part.0+0x191/0x270
[  222.226887][ T8817]  netfs_file_write_iter+0x494/0x550
[  222.226914][ T8817]  v9fs_file_write_iter+0x9b/0x100
[  222.226937][ T8817]  vfs_write+0x5ae/0x1150
[  222.226966][ T8817]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  222.226989][ T8817]  ? __pfx___mutex_lock+0x10/0x10
[  222.227010][ T8817]  ? __pfx_vfs_write+0x10/0x10
[  222.227055][ T8817]  ksys_write+0x12b/0x250
[  222.227082][ T8817]  ? __pfx_ksys_write+0x10/0x10
[  222.227119][ T8817]  do_syscall_64+0xcd/0x250
[  222.227144][ T8817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.227170][ T8817] RIP: 0033:0x7f734fb8cde9
[  222.227187][ T8817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.227204][ T8817] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  222.227223][ T8817] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  222.227234][ T8817] RDX: 000000000000000a RSI: 0000400000000080 RDI: 0000000000000004
[  222.227245][ T8817] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  222.227255][ T8817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.227265][ T8817] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  222.227291][ T8817]  </TASK>
[  222.229856][ T8812] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16384 sclass=netlink_route_socket pid=8812 comm=syz.2.884
[  222.268075][ T8817] page: refcount:1 mapcount:0 mapping:ffff88804fd17600 index:0x0 pfn:0x37cec
[  222.530692][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.539110][ T8817] memcg:ffff888026658000
[  222.539133][ T8817] aops:v9fs_addr_operations ino:2721d5a dentry name(?):"file0"
[  222.539170][ T8817] flags: 0xfff20000000020(lru|node=0|zone=1|lastcpupid=0x7ff)
[  222.539198][ T8817] raw: 00fff20000000020 ffff88804dfe11a0 ffff88804dfe11a0 ffff88804fd17600
[  222.539215][ T8817] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff888026658000
[  222.539227][ T8817] page dumped because: VM_BUG_ON_FOLIO(!folio_test_locked(folio))
[  222.539239][ T8817] page_owner tracks the page as allocated
[  222.539285][ T8817] page last allocated via order 0, migratetype Movable, gfp_mask 0x141cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_WRITE), pid 8817, tgid 8816 (syz.0.886), ts 222213747103, free_ts 220449884279
[  222.539316][ T8817]  post_alloc_hook+0x181/0x1b0
[  222.539348][ T8817]  get_page_from_freelist+0xfce/0x2f80
[  222.539367][ T8817]  __alloc_frozen_pages_noprof+0x221/0x2470
[  222.539387][ T8817]  alloc_pages_mpol+0x1fc/0x540
[  222.539407][ T8817]  folio_alloc_noprof+0x20/0x2d0
[  222.539430][ T8817]  filemap_alloc_folio_noprof+0x39b/0x470
[  222.539451][ T8817]  __filemap_get_folio+0x5e9/0xbd0
[  222.539498][ T8817]  netfs_perform_write+0x48b/0x2140
[  222.539523][ T8817]  netfs_file_write_iter+0x494/0x550
[  222.539545][ T8817]  v9fs_file_write_iter+0x9b/0x100
[  222.539568][ T8817]  vfs_write+0x5ae/0x1150
[  222.539595][ T8817]  ksys_write+0x12b/0x250
[  222.539621][ T8817]  do_syscall_64+0xcd/0x250
[  222.539674][ T8817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.539701][ T8817] page last free pid 8769 tgid 8768 stack trace:
[  222.539720][ T8817]  free_unref_folios+0xa7b/0x1500
[  222.539738][ T8817]  folios_put_refs+0x587/0x7b0
[  222.539761][ T8817]  free_pages_and_swap_cache+0x351/0x500
[  222.539784][ T8817]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  222.539801][ T8817]  tlb_finish_mmu+0x168/0x7b0
[  222.539816][ T8817]  exit_mmap+0x40e/0xba0
[  222.539837][ T8817]  __mmput+0x12a/0x410
[  222.539866][ T8817]  mmput+0x62/0x70
[  222.539890][ T8817]  do_exit+0x9ba/0x2d70
[  222.539909][ T8817]  do_group_exit+0xd3/0x2a0
[  222.539928][ T8817]  get_signal+0x24ed/0x26c0
[  222.539956][ T8817]  arch_do_signal_or_restart+0x90/0x7e0
[  222.539978][ T8817]  syscall_exit_to_user_mode+0x150/0x2a0
[  222.539999][ T8817]  do_syscall_64+0xda/0x250
[  222.540018][ T8817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.544519][ T8817] ------------[ cut here ]------------
[  222.866443][ T8829] 9pnet_virtio: no channels available for device syz
[  222.868961][ T8817] kernel BUG at mm/filemap.c:1499!
[  222.928082][ T8817] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  222.931127][ T5950] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  222.942066][ T8817] CPU: 3 UID: 0 PID: 8817 Comm: syz.0.886 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
[  222.942096][ T8817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  222.942106][ T8817] RIP: 0010:folio_unlock+0xb3/0xd0
[  222.942138][ T8817] Code: f3 68 ca ff 48 89 ef 31 f6 e8 e9 ed ff ff 5b 5d e9 e2 68 ca ff e8 dd 68 ca ff 48 c7 c6 00 8a 78 8b 48 89 ef e8 de c9 11 00 90 <0f> 0b 48 89 df e8 d3 83 2d 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00
[  222.942153][ T8817] RSP: 0018:ffffc900055df988 EFLAGS: 00010293
[  222.942167][ T8817] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900055df830
[  222.942178][ T8817] RDX: ffff888022f48000 RSI: ffffffff81ef7612 RDI: ffff888022f48444
[  222.942188][ T8817] RBP: ffffea0000df3b00 R08: 0000000000000000 R09: fffffbfff20c49e2
[  222.942198][ T8817] R10: ffffffff90624f17 R11: 0000000000000004 R12: ffff88804fd17600
[  222.942208][ T8817] R13: ffff88804fd17920 R14: ffffea0000df3b00 R15: ffffc900055dfde8
[  222.942218][ T8817] FS:  00007f734d9f66c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000
[  222.942247][ T8817] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  222.942259][ T8817] CR2: 0000555579553808 CR3: 0000000050540000 CR4: 0000000000352ef0
[  222.942269][ T8817] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  222.942278][ T8817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  222.942287][ T8817] Call Trace:
[  222.942294][ T8817]  <TASK>
[  222.942304][ T8817]  ? die+0x31/0x80
[  222.942328][ T8817]  ? do_trap+0x232/0x430
[  222.942345][ T8817]  ? folio_unlock+0xb3/0xd0
[  222.942362][ T8817]  ? folio_unlock+0xb3/0xd0
[  222.942377][ T8817]  ? do_error_trap+0xf4/0x230
[  222.942393][ T8817]  ? folio_unlock+0xb3/0xd0
[  222.942410][ T8817]  ? handle_invalid_op+0x34/0x40
[  222.942426][ T8817]  ? folio_unlock+0xb3/0xd0
[  222.942442][ T8817]  ? exc_invalid_op+0x2e/0x50
[  222.942467][ T8817]  ? asm_exc_invalid_op+0x1a/0x20
[  222.942490][ T8817]  ? folio_unlock+0xb2/0xd0
[  222.942506][ T8817]  ? folio_unlock+0xb3/0xd0
[  222.942522][ T8817]  ? folio_unlock+0xb2/0xd0
[  222.942538][ T8817]  netfs_perform_write+0xc04/0x2140
[  222.942565][ T8817]  ? __pfx_netfs_perform_write+0x10/0x10
[  222.942594][ T8817]  ? inode_needs_update_time.part.0+0x191/0x270
[  222.942615][ T8817]  netfs_file_write_iter+0x494/0x550
[  222.942635][ T8817]  v9fs_file_write_iter+0x9b/0x100
[  222.942656][ T8817]  vfs_write+0x5ae/0x1150
[  222.942679][ T8817]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  222.942696][ T8817]  ? __pfx___mutex_lock+0x10/0x10
[  222.942717][ T8817]  ? __pfx_vfs_write+0x10/0x10
[  222.942744][ T8817]  ksys_write+0x12b/0x250
[  222.942768][ T8817]  ? __pfx_ksys_write+0x10/0x10
[  222.942791][ T8817]  do_syscall_64+0xcd/0x250
[  222.942809][ T8817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.942828][ T8817] RIP: 0033:0x7f734fb8cde9
[  222.942842][ T8817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.942856][ T8817] RSP: 002b:00007f734d9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  222.942871][ T8817] RAX: ffffffffffffffda RBX: 00007f734fda5fa0 RCX: 00007f734fb8cde9
[  222.942880][ T8817] RDX: 000000000000000a RSI: 0000400000000080 RDI: 0000000000000004
[  222.942890][ T8817] RBP: 00007f734d9f6090 R08: 0000000000000000 R09: 0000000000000000
[  222.942899][ T8817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.942908][ T8817] R13: 0000000000000000 R14: 00007f734fda5fa0 R15: 00007ffecea88e38
[  222.942921][ T8817]  </TASK>
[  222.942927][ T8817] Modules linked in:
[  222.943041][ T8817] ---[ end trace 0000000000000000 ]---
[  222.943050][ T8817] RIP: 0010:folio_unlock+0xb3/0xd0
[  222.943068][ T8817] Code: f3 68 ca ff 48 89 ef 31 f6 e8 e9 ed ff ff 5b 5d e9 e2 68 ca ff e8 dd 68 ca ff 48 c7 c6 00 8a 78 8b 48 89 ef e8 de c9 11 00 90 <0f> 0b 48 89 df e8 d3 83 2d 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00
[  222.943083][ T8817] RSP: 0018:ffffc900055df988 EFLAGS: 00010293
[  222.943095][ T8817] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900055df830
[  222.943105][ T8817] RDX: ffff888022f48000 RSI: ffffffff81ef7612 RDI: ffff888022f48444
[  222.943115][ T8817] RBP: ffffea0000df3b00 R08: 0000000000000000 R09: fffffbfff20c49e2
[  222.943125][ T8817] R10: ffffffff90624f17 R11: 0000000000000004 R12: ffff88804fd17600
[  222.943135][ T8817] R13: ffff88804fd17920 R14: ffffea0000df3b00 R15: ffffc900055dfde8
[  222.943146][ T8817] FS:  00007f734d9f66c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000
[  222.943174][ T8817] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  222.943186][ T8817] CR2: 0000555579553808 CR3: 0000000050540000 CR4: 0000000000352ef0
[  222.943197][ T8817] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  222.943206][ T8817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  222.943218][ T8817] Kernel panic - not syncing: Fatal exception
[  222.964234][ T8817] Kernel Offset: disabled

VM DIAGNOSIS:
13:31:01  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=0000000000000280 RCX=0000000000000000 RDX=0000000000000280
RSI=0000000000000000 RDI=ffff88804e0f8540 RBP=ffffc9000558ef88 RSP=ffffc9000558ef28
R8 =0000000000000000 R9 =0000000000000000 R10=ffff88804e0f8300 R11=0000000000000002
R12=0000000000082cc0 R13=00000000ffffffff R14=0000000000000001 R15=ffff888101a9cb40
RIP=ffffffff8b5737c6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055557e59e500 ffffffff 00c00000
GS =0000 ffff88806a600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fcbd4fccd58 CR3=000000004d928000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000041021000 Opmask01=0000000000200040 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000001 0000001f00000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f257
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f24f
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f499300f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 76656e6567006425 2e30322e30322e32 3731006365736361 6d00315f6576616c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 735f72736800305f 6576616c735f7273 6800315f6576616c 735f656764697262
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=0000000000000000
RSI=ffffffff81688955 RDI=ffffffff8dab1ce0 RBP=0000000000000000 RSP=ffffc900006b0ce0
R8 =ffff88817ffe1280 R9 =ffffed100605ffc1 R10=ffff8880302ffe0b R11=ffffffff818ba9ce
R12=0000000000000008 R13=ffff8880302ffe08 R14=0000000000000024 R15=dffffc0000000000
RIP=ffffffff816889b4 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fcbd4fcc6c0 ffffffff 00c00000
GS =0000 ffff88806a700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcbd4fcbf98 CR3=000000005d122000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd420f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd437c488 00007fcbd437c480 00007fcbd437c478 00007fcbd437c450
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd4edd100 00007fcbd437c440 00007fcbd437c458 00007fcbd437c4a0
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcbd437c498 00007fcbd437c490 00007fcbd437c488 00007fcbd437c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffff88806a946880 RCX=ffffffff81add08a RDX=ffff88801ced4880
RSI=ffffffff81add064 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900000f7928
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006
R12=ffffed100d528d11 R13=0000000000000001 R14=ffff88806a83fe80 R15=ffff88806a946888
RIP=ffffffff81add070 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 000fffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 000fffff 00000000
FS =0000 0000000000000000 000fffff 00000000
GS =0000 ffff88806a800000 000fffff 00000000
LDT=0000 0000000000000000 000fffff 00000000
TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fcbd4ed56c0 CR3=000000000df80000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 48fabb233b25444e
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 752e303030327039 3d6e6f6973726576 2c65686361637366 3d65686361632c79
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f73508dd100 00007f734fd7c440 00007f734fd7c458 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fd7c498 00007f734fd7c490 00007f734fd7c488 00007f734fd7c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=00000000517edb3e RBX=00000088517edadc RCX=0000000000000003 RDX=0000000000000088
RSI=ffffffff8bd35400 RDI=ffffffff8bd35440 RBP=00000088517ed0b8 RSP=ffffc900055df608
R8 =0000000000000007 R9 =0000000000000000 R10=00000000000f3143 R11=0000000000000001
R12=0000000000000003 R13=0000000000000a29 R14=0000000000000007 R15=fffffbfff2702dcc
RIP=ffffffff8b560869 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f734d9f66c0 ffffffff 00c00000
GS =0000 ffff88806a900000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555579553808 CR3=0000000050540000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4178af98d7d2142e
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f282
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f28f
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f289
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f29d
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f323
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fc0f401
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 752e303030327039 3d6e6f6973726576 2c65686361637366 3d65686361632c79
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f73508dd100 00007f734fd7c440 00007f734fd7c458 0000000700080006
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f734fd7c498 00007f734fd7c490 00007f734fd7c488 00007f734fd7c480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000