last executing test programs:

5.816976589s ago: executing program 0 (id=3481):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3a54ea9ee82cf14f3a4cc523ee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d335f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c96af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf7af8ea5b4bd9593f73c6c95dd6d59483763debf02ea36803976b6cc145338e1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000000600)=""/95, 0x5f}], 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x4, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7ff}, [@call={0x85, 0x0, 0x0, 0x57}]}, &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000580)={0x5, 0x0, 0x5, 0x1}, 0x10, 0x0, r1, 0x8, &(0x7f0000000700)=[0xffffffffffffffff, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x0, 0x1, 0x5, 0xb}, {0x0, 0x5, 0xf, 0x7}, {0x5, 0x2, 0xb}, {0x4, 0x1, 0x7}, {0x2, 0x3, 0x2, 0xa}, {0x1, 0x5, 0x0, 0xa}, {0x0, 0x4, 0x3, 0x9}, {0x4, 0x2, 0x8}], 0x10, 0x5}, 0x90)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '$'}], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x702, 0xe, 0xfffffed5, &(0x7f0000000100)="e4604f89ecdb33440008d4800800", 0x0, 0x8009, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.489211746s ago: executing program 0 (id=3483):
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x14, &(0x7f0000000040), 0x8)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r3, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r4 = fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
dup(0xffffffffffffffff)

4.588315279s ago: executing program 0 (id=3487):
r0 = socket$inet_sctp(0x2, 0x0, 0x84)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r4, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r5 = fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
fcntl$dupfd(r5, 0x0, r5)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r6, 0x0)
dup(0xffffffffffffffff)

4.136958256s ago: executing program 2 (id=3489):
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x14, &(0x7f0000000040), 0x8)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r3, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r4 = fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
dup(0xffffffffffffffff)

3.518432973s ago: executing program 0 (id=3491):
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x14, &(0x7f0000000040), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

2.925857119s ago: executing program 2 (id=3495):
syz_io_uring_setup(0x7ff7, &(0x7f0000000580)={0x0, 0xf785, 0x2, 0x1, 0x2ac}, &(0x7f00000000c0)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$PROG_LOAD(0x6, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
creat(0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000440), 0x490582, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xf, &(0x7f0000000380)={0x8, 0x6}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f0000000480), 0x9, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x5)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
r7 = dup(r4)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@text32={0x20, &(0x7f0000000300)="3e0f2018b9740a0000b802000000ba2fe310000f30c744240000000000c744240235c00000c7442406000000000f011c24c4c23599e4c4c191d171a6650f0130660ffa60ce66baf80cb8d0a8138bef66bafc0c66b8000066ef676636660f388284238a66b818000f00d0", 0xffffffffffffffdd}], 0x1, 0x70, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[], 0x1c}}, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
setsockopt$inet6_int(r2, 0x29, 0xf, &(0x7f0000000100)=0x8, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r2, 0x80, &(0x7f0000000280)=@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private}}})
io_uring_enter(0xffffffffffffffff, 0x7c76, 0x0, 0x2, 0x0, 0x0)

2.719292397s ago: executing program 1 (id=3496):
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x14, &(0x7f0000000040), 0x8)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r3 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r3, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r4 = fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
dup(0xffffffffffffffff)

2.718918503s ago: executing program 3 (id=3497):
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000540)={{{@in=@rand_addr=0x64010100, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x4}, {}, 0x0, 0x0, 0x1, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in=@empty, 0x3505, 0x1}}, 0xe8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030000000000000000000000000005000100070000000900020073797a320000000014000780080013400000000008001240000020000500050002000000050004000000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0)

2.399098052s ago: executing program 2 (id=3498):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000001a00)={'wpan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001b00), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f0000001d40)={0x0, 0x0, &(0x7f0000001d00)={&(0x7f0000000780)={0xfc, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_SEC_KEY={0xe0, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0xc8, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffffffffffffffff}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0xffffffff80000001}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x18, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}]}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4c, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa0}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4e}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}, @NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x2}]}]}]}, 0xfc}}, 0x0)

2.374260206s ago: executing program 0 (id=3499):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48)
syz_emit_ethernet(0x5b, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60fca33f00257300120f0000000000000000ffffac1414bbfe8000000000000000000000000000aa6f60a94e30fc3543dba174f1519e601a4098e84437be6e28b35759f9270287a349bd85a574"], 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f0000000040)='\x00')
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000a9f850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='netlink_extack\x00', r3}, 0xb3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@getnexthop={0x18, 0x76, 0xb0d, 0x0, 0x0, {0x3, 0x0, 0x0, 0x2}}, 0x18}}, 0x0)
r5 = eventfd(0x0)
r6 = eventfd(0x0)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000240)={r5, 0x0, 0x2, r6})

2.294525449s ago: executing program 2 (id=3500):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = accept4(r0, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, &(0x7f0000000000)=0x80, 0x80000)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="b80000002100000228bd7000fddbdf25e90f1467060000070800000014000100fc00000000000000000000000000000814000100fe8000000000000000000000000000bb14000200fc01000000000000000000000000000114000200ff020000000000000000000000000001080010000004000014000100fe8000000000000000000000000000aa08000f00e30d00001400010000000000000000000000000000000001140011007465616d5f736c6176655f3100000000"], 0xb8}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000001d00)=ANY=[@ANYBLOB="8800000e08021100000108021100000050505050505000008000d2e19b5c24a93497d82c0c7385abda242a6549366907087ded11283d31d68cabd4b0b8d93ab12e0af317973b9d594ab1a25920d611536dc1b0ad3fe2396cb2c2efd9711d744fb0e2e973de039fa443d944d240dbc5ddf4e74a595ced66be978590808bed08e74032bce26cc11c7ed82414cb81e6f64acb7ce57b73ff662a1e0271732b927069115b9b882ea65e37da4bdf73772551"], 0x28)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000740)=ANY=[], 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x2, 0x0, @loopback}], 0x1c)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000700)={'veth1_macvtap\x00', 0x8000})
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0x1}], 0x1}}], 0x1, 0x2000c8c0)
unshare(0x20000400)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r4, &(0x7f0000001f40)=[{{&(0x7f0000000480)={0xa, 0x4e21, 0xcad, @empty, 0x2}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000001dc0)="d867b994fb923bc6b2bc8540e2750cf8e4feeaeb9031eede9f10e91ee722b7f0526d5a6c2a1c41dbf26ce7c0709afa5f3ee5f91b68e8541a43626b53ccd9a04f5fd51dd2f8fe5c0e9bf4ef8725d54737b2a54e3f18ed12f4c1448dcd75c1f4d5fda3fd63f5e3f8720a15367f0ea70a3803bb2d83a88a76a542a2f2d0d2711c0c000008698ce9d0021c7a0d0a77682e0ac49308fa277c7dfe9d9ebb3fc278ecdacb1fde677af7d858cfd6", 0xaa}, {&(0x7f0000000900)="038fce746fcdb3bb94a5e2c30e83780f9974ed344908024bebce3cacc374adeaaa370ab7c47b235d6b4717eea1f92156e777260ffc09075ed9eaf289fa94855115c1820825581fedf80195b925ff329c0e15f90a3c656ac59e7576a9ffc054d13d3e589bfd51c126dd2740950c2f317514325557b129de9f2092c67cd1443a173a59839c0ceca6c7b07c14514b194ab2d367952ee73900bddf704d0a0146487bc345cfe6e5b651a313aca7093723aed3fee556e77bdc3a", 0xb7}], 0x2, &(0x7f00000009c0)=ANY=[@ANYBLOB="1400000000000000290000000b00000000000080200000001400000000000000290000000b000000fffffffd00000000"], 0x30}}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000c00)="d2af4ba32a61381d87cba41b7960cb26d59bac1deef5f810ea63254d1e2018caf306398c895fcd4af789f693d7fad1d3243d396f8c9e25a9eeedfa760b9ddd71286815044a6c034a5ccbfec6b80a848752efd1a3caa116151a3811fa16fb3e614c4aacf97976063ee142486041e89d47fd35ef9b90fd3320f9a9f3c47b0e4a01e6122f97946af8881ab029f119393a56bfb7384acc726dfb16e2f20ca4036d2cf31278e083bc2be4dda2999aab99ed2260fb3d80c798db119c69bbf45abe71c37ecd4021be19e6da249384a8989e14f99fea4005eb54e58f0e5522bafefb82205a2cda78a330b9b205e6a26700352398034c5c62f5eec00821adaba56ca83d117c6503ab79af1e3d5dc3662749d4455513dbad497c271543930db643b33e9b5f384ea95725e7d08be62a62bc437c0993f0cf7498f8278d416f5a6907d2a982f54dc86f67740c997b859d3025d14e937b757bacc5d590557c73a4ba2b39f512cfa36a491730e452f7569fcf2299021c87a5114a3189c32fb3ebeb5d4ac7a871b8d091c47db9a142416a7bb6f48797bdc30da3503c4d0ce6555ab32c5fd758523035cedce3a9b0792a9cee49aba1a095a8f2a6cffd20653237dcc2a181bc6289408fba68679d0874cd7d83292c8e551dafa877e9a80a1334293d8fe6518239ed73cebdbd380347638184fedd4790453235c5a96bf265b6247af792b31729f50b213b00af5146ed60ca1e572cb94c76e141cca9e8ac35f05560df509339999d6feb741b4439324c2931bda0172dace2495ff34049d0d4a2e56d2aa26925352f56d5b3ce36ee90d0805c18ded05d00d838b6a2614510aca110311f30823a85ac45652ac01fd7270daedd4817bf338b051be86b4f88370c28f53c5a7beced42b1cc108edf9ed390570e263de27e3445997c95f50900501cdf4a312e65f1c2916409e52c22a79aa951574320000000005bdfa41f0671a684c0c59463aee960a6e001e2f29e9f497327a4147a2522e2695aaa86767f56f865d0296e777047a53bd95704c2d80e7d12029b4eda6681008bbc90ac2a070789ab70437963760a824afd7226483e89efaf909a011c902d5eb117186b1d798076e921fefc34d94c8778be395f0e0dcaa7c61cca79f364f82cd7ae960fd5b421308d18dc3787e05b16282e02a38bcdb9ed008d55ea53cc0a6a5a59c85a210f302bdd50d9a10ac3843c063ee9b41ba50cbfc0cbde6df48558cc0fcb015941d70a9bfe3d5041ebfe5b73722664543614a7ad1fdcb4dc67bd38306a4c45bcdf027796fb1d987e81a6e950ddc78eca5e6471745db65bcfce5f8bc21124df7e61d8e87c2bfececbe7db84b4da7c2b830f681da28ad6b71c3432d18262c267a7f33dd0290ca2da8fffd770ea8bdb127b173bfd0f99a81293e92e65ce3cf89d64a713145c8af957f60207c65858ddecc57b07eab13a249bdf67ad22ac22e0a565cd183ba955e1c877c3bd11eac13a58a82685e01e7f5eef7c805e05dadc956ee2d7f8b6d4bafa450809dab57b66c52265cd92ed2477f19961366427eb5b5b64c84cf7bf1ea325074d7d06e43360657a045ad16176193e1bf7f9367dd1b3e77fb65e035142af152cbdbd88bef2697fb6757486113de8286f0ee2032c0755bb8658957fe47b50044ade7ed1e26e60c121f88b15f107677b7ab15c5103ea29568a0a3f80af1089d9dc16e2a60f10b9f66596d398a02acb80131298212013332ed3f586911060801bc917717e0bb58308710884188c1aefe4d941f9daf0f63245dec9864faebdade13c784f7cec30b438820cccedad6f7200b9ff8e500dc88c24c298046d61afd0f9f6429de6a07b456bc1ce277c7e46eea8cc66ecc70341b3339a31bae675c8d75648206e8ada4037f6724d6cd51c9894ba6afcd740e672e8ce82ac06d6e76faf3d2624ddab65954a78d1987ddb484b97183b50d145bef58fed478ec329ab185e7a8e1f21b6b496a0008e8c2a96b69e55c460f6ee3d195536585f11254e6ce509a6ef9daa883c3dc7281b4308bb41cf58401d8474e18e092813c999d6386335e9f5dcdc00581da9dc70afcce1491cae4dd91bc7153d1a81371e4a9caa7a46bf077f5c7bcfd0518b6079ebb2f7fe270b7e19994abd5bcfe87d12d3cf6df68dead14ab3a8a1849d021b12c440a26ecbdabc7bac2453d431c7addfbb9175ea8f3845291ced315fd36f8bf3cbb6d5d4966e51aa88f6190dd02c5758e6d90a258c17ee013cb5945195403951984144cf42ffc22e4c4b2735e3321d24bced54568657bd309ad2aaf9ed09538e3350c4427f3c5077b5eae1ef9526d0a220f71d5ef9c7a98794bbafd7209b8bfed01f8679fe6512a48298fad7321b5bc2655b1f17ba2e90ee26965b162975b09a21ac09e56d100a10f36da48fbc9ca3412d761569325a0d743817bbf2b341f1a7c9289c287b124a15b29a64bf4a872893e52452f38604d6bce7feca41456f3cbd76df1b8ef696c4515edb4cb23eb24c827177c8e9058e87f8caf69cc145f8fefb43ff73e114a358b8c5b3f93b950b58a51c03c1517e55b398928fcb62e4eabe13768e2a16155bb8593bb40f5272069e5ee85148e63417891bc2fa7425c25434c8606bf196407bfcc74236908548c886181a1e90f38defe1ffa79cc71465986a9f3189db01c6f957772f2823b7c2792d162637bd25f14f3547ba52d1826bda91917148749ca4e87075ed8082b218d4ce252f8b05fc42d5bc5bc5f022d4186911cd0fd2303caf4fe9faebfdd74289114333462782f0541d4e3135d1180924071574daaa525db4ca7349c5095c79e8432f39358d514740da8cd935d4501955ea88b71f0fba0992dcc936b3d63be4967bc79bcf9c2e8873ff3cb4ef096489ef05db68c6793209b85ecfa57c3fd72acb6d0bc8941a38d716fd983495c50c17e5727c0871fe4cdd00cc2fcf60a7cde5e41b0908af200970d51cda15d40b8560ddd3808a10e04f6ff1b23122668056430d3f660897cd617f8111c6b070e3ba2d8763da4a58bc8d5ccd496b8d23fa70f9dc13772631a6746b390c2273646187f6274d6cf8ccfb0b549343fabe3dd45fa1aec233786b7b6e00b493e9ac2b82d218f351256667745a47fc050408a6ec260607358ecebb6329b7936d7f83cd95f7c44bdca076830b69012ca594031b17c1ae30f5aa356cf7094c255d51070474e07c147341ff58bc0750ad537f0f712fac8234b1acee133f27753722caefcc0eec65594716e947d8819b987d10302293982025924708dedbe36564c5d307bc37328a6cbd15d5f03043b4e961124bcef984569f0e05622dc4f1d3e1d68817cd2be8125520d87fe7caafff079a6d38f021bdc4122a55f101d8ca55fe79abfc1902429c3c0b3aa9070baf7522d9ca8b646a1e5039e009f74d190e0bb281e2fd1def5d55e49a26edb45cbc89c6f2655e2873b3fafdc6ac554a14e1406c1d5ebdb9b2f922f5e38b93e45c12ae7cb05b2ce2bc081ae0796a4085f867e737dd04aba56e018b9e72d5bf579665efb0eae4afacf04dba3d79f2c6ad41305a5062ed4f56ed992c89c2861b7ee094ae3595d33f888727f950e399708a5db84a2569ae44009404c4ec467fbcc0437bd6c4201cb6eda35175779c7b5d10cac8d6b8e6ae45013a9dbd283a0722b33138972fd70f981119b11ace9bf64b634278838e763b48201f13da4028c52572e8ce83afaa0c3ced090f7f8e1dbca81c155323ff444f5d4154abaccaed921c6b34e282b4cd1f273cf12d0d0a48d3cfc43fe2c673bb0e5f50708204c3b6e87bf59af60fd7e15042a4ead44170eda2d50ebdcd92a6a0073a69aed491ce7d50bc369984d3f39d40c53d0ff607625ceb226045dc93bf4260cb0f9dea8f7ebbc3c2fc12553430a26b28a51667dd9f16980765cb029ffbd35e491034e77507aa72bfc2b995c49e4b202a23b68e48efbc3af197ece148411f42ffc25b9f1a4b764a01e5e4a5b44f29725431269b0bfa7b143a1feafb0e4444a4e94ce5679d521712fe687acbf57c4de9ca5dc2e9cdb2d2707419bc7e5df581df130df196c58e0f9a4f076b9226d70d85ac77cda2478bed17d865995d05a57a9ad94bda6e68c6a40604809db1eba0107471f0da75d03f12f671f74e99474887d5dc5f6e7c99cb1f1dc4ff07f3cc278507dc59d5c62112c818163fe76dd8e560f91e6e8dfd2a62496d8aa0bdbdd42d14d9f85c2672e7bb236f529500ef834d9e9a59c880ab32139d06f22e10bbfe6d89cdc4352eee246f87b210db0b1e07b513a08817036c4b78c6044d632255c891613187bdc42ee53bb3ffbcd4a4fa01e1fc08dadd1dd8842b7a4f1e4eaa9a5df89c4b25bbca758093b5b6cffa4cccdc9154d418c332b2397dd03a6bd184d9acf928f450da999fa41644ddc04099d51c57699c40b7f6ee738f38eeee54ad6ab3f3c8c0679a34ebe6a8278025adc0b5b78f855285417b918f8d0aa9d81ce0702226c230877c9c50e505410116ce497469d24f5676ac8e979d0b4634a9a230e6c91f5720e6f510884a34c26b8106788b824263cd28fc6caf064ad7ee8aff0d6b1d82f29de7277d0c8b471ff189a0f4e0bd197c711b4d07d33cd54d40db867883a3506dc6d64af58eb57ae76cca3210d62eba7be91e34b732b2da5802a8abd21bf6e906564573ec45dc391b9c120a30b4fb69999b9a359155fd628b7036565978ed9e21c245e9d3243be1169db0642a3e5a9f58675ac3a659f43b5777b3e14f81fd7ffd7d7a2e2a10514f16d7a037d424d57f58710485c10ea74e8804a07ad55d73677894c0f6463ede2fca2a86db36f6acd235c882c23a4f365cf229650a527405e102da83abdc878b0aa245c9c218efb467caac7c6ce439a2fd17406a919a3ff0b7bc1ab338955b496f7cbb4e66208edb4afe6b2dd88bd61659cf1172ec989f6290c80f45f59eb43af461b053235d1311971dcce8c196e6d3304d24722752e081ce8eed61f5c2d8124eccbe372920bfcb2b26492544c78f59d598ab6cd226ddfeb4c15842f4fad9447bf26f429019aa0056e324c4d27016a826a6a63cd0c805e1104292f7c1a8791121d2de063646dcc68c387a8ac5950638d9e709cbc11f29abe46d1d9d88b2cac97bed6853bfff5737102085957e9a76881754633bc28d9cb636b1df2ec9b4a64a5b4e45d84474d63f706f5271ddcecb6a587fe979307593ee481d5a844d38bae3eb13c223b2d62f065ab51a9db65e16045c450d174e9cc4e9dd5b1b86160c894fe7dad8800366b6975a54fcd2aa2708eb825e6b0ffbd1d481a40b660662c3727f3edaf4bf32a2502ee7e24e51c0872e41459d39cc34937f39d3c8a44984117beb153264f3bc9cbbb2d125049aef8c60e459827561680fe9de234c0c3f35cd11c41b4019b2e55da9206182ea54aea301241b697d6e4ffb362df3f4ca4b42dffb5dc718304631b0861f5e815ddfff94e44f5e61ad647ebaea2c33520fc580534b811f46b23cdc974ee427cd8c5155bb64a5227d961325daf5413e6665f881c377b0a3b4666e6c7789054fd14b14c01eb109d6cb849c31bd62756032b53c45020aad81f6304da46ed03347b0781e2aa62cf63a62c6a37234d4af03d83049c8c6af661a33e545eb727144414e60a14825b3d8d8eb7b535661da1d0fee14f219e80538b5ade44645f27da6b76c8e2840b1f9cf72673fff12a7a83131c266fa2e481338e48a66fbe52348e7048045112dbeb47803569cf58dfb8d736eecd83d2f4bd6d06014d0db82f6", 0xff0}, {&(0x7f0000000a00)="8e79e4cb0be36b932db3064b84c039e871c7dff362def685ccbda1cb630cce4ac0dc8ce128b22babec8b5898113254ae4ce253a2d7a7331b1d98d7843e8515537c77538c0fad2119cbb28463b99602a67f0f804c2effdf9891bf262ccfdb4c24622b3769986b9e574af1363671599948e2c90cbc3a2fd2dcb4d1bbe20e83efaedbbd7bd24b3ae3958ac1f16dce1ab4a0644e01d0f570a8e3a2b685a3c96ce5cf896daee43e4ec7ba7d6ea8d38828a7f5207d2955ef6f0e261ec4c0c82da04a8d6260f2c1e5535eb89f2714bcd9e0c6c412f1db61fb94e4e2348af2d541", 0xdd}, {&(0x7f0000001c00)="4c5f1c58454c6f7ef2a2b597aa0d254320065b1db70d9b53dcd79f5c4492e7c76bbe83643837582ecc24ccac56788f3f4394dba83d8a224588ede6a89bb3a81c37c3886621a42393bf99f1354b9de097ee09619e5d14c85d0fdf47f454c3037ab2e6d2df02bb00b6907f00e76e1da9615fbcad209ed3c962337d98e20cdaf78490d3be244e521b4915ff0f2163fdce40efae6d1764f633b7879022e7bd91b81aa6c1c8a1a1898e3389185075cc3ab641bda13dcf1ecd5a2947c79e89bcb241812db6a3bc349a92267ab5db5f990baa4c3482ef725beff27b21ecdb205c8e7879", 0xe0}], 0x3, &(0x7f0000002180)=ANY=[@ANYBLOB="1400000000000000290000003e00000008000000000000002400000000000000290000003200000000000000000000000000ffff0a010100", @ANYRES16=r0, @ANYBLOB="00000000780000000000000029000000390000005e0c014300000000ff010000000000000000000000000001ff0200000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001ff010000000000000000000000000001ff0200000000000000000000000000011400000000000000290000000800000006000000000000001400000000000000290000003e000000070000000000000014000000000000002900000008000000008000000000000024000000000000002900000032000000fe8000000000000000000000000000aa", @ANYRES32=r2, @ANYBLOB="0000000070000000000000002900000036000000000a000000000000c910fe880000000000000000000000000101c20400000003071826f6594d040500007f000000000000000900000000000000c910fe800000000000000000006e00000012c9100000000000000000000000000000000100001400000000000000290000003e000000fbffffff00000000140000000000000029000000340000000200000000000000"], 0x1c8}}], 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000002c0)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x0, 0x81, &(0x7f0000000380)=[{}, {}], 0x10, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r6, 0x6b, 0x4, &(0x7f0000000140)=0xfffffffd, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000006c0)={'syztnl2\x00', &(0x7f00000004c0)={'syztnl0\x00', r5, 0x2f, 0xff, 0x40, 0x9, 0x41, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x80, 0x40, 0x0, 0x7}})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
unshare(0x42000000)
r8 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$tipc(r8, &(0x7f00000026c0)={0x0, 0x0, 0x0}, 0x0)
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r9, &(0x7f0000002ac0)=[{{&(0x7f0000002940)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, 0x0}}], 0x1, 0x0)
listen(r9, 0x6)
bind$inet(r7, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r7, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)

1.838989163s ago: executing program 3 (id=3501):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = accept4(r0, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, &(0x7f0000000000)=0x80, 0x80000)
sendmsg$nl_route(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="b80000002100000228bd7000fddbdf25e90f1467060000070800000014000100fc00000000000000000000000000000814000100fe8000000000000000000000000000bb14000200fc01000000000000000000000000000114000200ff020000000000000000000000000001080010000004000014000100fe8000000000000000000000000000aa08000f00e30d00001400010000000000000000000000000000000001140011007465616d5f736c6176655f3100000000"], 0xb8}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000001d00)=ANY=[@ANYBLOB="8800000e08021100000108021100000050505050505000008000d2e19b5c24a93497d82c0c7385abda242a6549366907087ded11283d31d68cabd4b0b8d93ab12e0af317973b9d594ab1a25920d611536dc1b0ad3fe2396cb2c2efd9711d744fb0e2e973de039fa443d944d240dbc5ddf4e74a595ced66be978590808bed08e74032bce26cc11c7ed82414cb81e6f64acb7ce57b73ff662a1e0271732b927069115b9b882ea65e37da4b"], 0x28)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x2, 0x0, @loopback}], 0x1c)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000800)=ANY=[@ANYBLOB], 0xf2)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000700)={'veth1_macvtap\x00', 0x8000})
sendmmsg$inet6(r0, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0x1}], 0x1}}], 0x1, 0x2000c8c0)
unshare(0x20000400)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r4, &(0x7f0000001f40)=[{{&(0x7f0000000480)={0xa, 0x4e21, 0xcad, @empty, 0x2}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000001dc0)="d867b994fb923bc6b2bc8540e2750cf8e4feeaeb9031eede9f10e91ee722b7f0526d5a6c2a1c41dbf26ce7c0709afa5f3ee5f91b68e8541a43626b53ccd9a04f5fd51dd2f8fe5c0e9bf4ef8725d54737b2a54e3f18ed12f4c1448dcd75c1f4d5fda3fd63f5e3f8720a15367f0ea70a3803bb2d83a88a76a542a2f2d0d2711c0c000008698ce9d0021c7a0d0a77682e0ac49308fa277c7dfe9d9ebb3fc278ecdacb1fde677af7d858cfd6", 0xaa}, {&(0x7f0000000900)="038fce746fcdb3bb94a5e2c30e83780f9974ed344908024bebce3cacc374adeaaa370ab7c47b235d6b4717eea1f92156e777260ffc09075ed9eaf289fa94855115c1820825581fedf80195b925ff329c0e15f90a3c656ac59e7576a9ffc054d13d3e589bfd51c126dd2740950c2f317514325557b129de9f2092c67cd1443a173a59839c0ceca6c7b07c14514b194ab2d367952ee73900bddf704d0a0146487bc345cfe6e5b651a313aca7093723aed3fee556e77bdc3a", 0xb7}], 0x2, &(0x7f00000009c0)=ANY=[@ANYBLOB="1400000000000000290000000b00000000000080200000001400000000000000290000000b000000fffffffd00000000"], 0x30}}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000c00)="d2af4ba32a61381d87cba41b7960cb26d59bac1deef5f810ea63254d1e2018caf306398c895fcd4af789f693d7fad1d3243d396f8c9e25a9eeedfa760b9ddd71286815044a6c034a5ccbfec6b80a848752efd1a3caa116151a3811fa16fb3e614c4aacf97976063ee142486041e89d47fd35ef9b90fd3320f9a9f3c47b0e4a01e6122f97946af8881ab029f119393a56bfb7384acc726dfb16e2f20ca4036d2cf31278e083bc2be4dda2999aab99ed2260fb3d80c798db119c69bbf45abe71c37ecd4021be19e6da249384a8989e14f99fea4005eb54e58f0e5522bafefb82205a2cda78a330b9b205e6a26700352398034c5c62f5eec00821adaba56ca83d117c6503ab79af1e3d5dc3662749d4455513dbad497c271543930db643b33e9b5f384ea95725e7d08be62a62bc437c0993f0cf7498f8278d416f5a6907d2a982f54dc86f67740c997b859d3025d14e937b757bacc5d590557c73a4ba2b39f512cfa36a491730e452f7569fcf2299021c87a5114a3189c32fb3ebeb5d4ac7a871b8d091c47db9a142416a7bb6f48797bdc30da3503c4d0ce6555ab32c5fd758523035cedce3a9b0792a9cee49aba1a095a8f2a6cffd20653237dcc2a181bc6289408fba68679d0874cd7d83292c8e551dafa877e9a80a1334293d8fe6518239ed73cebdbd380347638184fedd4790453235c5a96bf265b6247af792b31729f50b213b00af5146ed60ca1e572cb94c76e141cca9e8ac35f05560df509339999d6feb741b4439324c2931bda0172dace2495ff34049d0d4a2e56d2aa26925352f56d5b3ce36ee90d0805c18ded05d00d838b6a2614510aca110311f30823a85ac45652ac01fd7270daedd4817bf338b051be86b4f88370c28f53c5a7beced42b1cc108edf9ed390570e263de27e3445997c95f50900501cdf4a312e65f1c2916409e52c22a79aa951574320000000005bdfa41f0671a684c0c59463aee960a6e001e2f29e9f497327a4147a2522e2695aaa86767f56f865d0296e777047a53bd95704c2d80e7d12029b4eda6681008bbc90ac2a070789ab70437963760a824afd7226483e89efaf909a011c902d5eb117186b1d798076e921fefc34d94c8778be395f0e0dcaa7c61cca79f364f82cd7ae960fd5b421308d18dc3787e05b16282e02a38bcdb9ed008d55ea53cc0a6a5a59c85a210f302bdd50d9a10ac3843c063ee9b41ba50cbfc0cbde6df48558cc0fcb015941d70a9bfe3d5041ebfe5b73722664543614a7ad1fdcb4dc67bd38306a4c45bcdf027796fb1d987e81a6e950ddc78eca5e6471745db65bcfce5f8bc21124df7e61d8e87c2bfececbe7db84b4da7c2b830f681da28ad6b71c3432d18262c267a7f33dd0290ca2da8fffd770ea8bdb127b173bfd0f99a81293e92e65ce3cf89d64a713145c8af957f60207c65858ddecc57b07eab13a249bdf67ad22ac22e0a565cd183ba955e1c877c3bd11eac13a58a82685e01e7f5eef7c805e05dadc956ee2d7f8b6d4bafa450809dab57b66c52265cd92ed2477f19961366427eb5b5b64c84cf7bf1ea325074d7d06e43360657a045ad16176193e1bf7f9367dd1b3e77fb65e035142af152cbdbd88bef2697fb6757486113de8286f0ee2032c0755bb8658957fe47b50044ade7ed1e26e60c121f88b15f107677b7ab15c5103ea29568a0a3f80af1089d9dc16e2a60f10b9f66596d398a02acb80131298212013332ed3f586911060801bc917717e0bb58308710884188c1aefe4d941f9daf0f63245dec9864faebdade13c784f7cec30b438820cccedad6f7200b9ff8e500dc88c24c298046d61afd0f9f6429de6a07b456bc1ce277c7e46eea8cc66ecc70341b3339a31bae675c8d75648206e8ada4037f6724d6cd51c9894ba6afcd740e672e8ce82ac06d6e76faf3d2624ddab65954a78d1987ddb484b97183b50d145bef58fed478ec329ab185e7a8e1f21b6b496a0008e8c2a96b69e55c460f6ee3d195536585f11254e6ce509a6ef9daa883c3dc7281b4308bb41cf58401d8474e18e092813c999d6386335e9f5dcdc00581da9dc70afcce1491cae4dd91bc7153d1a81371e4a9caa7a46bf077f5c7bcfd0518b6079ebb2f7fe270b7e19994abd5bcfe87d12d3cf6df68dead14ab3a8a1849d021b12c440a26ecbdabc7bac2453d431c7addfbb9175ea8f3845291ced315fd36f8bf3cbb6d5d4966e51aa88f6190dd02c5758e6d90a258c17ee013cb5945195403951984144cf42ffc22e4c4b2735e3321d24bced54568657bd309ad2aaf9ed09538e3350c4427f3c5077b5eae1ef9526d0a220f71d5ef9c7a98794bbafd7209b8bfed01f8679fe6512a48298fad7321b5bc2655b1f17ba2e90ee26965b162975b09a21ac09e56d100a10f36da48fbc9ca3412d761569325a0d743817bbf2b341f1a7c9289c287b124a15b29a64bf4a872893e52452f38604d6bce7feca41456f3cbd76df1b8ef696c4515edb4cb23eb24c827177c8e9058e87f8caf69cc145f8fefb43ff73e114a358b8c5b3f93b950b58a51c03c1517e55b398928fcb62e4eabe13768e2a16155bb8593bb40f5272069e5ee85148e63417891bc2fa7425c25434c8606bf196407bfcc74236908548c886181a1e90f38defe1ffa79cc71465986a9f3189db01c6f957772f2823b7c2792d162637bd25f14f3547ba52d1826bda91917148749ca4e87075ed8082b218d4ce252f8b05fc42d5bc5bc5f022d4186911cd0fd2303caf4fe9faebfdd74289114333462782f0541d4e3135d1180924071574daaa525db4ca7349c5095c79e8432f39358d514740da8cd935d4501955ea88b71f0fba0992dcc936b3d63be4967bc79bcf9c2e8873ff3cb4ef096489ef05db68c6793209b85ecfa57c3fd72acb6d0bc8941a38d716fd983495c50c17e5727c0871fe4cdd00cc2fcf60a7cde5e41b0908af200970d51cda15d40b8560ddd3808a10e04f6ff1b23122668056430d3f660897cd617f8111c6b070e3ba2d8763da4a58bc8d5ccd496b8d23fa70f9dc13772631a6746b390c2273646187f6274d6cf8ccfb0b549343fabe3dd45fa1aec233786b7b6e00b493e9ac2b82d218f351256667745a47fc050408a6ec260607358ecebb6329b7936d7f83cd95f7c44bdca076830b69012ca594031b17c1ae30f5aa356cf7094c255d51070474e07c147341ff58bc0750ad537f0f712fac8234b1acee133f27753722caefcc0eec65594716e947d8819b987d10302293982025924708dedbe36564c5d307bc37328a6cbd15d5f03043b4e961124bcef984569f0e05622dc4f1d3e1d68817cd2be8125520d87fe7caafff079a6d38f021bdc4122a55f101d8ca55fe79abfc1902429c3c0b3aa9070baf7522d9ca8b646a1e5039e009f74d190e0bb281e2fd1def5d55e49a26edb45cbc89c6f2655e2873b3fafdc6ac554a14e1406c1d5ebdb9b2f922f5e38b93e45c12ae7cb05b2ce2bc081ae0796a4085f867e737dd04aba56e018b9e72d5bf579665efb0eae4afacf04dba3d79f2c6ad41305a5062ed4f56ed992c89c2861b7ee094ae3595d33f888727f950e399708a5db84a2569ae44009404c4ec467fbcc0437bd6c4201cb6eda35175779c7b5d10cac8d6b8e6ae45013a9dbd283a0722b33138972fd70f981119b11ace9bf64b634278838e763b48201f13da4028c52572e8ce83afaa0c3ced090f7f8e1dbca81c155323ff444f5d4154abaccaed921c6b34e282b4cd1f273cf12d0d0a48d3cfc43fe2c673bb0e5f50708204c3b6e87bf59af60fd7e15042a4ead44170eda2d50ebdcd92a6a0073a69aed491ce7d50bc369984d3f39d40c53d0ff607625ceb226045dc93bf4260cb0f9dea8f7ebbc3c2fc12553430a26b28a51667dd9f16980765cb029ffbd35e491034e77507aa72bfc2b995c49e4b202a23b68e48efbc3af197ece148411f42ffc25b9f1a4b764a01e5e4a5b44f29725431269b0bfa7b143a1feafb0e4444a4e94ce5679d521712fe687acbf57c4de9ca5dc2e9cdb2d2707419bc7e5df581df130df196c58e0f9a4f076b9226d70d85ac77cda2478bed17d865995d05a57a9ad94bda6e68c6a40604809db1eba0107471f0da75d03f12f671f74e99474887d5dc5f6e7c99cb1f1dc4ff07f3cc278507dc59d5c62112c818163fe76dd8e560f91e6e8dfd2a62496d8aa0bdbdd42d14d9f85c2672e7bb236f529500ef834d9e9a59c880ab32139d06f22e10bbfe6d89cdc4352eee246f87b210db0b1e07b513a08817036c4b78c6044d632255c891613187bdc42ee53bb3ffbcd4a4fa01e1fc08dadd1dd8842b7a4f1e4eaa9a5df89c4b25bbca758093b5b6cffa4cccdc9154d418c332b2397dd03a6bd184d9acf928f450da999fa41644ddc04099d51c57699c40b7f6ee738f38eeee54ad6ab3f3c8c0679a34ebe6a8278025adc0b5b78f855285417b918f8d0aa9d81ce0702226c230877c9c50e505410116ce497469d24f5676ac8e979d0b4634a9a230e6c91f5720e6f510884a34c26b8106788b824263cd28fc6caf064ad7ee8aff0d6b1d82f29de7277d0c8b471ff189a0f4e0bd197c711b4d07d33cd54d40db867883a3506dc6d64af58eb57ae76cca3210d62eba7be91e34b732b2da5802a8abd21bf6e906564573ec45dc391b9c120a30b4fb69999b9a359155fd628b7036565978ed9e21c245e9d3243be1169db0642a3e5a9f58675ac3a659f43b5777b3e14f81fd7ffd7d7a2e2a10514f16d7a037d424d57f58710485c10ea74e8804a07ad55d73677894c0f6463ede2fca2a86db36f6acd235c882c23a4f365cf229650a527405e102da83abdc878b0aa245c9c218efb467caac7c6ce439a2fd17406a919a3ff0b7bc1ab338955b496f7cbb4e66208edb4afe6b2dd88bd61659cf1172ec989f6290c80f45f59eb43af461b053235d1311971dcce8c196e6d3304d24722752e081ce8eed61f5c2d8124eccbe372920bfcb2b26492544c78f59d598ab6cd226ddfeb4c15842f4fad9447bf26f429019aa0056e324c4d27016a826a6a63cd0c805e1104292f7c1a8791121d2de063646dcc68c387a8ac5950638d9e709cbc11f29abe46d1d9d88b2cac97bed6853bfff5737102085957e9a76881754633bc28d9cb636b1df2ec9b4a64a5b4e45d84474d63f706f5271ddcecb6a587fe979307593ee481d5a844d38bae3eb13c223b2d62f065ab51a9db65e16045c450d174e9cc4e9dd5b1b86160c894fe7dad8800366b6975a54fcd2aa2708eb825e6b0ffbd1d481a40b660662c3727f3edaf4bf32a2502ee7e24e51c0872e41459d39cc34937f39d3c8a44984117beb153264f3bc9cbbb2d125049aef8c60e459827561680fe9de234c0c3f35cd11c41b4019b2e55da9206182ea54aea301241b697d6e4ffb362df3f4ca4b42dffb5dc718304631b0861f5e815ddfff94e44f5e61ad647ebaea2c33520fc580534b811f46b23cdc974ee427cd8c5155bb64a5227d961325daf5413e6665f881c377b0a3b4666e6c7789054fd14b14c01eb109d6cb849c31bd62756032b53c45020aad81f6304da46ed03347b0781e2aa62cf63a62c6a37234d4af03d83049c8c6af661a33e545eb727144414e60a14825b3d8d8eb7b535661da1d0fee14f219e80538b5ade44645f27da6b76c8e2840b1f9cf72673fff12a7a83131c266fa2e481338e48a66fbe52348e7048045112dbeb47803569cf58dfb8d736eecd83d2f4bd6d06014d0db82f6", 0xff0}, {&(0x7f0000000a00)="8e79e4cb0be36b932db3064b84c039e871c7dff362def685ccbda1cb630cce4ac0dc8ce128b22babec8b5898113254ae4ce253a2d7a7331b1d98d7843e8515537c77538c0fad2119cbb28463b99602a67f0f804c2effdf9891bf262ccfdb4c24622b3769986b9e574af1363671599948e2c90cbc3a2fd2dcb4d1bbe20e83efaedbbd7bd24b3ae3958ac1f16dce1ab4a0644e01d0f570a8e3a2b685a3c96ce5cf896daee43e4ec7ba7d6ea8d38828a7f5207d2955ef6f0e261ec4c0c82da04a8d6260f2c1e5535eb89f2714bcd9e0c6c412f1db61fb94e4e2348af2d541", 0xdd}, {&(0x7f0000001c00)="4c5f1c58454c6f7ef2a2b597aa0d254320065b1db70d9b53dcd79f5c4492e7c76bbe83643837582ecc24ccac56788f3f4394dba83d8a224588ede6a89bb3a81c37c3886621a42393bf99f1354b9de097ee09619e5d14c85d0fdf47f454c3037ab2e6d2df02bb00b6907f00e76e1da9615fbcad209ed3c962337d98e20cdaf78490d3be244e521b4915ff0f2163fdce40efae6d1764f633b7879022e7bd91b81aa6c1c8a1a1898e3389185075cc3ab641bda13dcf1ecd5a2947c79e89bcb241812db6a3bc349a92267ab5db5f990baa4c3482ef725beff27b21ecdb205c8e7879", 0xe0}], 0x3, &(0x7f0000002180)=ANY=[@ANYBLOB="1400000000000000290000003e00000008000000000000002400000000000000290000003200000000000000000000000000ffff0a010100", @ANYRES16=r0, @ANYBLOB="00000000780000000000000029000000390000005e0c014300000000ff010000000000000000000000000001ff0200000000000000000000000000010000000000000000000000000000000000000000000000000000000000000001ff010000000000000000000000000001ff0200000000000000000000000000011400000000000000290000000800000006000000000000001400000000000000290000003e000000070000000000000014000000000000002900000008000000008000000000000024000000000000002900000032000000fe8000000000000000000000000000aa", @ANYRES32=r2, @ANYBLOB="0000000070000000000000002900000036000000000a000000000000c910fe880000000000000000000000000101c20400000003071826f6594d040500007f000000000000000900000000000000c910fe800000000000000000006e00000012c9100000000000000000000000000000000100001400000000000000290000003e000000fbffffff00000000140000000000000029000000340000000200000000000000"], 0x1c8}}], 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f00000002c0)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x4, 0x1, &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x0, 0x81, &(0x7f0000000380)=[{}, {}], 0x10, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0xce, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r6, 0x6b, 0x4, &(0x7f0000000140)=0xfffffffd, 0x4)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000006c0)={'syztnl2\x00', &(0x7f00000004c0)={'syztnl0\x00', r5, 0x2f, 0xff, 0x40, 0x9, 0x41, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x80, 0x40, 0x0, 0x7}})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
unshare(0x42000000)
r8 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$tipc(r8, &(0x7f00000026c0)={0x0, 0x0, 0x0}, 0x0)
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r9, &(0x7f0000002ac0)=[{{&(0x7f0000002940)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, 0x0}}], 0x1, 0x0)
listen(r9, 0x6)
bind$inet(r7, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r7, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)

1.688329469s ago: executing program 1 (id=3502):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x90)
r1 = syz_io_uring_setup(0x6167, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r1, 0x2d3e, 0x1e, 0x0, 0x0, 0x0)

1.48448448s ago: executing program 2 (id=3503):
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r4 = io_uring_setup(0x168e, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000b8e000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f00004e5000/0x2000)=nil)
move_pages(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000a7a000/0x3000)=nil], &(0x7f00000001c0)=[0x1], 0x0, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r3, 0x0, 0x17, &(0x7f0000000040)=0xe, 0x36)
recvmmsg(r3, &(0x7f0000000440)=[{{&(0x7f00000000c0)=@qipcrtr, 0x80, &(0x7f0000000400)=[{&(0x7f0000000300)=""/210, 0xd2}, {&(0x7f0000000740)=""/201, 0xc9}, {&(0x7f0000000240)=""/121, 0x79}, {&(0x7f00000005c0)=""/176, 0xb0}], 0x4, &(0x7f0000000680)=""/135, 0x87}, 0x9}], 0x1, 0x45833af92e4b39ff, 0x0)

1.484157976s ago: executing program 1 (id=3504):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, <r1=>0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0x22, &(0x7f0000002080)=ANY=[@ANYRESDEC=r1, @ANYRES32=0x1, @ANYBLOB="a16601890f91d13775dbdcf04b054776ade0ae7703d97aa87cf334e516393d5434984e3c01b1b765a42407259c527b7739bf39a5290bce3117d0499453a7ec877ba0fbdb26bd36bce8223be4fcc706d4be43fbaa6b8fa8d4981b769d871e14149f6d4ec15a15215ec557f530d7e3bc461229d4eacfacfabb110d2d1bec0a4a1435770093fec3b77681bf3264773e97fffc10cd5a86861c104be02b924857502eff50a2a82dc917579c7277262b65b08ee370968da0cf71ff19c50c8ea43ddfe00b6608294abdcf977dcea102d5602d4763385d3f0e870b9aa09522404863aef76dc759f6c7c01a273396293e273fa8411ab3e73b22be8570582e9dfd4601639e38a28ac592d397fcf2db2e06d8b3bed6719d68c4a145564cb3482daf8fdf0b1e19fe1b30c610008d2e741804f62b25bb101322b41f69bce4994a87519e192960fe814330ab82c6e55f1f55b39168f5e162663887bc58f59741dc23a3bfd8c3284868f12821d5e36047ec6ef89bfcabe5f127df81ba95551d52b9b7093a75810369a994613793db14e89b57e1b662459cb72498ea65c29cf496b8fe0d78f77e81cb33da58ede0f7c3eb10f366900b223bbbb49dbbc181f7c141bf0109bb5b62f30616c1c28ecec1e2a042ddbb5dc62f58c9816aa2e45ecd7a26cfb5fba14f866258fd64d12c8c0245408062832f90ba05147dbf56d80f51c9e783443cd8f08afa0e7220ff2568398577f13a1ddcbcc192a10c852dbcc8138dcbbfecb257b0d5c68eb90c50f36da26a4ea585fa561cfeefd9a53478967ce4f509130c8a2c37592f4738d2c389765ec6776a84076da60b52dbd7c55e6a212b574731501f36d65e964764ef47198e906b731dcd6ea9074f7008f7e0f4019c7e5f547cd18432d851df7d4064e03271faf94259de545bb5edbbc3a34fbd6d05c5f3e4312faa88a3eac13db2ffbfa79c7e8516d29dfad57ecb3cc5c7de46e796b590df61ae7b84a420c2a80975f7d0e3dfbd1937f0d8ed78a2741dda01916e8889d3efce5dc9c5a7da64d0c91568659cd44e3958342c3a384f83722558ea57489d4d266c13aadb80bfb956b626ec1ff067ee3b5faa6fa1897f6e6aa500c0ce9668534b837fde5abc9dcdf8aa35cfeb8b60915c6cc1c11385f839ffebf81bd7ff0742ff71e5cd5e04146cb7329cfc39b1a4178c335133cad47974e32f74f4810fe7b6f51467cb09d14444f4659d5832011e1e32763728d2f4accf34b028908c6fda43b3a0cd5d4eb425686f2428a6050129acd36c80c8b0589361f39ff5834aef559343c9ab7d6e8516ec3c07d4fb4033eb25123ae4c1127d844d27753abb189d33bf6239765cd399a614a5b7ef001bcaf7fc7c4e5a4977308a12ea888a2f8c26003277d0402a4e6f7c0b1db13c39254a9c716e47af132c0b44928969b47b2b02906a063766ac24b8ba1bb74c7e46ca4f0c885d19d2a3b6fdbb7a6ef372e86e17b1a8ae3d6866cb037d85852c678f8e90780895283edca58a15674f634d1a2db80586601268621199e7503763bc25a7d94448c262f4155d180a29e97789740b8b7b8b9ad06f2a2455ce88e7032e995dbb955fa72f324488cb63e65079925921458fe9dd1e298ed8a8bb3b8941001cfe2fda29e8399b237a4ca4fe0da49dbf23e9f733bfe0f7acff0987db9ac6627ffaa8b5ccfec8d1192379d7f1c402663e1c6c8a335662591b987114ccb116bd5349a808a6dd30a81f63230aaf0b85abf09c992a4b794ed28c21c91007524e69bda1871f428b56259ce03b2a3faf6d6fa93feb3e81a39ef138b617cc814488295b17aa88a73da3323b2aeff580e2959265dc80dfecea0b955748d6bf6483e3eb42cb4ed5cae09f1556de6d779a5f87bdd617186368d7f2f2048480efe53064ccb2b701073fde953fa29b611d59768f4d146e44276ab4d50dcf961dd260df0f64a8657279b6ea454011b4a3c3392de7c3fd2fc50ee1e3270e8c0025985c9185487de581d6eb569fe03c13d1e1ba26815cd81c0671d99ace06f9288fb85c31a9a0d671c70183661114c180797e6a0a0ebae48fe25faae16693daea67bdcc56615a983f3a8abdaa8d8a2b0f4541497ddaa74ac324ecbc47ab8df7d4898b79d3332bb1f2c646feb7f91682e4b52b04a748d2b3acf71b630c36d39321f62866478468afdd2b1050bc886004b53b64f4f67e4442f84b6aebe1b30006d4d1049a37d195ae30d37d5c3a44550c88d2e8aaed0e137769cc804c9b21ca64c55a79954b9bc1e320b48ad2af86051f10c812784fe4dff8b5476c0d774541635a557cd4a6f4d618637bcd84848679c3cd5297405451f7d2c0161b28f353ab0b14312849659476528da8cea3092104b317158ce8bfdea07636eb0737febe01f2d6fa22181de3a703b2614e343c8ee3641232b8a2d3ba1eac61ec529b54d63c38164f01656d38a718a0244107da13aa1ba64d4e0d46e9ba7bdece2468dcd31c63d4ca80ca8a7ef7a5799d4dd4f6e2cf08437988991e70f34e9ae9f905dfaea6168c6c90c5ca0ac7cc5b62c4192cdd50f70df9e7ec68adc3851b675e66b215a3f875ca08160bb3d28eea01f2481b8ad26429de800f1fe3c131475b1ff6ab0dd176d698da3bf856cbb4fe890f0ca2c1beaba0ef9a2802ba4500ce5e362d70a0bebc36dc4957017840f7a23defa9b1a9816c534fd65f6a395ab2984367b79019dec19a8cb61b233f94c32195e1fcc709a989788ccb88d1236a8e6bf110a596fb26883307fbbd4d8c9157773d2ae6cc3d619c54f35498a86bf81648d9cb020a495d7a81e49397b23763831fdba23de094e8f0dbda882f4d3136d7deaf05242ee8a0ab413ea9df938f67a0fdb5ba7a07bd102f34b585a74ce65713abeb77e7a3fcdcf797fcd5b942be4764159c6d6017f36f27900bd69bd485ef56afba0da57fbfb83a5fcac53e4dc34602bfa62509f43d41b33db71385f1b2fe96b3d7be39f3a981a7eeb55853434a94b4f88d5ad6f0c290b62c019d8184ca0978ab19ec1b437655e0a1c856e1ad6a6a222bdeaff2b6d0a574f79bd13fd546ba38420c29d05cb2b0563d57ea0d31ffe78b8616a0a2fce52666938336a32a37b7fd8fa1e17d1d916d6fe4f121172492068b42f5c3bf2c9c1a365046804aa22d84469fe34ba12b0ea1bcf2d0c8fa8d7e845c91155e5089830d2acc1925e7e9aa0a239a3a0396918ca0fc210423eec4c484c37fad530f46339bb8c1ce2769be33059d8b04ecb93908b0e62a56cea38af4ea0974fa1fb3768760ee2a509fa974616ba8506837c137532b8677927044d47b9e8f7bf0c1e7b92adb5e87add80b28083f24d1e40e01dc10a1157ebd829d04e858773400acb41cc2b1c520764e76c437992f9df193398596d91d22bdc7678c4b9764db703318f9936d62d989b5bf8f70ef868a8a45620859c81b3fffb2dcf3a8d4a53a3454445b2f16da35be6709f1f3312ee6a50c4bb0cd5cfdff6ebf2ffaf6ebb5869ead843fdb3c0e5e7e1a24d16992d5ea79223460eb585113999d81c3e32426848e8dfc4bad7bf50cc8303233e7311d9ff9ccef6a6845a8b7833548277d6e2bb87c36cba03b151889ed8cf4112f52efb58f52e90b6dbbcfbfbc8c74f54f8a7cdbb5ebb9f69aa504da7fef770e820a32e240fd2afdd401e1d3bee751e0d7e58a83f3a518551f430760ffc1bd760a537c3e8115f0cf59d61d9d318d6b9b8fa83cda8c5f15bfed40d6cb0364ce845bfc0462abe84fb0f8ba49c2f63091350b9baecb0b52aa2cf5be6928f8589bed7ba2461fe815b3d8b1cdcc2c9fc80282d673af2caf9339a04a0c06d25285a38ef13e877cf86e48edddd6048f8d12ab5486a729bc417cfc0d408489ff9cef43f9036f97cf72baf0fb94bcded6b460c78f3c8bbeb3996cd805055f4fece4d973c77e1c6733ad5feaaffc03b84cf6d661321b73b7333f9bc9d490ced92bee275f80de7afdcc9afa545c0eaafa0aab04b08718bb95e4784f7f8525a30c163f072fa179962960265717c7985698d5a37a7cf593de9b47419186ad0afecdfbf8a6d1fceafb80c5878a37a4f61b650b83ed8681facdd22992915c236b1197ebc49b4b9fa02d3440c745981e6fd46a2c99a7efc26e6471fe825f5ed611e7e499619fa4f3a0b4eb1603cc89fe587b35fb983d2c178b0b1e37e1cfcedeb40f557a05abf00bc1fa44933ab17049415f8bc454f0898be669728828ad8a0a9fa2f77bde04d7e2edb5441b507a0293e65ea646c6047b8f91674a07038bb38468f695688b73f0387fc21648f8fc7432ce209e4f9fc0cd1c9c24569b88f2ba19c5d63877b4ffc854634a595d3f8b4c97318ece47eb1e21556b94019c7a1f3930991c097925cfd61a1aeda50e07adaf6add77b6a5b3c1cb12c5a01ab8ed23a3c4428d626105d6ae6426b07e941430fbeef3b2b6503041cd4e6a16b3fdfb522a72ba0ea5539778ffb6d4ea82627c7b9cc9df3bd0537838909a291c09ea2c803c33c473afea1c10b672cca147b1fbac5d32d8f3baa381b37f7cd82b37debc1c22a8415fdb35bd56b3376a074aa04dd19f28b4d1ac8707704680b4fed5d0f250705e89172b8e282374e488eacb1e70785d83c5e864edab6f39e27d9c814f6dfaa6f7524f869f9e62f1f732d787321db6646451352335318ef6c6ab2feec5dc329cbe3fd4f3f1d4424fbe5a23a14f0ad0df98f0ca66c68960534efb8d069bd93c988c1bba8d6a372f1724c4036374576b1aceec78f3bddaec5f12a6d8a13f7ae0b2b4ca2d649b7f2788492e2cd3c817d7d29fc7fbda59386608c9d7dee3be30dd058cbdcddea5778fc1abc968e34ef850af391cb51950574800187169cffbb1fb01c26ceb51105ba7da0a30537d2f414348d48a5c4852649906495068e98843825a6731a5eeb34952af6a7759f0be69f3c118c4a76a5f2344d8ae043d31dc31a9f50a394bbd7122520fe6aee83f9c168b6fe032f444c43518e6e349f9e94d7ecf4f6f6ba981c58c5062da9669b3851cf6f8fe73874b1fdccb797c02510f6802eb951874a7af29e02199b8c1f0c229774d7cdd1eca9847e25ecd3627cdabcafc95db7f3ae84644ca6042410440a85715dbcf7feac101546eb2bfa98c0f0b67ff0bef83c582e07f31ca25ded4bc219a3cef1380d5697d035c4c43246e84c85bbad2f19876ff738e5800bb6c13313b23497c75371a8b14cac399e52d3fca055e6d32804856262e3e202d621a061778d6a96166de39239105d126b9a0aa4b0c6a53e5078b61edbe4e2813fd2df9cffdfdb93e714d1ae8f61ef416a01a812b57ec1194667c2769fa02d822faac98879fae57ce72d5450a9f35aab2ed3903b7d26b1c52bf3353e1de60d5eb8ab38590abe4fadc022762254d02790ccc3b05ce486fa13e9e3a5e4fbc09769002e4844cf25c3aa21449ea212eb79927a24eb696c0b57ae8ab05f54959c16b57435520f3ec1c425a18a0679fd5f1b30443c0dd85901651bcd321cf7160a0b660a9f1811342281e646f41b9e9b7110d2891d00dc382feccd8ad5255c85a5145ab0b9e480fd3d32c9a6ae263ddc5fdeeac4eb6f91acc155fe10990f1a7f64bf9dbbdaa30a33e5dc988006cc049e3082b7f3f08f2a757f3b75b15300c9dbf112c5a6fe7cc7d1323422584ce873c46f6b531dcd40bdd8d2edbbfcb2e1af88e6eadb6c1698364794f3cc0cd833140ba524ad83b6b15678351a95890dfc1971bfadd84bd1d8d80e714ae652649909c3443f9dc35db1b6e19ee66544334cd50d9965429774494f68db163635763e2c8afe04d4e3e", @ANYBLOB, @ANYRES8=r4, @ANYRES8=r4], &(0x7f0000000480)='syzkaller\x00', 0x9, 0xd2, &(0x7f0000000340)=""/210, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x0, 0x1000, 0x1, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000400), 0x10, 0x2000}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0086426, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "008ef14ba278887cb0baba08431799317e6324"})
r5 = dup(r2)
write$UHID_INPUT(r5, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)
io_uring_setup(0x1584, &(0x7f0000001240))
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r6, 0x0, &(0x7f00000000c0)=<r7=>0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r8)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYBLOB="01000000000000000040020000000800", @ANYRES32=r7], 0x1c}}, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r10, &(0x7f0000000000)={0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00'}, 0x1c)
socket(0x25, 0x1, 0x0)

1.045822304s ago: executing program 3 (id=3505):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x1)
r1 = dup(r0)
read$FUSE(r1, &(0x7f00000030c0)={0x2020}, 0xeffd)

954.379162ms ago: executing program 3 (id=3506):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000740)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x2000}})
umount2(&(0x7f0000000180)='./file0\x00', 0xb)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000000c0)={0x0, "1f938a7b853b3a9b0b00000000000000008900", <r3=>0xffffffffffffffff})
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000080)={0x1ff, "1f138a91b80f3795181800c70511603979e1ef3b3a9b0b8c7d6a2ef124708900", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f0000000140)={"50edd24983fde74e78682dbc67d293c19050af5f39c0ce29436807917da2c17e", r5, <r6=>0xffffffffffffffff})
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000100)={0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r7 = syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r10 = getpid()
process_vm_readv(r10, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000000380)=""/168, 0xa8}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="02"], 0x8, 0x0)
poll(&(0x7f00000001c0)=[{r6}], 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'hsr0\x00'})
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0xf, &(0x7f00000002c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r11}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x6202}}, [], {{0x4, 0x1, 0xb, 0x1, 0x9, 0x10}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0x3, 0x300)
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000240)=0xfd, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x4, 0xffff, 0x14, 0x1}, 0x48)

858.166243ms ago: executing program 3 (id=3507):
r0 = mq_open(&(0x7f00000005c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x842, 0x0, 0x0)
mq_getsetattr(r0, 0x0, &(0x7f0000000180))
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
ioperm(0x0, 0x6, 0x4000004)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f00000021c0)="32583718febe0e754bf456858a1898a6e889206201d8743736b221b0830f58238f435ccf6592996c75f71cff706d61e8d3c85a93e068f5399e3ef598709f6eeca4a80cc628a4d47f57451cd918b328b62f380b4113ba0a76ce6c026f05c3ded7c018de4a882eeb9787531580f7b2013dc4fce6a010673f3797912a3ffa7e970bf5d16eb491339197d1b0bcf3f73b03d3bf08a12d2a69cbaeb281bb5eecb1dfeaa8803bf2e735dfdd631fb05ea08ed0c5ae5efebb98bb0e6b14f3dc4f1c6f1aa6da7cfa977bfa29f2247e9253a748a63257018b37afb1461297b57bceae215e9d22179fb58e9023fa1650e07e71ae93d0932f6ad154e8b8690048f054581373ebecf40052c22f73ecee165d1f9a2e49e984071d0bad63bae9c975c13d4c084c90130f600152d03b41feb9cfa7d959d42b3f1e053547a123fe2a43ccc081740628b03df632b7cc53219ee3726a0ddee8a6e80061e1448a465ae08e49c519acba50c3fd6d8085c768029757f8b1574b3fd127a3f60409c1fcf197b89f622977c6f14839c5bb5da7a55539353cf28f6354f0b0132e49d31b7566ad8e5f8c495fc808fa7f7f58dca4bceada09b15f91ef2e1052abd49fb751c470386db10933ddd971f3037947ca359c224cf7cdf7c290e2cd50554e371b5444dfdceee6beaadb46479c694fc75d766a39b7ac3b347170899a5e5ed77434fc520e00ed840ad878e2ddc1e47c022a24ce353b1fb8871c248644fed1b2772b79a6faa3869c03e92b91063c802f274848af01574e3e2df80a07f55b5082d51b2dbe9da5255ec861293f40a1c39d1cfb807716fd839f08db97109c6f896ba2fcd5f06d8a269007fc81131aff2018609f52ff914e3713d4ddb153a2dae45f6e58f9ff9eb4b8077cc0af6fcf1584725b96a22e71e8b3b80fd08a609abaa3cca62352e044932fceac92fe4ff899bdda56eea79accacc968783f7215f84106c09313e71b8a56dd78b72270c7ef2931f55dcda2e94cc44eeda9bb341a9d6dd9a48aae096d34b47737c7755a9cd89fbe0ae06aadeb158f98e2defaaeaf054f3d97793128251dba730b27e5505a321b9951beaa14dab52eb14c2498a83e913cbf9f14bd388fe328176fd5f737ca61c1f8692e72546cca7936da444c8f5ee907c7b7ded88f5a47b6d31ded4f57a72a0dfb0611653f28d5ed85a3d076f4f9d3700b94f104b4ea775fedd7f81b4f83fd916fdb2dd270c1de84e8452b35456b97221c2bc6c35a3cc9070f7460dc2a4266b13ae6b23f943afd588460e1d595dbafed1ab9bafcbaa058b5b5733a84d7b210d7b0d5847377747f280599db8b7aa438f9fa9f1ee134017b5bf68e8125f9c3d9f5af86455a7be9b2e14f8ecf026242ee931f35fe1eca93800463b01620822663d633950131545fa769f069c72bc94b4cebce08ddfbe01399a4ef242c3ec3b7a985cf96731eed1300266cd29d171461adddef3808106e841222e0ba7f02721a3194b5076a4a595bdcdbf50e3265d9041bb60f308582b63348b960f4851f92d7fa53578e155543c812f4f2078f5dd9f10689e4703a0eb84d28c2728f7c4859d2bab7ec0ebf15d3e925971775f41da29382ce44e706a7786b656521eb2f57c74ca7175144740e735b9417463d6d6be4209eb7341001dffd31df23b74cc10b15d67c728a36b53b74d19edb55be4fd1957422994253d25963e5ffa5b80d965c9e94a458125a3f70e1c64fb36fca6c32789b9dbd551edf3f5a1a9e6ae9cb4f7f71325772067bcca14c3c7c33bd7381a1801ce006a3dab9541299f3d7379dfcc57ac1e409c624f68495acc0620c68649e53bbf9b04562a95b397769de9f23f50dde048bdfd34c06abfaba4960108976b41c10870b383fb673b78e105313bd848c01b1a4d9c1f09b326eccc2e19c3fef33ce982638ead1c03e7b608385ff1aeddfb80c0c9fdaa31a4ee86d7bd90e96282587ea0e7a5700cbf7a5b6113c06ed6d2be703547a3773595b1343e49b3f6538bfb5b1546fcf301d0369ba126735338dc4120e2d99bd45764107d21f65c687c3b505e94688077c3b6925ec308cb34ed99e55920592757025431b4269e7ebe343dbc736b7c183d81e99adaacd5f27cfa69674df4cd8a3075d747a577322cbcba1e55b201f722cc0788742a5f132a7f7f8585391f391dc284d30c892c1f9711328766ab2bbdea8e4062b851107b6f18d8d5d622db0a8368bbd2544ec59b96c6f25574fcd97ab15d16bd03f7bbfad1127aaf8db7fe7bba03a710bd35ff801bddae84ed74e9d72e29eeb7b460770b206c87db2eb781df6cf5eefad517b87ef579c31014166eafbd7e3b388d3fb905b948e989a3fb87fc481c14b25538292074b3953463003ba64abbcf5108e5bfd4590c484ca96b005abfee58660cc7caf046fc49167b518971109f8532e8e309591f543d01c87bfa03397c6920f524a844801a76b7c31d7604a797c179eae81a78ad21b3a0a276f4d0905f7e791f441c2139d953a8ab6129781e8a5e75aa55a7a2a6f8cd6b7bbd893aaa9e1fbec58e08047f0f6c98dcc762b36e4ae81b015c8387906076fc70b0e0acd38e755e8f1d5c476805ec006f8ffea06c716cb183fe3574284bcef9789a7409d26e172b80cbcaf7c2092c82b15bb868a95598e83a4c636309eba9f6210bb576497d8228127066a7d1a6a67d16ee428635979b92924bb5927124daa0f06cd45bd48de8eae431d5ba0e50a43b5abc7c3b703383502b463d6a5c4d0c555f8d4dc7b5446ef64dc513d998480f85362bde9ef7cbe2401c14f02ae1e5ca44a73c2b871b423473c9c0a0aa3281d685707963af83463be38c564878b356ed2537f865298bdd3d72ae1931ce6ef0adaf0bc7bde1d3922fa514c06a8f7472b594d99e3ac55c65fe6ee2dc5bf41b23342dba002619a26e44a21d8896c3395ca951e1fd208a0a60af29df27faf235d4ae237fdc3cf8da556800293be34ec4627f435e545d88e0d248a456fb305220e26a24ab8a9196c5e9e69b45dfeee567418ea1cbd094d62b2e289571565c0a743c7310a15cb9900489e03a8922fbc5b0ba7c7cafe1e8d5fef169efe157e74c69638a4f9dc9d785a8fb3aece2902ca6dc790031e35928263f274430961ac64947fad1e9ca39647bf1940c1356b4d0343620232e3cb80b3b84e6b6b757d493f5a4b4f5ee5b15ebe905568ac1b372c669e32c1b8a810865abcba7f8911ba586bd3c489b5025639ebfd55b3e36586ded8adaa74d571a0c127dc03bf82c7cdfb0b17bbd8920f6630f4b54d1a8d751fc257b484834fca9b4135f861b8f39d6b5cd26edb0046c6f6801c821cbda8a01e9909813f98550aa64bccd5858de8754356d2d18180b2ab477cc6c134f47f309feadd75afe4de5d224b53c24d5a8bc295de45de4d3ea6b792e83f321134939f1f4ddfc6aeb28f3c191f98d2e89e86f57e57a63dbacbadc0cae9245475ba2edee16cc1f98385d02ea01c3b9f3c016cbb8ad87febff90bb19dabb1c18bc80f8e7d098dc034e1f102e58fbfade973cc1e93cd5ca1eaecad3a1c7f4e30c3108959031d67052a7f55f64b3f61b066ee416ef3892cc4ca97576636fd43e5ef4f0823d7591fd30a389deaed733b440444417c0b7c4785d2da3c7372e89b1a39a27c14417d0aa2974602306d11fa2a9d99556297f296680d2eddb5761d63a695b1ff0b902f3e708ddad54c64d4818da55f3e88a343b80f98c1a881186856906f77fdf347cec4e19fcdbce4b8ff4d18d201be3acf65e2b90a8f1c07e5f83e67aa6987b644b0112dba9e25dc5899a88e53c03d2851ece713c1191e98c00e8ad3d2968a01ab3b244ec64ae009306a277327800ff9e91e78fcf2025d088d8ba89993ea5b6c9ba782ff403eaac7822271ecffa46d80d4c903f1fcb7f2925f9f1fb437c9be55418f931d6c67594d1bf5454d223d007aa0ea59d078a4bef3c012c51aaba1db23ff2020094dcac93abf5f23730d338f9e3e9d9257cddc22581451ef2ce80067a830ebb07da5f608693b7e241ff0f069d3e8d562af679d245d4648faff81185b08d56e6c798418a95ebddbb92f4e9e430aa116dc6ab9192b0aaff38466d8e39596f690ce92b6e628b28d2ad626cc57a47ad3087040af28fea357c84a91fa7ad90026f4d13b013f8bc5cc0957b47329a36e7c01d6feddcf0a95345a61ca5a3e5a3f11f2850b0d5669c90d8ccbd32cb11dee4708584c56d175a4810cc63ac27f8309e886f5d3eb4fe83f2d42c7cd7f4c9684ba800577c32aaa13e6161592f048ee6f85b2b56edd25abc434591c4e3e1039063acbf36eba173365ebbe4a9ca8d52afe917cf9f218d5b7a90593ccb8eac26d83d1872ee002498c56d67120af4b1cb1fc97cc6dd749ceef07d7c40fd8a0a42efb658d9d9b5a432014e889bee7308a496ce14fda8d1ebd836f9cb80961ddc2775e9202332700eb7ed05bf1b1a87e56b22a53c0f9e6a356f4187ddb4788bb2a5fa1133e16a16ce3699bab28451fd9486be5e7ddbb0786a1596bc541e2d83b4fdd7102bd5cde59eee4f1d32faffd766225438daa8264c9b30b6f69c5e8072988c70d82ca022ddca5d77221641d2b5b2aa465ad1be9f81a13b62e93ce15984c70aa526fdb4ff052f747ce376bba623706f2db34dbadb015f8f6f2bd9e9479632d61405c6cc68687fbce7bc2bf2cfee4c821d4416f0ab9b9aa2073c00331722ca8cf041d0a69ebf465de3534ae2d6093463f092b64766f2ead111e89585e1053b89d96c59bbe6a8f4c613ea6f77847925ef9708af8aaf9f2b3804c1a2dd6e12440f4fa474b205331ddb1438251d2b503a8f6768ec20b70e1da263e3f7f74cedbfde4f0b7f618b7c2c5af087a6cf82f9912c2808cc3bbcc97754ca519cf383600331c44cb4a7d12a4ab0eafa4c03173e09658b2df6f36e0f6f33da2cd9c5efe8bb97cd65a6a154b7df4bdab52fe2cc0eacf2fbd9e415cb903f56864ad078ae9830f95777e1d5c991118c71de6ee6010032570d1474106513fdebd03d78f202d8bda657eed1bca7b8f108e3b5d1f68eea7cd6c7342e177d3dce1b4dbf89e9259b002a678eca9bb618b3f5ea170964df3e1afb2b79b02ee452bdc950b87fc6b9cad39caf98920ec4999c8c0f7249efb5e69321813598b0a9b803b109587c345b657db65343c7e67650136297c0a64ba7fb64f3f8667413d3928e986b6d75f0abd87713cc80dada20dca6e310cbf501ecfdb9dfa8cbd25dd6286a1dd86dc8a3598d3b81e381e1a6f160fc78a252ed8b678c059900d9495d78bd0280a9b57be221f3667e4eab5028637cc75d399a48f34cd453dd3d0974440b892621d3b86aa86e7eb4a6042fbb4f2c99c6d91038ce2175421fef58d452924d33a6a748c5fd9b6ab6fe096738ea42f503014d08033777c969fb11df3197f70942e9a7ff7f1452682776ecaef4d450f5479b463e63005b9fd7454685384d691c575415df27f862e8a648c021282eb03314c73aadc67325e9293a0050fc536e0f23290bb7e95b9186e7bca727480200182874ea6e354b4b22a8e89bfb6933738211f31a9e97f3bd6d72885535c90d13d31aef72ebb6504bfae03c68a582c741cc0badb8cba551d7062787934b0286b806caee7d0748e54c1d7f7dd28a930c90461c99013a452f5b9dab9b543e748c4f90969817b8ced3a7335c82cde73bcc0837801e2a41309294e10cb3a2e9bc6b00c138e417a87988eca1ffabddaed06a7719a4ee912bad2c52827874e33b0c7c23bc97e391a295c914da731b89375d2c58516537dc79e2c8275f", &(0x7f0000000380)="7785d3ebaee88ec35d2e62e161151a72c6930a9fe1349e21910edbaef3cfd19dbd660d16fa2ee3c5f44d0efa631afd55d5963893c33100987725b876fda7d091ef21b9fb26012c0cc189dfea7b02be84db55607f3ee744c2a9f71e70e723d24f29c505e98b3507de31a7fcd2fc886db3cee5f7f16690e4402a6a7c0916cd7ceb0138908cdb6898bd2a159506bd9a4909c8e3b23070097bf8d6837d40b29a36d015527983e1597e30c2e091d757029f94bbb3885fe11e2e04852dbf7f7fab6f4e4dc115ede4de632ef6"}}, &(0x7f0000000100))
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001180)=""/4100, 0x1004}], 0x1, 0x0, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, 0x12, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, {0x0, 0x4e22}}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x3, "11000000"}]}, 0x54}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0xc, 0xa031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00007fe000/0x800000)=nil, 0x800000, 0x19)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='ntfs3\x00', 0x0, &(0x7f0000000340))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)

857.535757ms ago: executing program 0 (id=3508):
mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x14, &(0x7f0000000040), 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x54}}, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x0)
fsopen(&(0x7f0000002200)='erofs\x00', 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

799.327382ms ago: executing program 1 (id=3509):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000004000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff1d6405000000000065040400210000000404000001e37c60b7040000000000006a0a00fe000000008500000032000000b70000000000000095000000000000000ce0de7621e5e832249c04112cf7af2b75d0d1f034b1b3fb6bd3ce8fa62c7941272ff49142d860010ab162aa2264ab67e55a00000000000000edfe0969a9ddc125b686a1e83c8790c893d713b3295dad0ea697181d1e85b64126b5d72f204754d1d4a93f24215dee354e93cfc3f50ff23f8432c72012f021c84c59a9d4c142f439d3040cfee621589fb3a2f1407c7cbed48e7026f8d52d4bca2608c79aa4a73732028f88ce07ed1075da4a2ef44e3d8b88873f0b1de87dfb6d15936ec0a27cb554def9e27396df6b7851ffa26237ea6730880f06371beb3b290b7d8629a6f0373fefa0acb60888fc14ad2b83ca03ac2aee792482ced58af4140cc4ce3efef26e00c5b2200a91cb80c6065a697d6fc8aa8b65aee0783b04cff0218ce82c9687b4474da89c474c23727555fc5e5f8ad0f2f7a261140440fce1f12cc6df312accd011d888384283092d987c40bbb46f68c2431b97906f00000000349834fa147bd5923bbd4e606708034931a8f1a89bdf77093a0000427aab8e21e1a33d3fe093547532fce6549dd648ad233e05a7b3ea178007c1c32e871ac81f287c4aabbd153390b16d1d41ee433e3a54ea9ee82cf14f3a4cc523ee000000000009e106d6b5289f0000000000000000000000f7bc9f46cb71f6b889d37807865e3b4e9916dd0f72c9d58ea333b90f8886dcbf5ddda0e42ca08e3303632401f2f5212b40c0e88c957fd767dbfc80b07ad668b4f6f92fb209d7c2dbac597843c8eb7bf92fe6d0bb0b72549795c2ed19e441eb69869844152ba9da0588e42cdbc5fcd245ce5e3ef0dca64931276702a312db7956f0a75eb9caa17d47a6331c7c963cbf86a845ce27c26b7136d3e7207318b1df7a6320c64f18ccd926eaeddcde8d5006d6c38db117fb1115221a66169172720ccca770bff37e59511b2606138377eda44b2f288b491ab8aae0e11a98303b0e407e0f9d21f4a3ebbd3fabf6da9a1a1f869a339fab465d8322b7280b0734fd115a19b33c8644fff71b3c62f2e1b827e2663e06a751182e968c8ab05fb1d0115d4b11d944f2c06acc023a02b7416a9a10218d21503cda13bb5df6c992e52e1c01793b728eac000058ab3b3900d279297dadc127e2f38fc60c23af2e1fefa5a83456647191ba1953d335f59aa261fe79613df6bf43884e9649691e32680d75a541c27ffe74f9d13340f2cf1c7dc2b7db01213216cd4ecfd30efe137641471987289b7e23482e026b26eacd1b97443e2ea2d1d6e31a01ee0ae7fa195a2152b2338b086423a3883f2ce3e2f84e04f4d52c985eac4b46336908599564b47db0e6aa97ee51a360f4382fd99745725d44c77d097f69d19fe86f71c38a0226d44ebe0ecbd959f14b540745cd03b8c9f02b825ba45ca85706c73115f70871db9d2a1bc2a517b39f9648123917a5db07ba4e27f961373767e1ea8f7cc558e483abef1a9923c5cfa2081e430680950b7d7c377726b557ad31fdee17ba7057741f39d29d8ab295222f96297a777bb235416e72c84afef2bdb08fb375147b028b89f15af45bc8976b91158c13c9876daa71e7db0f5a17376be39ea79ce1246c547c740e31c64e5d293e0e5a544dd166010061d6ccae46c173b8e11721e4bce22c96af00000021f80ac6c3971006db853e3c40a5417d6eac09eb0e01ac6bd4c6dacdcb1d6d2ef9c8bdea91c984022821e961236d08f8b9072ec6cb5d5a68833fd5b4e80a5ac2bc6ff323f5ce612b59ce8177956c1affcc8baf4c8b59ab959aff9a7bd81f7c7c1f1bb92ddbeed6bce8041c7f0c1c584e6ae027678ce3cfbfea938aecc3c5119c5875b7fb35dc20f5c7aaae1e276104f607a73fe501c1045873a2b1eb80e95c87f099d98028dc82bdc7ef08c871fb3061c3c5ebd613e6e5e8cf099bb6e8c0441a133c85138b36a02c47fbedf7ed1d3ce74c9ec2c676c0b2d4b5eca61dbf5769b483c2a9f6bec666dae4e81960e9bad7f17cfc3d5bcc7b7f437110ca8ffa908c12086b2227eb202a8d56e0925ba994b05c98c39de44d25932449ddf08e5377814a40877eab4440ca01b3f50d2014a61a7d32105254b424238122386424efa3a7041254f686a5faac120942287f75e8e3db569ce47b120059d774a37e11d013be50cd2cbb00f6d2a23af61ec7d30bb7dc33a92f900b6ff1d29dc61cc40b846040dbafd00c6bcfbcf7af8ea5b4bd9593f73c6c95dd6d59483763debf02ea36803976b6cc145338e1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffffe}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000000600)=""/95, 0x5f}], 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x4, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x7ff}, [@call={0x85, 0x0, 0x0, 0x57}]}, &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x4, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1, 0x8, &(0x7f0000000700)=[0xffffffffffffffff, r0, r0, r0, r0, r0, r0], &(0x7f0000000740)=[{0x0, 0x1, 0x5, 0xb}, {0x0, 0x5, 0xf, 0x7}, {0x5, 0x2, 0xb}, {0x4, 0x1, 0x7}, {0x2, 0x3, 0x2, 0xa}, {0x1, 0x5, 0x0, 0xa}, {0x0, 0x4, 0x3, 0x9}, {0x4, 0x2, 0x8}], 0x10, 0x5}, 0x90)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '$'}], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x702, 0xe, 0xfffffed5, &(0x7f0000000100)="e4604f89ecdb33440008d4800800", 0x0, 0x8009, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

657.662776ms ago: executing program 2 (id=3510):
prlimit64(0x0, 0x8a04020ac3f488aa, &(0x7f0000000140)={0xfffffffffffffffd, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
unshare(0x8040080)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000003c0)=[@in={0x2, 0x0, @multicast1}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0xffff, 0x7, @local, 0x6}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x4, @private0, 0x8}, @in6={0xa, 0x4e22, 0xec0, @private0, 0x30d951e1}], 0x84)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
unshare(0x6a040000)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
io_submit(0x0, 0x3, &(0x7f0000000480)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x4, 0xffffffffffffffff, &(0x7f0000000680)="06510c26c8c26df1da010087e1f0e848c3408947808a7ede1b4b4b67263151f55e40f212f865b87fec7f16d1b2047a7fe174c54a0500000038bf5f18d4c4a25141318d558149ff5a8256acdeba8dde4809364812be4f1b1d5310f087b89409f9c1064879380b0ec8f919229765b14939ed4d47d4ffab785b62311f6dd678138b0a71f1c9a97db3757d7dd09762af06912cc9cd1ccee67cbf15a39613161c3799e6c636bd7ecbff4b6f93a829b3bd801cb7c43cd8cabca59eb4f869ea32bc53", 0xbf, 0x8, 0x0, 0x2, r0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0xf000, r2, &(0x7f0000000180)="df2e7f99298d38154111453f11b54cae7c9b40b0", 0x14, 0x4, 0x0, 0x2}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x6, 0x23, r0, &(0x7f00000005c0)="383fb2ff1bee0fc309cade40214a536eab4e2013a2d5636717f7af2fa3edb1a760eec72224ff9ae4ac0c24c41d8f92368363517477bac94e6f137ba2a69d8e0cabd914eadda20d17e353cbb719381dc4dbce7caa299595feb1ed7357af4163ebb3eb4d937d919494cd25f15ac2e3ba3f5ee1f8f836f1ed43c4809200e43e81e4d47ab6448a25f5", 0x87, 0x8, 0x0, 0x3}])
madvise(&(0x7f0000814000/0x1000)=nil, 0x1000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000280), 0x0)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c80039225c5c8d7a1b49f33ba00156f88709fd432ee5d3b26cd610178d97c4ae4b36825b8ff45da04e8b345e7afa082c2dbb3d2605083b824e76c5"], 0x3d)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYRES16=r3], 0x8b)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000698000/0x4000)=nil)
userfaultfd(0x80000)
socket$nl_netfilter(0x10, 0x3, 0xc)

552.939063ms ago: executing program 1 (id=3511):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000300)}], 0x1, 0x0, 0x0)

552.644632ms ago: executing program 1 (id=3512):
prlimit64(0x0, 0x8a04020ac3f488aa, &(0x7f0000000140)={0xfffffffffffffffd, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r1 = socket(0x0, 0x0, 0x0)
unshare(0x8040080)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000003c0)=[@in={0x2, 0x0, @multicast1}, @in={0x2, 0x4e24, @remote}, @in6={0xa, 0xffff, 0x7, @local, 0x6}, @in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x4, @private0, 0x8}, @in6={0xa, 0x4e22, 0xec0, @private0, 0x30d951e1}], 0x84)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
unshare(0x6a040000)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
io_submit(0x0, 0x3, &(0x7f0000000480)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x2, 0x4, 0xffffffffffffffff, &(0x7f0000000680)="06510c26c8c26df1da010087e1f0e848c3408947808a7ede1b4b4b67263151f55e40f212f865b87fec7f16d1b2047a7fe174c54a0500000038bf5f18d4c4a25141318d558149ff5a8256acdeba8dde4809364812be4f1b1d5310f087b89409f9c1064879380b0ec8f919229765b14939ed4d47d4ffab785b62311f6dd678138b0a71f1c9a97db3757d7dd09762af06912cc9cd1ccee67cbf15a39613161c3799e6c636bd7ecbff4b6f93a829b3bd801cb7c43cd8cabca59eb4f869ea32bc53", 0xbf, 0x8, 0x0, 0x2, r0}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0xf000, r2, &(0x7f0000000180)="df2e7f99298d38154111453f11b54cae7c9b40b0", 0x14, 0x4, 0x0, 0x2}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x6, 0x23, r0, &(0x7f00000005c0)="383fb2ff1bee0fc309cade40214a536eab4e2013a2d5636717f7af2fa3edb1a760eec72224ff9ae4ac0c24c41d8f92368363517477bac94e6f137ba2a69d8e0cabd914eadda20d17e353cbb719381dc4dbce7caa299595feb1ed7357af4163ebb3eb4d937d919494cd25f15ac2e3ba3f5ee1f8f836f1ed43c4809200e43e81e4d47ab6448a25f5", 0x87, 0x8, 0x0, 0x3}])
madvise(&(0x7f0000814000/0x1000)=nil, 0x1000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000280), 0x0)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="03c80039225c5c8d7a1b49f33ba00156f88709fd432ee5d3b26cd610178d97c4ae4b36825b8ff45da04e8b345e7afa082c2dbb3d2605083b824e76c5"], 0x3d)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYRES16=r3], 0x8b)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000698000/0x4000)=nil)
userfaultfd(0x80000)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 3 (id=3513):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f00000011c0)=""/4072, &(0x7f0000001180)=0xfe8)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400000000000000000000000000000000000000ab0439bf788a2be79420fc707007090a6edeb03880750d2f84971dfba144d9e2e16235c63ee85e1c32cf39cb71d08b45f0be9b47baa444701df0baa206ab30353b52667ac9358c4309d5914638e290a3a2285ba1f64ae6da17db3df92403d8fde9f7da18423ad22817c016e33b2fd1470d80a5ff25d6ca0f413e3792df602fad8f742b56567aad3a2dd7aded5b45acf31e6fc49d44e2fe51dd8bd2567819bf2461f37364ce864ccbcfb394432a8ee3c54c15e36d50f4ccb0d798c4887da1db36633c08529da62a775661863041de9c0ba621704579911120960d9aa20bad811c5300"/255], 0x14}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03c800397058abce57033f29eb6dc1f8b128a7537a3409329d374c891ea6f898ba2a0784b3781c59e6bd91a231a605e31d00"/61], 0x3d)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r4, &(0x7f0000000200), 0xfffffd9d)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="02c9000a0006000500010842580e2a64adc9b138f92294bdeebc1ecb348ff152b7108cd561ee4d2c89f6f3bfa05c3f441bd20d1c6ba70e9ed467d5a2b8fd8f67e24d29b35829db02ea386f2b2bf9b81a0b4495877a1b5a2625e79bb29899f85cd07263597bb8ec3117c8e59fd935e3df6c7673feca56a9807ad8515d9bdb88cd8cbb8d6d5f8ba8055205a576717197c6c63a7eb9b71ca1ef176ba5aa73f8fa7bda01b1c8a997b9cbb31f7d6a43f2fd45becca37149c7e02c5e01010000f6edc52d9cd3a82bb77a32a3a7e54582bcff1cc806edd494037a79928ea546a9db2c7c67f6a8c456d8"], 0xf)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c8d012400000"], 0x17)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x80, 0x0)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0xf231, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r5 = io_uring_setup(0x497c, &(0x7f00000001c0))
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

0000000246 R12: 0000000000000001
[  729.330005][T17335] R13: 000000000000000b R14: 00007f3c93105f60 R15: 00007ffd72d8c048
[  729.335035][T17335]  </TASK>
[  729.644737][T17344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  729.654668][T17344] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  730.080379][   T39] audit: type=1400 audit(2000000694.639:492): avc:  denied  { unmount } for  pid=11596 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  730.190268][T17348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  730.215263][T17348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  730.450992][T17358] netlink: 209572 bytes leftover after parsing attributes in process `syz.2.2882'.
[  731.011448][   T39] audit: type=1400 audit(2000000695.579:493): avc:  denied  { ioctl } for  pid=17367 comm="syz.0.2884" path="socket:[64742]" dev="sockfs" ino=64742 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  731.063573][   T39] audit: type=1400 audit(2000000695.639:494): avc:  denied  { append } for  pid=17367 comm="syz.0.2884" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  731.087865][   T39] audit: type=1400 audit(2000000695.659:495): avc:  denied  { setopt } for  pid=17367 comm="syz.0.2884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  731.715715][   T39] audit: type=1400 audit(2000000696.289:496): avc:  denied  { read } for  pid=17373 comm="syz.1.2885" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  731.725377][   T39] audit: type=1400 audit(2000000696.289:497): avc:  denied  { open } for  pid=17373 comm="syz.1.2885" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  731.878032][T17374] sp0: Synchronizing with TNC
[  731.911567][T17374] sp0: Found TNC
[  731.970998][T17382] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2887'.
[  732.280559][T13139] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  732.480241][T13139] usb 5-1: Using ep0 maxpacket: 16
[  732.485033][T13139] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  732.488718][T13139] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  732.499106][T13139] usb 5-1: config 0 interface 0 has no altsetting 0
[  732.517409][T13139] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  732.521519][T13139] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  732.524695][T13139] usb 5-1: Product: syz
[  732.526361][T13139] usb 5-1: Manufacturer: syz
[  732.528185][T13139] usb 5-1: SerialNumber: syz
[  732.552665][T13139] usb 5-1: config 0 descriptor??
[  732.559774][T13139] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input22
[  732.798157][T17391] FAULT_INJECTION: forcing a failure.
[  732.798157][T17391] name failslab, interval 1, probability 0, space 0, times 0
[  732.820239][T17391] CPU: 3 PID: 17391 Comm: syz.1.2890 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  732.824465][T17391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  732.828897][T17391] Call Trace:
[  732.830330][T17391]  <TASK>
[  732.831715][T17391]  dump_stack_lvl+0x16c/0x1f0
[  732.833962][T17391]  should_fail_ex+0x497/0x5b0
[  732.835868][T17391]  should_failslab+0x9/0x20
[  732.837898][T17391]  kmem_cache_alloc_node_noprof+0x71/0x310
[  732.840425][T17391]  ? __alloc_skb+0x2b1/0x380
[  732.842408][T17391]  __alloc_skb+0x2b1/0x380
[  732.844354][T17391]  ? __pfx___alloc_skb+0x10/0x10
[  732.846457][T17391]  ? rcu_is_watching+0x12/0xc0
[  732.848563][T17391]  ? trace_rdev_return_int+0x140/0x220
[  732.850941][T17391]  ? rdev_scan+0x179/0x360
[  732.852936][T17391]  nl80211_send_scan_start+0x2d/0x190
[  732.855275][T17391]  nl80211_trigger_scan+0x138c/0x1f90
[  732.857629][T17391]  genl_family_rcv_msg_doit+0x202/0x2f0
[  732.859964][T17391]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  732.862480][T17391]  ? ns_capable+0xd7/0x110
[  732.864382][T17391]  genl_rcv_msg+0x565/0x800
[  732.866431][T17391]  ? __pfx_genl_rcv_msg+0x10/0x10
[  732.868645][T17391]  ? __pfx___lock_acquire+0x10/0x10
[  732.870942][T17391]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  732.873297][T17391]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  732.875805][T17391]  ? __pfx_nl80211_post_doit+0x10/0x10
[  732.878248][T17391]  netlink_rcv_skb+0x16b/0x440
[  732.880371][T17391]  ? __pfx_genl_rcv_msg+0x10/0x10
[  732.882479][T17391]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  732.884695][T17391]  ? down_read+0xc9/0x330
[  732.886544][T17391]  ? __pfx_down_read+0x10/0x10
[  732.888651][T17391]  ? netlink_deliver_tap+0x1ae/0xd90
[  732.890800][T17391]  genl_rcv+0x28/0x40
[  732.892615][T17391]  netlink_unicast+0x544/0x830
[  732.894589][T17391]  ? __pfx_netlink_unicast+0x10/0x10
[  732.896597][T17391]  netlink_sendmsg+0x8b8/0xd70
[  732.898218][T17391]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.900103][T17391]  ? __import_iovec+0x1fd/0x6e0
[  732.902078][T17391]  ____sys_sendmsg+0xab5/0xc90
[  732.903882][T17391]  ? copy_msghdr_from_user+0x10b/0x160
[  732.905955][T17391]  ? __pfx_____sys_sendmsg+0x10/0x10
[  732.907954][T17391]  ? __pfx___lock_acquire+0x10/0x10
[  732.910524][T17391]  ? lockdep_hardirqs_on+0x7c/0x110
[  732.912792][T17391]  ___sys_sendmsg+0x135/0x1e0
[  732.914803][T17391]  ? __pfx____sys_sendmsg+0x10/0x10
[  732.917021][T17391]  ? ksys_write+0x21c/0x260
[  732.918954][T17391]  ? __fget_light+0x173/0x210
[  732.920948][T17391]  __sys_sendmsg+0x117/0x1f0
[  732.929680][T17391]  ? __pfx___sys_sendmsg+0x10/0x10
[  732.936759][T17391]  ? bpf_trace_run2+0x2a6/0x590
[  732.939279][T17391]  ? rcu_is_watching+0x12/0xc0
[  732.941417][T17391]  do_syscall_64+0xcd/0x250
[  732.943786][T17391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.946951][T17391] RIP: 0033:0x7f3c92f75b59
[  732.949150][T17391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.970813][T17391] RSP: 002b:00007f3c93d51048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  732.974071][T17391] RAX: ffffffffffffffda RBX: 00007f3c93105f60 RCX: 00007f3c92f75b59
[  732.977845][T17391] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  732.981001][T17391] RBP: 00007f3c93d510a0 R08: 0000000000000000 R09: 0000000000000000
[  732.984310][T17391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.987337][T17391] R13: 000000000000000b R14: 00007f3c93105f60 R15: 00007ffd72d8c048
[  733.007584][T17391]  </TASK>
[  733.050873][T17393] netlink: 209572 bytes leftover after parsing attributes in process `syz.3.2891'.
[  733.095510][T17395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  733.106359][T17395] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  733.215257][T17401] netlink: 'syz.3.2895': attribute type 4 has an invalid length.
[  733.343300][T12790] usb 5-1: USB disconnect, device number 7
[  733.826182][T17430] netlink: 209572 bytes leftover after parsing attributes in process `syz.0.2901'.
[  734.034806][T17432] netlink: 'syz.3.2899': attribute type 4 has an invalid length.
[  734.042423][T17432] netlink: 'syz.3.2899': attribute type 4 has an invalid length.
[  734.224857][T17431] netlink: 'syz.1.2900': attribute type 4 has an invalid length.
[  734.239777][T17435] FAULT_INJECTION: forcing a failure.
[  734.239777][T17435] name failslab, interval 1, probability 0, space 0, times 0
[  734.253910][T17435] CPU: 3 PID: 17435 Comm: syz.0.2902 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  734.257675][T17435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  734.262025][T17435] Call Trace:
[  734.263476][T17435]  <TASK>
[  734.264823][T17435]  dump_stack_lvl+0x16c/0x1f0
[  734.266850][T17435]  should_fail_ex+0x497/0x5b0
[  734.268956][T17435]  should_failslab+0x9/0x20
[  734.271073][T17435]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  734.273584][T17435]  ? __kvm_mmu_topup_memory_cache+0x18f/0x600
[  734.276126][T17435]  __kvm_mmu_topup_memory_cache+0x18f/0x600
[  734.278733][T17435]  mmu_topup_memory_caches+0x22/0xd0
[  734.281014][T17435]  kvm_mmu_load+0xda/0x20d0
[  734.282979][T17435]  ? mark_held_locks+0x9f/0xe0
[  734.285243][T17435]  ? kvm_apic_has_interrupt+0xb6/0x190
[  734.287607][T17435]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  734.291042][T17435]  ? vmx_flush_tlb_guest+0x113/0x2e0
[  734.293467][T17435]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  734.295916][T17435]  ? __pfx_kvm_mmu_load+0x10/0x10
[  734.298268][T17435]  ? kvm_cpu_has_injectable_intr+0x9b/0x1a0
[  734.300921][T17435]  ? kvm_check_and_inject_events+0x646/0x1000
[  734.303676][T17435]  ? record_steal_time+0x41/0xba0
[  734.305665][T17435]  vcpu_run+0x32fa/0x4f20
[  734.307614][T17435]  ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10
[  734.310055][T17435]  ? __pfx_vcpu_run+0x10/0x10
[  734.311862][T17435]  ? __pfx_lock_acquire+0x10/0x10
[  734.313701][T17435]  ? mark_lock+0xc30/0xc60
[  734.315396][T17435]  ? fpu_swap_kvm_fpstate+0x1c8/0x420
[  734.317576][T17435]  ? __local_bh_enable_ip+0xa4/0x120
[  734.319686][T17435]  ? lockdep_hardirqs_on+0x7c/0x110
[  734.322057][T17435]  ? fpu_swap_kvm_fpstate+0x1c8/0x420
[  734.324371][T17435]  ? __local_bh_enable_ip+0xa4/0x120
[  734.326723][T17435]  ? kvm_arch_vcpu_ioctl_run+0x447/0x1730
[  734.329273][T17435]  kvm_arch_vcpu_ioctl_run+0x447/0x1730
[  734.331792][T17435]  kvm_vcpu_ioctl+0x6cd/0x1520
[  734.333897][T17435]  ? do_vfs_ioctl+0x515/0x1ad0
[  734.335973][T17435]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  734.338346][T17435]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  734.341149][T17435]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  734.343591][T17435]  ? selinux_file_ioctl+0x180/0x270
[  734.345628][T17435]  ? selinux_file_ioctl+0xb4/0x270
[  734.347861][T17435]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  734.350189][T17435]  __x64_sys_ioctl+0x193/0x220
[  734.352358][T17435]  do_syscall_64+0xcd/0x250
[  734.354349][T17435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.356917][T17435] RIP: 0033:0x7f4eff775b59
[  734.358966][T17435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.367348][T17435] RSP: 002b:00007f4f004ea048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  734.370583][T17435] RAX: ffffffffffffffda RBX: 00007f4eff905f60 RCX: 00007f4eff775b59
[  734.374149][T17435] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  734.377329][T17435] RBP: 00007f4f004ea0a0 R08: 0000000000000000 R09: 0000000000000000
[  734.380084][T17435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.383315][T17435] R13: 000000000000000b R14: 00007f4eff905f60 R15: 00007ffe18c10ee8
[  734.386474][T17435]  </TASK>
[  734.467985][T17431] netlink: 'syz.1.2900': attribute type 4 has an invalid length.
[  735.524809][T17464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.541437][T17464] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.878810][T17475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.900364][T17475] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  736.332789][   T39] audit: type=1400 audit(2000000700.899:498): avc:  denied  { load_policy } for  pid=17482 comm="syz.0.2913" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  736.333908][T17484] SELinux: failed to load policy
[  737.065792][T17508] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  737.096779][T17508] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  737.233865][T17513] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  737.500960][ T5214] Bluetooth: hci0: ACL packet for unknown connection handle 1225
[  739.980331][   T56] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  740.160339][   T56] usb 7-1: Using ep0 maxpacket: 32
[  740.170501][   T56] usb 7-1: config index 0 descriptor too short (expected 156, got 27)
[  740.173551][   T56] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  740.178291][   T56] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  740.184807][   T56] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  740.190743][   T56] usb 7-1: config 0 interface 0 has no altsetting 0
[  740.201765][   T56] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  740.210286][   T56] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  740.214772][   T56] usb 7-1: Product: syz
[  740.219692][   T56] usb 7-1: Manufacturer: syz
[  740.221776][   T56] usb 7-1: SerialNumber: syz
[  740.232137][   T56] usb 7-1: config 0 descriptor??
[  740.241638][   T56] ldusb 7-1:0.0: Interrupt in endpoint not found
[  740.362576][ T1096] Bluetooth: hci3: Frame reassembly failed (-84)
[  740.368407][T17569] Bluetooth: hci3: received HCILL_GO_TO_SLEEP_ACK in state 2
[  740.445149][   T39] audit: type=1326 audit(2000000705.019:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17559 comm="syz.2.2928" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98a9375b59 code=0x0
[  740.525796][T17565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  741.122177][T17585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  741.130254][T17585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.071364][T17592] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.086069][T17592] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.440477][ T5214] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  742.494250][T17597] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.502579][T17597] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  742.666405][T10911] usb 7-1: USB disconnect, device number 10
[  742.708362][T17601] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2939'.
[  743.080385][T10911] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  743.272763][T17620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.276559][T10911] usb 7-1: Using ep0 maxpacket: 16
[  743.282783][T17620] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.283246][T10911] usb 7-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  743.294971][T10911] usb 7-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  743.305844][T10911] usb 7-1: config 0 interface 0 has no altsetting 0
[  743.313253][T10911] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  743.321111][T10911] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.324665][T10911] usb 7-1: Product: syz
[  743.326574][T10911] usb 7-1: Manufacturer: syz
[  743.329109][T10911] usb 7-1: SerialNumber: syz
[  743.337032][T10911] usb 7-1: config 0 descriptor??
[  743.344807][T10911] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input23
[  743.455315][T17625] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.463980][T17625] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  744.114792][ T5273] usb 7-1: USB disconnect, device number 11
[  744.438782][T17643] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  744.447209][T17643] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  744.570505][ T5273] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  744.750298][ T5273] usb 7-1: Using ep0 maxpacket: 8
[  744.755460][ T5273] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[  744.758613][ T5273] usb 7-1: config 179 has no interface number 0
[  744.761132][ T5273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  744.764457][ T5273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  744.768902][ T5273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  744.774524][ T5273] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  744.778843][ T5273] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  744.784540][ T5273] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  744.787793][ T5273] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.793366][T17637] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  745.024427][ T5273] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:179.65/input/input24
[  745.235994][T11221] usb 7-1: USB disconnect, device number 12
[  745.236005][    C1] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  745.245885][T11221] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  745.641680][T17666] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  745.658645][T17666] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  745.780780][T17671] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  745.792463][T17671] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  745.830841][T17674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  745.838554][T17674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.525932][T17690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.533535][T17690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  746.765978][ T5214] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  747.015453][T17666] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  747.697476][T17712] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  747.707919][T17712] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  747.730522][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  748.113329][T17724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  748.138587][T17725] netlink: 'syz.0.2965': attribute type 4 has an invalid length.
[  748.777317][T17724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  748.836620][T17735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  748.849762][T17735] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  748.856873][T17737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  748.873428][T17737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  750.200583][T17737] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  750.325536][T17753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  750.345174][T17753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  750.507404][T17757] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2974'.
[  750.628852][T17758] batadv0: entered promiscuous mode
[  750.691062][T17759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2974'.
[  750.932261][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  750.936733][T17753] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  751.236924][T17762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  751.253281][T17762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  751.367472][T17766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  751.376164][T17770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  751.384416][T17770] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.604898][T17783] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.779299][T17809] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.794984][T17809] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.820909][T17811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.829007][T17811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  752.924486][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[  752.927539][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[  753.001023][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  753.229156][T17824] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2990'.
[  754.258094][T17833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  754.477998][T17855] FAULT_INJECTION: forcing a failure.
[  754.477998][T17855] name failslab, interval 1, probability 0, space 0, times 0
[  754.486379][T17855] CPU: 2 PID: 17855 Comm: syz.2.2998 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  754.490895][T17855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  754.495552][T17855] Call Trace:
[  754.497024][T17855]  <TASK>
[  754.498381][T17855]  dump_stack_lvl+0x16c/0x1f0
[  754.500621][T17855]  should_fail_ex+0x497/0x5b0
[  754.502482][T17855]  should_failslab+0x9/0x20
[  754.504499][T17855]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  754.506977][T17855]  ? skb_clone+0x190/0x3f0
[  754.509435][T17855]  skb_clone+0x190/0x3f0
[  754.512184][T17855]  nfnetlink_rcv_batch+0x1d9/0x24e0
[  754.514472][T17855]  ? __pfx___lock_acquire+0x10/0x10
[  754.517550][T17855]  ? find_held_lock+0x2d/0x110
[  754.520609][T17855]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  754.522960][T17855]  ? find_held_lock+0x2d/0x110
[  754.524986][T17855]  ? avc_has_perm_noaudit+0x119/0x3a0
[  754.527840][T17855]  ? avc_has_perm_noaudit+0x143/0x3a0
[  754.530521][T17855]  ? __asan_memset+0x23/0x50
[  754.533091][T17855]  ? __nla_validate_parse+0x601/0x2880
[  754.535694][T17855]  ? __pfx___nla_validate_parse+0x10/0x10
[  754.538740][T17855]  ? cap_capable+0x1cf/0x240
[  754.541354][T17855]  ? __nla_parse+0x40/0x60
[  754.543625][T17855]  nfnetlink_rcv+0x3c3/0x430
[  754.545695][T17855]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  754.547687][T17855]  netlink_unicast+0x544/0x830
[  754.549905][T17855]  ? __pfx_netlink_unicast+0x10/0x10
[  754.552026][T17855]  netlink_sendmsg+0x8b8/0xd70
[  754.554080][T17855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  754.556870][T17855]  ? __import_iovec+0x1fd/0x6e0
[  754.559481][T17855]  ____sys_sendmsg+0xab5/0xc90
[  754.562410][T17855]  ? copy_msghdr_from_user+0x10b/0x160
[  754.565347][T17855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  754.568232][T17855]  ? __pfx___lock_acquire+0x10/0x10
[  754.571077][T17855]  ? lockdep_hardirqs_on+0x7c/0x110
[  754.573527][T17855]  ___sys_sendmsg+0x135/0x1e0
[  754.575710][T17855]  ? __pfx____sys_sendmsg+0x10/0x10
[  754.578026][T17855]  ? ksys_write+0x21c/0x260
[  754.580054][T17855]  ? __fget_light+0x173/0x210
[  754.582126][T17855]  __sys_sendmsg+0x117/0x1f0
[  754.584205][T17855]  ? __pfx___sys_sendmsg+0x10/0x10
[  754.586461][T17855]  ? bpf_trace_run2+0x2a6/0x590
[  754.588762][T17855]  ? rcu_is_watching+0x12/0xc0
[  754.591365][T17855]  do_syscall_64+0xcd/0x250
[  754.593502][T17855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.597179][T17855] RIP: 0033:0x7f98a9375b59
[  754.599446][T17855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  754.608274][T17855] RSP: 002b:00007f98a8dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  754.612544][T17855] RAX: ffffffffffffffda RBX: 00007f98a9505f60 RCX: 00007f98a9375b59
[  754.616011][T17855] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003
[  754.619518][T17855] RBP: 00007f98a8dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  754.622954][T17855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.626526][T17855] R13: 000000000000000b R14: 00007f98a9505f60 R15: 00007ffe24e1dc08
[  754.630299][T17855]  </TASK>
[  755.256882][T17870] netlink: 'syz.3.3001': attribute type 4 has an invalid length.
[  755.289253][T17870] netlink: 'syz.3.3001': attribute type 4 has an invalid length.
[  755.319004][T17872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  755.334469][T17872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  755.611559][T17876] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  756.396527][T17892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  756.411760][T17892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  756.659005][T17898] FAULT_INJECTION: forcing a failure.
[  756.659005][T17898] name failslab, interval 1, probability 0, space 0, times 0
[  756.666997][T17898] CPU: 2 PID: 17898 Comm: syz.0.3008 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  756.671245][T17898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  756.676238][T17898] Call Trace:
[  756.677760][T17898]  <TASK>
[  756.679115][T17898]  dump_stack_lvl+0x16c/0x1f0
[  756.681253][T17898]  should_fail_ex+0x497/0x5b0
[  756.683691][T17898]  should_failslab+0x9/0x20
[  756.685897][T17898]  __kmalloc_cache_noprof+0x6b/0x300
[  756.688301][T17898]  ? sctp_add_bind_addr+0x9a/0x3d0
[  756.690597][T17898]  sctp_add_bind_addr+0x9a/0x3d0
[  756.694623][T17898]  sctp_copy_local_addr_list+0x39e/0x5a0
[  756.697180][T17898]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  756.699984][T17898]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  756.702671][T17898]  ? sctp_bind_addr_copy+0xe0/0x530
[  756.705056][T17898]  sctp_bind_addr_copy+0xe0/0x530
[  756.707365][T17898]  sctp_connect_new_asoc+0x1d8/0x790
[  756.714935][T17898]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  756.717718][T17898]  sctp_sendmsg+0x1610/0x1eb0
[  756.719923][T17898]  ? __pfx_sctp_sendmsg+0x10/0x10
[  756.722225][T17898]  ? sock_has_perm+0x25a/0x2f0
[  756.724591][T17898]  ? __import_iovec+0x1fd/0x6e0
[  756.726893][T17898]  ? __pfx_sctp_sendmsg+0x10/0x10
[  756.729286][T17898]  inet_sendmsg+0x119/0x140
[  756.731526][T17898]  ____sys_sendmsg+0x992/0xc90
[  756.733724][T17898]  ? copy_msghdr_from_user+0x10b/0x160
[  756.736387][T17898]  ? __pfx_____sys_sendmsg+0x10/0x10
[  756.739016][T17898]  ? __pfx___lock_acquire+0x10/0x10
[  756.741793][T17898]  ___sys_sendmsg+0x135/0x1e0
[  756.744312][T17898]  ? __pfx____sys_sendmsg+0x10/0x10
[  756.746779][T17898]  ? __pfx_lock_release+0x10/0x10
[  756.749136][T17898]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  756.751733][T17898]  ? __fget_light+0x173/0x210
[  756.753911][T17898]  __sys_sendmmsg+0x1a1/0x450
[  756.756063][T17898]  ? __pfx___sys_sendmmsg+0x10/0x10
[  756.758497][T17898]  ? vfs_write+0x14d/0x1140
[  756.760652][T17898]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  756.763592][T17898]  ? fput+0x32/0x390
[  756.765697][T17898]  ? ksys_write+0x1ab/0x260
[  756.768019][T17898]  ? __pfx_ksys_write+0x10/0x10
[  756.770296][T17898]  __x64_sys_sendmmsg+0x9c/0x100
[  756.772730][T17898]  ? lockdep_hardirqs_on+0x7c/0x110
[  756.775660][T17898]  do_syscall_64+0xcd/0x250
[  756.777852][T17898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.780508][T17898] RIP: 0033:0x7f4eff775b59
[  756.782485][T17898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.790614][T17898] RSP: 002b:00007f4f004ea048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  756.794409][T17898] RAX: ffffffffffffffda RBX: 00007f4eff905f60 RCX: 00007f4eff775b59
[  756.798061][T17898] RDX: 0000000000000002 RSI: 0000000020001000 RDI: 0000000000000003
[  756.802043][T17898] RBP: 00007f4f004ea0a0 R08: 0000000000000000 R09: 0000000000000000
[  756.805614][T17898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.808796][T17898] R13: 000000000000000b R14: 00007f4eff905f60 R15: 00007ffe18c10ee8
[  756.812451][T17898]  </TASK>
[  756.995759][   T39] audit: type=1400 audit(2000000721.569:500): avc:  denied  { mount } for  pid=17900 comm="syz.0.3009" name="/" dev="hugetlbfs" ino=67264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  757.680717][T17892] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  757.807348][   T39] audit: type=1400 audit(2000000722.379:501): avc:  denied  { unmount } for  pid=11596 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  757.881097][T17917] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.063009][T17926] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.073150][T17926] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  758.520316][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  760.686809][T17967] netlink: 'syz.1.3026': attribute type 4 has an invalid length.
[  760.803104][T17967] netlink: 'syz.1.3026': attribute type 4 has an invalid length.
[  761.641340][T17974] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  761.791795][T17977] netlink: 'syz.2.3029': attribute type 4 has an invalid length.
[  761.846142][T17977] netlink: 'syz.2.3029': attribute type 4 has an invalid length.
[  762.578682][T17994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  762.594219][T17994] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  762.684178][T17996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  762.701888][T17996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  762.800929][T17996] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  763.132397][T18010] netlink: 'syz.2.3036': attribute type 4 has an invalid length.
[  763.180691][T18010] netlink: 'syz.2.3036': attribute type 4 has an invalid length.
[  763.321468][T18013] netlink: 'syz.3.3037': attribute type 4 has an invalid length.
[  763.366951][T18015] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  763.490634][T18019] netlink: 'syz.3.3037': attribute type 4 has an invalid length.
[  763.562372][T18021] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  764.211637][T18018] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  764.761819][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  765.535802][T18037] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3043'.
[  765.565727][T18039] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  765.622150][T18043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  765.654629][T18043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  766.358130][T18053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  766.366638][T18053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  766.700072][ T5214] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  767.212758][T18073] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  768.292815][T18090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  769.063109][T18090] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  770.262705][T18144] FAULT_INJECTION: forcing a failure.
[  770.262705][T18144] name failslab, interval 1, probability 0, space 0, times 0
[  770.268230][T18144] CPU: 3 PID: 18144 Comm: syz.2.3075 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  770.272595][T18144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  770.277482][T18144] Call Trace:
[  770.278988][T18144]  <TASK>
[  770.280236][T18144]  dump_stack_lvl+0x16c/0x1f0
[  770.282570][T18144]  should_fail_ex+0x497/0x5b0
[  770.284791][T18144]  should_failslab+0x9/0x20
[  770.286759][T18144]  __kmalloc_cache_noprof+0x6b/0x300
[  770.289133][T18144]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  770.292461][T18144]  ? genl_start+0x1e7/0x950
[  770.294421][T18144]  genl_start+0x1e7/0x950
[  770.296270][T18144]  __netlink_dump_start+0x616/0x9b0
[  770.298644][T18144]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  770.301264][T18144]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  770.304220][T18144]  ? genl_op_from_small+0x25/0x440
[  770.306661][T18144]  ? cap_capable+0x1cf/0x240
[  770.309154][T18144]  ? __pfx_genl_start+0x10/0x10
[  770.311213][T18144]  ? __pfx_genl_dumpit+0x10/0x10
[  770.313445][T18144]  ? __pfx_genl_done+0x10/0x10
[  770.315463][T18144]  ? security_capable+0x98/0xd0
[  770.317690][T18144]  genl_rcv_msg+0x470/0x800
[  770.319654][T18144]  ? __pfx_genl_rcv_msg+0x10/0x10
[  770.322469][T18144]  ? __pfx___lock_acquire+0x10/0x10
[  770.325192][T18144]  ? __pfx_ip_vs_genl_dump_services+0x10/0x10
[  770.328500][T18144]  netlink_rcv_skb+0x16b/0x440
[  770.330762][T18144]  ? __pfx_genl_rcv_msg+0x10/0x10
[  770.332921][T18144]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  770.335114][T18144]  ? down_read+0xc9/0x330
[  770.336784][T18144]  ? __pfx_down_read+0x10/0x10
[  770.338702][T18144]  ? netlink_deliver_tap+0x1ae/0xd90
[  770.340897][T18144]  genl_rcv+0x28/0x40
[  770.342665][T18144]  netlink_unicast+0x544/0x830
[  770.344946][T18144]  ? __pfx_netlink_unicast+0x10/0x10
[  770.347265][T18144]  netlink_sendmsg+0x8b8/0xd70
[  770.349141][T18144]  ? __pfx_netlink_sendmsg+0x10/0x10
[  770.350998][T18144]  ? __import_iovec+0x1fd/0x6e0
[  770.353031][T18144]  ____sys_sendmsg+0xab5/0xc90
[  770.355282][T18144]  ? copy_msghdr_from_user+0x10b/0x160
[  770.357650][T18144]  ? __pfx_____sys_sendmsg+0x10/0x10
[  770.360014][T18144]  ? find_held_lock+0x2d/0x110
[  770.361929][T18144]  ? __pfx___lock_acquire+0x10/0x10
[  770.364109][T18144]  ___sys_sendmsg+0x135/0x1e0
[  770.366163][T18144]  ? __pfx____sys_sendmsg+0x10/0x10
[  770.368344][T18144]  ? ksys_write+0x21c/0x260
[  770.370272][T18144]  ? __fget_light+0x173/0x210
[  770.372250][T18144]  __sys_sendmsg+0x117/0x1f0
[  770.374020][T18144]  ? __pfx___sys_sendmsg+0x10/0x10
[  770.376467][T18144]  do_syscall_64+0xcd/0x250
[  770.378542][T18144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.381106][T18144] RIP: 0033:0x7f98a9375b59
[  770.383047][T18144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.391015][T18144] RSP: 002b:00007f98a8dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  770.395277][T18144] RAX: ffffffffffffffda RBX: 00007f98a9505f60 RCX: 00007f98a9375b59
[  770.398905][T18144] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  770.402300][T18144] RBP: 00007f98a8dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  770.406048][T18144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.409689][T18144] R13: 000000000000000b R14: 00007f98a9505f60 R15: 00007ffe24e1dc08
[  770.413393][T18144]  </TASK>
[  770.423846][T18143] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  770.556572][T18154] Bluetooth: MGMT ver 1.23
[  770.570819][T18154] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3076'.
[  770.711918][T18157] bond0: entered promiscuous mode
[  770.714986][T18157] bond_slave_0: entered promiscuous mode
[  770.720558][T18157] bond_slave_1: entered promiscuous mode
[  770.824479][T18156] bond0: left promiscuous mode
[  770.827209][T18156] bond_slave_0: left promiscuous mode
[  770.830787][T18156] bond_slave_1: left promiscuous mode
[  770.915086][T18166] netlink: 'syz.3.3079': attribute type 14 has an invalid length.
[  771.616358][T18164] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  772.905036][T18209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  773.142333][T18219] ieee802154 phy0 wpan0: encryption failed: -22
[  773.174375][   T39] audit: type=1400 audit(2000000737.749:502): avc:  denied  { map } for  pid=18211 comm="syz.3.3092" path="socket:[68514]" dev="sockfs" ino=68514 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  773.875707][T18232] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3095'.
[  773.879866][T18232] netlink: 'syz.1.3095': attribute type 3 has an invalid length.
[  773.993182][T18235] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3096'.
[  773.999295][T18238] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3096'.
[  774.186288][T18249] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  774.258921][T18228] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  774.296645][T18252] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  774.998464][T18242] syz.3.3097 (18242): drop_caches: 2
[  775.024027][T18267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  775.038108][T18267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  775.287463][T18276] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  775.323193][T18276] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  775.423861][    C2] vkms_vblank_simulate: vblank timer overrun
[  776.025377][T18295] FAULT_INJECTION: forcing a failure.
[  776.025377][T18295] name failslab, interval 1, probability 0, space 0, times 0
[  776.031952][T18295] CPU: 3 PID: 18295 Comm: syz.3.3114 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  776.036371][T18295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  776.041039][T18295] Call Trace:
[  776.042379][T18295]  <TASK>
[  776.043566][T18295]  dump_stack_lvl+0x16c/0x1f0
[  776.045474][T18295]  should_fail_ex+0x497/0x5b0
[  776.047434][T18295]  should_failslab+0x9/0x20
[  776.049438][T18295]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  776.051623][T18295]  ? skb_clone+0x190/0x3f0
[  776.053445][T18295]  skb_clone+0x190/0x3f0
[  776.055339][T18295]  netlink_deliver_tap+0xab3/0xd90
[  776.057636][T18295]  netlink_unicast+0x6c2/0x830
[  776.059927][T18295]  ? __pfx_netlink_unicast+0x10/0x10
[  776.062309][T18295]  ? __asan_memcpy+0x3c/0x60
[  776.064465][T18295]  nfsd_nl_pool_mode_get_doit+0x429/0x540
[  776.066987][T18295]  ? __pfx_nfsd_nl_pool_mode_get_doit+0x10/0x10
[  776.069662][T18295]  ? hlock_class+0x4e/0x130
[  776.071613][T18295]  ? mark_lock+0xb5/0xc60
[  776.073870][T18295]  ? kfree_skbmem+0x10e/0x200
[  776.076010][T18295]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  776.079278][T18295]  genl_family_rcv_msg_doit+0x202/0x2f0
[  776.081749][T18295]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  776.084371][T18295]  ? __radix_tree_lookup+0x21f/0x2c0
[  776.086526][T18295]  genl_rcv_msg+0x565/0x800
[  776.088509][T18295]  ? __pfx_genl_rcv_msg+0x10/0x10
[  776.090768][T18295]  ? __pfx___lock_acquire+0x10/0x10
[  776.093088][T18295]  ? __pfx_nfsd_nl_pool_mode_get_doit+0x10/0x10
[  776.095868][T18295]  netlink_rcv_skb+0x16b/0x440
[  776.098022][T18295]  ? __pfx_genl_rcv_msg+0x10/0x10
[  776.100191][T18295]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  776.102310][T18295]  ? down_read+0xc9/0x330
[  776.104054][T18295]  ? __pfx_down_read+0x10/0x10
[  776.106103][T18295]  ? netlink_deliver_tap+0x1ae/0xd90
[  776.108362][T18295]  genl_rcv+0x28/0x40
[  776.110060][T18295]  netlink_unicast+0x544/0x830
[  776.112228][T18295]  ? __pfx_netlink_unicast+0x10/0x10
[  776.114567][T18295]  netlink_sendmsg+0x8b8/0xd70
[  776.116741][T18295]  ? __pfx_netlink_sendmsg+0x10/0x10
[  776.119111][T18295]  ? __import_iovec+0x1fd/0x6e0
[  776.120915][T18295]  ____sys_sendmsg+0xab5/0xc90
[  776.122587][T18295]  ? copy_msghdr_from_user+0x10b/0x160
[  776.124604][T18295]  ? __pfx_____sys_sendmsg+0x10/0x10
[  776.126888][T18295]  ? __pfx___lock_acquire+0x10/0x10
[  776.129151][T18295]  ? lockdep_hardirqs_on+0x7c/0x110
[  776.131425][T18295]  ___sys_sendmsg+0x135/0x1e0
[  776.133415][T18295]  ? __pfx____sys_sendmsg+0x10/0x10
[  776.135680][T18295]  ? ksys_write+0x21c/0x260
[  776.137747][T18295]  ? __fget_light+0x173/0x210
[  776.139853][T18295]  __sys_sendmsg+0x117/0x1f0
[  776.141919][T18295]  ? __pfx___sys_sendmsg+0x10/0x10
[  776.144151][T18295]  ? bpf_trace_run2+0x2a6/0x590
[  776.146083][T18295]  ? rcu_is_watching+0x12/0xc0
[  776.148142][T18295]  do_syscall_64+0xcd/0x250
[  776.150178][T18295]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.152725][T18295] RIP: 0033:0x7f284d775b59
[  776.154542][T18295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.162451][T18295] RSP: 002b:00007f284e4be048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  776.165712][T18295] RAX: ffffffffffffffda RBX: 00007f284d905f60 RCX: 00007f284d775b59
[  776.169010][T18295] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  776.172249][T18295] RBP: 00007f284e4be0a0 R08: 0000000000000000 R09: 0000000000000000
[  776.175296][T18295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  776.178173][T18295] R13: 000000000000000b R14: 00007f284d905f60 R15: 00007ffd958e8d88
[  776.181213][T18295]  </TASK>
[  776.248942][T18299] FAULT_INJECTION: forcing a failure.
[  776.248942][T18299] name failslab, interval 1, probability 0, space 0, times 0
[  776.254659][T18299] CPU: 1 PID: 18299 Comm: syz.3.3115 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  776.258864][T18299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  776.263556][T18299] Call Trace:
[  776.265034][T18299]  <TASK>
[  776.266411][T18299]  dump_stack_lvl+0x16c/0x1f0
[  776.268756][T18299]  should_fail_ex+0x497/0x5b0
[  776.270882][T18299]  should_failslab+0x9/0x20
[  776.272977][T18299]  __kmalloc_cache_noprof+0x6b/0x300
[  776.275306][T18299]  ? sctp_add_bind_addr+0x9a/0x3d0
[  776.277581][T18299]  sctp_add_bind_addr+0x9a/0x3d0
[  776.279860][T18299]  sctp_copy_local_addr_list+0x39e/0x5a0
[  776.282251][T18299]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  776.284968][T18299]  ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360
[  776.287552][T18299]  ? sctp_bind_addr_copy+0x331/0x530
[  776.289824][T18299]  sctp_bind_addr_copy+0x331/0x530
[  776.292087][T18299]  sctp_connect_new_asoc+0x1d8/0x790
[  776.294279][T18299]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  776.296633][T18299]  sctp_sendmsg+0x1610/0x1eb0
[  776.298801][T18299]  ? __pfx_sctp_sendmsg+0x10/0x10
[  776.301016][T18299]  ? sock_has_perm+0x25a/0x2f0
[  776.303121][T18299]  ? __import_iovec+0x1fd/0x6e0
[  776.305192][T18299]  ? __pfx_sctp_sendmsg+0x10/0x10
[  776.307201][T18299]  inet_sendmsg+0x119/0x140
[  776.308989][T18299]  ____sys_sendmsg+0x992/0xc90
[  776.310865][T18299]  ? copy_msghdr_from_user+0x10b/0x160
[  776.313277][T18299]  ? __pfx_____sys_sendmsg+0x10/0x10
[  776.315549][T18299]  ? __pfx___lock_acquire+0x10/0x10
[  776.317746][T18299]  ? find_held_lock+0x2d/0x110
[  776.319594][T18299]  ___sys_sendmsg+0x135/0x1e0
[  776.321650][T18299]  ? __pfx____sys_sendmsg+0x10/0x10
[  776.323923][T18299]  ? __pfx_group_send_sig_info+0x10/0x10
[  776.326281][T18299]  ? __lock_acquire+0xbdd/0x3cb0
[  776.328378][T18299]  ? __fget_light+0x173/0x210
[  776.330380][T18299]  __sys_sendmmsg+0x1a1/0x450
[  776.332437][T18299]  ? __pfx___sys_sendmmsg+0x10/0x10
[  776.334685][T18299]  ? __pfx___cant_migrate+0x10/0x10
[  776.336859][T18299]  ? fput+0x32/0x390
[  776.338633][T18299]  ? ksys_write+0x1ab/0x260
[  776.340678][T18299]  __x64_sys_sendmmsg+0x9c/0x100
[  776.342887][T18299]  do_syscall_64+0xcd/0x250
[  776.344849][T18299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.347339][T18299] RIP: 0033:0x7f284d775b59
[  776.349220][T18299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.356912][T18299] RSP: 002b:00007f284e4be048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  776.360433][T18299] RAX: ffffffffffffffda RBX: 00007f284d905f60 RCX: 00007f284d775b59
[  776.363772][T18299] RDX: 0000000000000002 RSI: 0000000020000600 RDI: 0000000000000003
[  776.367370][T18299] RBP: 00007f284e4be0a0 R08: 0000000000000000 R09: 0000000000000000
[  776.370722][T18299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  776.373906][T18299] R13: 000000000000000b R14: 00007f284d905f60 R15: 00007ffd958e8d88
[  776.376904][T18299]  </TASK>
[  776.382684][T18293] fuse: Bad value for 'fd'
[  777.087615][T18314] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3119'.
[  777.420227][ T5250] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  777.594018][T18310] syz.3.3117 (18310): drop_caches: 2
[  777.600496][ T5250] usb 7-1: Using ep0 maxpacket: 16
[  777.639147][ T5250] usb 7-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  777.643480][ T5250] usb 7-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  777.648407][ T5250] usb 7-1: config 0 interface 0 has no altsetting 0
[  777.663677][ T5250] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  777.667805][ T5250] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.672289][ T5250] usb 7-1: Product: syz
[  777.690248][ T5250] usb 7-1: Manufacturer: syz
[  777.692319][ T5250] usb 7-1: SerialNumber: syz
[  777.696914][ T5250] usb 7-1: config 0 descriptor??
[  777.702010][ T5250] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input25
[  778.453533][   T57] usb 7-1: USB disconnect, device number 13
[  779.759192][T18356] netlink: 'syz.3.3128': attribute type 4 has an invalid length.
[  779.845092][T18364] netlink: 'syz.3.3128': attribute type 4 has an invalid length.
[  780.491610][T18375] netlink: 'syz.1.3132': attribute type 4 has an invalid length.
[  780.655191][T18382] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  782.516176][T18411] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  782.528588][T18411] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  782.733469][T18422] netlink: 'syz.1.3143': attribute type 4 has an invalid length.
[  782.739468][T18422] netlink: 'syz.1.3143': attribute type 4 has an invalid length.
[  782.905210][T18425] tipc: MTU too low for tipc bearer
[  783.140832][T18430] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3147'.
[  783.167436][T18434] FAULT_INJECTION: forcing a failure.
[  783.167436][T18434] name failslab, interval 1, probability 0, space 0, times 0
[  783.175858][T18434] CPU: 0 PID: 18434 Comm: syz.2.3149 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  783.180102][T18434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  783.184997][T18434] Call Trace:
[  783.186435][T18434]  <TASK>
[  783.187709][T18434]  dump_stack_lvl+0x16c/0x1f0
[  783.189601][   T39] audit: type=1400 audit(2000000747.759:503): avc:  denied  { connect } for  pid=18431 comm="syz.1.3148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  783.189718][T18434]  should_fail_ex+0x497/0x5b0
[  783.199592][T18434]  should_failslab+0x9/0x20
[  783.201512][T18434]  __kmalloc_cache_noprof+0x6b/0x300
[  783.203849][T18434]  ? ovs_ct_limit_cmd_set+0x30b/0xa90
[  783.206558][T18434]  ovs_ct_limit_cmd_set+0x30b/0xa90
[  783.208859][T18434]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  783.212067][T18434]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  783.223343][T18434]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  783.226565][T18434]  genl_family_rcv_msg_doit+0x202/0x2f0
[  783.228733][T18434]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  783.231102][T18434]  ? ns_capable+0xd7/0x110
[  783.233035][T18434]  genl_rcv_msg+0x565/0x800
[  783.235056][T18434]  ? __pfx_genl_rcv_msg+0x10/0x10
[  783.237283][T18434]  ? __pfx___lock_acquire+0x10/0x10
[  783.239560][T18434]  ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10
[  783.242093][T18434]  netlink_rcv_skb+0x16b/0x440
[  783.244187][T18434]  ? __pfx_genl_rcv_msg+0x10/0x10
[  783.246361][T18434]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  783.248743][T18434]  ? down_read+0xc9/0x330
[  783.250436][   T39] audit: type=1400 audit(2000000747.799:504): avc:  denied  { shutdown } for  pid=18431 comm="syz.1.3148" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  783.250715][T18434]  ? __pfx_down_read+0x10/0x10
[  783.262630][T18434]  ? netlink_deliver_tap+0x1ae/0xd90
[  783.275879][T18434]  genl_rcv+0x28/0x40
[  783.277657][T18434]  netlink_unicast+0x544/0x830
[  783.279785][T18434]  ? __pfx_netlink_unicast+0x10/0x10
[  783.282528][T18434]  netlink_sendmsg+0x8b8/0xd70
[  783.284820][T18434]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.287180][T18434]  ? __import_iovec+0x1fd/0x6e0
[  783.289317][T18434]  ____sys_sendmsg+0xab5/0xc90
[  783.291608][T18434]  ? copy_msghdr_from_user+0x10b/0x160
[  783.294273][T18434]  ? __pfx_____sys_sendmsg+0x10/0x10
[  783.296668][T18434]  ? __pfx___lock_acquire+0x10/0x10
[  783.298923][T18434]  ? lockdep_hardirqs_on+0x7c/0x110
[  783.301086][T18434]  ___sys_sendmsg+0x135/0x1e0
[  783.303168][T18434]  ? __pfx____sys_sendmsg+0x10/0x10
[  783.305438][T18434]  ? ksys_write+0x21c/0x260
[  783.307466][T18434]  ? __fget_light+0x173/0x210
[  783.311006][T18434]  __sys_sendmsg+0x117/0x1f0
[  783.313094][T18434]  ? __pfx___sys_sendmsg+0x10/0x10
[  783.315733][T18434]  ? bpf_trace_run2+0x2a6/0x590
[  783.317983][T18434]  ? rcu_is_watching+0x12/0xc0
[  783.320130][T18434]  do_syscall_64+0xcd/0x250
[  783.322151][T18434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.324844][T18434] RIP: 0033:0x7f98a9375b59
[  783.326852][T18434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.335388][T18434] RSP: 002b:00007f98a8dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  783.339378][T18434] RAX: ffffffffffffffda RBX: 00007f98a9505f60 RCX: 00007f98a9375b59
[  783.342873][T18434] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  783.346349][T18434] RBP: 00007f98a8dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  783.349793][T18434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  783.353377][T18434] R13: 000000000000000b R14: 00007f98a9505f60 R15: 00007ffe24e1dc08
[  783.357519][T18434]  </TASK>
[  783.406819][   T39] audit: type=1400 audit(2000000747.979:505): avc:  denied  { ioctl } for  pid=18431 comm="syz.1.3148" path="socket:[71970]" dev="sockfs" ino=71970 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  783.511785][T18438] FAULT_INJECTION: forcing a failure.
[  783.511785][T18438] name failslab, interval 1, probability 0, space 0, times 0
[  783.530212][T13139] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  783.539781][T18438] CPU: 0 PID: 18438 Comm: syz.1.3150 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  783.544134][T18438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  783.548947][T18438] Call Trace:
[  783.550659][T18438]  <TASK>
[  783.552006][T18438]  dump_stack_lvl+0x16c/0x1f0
[  783.554116][T18438]  should_fail_ex+0x497/0x5b0
[  783.556046][T18438]  should_failslab+0x9/0x20
[  783.558039][T18438]  __kmalloc_cache_noprof+0x6b/0x300
[  783.560478][T18438]  ? nfnl_err_add+0x4e/0x2d0
[  783.562513][T18438]  nfnl_err_add+0x4e/0x2d0
[  783.564561][T18438]  nfnetlink_rcv_batch+0xe47/0x24e0
[  783.566995][T18438]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  783.569510][T18438]  ? find_held_lock+0x2d/0x110
[  783.571638][T18438]  ? avc_has_perm_noaudit+0x119/0x3a0
[  783.574011][T18438]  ? avc_has_perm_noaudit+0x143/0x3a0
[  783.576438][T18438]  ? __nla_parse+0x40/0x60
[  783.578490][T18438]  nfnetlink_rcv+0x3c3/0x430
[  783.580564][T18438]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  783.582938][T18438]  netlink_unicast+0x544/0x830
[  783.585347][T18438]  ? __pfx_netlink_unicast+0x10/0x10
[  783.587683][T18438]  netlink_sendmsg+0x8b8/0xd70
[  783.589803][T18438]  ? __pfx_netlink_sendmsg+0x10/0x10
[  783.592105][T18438]  ? __import_iovec+0x1fd/0x6e0
[  783.594242][T18438]  ____sys_sendmsg+0xab5/0xc90
[  783.596154][T18438]  ? copy_msghdr_from_user+0x10b/0x160
[  783.598581][T18438]  ? __pfx_____sys_sendmsg+0x10/0x10
[  783.600975][T18438]  ? __pfx___lock_acquire+0x10/0x10
[  783.603250][T18438]  ? lockdep_hardirqs_on+0x7c/0x110
[  783.605613][T18438]  ___sys_sendmsg+0x135/0x1e0
[  783.607730][T18438]  ? __pfx____sys_sendmsg+0x10/0x10
[  783.610128][T18438]  ? ksys_write+0x21c/0x260
[  783.612136][T18438]  ? __fget_light+0x173/0x210
[  783.614225][T18438]  __sys_sendmsg+0x117/0x1f0
[  783.616335][T18438]  ? __pfx___sys_sendmsg+0x10/0x10
[  783.618568][T18438]  ? bpf_trace_run2+0x2a6/0x590
[  783.620679][T18438]  ? rcu_is_watching+0x12/0xc0
[  783.622810][T18438]  do_syscall_64+0xcd/0x250
[  783.624749][T18438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.627334][T18438] RIP: 0033:0x7f3c92f75b59
[  783.629324][T18438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.655930][T18438] RSP: 002b:00007f3c93d51048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  783.659545][T18438] RAX: ffffffffffffffda RBX: 00007f3c93105f60 RCX: 00007f3c92f75b59
[  783.671840][T18438] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  783.675340][T18438] RBP: 00007f3c93d510a0 R08: 0000000000000000 R09: 0000000000000000
[  783.678871][T18438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  783.682359][T18438] R13: 000000000000000b R14: 00007f3c93105f60 R15: 00007ffd72d8c048
[  783.685627][T18438]  </TASK>
[  783.851280][T18441] netlink: 'syz.2.3151': attribute type 11 has an invalid length.
[  783.864871][T13139] usb 5-1: Using ep0 maxpacket: 16
[  783.869125][T13139] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  783.875797][T13139] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  783.886403][T13139] usb 5-1: config 0 interface 0 has no altsetting 0
[  783.895187][T13139] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  783.899502][T13139] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.903822][T13139] usb 5-1: Product: syz
[  783.906048][T13139] usb 5-1: Manufacturer: syz
[  783.908282][T13139] usb 5-1: SerialNumber: syz
[  783.913641][T13139] usb 5-1: config 0 descriptor??
[  783.921926][T13139] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input26
[  784.009651][T18447] program syz.3.3153 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  784.655811][T10911] usb 5-1: USB disconnect, device number 8
[  784.922645][   T39] audit: type=1400 audit(2000000749.489:506): avc:  denied  { create } for  pid=18462 comm="syz.3.3157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  784.935021][   T39] audit: type=1400 audit(2000000749.509:507): avc:  denied  { write } for  pid=18462 comm="syz.3.3157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  785.431462][T18469] FAULT_INJECTION: forcing a failure.
[  785.431462][T18469] name failslab, interval 1, probability 0, space 0, times 0
[  785.436855][T18469] CPU: 0 PID: 18469 Comm: syz.2.3159 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  785.441610][T18469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  785.446980][T18469] Call Trace:
[  785.448468][T18469]  <TASK>
[  785.449783][T18469]  dump_stack_lvl+0x16c/0x1f0
[  785.451982][T18469]  should_fail_ex+0x497/0x5b0
[  785.454196][T18469]  should_failslab+0x9/0x20
[  785.456369][T18469]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  785.458792][T18469]  ? skb_clone+0x190/0x3f0
[  785.460798][T18469]  skb_clone+0x190/0x3f0
[  785.462637][T18469]  netlink_deliver_tap+0xab3/0xd90
[  785.464893][T18469]  netlink_unicast+0x6c2/0x830
[  785.466954][T18469]  ? __pfx_netlink_unicast+0x10/0x10
[  785.469241][T18469]  ? rtnetlink_rcv_msg+0x3e6/0xea0
[  785.471428][T18469]  netlink_ack+0x6a8/0xb90
[  785.473346][T18469]  netlink_rcv_skb+0x348/0x440
[  785.475398][T18469]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  785.477726][T18469]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  785.479974][T18469]  ? rcu_is_watching+0x12/0xc0
[  785.482052][T18469]  netlink_unicast+0x544/0x830
[  785.483984][T18469]  ? __pfx_netlink_unicast+0x10/0x10
[  785.486193][T18469]  netlink_sendmsg+0x8b8/0xd70
[  785.488225][T18469]  ? __pfx_netlink_sendmsg+0x10/0x10
[  785.490431][T18469]  ? __import_iovec+0x1fd/0x6e0
[  785.492482][T18469]  ____sys_sendmsg+0xab5/0xc90
[  785.494463][T18469]  ? copy_msghdr_from_user+0x10b/0x160
[  785.496760][T18469]  ? __pfx_____sys_sendmsg+0x10/0x10
[  785.498972][T18469]  ? __pfx___lock_acquire+0x10/0x10
[  785.501156][T18469]  ___sys_sendmsg+0x135/0x1e0
[  785.503043][T18469]  ? __pfx____sys_sendmsg+0x10/0x10
[  785.505502][T18469]  ? __fget_light+0x173/0x210
[  785.507308][T18469]  __sys_sendmsg+0x117/0x1f0
[  785.508963][T18469]  ? __pfx___sys_sendmsg+0x10/0x10
[  785.511012][T18469]  do_syscall_64+0xcd/0x250
[  785.513018][T18469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.515586][T18469] RIP: 0033:0x7f98a9375b59
[  785.517549][T18469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  785.525996][T18469] RSP: 002b:00007f98a8dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  785.529597][T18469] RAX: ffffffffffffffda RBX: 00007f98a9505f60 RCX: 00007f98a9375b59
[  785.532765][T18469] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  785.535769][T18469] RBP: 00007f98a8dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  785.538730][T18469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  785.541745][T18469] R13: 000000000000000b R14: 00007f98a9505f60 R15: 00007ffe24e1dc08
[  785.544998][T18469]  </TASK>
[  785.692759][T18474] netlink: 'syz.1.3158': attribute type 4 has an invalid length.
[  785.736332][T18474] netlink: 'syz.1.3158': attribute type 4 has an invalid length.
[  786.578114][T18482] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3163'.
[  787.509073][   T39] audit: type=1400 audit(2000000752.079:508): avc:  denied  { read } for  pid=18503 comm="syz.2.3169" name="nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  787.518351][T18505] 9pnet_fd: Insufficient options for proto=fd
[  787.529032][   T39] audit: type=1400 audit(2000000752.079:509): avc:  denied  { open } for  pid=18503 comm="syz.2.3169" path="/dev/nullb0" dev="devtmpfs" ino=691 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  787.821358][T18516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3173'.
[  787.960239][ T5222] Bluetooth: hci0: command 0x0419 tx timeout
[  787.960396][T12125] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  788.160218][T12125] usb 5-1: Using ep0 maxpacket: 32
[  788.165490][T12125] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  788.169425][T12125] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  788.173696][T12125] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  788.177623][T12125] usb 5-1: config 1 has no interface number 0
[  788.180789][T12125] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  788.185586][T12125] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  788.196656][T12125] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  788.201942][T12125] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.222291][T12125] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  788.620207][T18524] netlink: 'syz.1.3175': attribute type 12 has an invalid length.
[  788.798377][T12125] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[  789.256511][T18534] FAULT_INJECTION: forcing a failure.
[  789.256511][T18534] name failslab, interval 1, probability 0, space 0, times 0
[  789.267353][T18534] CPU: 1 PID: 18534 Comm: syz.3.3177 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  789.273910][T18534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  789.279836][T18534] Call Trace:
[  789.281525][T18534]  <TASK>
[  789.282873][T18534]  dump_stack_lvl+0x16c/0x1f0
[  789.285269][T18534]  should_fail_ex+0x497/0x5b0
[  789.287600][T18534]  should_failslab+0x9/0x20
[  789.290218][T18534]  __kmalloc_cache_noprof+0x6b/0x300
[  789.293031][T18534]  ? __kthread_create_on_node+0xcb/0x400
[  789.296563][T18534]  ? __pfx_rxrpc_io_thread+0x10/0x10
[  789.299997][T18534]  __kthread_create_on_node+0xcb/0x400
[  789.302556][T18534]  ? __pfx___kthread_create_on_node+0x10/0x10
[  789.305545][T18534]  ? find_held_lock+0x59/0x110
[  789.308066][T18534]  ? __pfx_rxrpc_io_thread+0x10/0x10
[  789.310516][T18534]  kthread_create_on_node+0xc8/0x110
[  789.313614][T18534]  ? __pfx_kthread_create_on_node+0x10/0x10
[  789.316526][T18534]  ? rxrpc_open_socket+0x3bd/0x6c0
[  789.319939][T18534]  ? mark_held_locks+0x9f/0xe0
[  789.322103][T18534]  rxrpc_open_socket+0x3ea/0x6c0
[  789.324225][T18534]  ? __pfx_rxrpc_open_socket+0x10/0x10
[  789.326545][T18534]  ? __pfx_rxrpc_encap_rcv+0x10/0x10
[  789.328703][T18534]  ? __pfx_rxrpc_encap_err_rcv+0x10/0x10
[  789.330978][T18534]  ? __pfx_lock_release+0x10/0x10
[  789.333146][T18534]  ? lockdep_init_map_type+0x16d/0x7d0
[  789.335654][T18534]  ? rcu_is_watching+0x12/0xc0
[  789.337716][T18534]  rxrpc_lookup_local+0xa02/0x1220
[  789.339929][T18534]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[  789.342336][T18534]  ? rxrpc_sendmsg+0x113/0x5f0
[  789.344381][T18534]  ? __local_bh_enable_ip+0xa4/0x120
[  789.346617][T18534]  rxrpc_sendmsg+0x375/0x5f0
[  789.348592][T18534]  ____sys_sendmsg+0xab5/0xc90
[  789.350632][T18534]  ? __pfx_____sys_sendmsg+0x10/0x10
[  789.352891][T18534]  ? __pfx___lock_acquire+0x10/0x10
[  789.355091][T18534]  ___sys_sendmsg+0x135/0x1e0
[  789.357120][T18534]  ? __pfx____sys_sendmsg+0x10/0x10
[  789.359338][T18534]  ? __pfx_lock_release+0x10/0x10
[  789.361473][T18534]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  789.363635][T18534]  ? __fget_light+0x173/0x210
[  789.365505][T18534]  __sys_sendmmsg+0x1a1/0x450
[  789.367336][T18534]  ? __pfx___sys_sendmmsg+0x10/0x10
[  789.369343][T18534]  ? vfs_write+0x14d/0x1140
[  789.371135][T18534]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  789.373412][T18534]  ? fput+0x32/0x390
[  789.375088][T18534]  ? ksys_write+0x1ab/0x260
[  789.377145][T18534]  ? __pfx_ksys_write+0x10/0x10
[  789.379211][T18534]  __x64_sys_sendmmsg+0x9c/0x100
[  789.381294][T18534]  ? lockdep_hardirqs_on+0x7c/0x110
[  789.383367][T18534]  do_syscall_64+0xcd/0x250
[  789.385324][T18534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.387708][T18534] RIP: 0033:0x7f284d775b59
[  789.389673][T18534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.398052][T18534] RSP: 002b:00007f284e4be048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  789.401726][T18534] RAX: ffffffffffffffda RBX: 00007f284d905f60 RCX: 00007f284d775b59
[  789.405195][T18534] RDX: 000000000000005c RSI: 0000000020000180 RDI: 0000000000000003
[  789.408641][T18534] RBP: 00007f284e4be0a0 R08: 0000000000000000 R09: 0000000000000000
[  789.412134][T18534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  789.415312][T18534] R13: 000000000000000b R14: 00007f284d905f60 R15: 00007ffd958e8d88
[  789.418379][T18534]  </TASK>
[  789.706157][T18545] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.716457][T18545] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.812746][T12125] snd_usb_pod 5-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  789.947709][T18551] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.957723][T18551] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  790.383631][T18556] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  790.406037][T18556] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  790.995639][   T57] usb 5-1: USB disconnect, device number 9
[  791.032611][   T57] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  791.059331][T18565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.098762][T18565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  791.684012][T18579] netlink: 'syz.3.3186': attribute type 4 has an invalid length.
[  791.820880][T18585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  792.314079][T18597] netlink: 'syz.2.3189': attribute type 12 has an invalid length.
[  792.710448][T18605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  792.746520][T18605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  792.911711][T18592] syz.0.3191 (18592): drop_caches: 2
[  793.158127][   T39] audit: type=1400 audit(2000000757.729:510): avc:  denied  { getopt } for  pid=18612 comm="syz.0.3198" lport=43118 faddr=fc00:: fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  793.207077][T18615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  793.214971][T18615] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  793.447564][T18621] netlink: 'syz.3.3200': attribute type 4 has an invalid length.
[  793.604279][T18628] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  794.306297][T18646] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  794.502506][   T39] audit: type=1400 audit(2000000759.079:511): avc:  denied  { read } for  pid=18650 comm="syz.1.3208" path="socket:[69294]" dev="sockfs" ino=69294 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  795.279308][T18660] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3211'.
[  795.479811][T18670] netlink: 'syz.0.3214': attribute type 4 has an invalid length.
[  795.495527][T18672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  796.341186][T18684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  796.374797][T18684] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  796.620623][ T5222] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  797.035421][T18694] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3220'.
[  797.800248][T18716] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  799.643127][T18748] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3235'.
[  799.791971][T18743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  799.812435][T18743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  799.886946][T18754] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3236'.
[  799.920606][T12790] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  799.927089][T18751] netlink: 'syz.1.3234': attribute type 12 has an invalid length.
[  799.943735][T18756] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  800.110168][T12790] usb 5-1: Using ep0 maxpacket: 16
[  800.123520][T12790] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  800.133399][T12790] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  800.142123][T12790] usb 5-1: config 0 interface 0 has no altsetting 0
[  800.149371][T12790] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  800.156449][T12790] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.165738][T12790] usb 5-1: Product: syz
[  800.168204][T12790] usb 5-1: Manufacturer: syz
[  800.170832][T12790] usb 5-1: SerialNumber: syz
[  800.176910][T12790] usb 5-1: config 0 descriptor??
[  800.184736][T12790] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input27
[  800.897233][ T5273] usb 5-1: USB disconnect, device number 10
[  800.902978][T18743] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  801.920307][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  802.019607][T18796] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3247'.
[  802.021621][T18799] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  802.330789][T12790] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  802.520573][T12790] usb 5-1: Using ep0 maxpacket: 16
[  802.527826][T12790] usb 5-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  802.533171][T12790] usb 5-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  802.540248][T12790] usb 5-1: config 0 interface 0 has no altsetting 0
[  802.565143][T12790] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  802.569223][T12790] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.573651][T12790] usb 5-1: Product: syz
[  802.578038][T12790] usb 5-1: Manufacturer: syz
[  802.581146][T12790] usb 5-1: SerialNumber: syz
[  802.598919][T12790] usb 5-1: config 0 descriptor??
[  802.626463][T12790] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input28
[  803.372510][   T56] usb 5-1: USB disconnect, device number 11
[  803.618770][T18819] syz.2.3253 (18819): drop_caches: 2
[  803.626531][T18819] syz.2.3253 (18819): drop_caches: 2
[  803.846891][T18833] netlink: 'syz.1.3257': attribute type 4 has an invalid length.
[  803.994468][T18838] netlink: 'syz.1.3257': attribute type 4 has an invalid length.
[  805.785700][T18869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  805.794140][T18869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  805.944053][T18878] netlink: 'syz.3.3272': attribute type 4 has an invalid length.
[  805.949038][T18878] netlink: 'syz.3.3272': attribute type 4 has an invalid length.
[  806.609484][ T5214] Bluetooth: hci0: ACL packet for unknown connection handle 1225
[  807.487728][T18893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.242584][T18893] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.426507][T18911] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.441259][T18911] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.918970][T18916] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  808.954086][T18916] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  809.289821][T18920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  809.306413][T18920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  809.435152][T18924] syz.3.3286 (18924): drop_caches: 2
[  809.437888][T18924] syz.3.3286 (18924): drop_caches: 2
[  810.031835][T18936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  810.591621][T18920] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  810.623623][T18936] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  810.729459][T18945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  810.755303][T18945] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  811.240773][T18958] syz.0.3297 (18958): drop_caches: 2
[  811.248192][T18958] syz.0.3297 (18958): drop_caches: 2
[  811.330464][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  811.431577][   T39] audit: type=1400 audit(2000000775.959:512): avc:  denied  { read } for  pid=18961 comm="syz.2.3299" name="btrfs-control" dev="devtmpfs" ino=1150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  811.450201][   T39] audit: type=1400 audit(2000000775.959:513): avc:  denied  { open } for  pid=18961 comm="syz.2.3299" path="/dev/btrfs-control" dev="devtmpfs" ino=1150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  811.460971][   T39] audit: type=1400 audit(2000000775.959:514): avc:  denied  { ioctl } for  pid=18961 comm="syz.2.3299" path="/dev/btrfs-control" dev="devtmpfs" ino=1150 ioctlcmd=0x54a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  811.654600][   T39] audit: type=1400 audit(2000000776.229:515): avc:  denied  { write } for  pid=18972 comm="syz.3.3303" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  811.712229][ T5214] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  811.886153][T18978] netlink: 'syz.3.3305': attribute type 10 has an invalid length.
[  811.927560][T18978] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3305'.
[  812.045287][ T5214] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  812.410608][T18990] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  812.434570][T18990] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  813.712443][T19025] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  813.723197][ T5214] Bluetooth: hci0: command 0x0419 tx timeout
[  813.726204][T19025] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.028044][T19029] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3319'.
[  814.126753][T19031] sp0: Synchronizing with TNC
[  814.157603][ T5214] Bluetooth: hci0: ISO packet for unknown connection handle 1308
[  814.164997][ T5214] Bluetooth: hci0: Malformed Event: 0x02
[  814.340326][T13139] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  814.363594][ T1358] ieee802154 phy0 wpan0: encryption failed: -22
[  814.366837][ T1358] ieee802154 phy1 wpan1: encryption failed: -22
[  814.408327][T19037] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.415417][    C2] vkms_vblank_simulate: vblank timer overrun
[  814.418410][T19037] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.550436][T13139] usb 7-1: Using ep0 maxpacket: 16
[  814.558989][T13139] usb 7-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  814.565170][T13139] usb 7-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  814.570989][T13139] usb 7-1: config 0 interface 0 has no altsetting 0
[  814.584417][T13139] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  814.588505][T13139] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.593156][T13139] usb 7-1: Product: syz
[  814.595154][T13139] usb 7-1: Manufacturer: syz
[  814.597539][T13139] usb 7-1: SerialNumber: syz
[  814.605779][T13139] usb 7-1: config 0 descriptor??
[  814.612736][T13139] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input29
[  815.341224][T13139] usb 7-1: USB disconnect, device number 14
[  815.859662][T19067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  815.900697][T19067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  816.455210][T19081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  816.472603][T19081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  816.647199][T19084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3332'.
[  817.051496][ T5273] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  817.187245][T19101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  817.243325][ T5273] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 46, changing to 9
[  817.249235][ T5273] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26623, setting to 1024
[  817.263591][ T5273] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  817.269294][ T5273] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  817.280277][ T5273] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  817.289591][ T5273] usb 8-1: config 0 descriptor??
[  817.301605][T19090] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  817.414316][ T5214] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  818.135112][T19121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  818.153929][T19121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  818.753982][ T5273] usbhid 8-1:0.0: can't add hid device: -71
[  818.756626][ T5273] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  818.772637][ T5273] usb 8-1: USB disconnect, device number 4
[  819.187517][T19145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  819.201020][T19145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  819.205977][T19140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3344'.
[  819.286881][ T5222] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  819.293943][ T5222] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  819.298696][ T5222] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  819.304440][ T5222] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  819.308593][ T5222] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  819.313414][ T5222] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  819.408206][   T64] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.518908][   T64] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.644748][   T64] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.657996][T19159] netlink: 'syz.1.3348': attribute type 4 has an invalid length.
[  819.781270][   T64] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.820195][T19159] netlink: 'syz.1.3348': attribute type 4 has an invalid length.
[  819.926566][T19146] chnl_net:caif_netlink_parms(): no params data found
[  820.058186][   T64] bridge_slave_1: left allmulticast mode
[  820.062356][   T64] bridge_slave_1: left promiscuous mode
[  820.066658][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  820.073870][   T64] bridge_slave_0: left allmulticast mode
[  820.076384][   T64] bridge_slave_0: left promiscuous mode
[  820.078936][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  820.813091][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  820.827824][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  820.834524][   T64] bond0 (unregistering): Released all slaves
[  821.119350][T19146] bridge0: port 1(bridge_slave_0) entered blocking state
[  821.122798][T19146] bridge0: port 1(bridge_slave_0) entered disabled state
[  821.126249][T19146] bridge_slave_0: entered allmulticast mode
[  821.129669][T19146] bridge_slave_0: entered promiscuous mode
[  821.136805][T19146] bridge0: port 2(bridge_slave_1) entered blocking state
[  821.141312][T19146] bridge0: port 2(bridge_slave_1) entered disabled state
[  821.144467][T19146] bridge_slave_1: entered allmulticast mode
[  821.147974][T19146] bridge_slave_1: entered promiscuous mode
[  821.241139][T19198] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  821.261031][T19198] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  821.333066][T19146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  821.393152][T19146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  821.410198][ T5222] Bluetooth: hci0: command tx timeout
[  821.478845][T19210] bridge0: port 3(team0) entered disabled state
[  821.509850][T19146] team0: Port device team_slave_0 added
[  821.547208][T19146] team0: Port device team_slave_1 added
[  821.619476][T19201] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3357'.
[  821.674419][T19146] batman_adv: batadv0: Adding interface: batadv_slave_0
[  821.677542][T19146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  821.690467][T19146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  821.711295][   T64] hsr_slave_0: left promiscuous mode
[  821.716658][   T64] hsr_slave_1: left promiscuous mode
[  821.739596][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  821.743433][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  821.747263][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  821.750541][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  821.792570][   T64] veth0_macvtap: left promiscuous mode
[  821.795130][   T64] veth1_vlan: left promiscuous mode
[  821.797310][   T64] veth0_vlan: left promiscuous mode
[  821.830198][T19216] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  821.843163][T19216] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  822.950048][    C2] vkms_vblank_simulate: vblank timer overrun
[  823.075409][   T64] team0 (unregistering): Port device team_slave_1 removed
[  823.225911][   T64] team0 (unregistering): Port device team_slave_0 removed
[  823.490309][ T5222] Bluetooth: hci0: command tx timeout
[  824.219796][T19146] batman_adv: batadv0: Adding interface: batadv_slave_1
[  824.223022][T19146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  824.232964][T19146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  824.270486][T19234] netlink: 'syz.2.3362': attribute type 4 has an invalid length.
[  824.294532][T19235] netlink: 'syz.2.3362': attribute type 4 has an invalid length.
[  824.446826][T19146] hsr_slave_0: entered promiscuous mode
[  824.454230][T19146] hsr_slave_1: entered promiscuous mode
[  824.463012][T19146] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  824.467887][T19146] Cannot create hsr debugfs directory
[  824.708179][T19245] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3365'.
[  824.767832][   T39] audit: type=1400 audit(2000000789.339:516): avc:  denied  { create } for  pid=19243 comm="syz.1.3365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  824.776905][   T39] audit: type=1400 audit(2000000789.349:517): avc:  denied  { bind } for  pid=19243 comm="syz.1.3365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  825.151313][ T5222] Bluetooth: hci1: unexpected subevent 0x19 length: 32 > 28
[  825.154900][ T5222] Bluetooth: hci1: Unable to find connection with handle 0x3270
[  825.570362][ T5222] Bluetooth: hci0: command tx timeout
[  825.624757][T19146] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  825.639798][T19146] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  825.646721][T19146] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  825.659446][T19146] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  825.805412][T19146] 8021q: adding VLAN 0 to HW filter on device bond0
[  825.835016][T19146] 8021q: adding VLAN 0 to HW filter on device team0
[  825.857774][T12790] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.861053][T12790] bridge0: port 1(bridge_slave_0) entered forwarding state
[  825.867014][T19289] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  825.893035][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  825.896131][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  826.062191][T19146] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  826.351823][T19146] 8021q: adding VLAN 0 to HW filter on device batadv0
[  826.465629][T19146] veth0_vlan: entered promiscuous mode
[  826.475802][T19146] veth1_vlan: entered promiscuous mode
[  826.548096][T19146] veth0_macvtap: entered promiscuous mode
[  826.563971][T19146] veth1_macvtap: entered promiscuous mode
[  826.582383][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.587251][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.593623][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.599420][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.604649][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.609325][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.614830][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  826.619471][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.626464][T19146] batman_adv: batadv0: Interface activated: batadv_slave_0
[  826.635780][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.640310][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.644470][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.648594][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.654047][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.659054][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.668108][T19146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  826.672806][T19146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  826.684013][T19146] batman_adv: batadv0: Interface activated: batadv_slave_1
[  826.697781][T19146] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  826.702356][T19146] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  826.705247][T19146] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  826.708007][T19146] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  826.896698][   T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.904550][   T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.921401][  T406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  826.926436][  T406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  826.933664][T19324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  826.964267][T19324] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  826.997595][T19326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  827.011749][T19326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  827.604466][T19343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3378'.
[  827.640177][ T5222] Bluetooth: hci0: command tx timeout
[  827.760489][T19348] FAULT_INJECTION: forcing a failure.
[  827.760489][T19348] name failslab, interval 1, probability 0, space 0, times 0
[  827.777729][T19348] CPU: 0 PID: 19348 Comm: syz.2.3379 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  827.782042][T19348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  827.786712][T19348] Call Trace:
[  827.788655][T19348]  <TASK>
[  827.790015][T19348]  dump_stack_lvl+0x16c/0x1f0
[  827.792129][T19348]  should_fail_ex+0x497/0x5b0
[  827.794239][T19348]  should_failslab+0x9/0x20
[  827.796268][T19348]  kmem_cache_alloc_node_noprof+0x71/0x310
[  827.798880][T19348]  ? __alloc_skb+0x2b1/0x380
[  827.800911][T19348]  __alloc_skb+0x2b1/0x380
[  827.802860][T19348]  ? __pfx___alloc_skb+0x10/0x10
[  827.804889][T19348]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  827.807388][T19348]  netlink_alloc_large_skb+0x69/0x130
[  827.809681][T19348]  netlink_sendmsg+0x689/0xd70
[  827.811741][T19348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  827.813922][T19348]  ? __import_iovec+0x1fd/0x6e0
[  827.815993][T19348]  ____sys_sendmsg+0xab5/0xc90
[  827.817900][T19348]  ? copy_msghdr_from_user+0x10b/0x160
[  827.820095][T19348]  ? __pfx_____sys_sendmsg+0x10/0x10
[  827.825232][T19348]  ? find_held_lock+0x2d/0x110
[  827.827318][T19348]  ? __pfx___lock_acquire+0x10/0x10
[  827.829554][T19348]  ___sys_sendmsg+0x135/0x1e0
[  827.843974][T19348]  ? __pfx____sys_sendmsg+0x10/0x10
[  827.846427][T19348]  ? ksys_write+0x21c/0x260
[  827.848542][T19348]  ? __fget_light+0x173/0x210
[  827.850851][T19348]  __sys_sendmsg+0x117/0x1f0
[  827.852858][T19348]  ? __pfx___sys_sendmsg+0x10/0x10
[  827.855225][T19348]  do_syscall_64+0xcd/0x250
[  827.857250][T19348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  827.859936][T19348] RIP: 0033:0x7f98a9375b59
[  827.861832][T19348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  827.869957][T19348] RSP: 002b:00007f98a8dff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  827.873953][T19348] RAX: ffffffffffffffda RBX: 00007f98a9505f60 RCX: 00007f98a9375b59
[  827.877410][T19348] RDX: 0000000000000000 RSI: 0000000020000dc0 RDI: 0000000000000003
[  827.881509][T19348] RBP: 00007f98a8dff0a0 R08: 0000000000000000 R09: 0000000000000000
[  827.885039][T19348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  827.888650][T19348] R13: 000000000000000b R14: 00007f98a9505f60 R15: 00007ffe24e1dc08
[  827.892348][T19348]  </TASK>
[  828.374540][T19374] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  828.391091][T19374] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  828.419070][T19326] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  829.411240][T19406] overlayfs: missing 'workdir'
[  829.658533][T19414] FAULT_INJECTION: forcing a failure.
[  829.658533][T19414] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  829.665403][T19414] CPU: 1 PID: 19414 Comm: syz.1.3402 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  829.669591][T19414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  829.674064][T19414] Call Trace:
[  829.675465][T19414]  <TASK>
[  829.676660][T19414]  dump_stack_lvl+0x16c/0x1f0
[  829.678965][T19414]  should_fail_ex+0x497/0x5b0
[  829.680846][T19414]  _copy_from_user+0x30/0xf0
[  829.682671][T19414]  mfill_atomic_copy+0x1259/0x1e40
[  829.684639][T19414]  ? __pfx___might_resched+0x10/0x10
[  829.686505][T19414]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  829.688644][T19414]  ? __might_fault+0xe3/0x190
[  829.690505][T19414]  userfaultfd_ioctl+0x2f20/0x5f20
[  829.692508][T19414]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  829.694810][T19414]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  829.697163][T19414]  ? ioctl_has_perm.constprop.0.isra.0+0x2f0/0x470
[  829.700036][T19414]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[  829.702898][T19414]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  829.705879][T19414]  ? selinux_file_ioctl+0x180/0x270
[  829.708126][T19414]  ? selinux_file_ioctl+0xb4/0x270
[  829.710356][T19414]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  829.712892][T19414]  ? __x64_sys_ioctl+0x193/0x220
[  829.714884][T19414]  __x64_sys_ioctl+0x193/0x220
[  829.716960][T19414]  do_syscall_64+0xcd/0x250
[  829.718938][T19414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.721489][T19414] RIP: 0033:0x7f3c92f75b59
[  829.723426][T19414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  829.725129][ T5222] Bluetooth: hci0: command 0x0401 tx timeout
[  829.731891][T19414] RSP: 002b:00007f3c93d51048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  829.731914][T19414] RAX: ffffffffffffffda RBX: 00007f3c93105f60 RCX: 00007f3c92f75b59
[  829.731927][T19414] RDX: 0000000020000080 RSI: 00000000c028aa03 RDI: 0000000000000003
[  829.731938][T19414] RBP: 00007f3c93d510a0 R08: 0000000000000000 R09: 0000000000000000
[  829.731948][T19414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  829.731959][T19414] R13: 000000000000000b R14: 00007f3c93105f60 R15: 00007ffd72d8c048
[  829.731972][T19414]  </TASK>
[  829.799402][T19417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  829.807907][T19417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  830.574544][T19433] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3407'.
[  830.663641][   T39] audit: type=1400 audit(2000000795.239:518): avc:  denied  { ioctl } for  pid=19435 comm="syz.1.3408" path="socket:[78678]" dev="sockfs" ino=78678 ioctlcmd=0x4944 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  830.773037][T19435] delete_channel: no stack
[  830.810027][T19441] netlink: 'syz.2.3406': attribute type 4 has an invalid length.
[  830.898583][T19442] netlink: 'syz.2.3406': attribute type 4 has an invalid length.
[  831.042410][T19446] tmpfs: Bad value for 'nr_inodes'
[  831.764005][   T39] audit: type=1400 audit(2000000796.349:519): avc:  denied  { getopt } for  pid=19459 comm="syz.3.3414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  832.397240][   T39] audit: type=1400 audit(2000000796.969:520): avc:  denied  { ioctl } for  pid=19462 comm="syz.0.3416" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3314 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  832.409460][T19463] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22
[  832.441953][   T39] audit: type=1400 audit(2000000797.009:521): avc:  denied  { mount } for  pid=19462 comm="syz.0.3416" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  832.668126][T19469] Driver unsupported XDP return value 0 on prog  (id 1094) dev N/A, expect packet loss!
[  832.693732][T19469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3417'.
[  832.829015][  T406] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.041322][ T5222] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  833.069490][ T5214] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  833.080372][ T5214] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  833.103333][ T5214] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  833.109330][ T5214] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  833.114277][ T5214] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  833.119961][ T5214] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  833.123319][  T406] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.411320][  T406] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.532577][  T406] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.904288][    C0] vkms_vblank_simulate: vblank timer overrun
[  833.997886][  T406] team0: left allmulticast mode
[  834.000931][  T406] team_slave_0: left allmulticast mode
[  834.003869][  T406] team_slave_1: left allmulticast mode
[  834.006582][  T406] bridge0: port 3(team0) entered disabled state
[  834.031412][  T406] bridge_slave_1: left allmulticast mode
[  834.034195][  T406] bridge_slave_1: left promiscuous mode
[  834.036937][  T406] bridge0: port 2(bridge_slave_1) entered disabled state
[  834.170840][  T406] bridge_slave_0: left allmulticast mode
[  834.173516][  T406] bridge_slave_0: left promiscuous mode
[  834.176269][  T406] bridge0: port 1(bridge_slave_0) entered disabled state
[  834.959563][  T406] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  834.965591][  T406] bond_slave_0: left promiscuous mode
[  834.991560][  T406] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  834.996634][  T406] bond_slave_1: left promiscuous mode
[  835.005539][  T406] bond0 (unregistering): Released all slaves
[  835.017137][  T406] bond1 (unregistering): Released all slaves
[  835.166744][ T5222] Bluetooth: hci2: command tx timeout
[  835.179285][T19480] chnl_net:caif_netlink_parms(): no params data found
[  835.797596][T19480] bridge0: port 1(bridge_slave_0) entered blocking state
[  835.802831][T19480] bridge0: port 1(bridge_slave_0) entered disabled state
[  835.806257][T19480] bridge_slave_0: entered allmulticast mode
[  835.810641][T19480] bridge_slave_0: entered promiscuous mode
[  835.844209][T19480] bridge0: port 2(bridge_slave_1) entered blocking state
[  835.847250][T19480] bridge0: port 2(bridge_slave_1) entered disabled state
[  835.850526][T19480] bridge_slave_1: entered allmulticast mode
[  835.854412][T19480] bridge_slave_1: entered promiscuous mode
[  835.924183][T19524] tmpfs: Unknown parameter 'îgš’?þ•ÍXÁÈnr_in¶¡8é#'‡>À×Îßt	Vos'
[  836.020941][T19480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  836.032533][T19480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  836.073673][  T406] hsr_slave_0: left promiscuous mode
[  836.089915][  T406] hsr_slave_1: left promiscuous mode
[  836.096894][  T406] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  836.100384][  T406] batman_adv: batadv0: Removing interface: batadv_slave_0
[  836.118223][  T406] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  836.123218][  T406] batman_adv: batadv0: Removing interface: batadv_slave_1
[  836.163919][  T406] veth0_macvtap: left promiscuous mode
[  836.179959][   T39] audit: type=1400 audit(2000000800.749:522): avc:  denied  { mount } for  pid=19523 comm="syz.0.3429" name="/" dev="pstore" ino=5026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  836.180200][  T406] veth1_vlan: left promiscuous mode
[  836.197885][  T406] 
€Â: left promiscuous mode
[  836.203221][   T39] audit: type=1400 audit(2000000800.749:523): avc:  denied  { mounton } for  pid=19523 comm="syz.0.3429" path="/465/file0" dev="pstore" ino=5026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=dir permissive=1
[  836.389312][   T39] audit: type=1400 audit(2000000800.959:524): avc:  denied  { nlmsg_read } for  pid=19529 comm="syz.3.3430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  836.890985][   T39] audit: type=1400 audit(2000000801.469:525): avc:  denied  { unmount } for  pid=11596 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  837.240340][ T5222] Bluetooth: hci2: command tx timeout
[  837.518220][  T406] team_slave_1 (unregistering): left promiscuous mode
[  837.526159][  T406] team0 (unregistering): Port device team_slave_1 removed
[  837.633307][  T406] team_slave_0 (unregistering): left promiscuous mode
[  837.639742][  T406] team0 (unregistering): Port device team_slave_0 removed
[  838.665207][T19480] team0: Port device team_slave_0 added
[  838.693883][T19480] team0: Port device team_slave_1 added
[  838.694968][   T39] audit: type=1400 audit(2000000803.279:526): avc:  denied  { read } for  pid=19542 comm="syz.2.3435" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  838.737911][   T39] audit: type=1400 audit(2000000803.279:527): avc:  denied  { open } for  pid=19542 comm="syz.2.3435" path="/426/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  838.823802][T19480] batman_adv: batadv0: Adding interface: batadv_slave_0
[  838.827335][T19480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.839925][T19480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  838.847373][T19480] batman_adv: batadv0: Adding interface: batadv_slave_1
[  838.850572][T19480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  838.862469][T19480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  838.906920][ T5222] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  838.926230][T19555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  838.957785][T19555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  839.207812][T19480] hsr_slave_0: entered promiscuous mode
[  839.231924][T19480] hsr_slave_1: entered promiscuous mode
[  839.234894][T19480] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  839.238139][T19480] Cannot create hsr debugfs directory
[  839.323674][ T5222] Bluetooth: hci2: command tx timeout
[  839.383981][ T5214] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  839.392816][ T5214] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  839.398419][ T5214] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  839.411850][T14610] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  839.417875][T14610] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  839.426096][T14610] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  839.717705][  T406] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  839.858559][  T406] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.002491][  T406] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.152634][  T406] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.281758][T19566] chnl_net:caif_netlink_parms(): no params data found
[  840.297190][T19480] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  840.322795][T19480] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  840.333476][T19480] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  840.453484][T19480] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  840.722296][  T406] bridge_slave_1: left allmulticast mode
[  840.724785][  T406] bridge_slave_1: left promiscuous mode
[  840.726867][  T406] bridge0: port 2(bridge_slave_1) entered disabled state
[  840.743563][  T406] bridge_slave_0: left allmulticast mode
[  840.746094][  T406] bridge_slave_0: left promiscuous mode
[  840.748569][  T406] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.092503][T19612] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  841.103039][T19612] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  841.328267][  T406] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  841.336665][  T406] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  841.344663][  T406] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  841.356200][  T406] veth1_vlan: left allmulticast mode
[  841.362884][  T406] bond0 (unregistering): Released all slaves
[  841.383971][T19566] bridge0: port 1(bridge_slave_0) entered blocking state
[  841.386934][T19566] bridge0: port 1(bridge_slave_0) entered disabled state
[  841.393660][T19566] bridge_slave_0: entered allmulticast mode
[  841.397900][T19566] bridge_slave_0: entered promiscuous mode
[  841.400263][ T5222] Bluetooth: hci2: command tx timeout
[  841.403360][T19566] bridge0: port 2(bridge_slave_1) entered blocking state
[  841.403444][T19566] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.403572][T19566] bridge_slave_1: entered allmulticast mode
[  841.417433][T19566] bridge_slave_1: entered promiscuous mode
[  841.491766][ T5222] Bluetooth: hci1: command tx timeout
[  841.531913][T19566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  841.555085][T19566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  841.784972][T19566] team0: Port device team_slave_0 added
[  841.896544][ T5222] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  841.906780][T19566] team0: Port device team_slave_1 added
[  842.106875][T19566] batman_adv: batadv0: Adding interface: batadv_slave_0
[  842.110273][T19566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.123278][T19566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.204549][  T406] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  842.209222][  T406] batman_adv: batadv0: Removing interface: batadv_slave_0
[  842.219320][  T406] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  842.225386][  T406] batman_adv: batadv0: Removing interface: batadv_slave_1
[  842.267958][  T406] veth0_macvtap: left promiscuous mode
[  842.272351][  T406] veth1_vlan: left promiscuous mode
[  842.276110][  T406] veth0_vlan: left promiscuous mode
[  842.510242][T19644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  842.540953][T19644] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  843.456442][  T406] team0 (unregistering): Port device team_slave_1 removed
[  843.565730][ T5222] Bluetooth: hci1: command tx timeout
[  843.602014][  T406] team0 (unregistering): Port device team_slave_0 removed
[  844.437529][T19566] batman_adv: batadv0: Adding interface: batadv_slave_1
[  844.440866][T19566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  844.453641][T19566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  844.662953][T19566] hsr_slave_0: entered promiscuous mode
[  844.669443][T19566] hsr_slave_1: entered promiscuous mode
[  844.675770][T19566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  844.679224][T19566] Cannot create hsr debugfs directory
[  844.693797][T19480] 8021q: adding VLAN 0 to HW filter on device bond0
[  844.849476][T19480] 8021q: adding VLAN 0 to HW filter on device team0
[  844.936957][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  844.940036][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  844.945774][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  844.949142][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  845.176109][T19480] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  845.180810][T19480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  845.418337][T19669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  845.451942][T19669] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  845.653916][ T5222] Bluetooth: hci1: command tx timeout
[  845.663584][T19480] 8021q: adding VLAN 0 to HW filter on device batadv0
[  845.786336][T19480] veth0_vlan: entered promiscuous mode
[  845.810777][T19480] veth1_vlan: entered promiscuous mode
[  845.823897][T19566] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  845.843258][T19566] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  845.851013][T19566] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  845.860679][T19566] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  845.915914][T19480] veth0_macvtap: entered promiscuous mode
[  845.946735][T19480] veth1_macvtap: entered promiscuous mode
[  845.990539][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.005626][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.025583][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.029672][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.049779][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.054370][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.063360][T19480] batman_adv: batadv0: Interface activated: batadv_slave_0
[  846.084326][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.088675][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.094483][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.099424][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.104683][T19480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.109291][T19480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.119715][T19480] batman_adv: batadv0: Interface activated: batadv_slave_1
[  846.158589][T19480] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  846.163149][T19480] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  846.167883][T19480] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  846.173022][T19480] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.279476][T19566] 8021q: adding VLAN 0 to HW filter on device bond0
[  846.303106][T14054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  846.307857][T14054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  846.324488][T19566] 8021q: adding VLAN 0 to HW filter on device team0
[  846.362677][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.365856][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  846.397271][T19322] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.400296][T19322] bridge0: port 2(bridge_slave_1) entered forwarding state
[  846.406254][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  846.422869][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  846.491129][T19688] netlink: 'syz.1.3421': attribute type 10 has an invalid length.
[  846.509517][T19688] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  846.659627][T19566] 8021q: adding VLAN 0 to HW filter on device batadv0
[  846.702831][T19669] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  846.762102][T19566] veth0_vlan: entered promiscuous mode
[  846.781445][T19566] veth1_vlan: entered promiscuous mode
[  846.822548][T19566] veth0_macvtap: entered promiscuous mode
[  846.832215][T19566] veth1_macvtap: entered promiscuous mode
[  846.853985][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.858866][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.864914][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.870871][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.875101][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.880972][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.886532][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  846.891522][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.898303][T19566] batman_adv: batadv0: Interface activated: batadv_slave_0
[  846.912230][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.916969][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.923318][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.928785][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.940562][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.970617][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.985204][T19566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  846.991769][T19566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  846.999261][T19566] batman_adv: batadv0: Interface activated: batadv_slave_1
[  847.021123][T19566] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  847.025307][T19566] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  847.029456][T19566] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  847.035056][T19566] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  847.066706][T19700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  847.086570][T19700] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  847.190854][T14054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.194413][T14054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.299242][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  847.305186][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  847.475596][   T39] audit: type=1400 audit(2000000812.049:528): avc:  denied  { sqpoll } for  pid=19703 comm="syz.0.3439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  847.570278][ T5222] Bluetooth: hci0: command 0x0401 tx timeout
[  847.720359][ T5222] Bluetooth: hci1: command tx timeout
[  847.955265][T19717] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.010073][T19717] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.076259][T19719] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.091438][T19719] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.354620][T19730] netlink: 'syz.2.3461': attribute type 1 has an invalid length.
[  848.384908][T19733] FAULT_INJECTION: forcing a failure.
[  848.384908][T19733] name failslab, interval 1, probability 0, space 0, times 0
[  848.402427][T19733] CPU: 3 PID: 19733 Comm: syz.1.3462 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  848.404713][T19730] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3461'.
[  848.406634][T19733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  848.415751][T19730] 8021q: adding VLAN 0 to HW filter on device bond1
[  848.415948][T19733] Call Trace:
[  848.415960][T19733]  <TASK>
[  848.421892][T19733]  dump_stack_lvl+0x16c/0x1f0
[  848.423859][T19733]  should_fail_ex+0x497/0x5b0
[  848.425913][T19733]  should_failslab+0x9/0x20
[  848.427945][T19733]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  848.430283][T19733]  ? security_file_alloc+0x41/0x260
[  848.432582][T19733]  security_file_alloc+0x41/0x260
[  848.434558][T19733]  ? kmem_cache_alloc_noprof+0x174/0x2f0
[  848.436768][T19733]  init_file+0x99/0x260
[  848.438411][T19733]  alloc_empty_file+0x91/0x1e0
[  848.440405][T19733]  alloc_file_pseudo+0x147/0x210
[  848.442608][T19733]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  848.444749][T19733]  ? __pfx_inode_set_ctime_current+0x10/0x10
[  848.447105][T19733]  create_pipe_files+0x35f/0x7e0
[  848.449054][T19733]  do_pipe2+0xb0/0x1d0
[  848.450694][T19733]  ? __pfx_do_pipe2+0x10/0x10
[  848.452981][T19733]  ? ksys_write+0x1ab/0x260
[  848.455093][T19733]  ? __secure_computing+0x273/0x3f0
[  848.457617][T19733]  __x64_sys_pipe2+0x54/0x80
[  848.459693][T19733]  do_syscall_64+0xcd/0x250
[  848.461552][T19733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.464152][T19733] RIP: 0033:0x7f9348775b59
[  848.466118][T19733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.474411][T19733] RSP: 002b:00007f9349516048 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  848.478181][T19733] RAX: ffffffffffffffda RBX: 00007f9348905f60 RCX: 00007f9348775b59
[  848.481694][T19733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  848.485156][T19733] RBP: 00007f93495160a0 R08: 0000000000000000 R09: 0000000000000000
[  848.488618][T19733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.492070][T19733] R13: 000000000000000b R14: 00007f9348905f60 R15: 00007ffc33796498
[  848.495567][T19733]  </TASK>
[  848.497091][    C3] vkms_vblank_simulate: vblank timer overrun
[  848.505017][T19730] bond1: entered promiscuous mode
[  848.507189][T19730] bond1: entered allmulticast mode
[  848.517653][T19734] syzkaller1: entered promiscuous mode
[  848.520324][T19734] syzkaller1: entered allmulticast mode
[  848.615436][T19738] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3464'.
[  848.667883][T19742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.678429][T19742] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  848.709343][T19744] FAULT_INJECTION: forcing a failure.
[  848.709343][T19744] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  848.715869][T19744] CPU: 1 PID: 19744 Comm: syz.1.3467 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  848.720933][T19744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  848.725534][T19744] Call Trace:
[  848.726958][T19744]  <TASK>
[  848.728225][T19744]  dump_stack_lvl+0x16c/0x1f0
[  848.730248][T19744]  should_fail_ex+0x497/0x5b0
[  848.732535][T19744]  _copy_from_user+0x30/0xf0
[  848.734505][T19744]  mmc_ioctl_dvd_auth+0x12e/0x230
[  848.736766][T19744]  ? __pfx_mmc_ioctl_dvd_auth+0x10/0x10
[  848.739494][T19744]  cdrom_ioctl+0x2da5/0x3290
[  848.741490][T19744]  ? mark_lock+0xb5/0xc60
[  848.743326][T19744]  ? __pfx_cdrom_ioctl+0x10/0x10
[  848.745206][T19744]  ? __pfx_mark_lock+0x10/0x10
[  848.747042][T19744]  ? trace_rpm_return_int+0x19d/0x220
[  848.749311][T19744]  ? rpm_resume+0x81d/0x1330
[  848.751338][T19744]  ? find_held_lock+0x2d/0x110
[  848.753459][T19744]  ? __pm_runtime_resume+0xc3/0x170
[  848.755704][T19744]  ? __pfx_lock_release+0x10/0x10
[  848.757679][T19744]  ? lockdep_hardirqs_on+0x7c/0x110
[  848.759631][T19744]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  848.761577][T19744]  ? __pm_runtime_resume+0xc3/0x170
[  848.763569][T19744]  sr_block_ioctl+0x1b0/0x250
[  848.765563][T19744]  ? __pfx_sr_block_ioctl+0x10/0x10
[  848.767717][T19744]  blkdev_ioctl+0x27c/0x6e0
[  848.769631][T19744]  ? __pfx_blkdev_ioctl+0x10/0x10
[  848.772118][T19744]  ? selinux_file_ioctl+0xb4/0x270
[  848.775294][T19744]  ? __pfx_blkdev_ioctl+0x10/0x10
[  848.777504][T19744]  __x64_sys_ioctl+0x193/0x220
[  848.779542][T19744]  do_syscall_64+0xcd/0x250
[  848.781364][T19744]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.783787][T19744] RIP: 0033:0x7f9348775b59
[  848.785716][T19744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.794138][T19744] RSP: 002b:00007f9349516048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  848.797965][T19744] RAX: ffffffffffffffda RBX: 00007f9348905f60 RCX: 00007f9348775b59
[  848.801568][T19744] RDX: 0000000020000240 RSI: 0000000000005392 RDI: 0000000000000003
[  848.804851][T19744] RBP: 00007f93495160a0 R08: 0000000000000000 R09: 0000000000000000
[  848.807925][T19744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.811084][T19744] R13: 000000000000000b R14: 00007f9348905f60 R15: 00007ffc33796498
[  848.814783][T19744]  </TASK>
[  848.906593][T19751] bridge0: port 1(bridge_slave_0) entered blocking state
[  848.909355][T19751] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  848.913204][T19751] bridge0: port 1(bridge_slave_0) entered forwarding state
[  849.170375][ T5222] Bluetooth: hci0: ISO packet for unknown connection handle 0
[  849.405149][T19719] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  849.653857][T19774] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3475'.
[  849.754759][T19776] Bluetooth: MGMT ver 1.23
[  850.230256][ T5222] Bluetooth: hci0: command 0x0401 tx timeout
[  850.750967][    C3] vkms_vblank_simulate: vblank timer overrun
[  851.164168][ T5222] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  851.560031][T19842] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  851.709556][T19846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  851.729519][T19846] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  852.389020][T19858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  852.397981][T19858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  853.457064][T19890] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  853.920592][T19900] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  853.933422][T19900] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  855.316574][T19923] ./file0: Can't lookup blockdev
[  855.332824][   T11] kworker/u32:0 (11) used greatest stack depth: 20544 bytes left
[  855.617428][ T5222] Bluetooth: hci2: ISO packet for unknown connection handle 0
[  855.878412][ T5222] ==================================================================
[  855.882477][ T5222] BUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xd0/0x130
[  855.888348][ T5222] Write of size 8 at addr 0000000000000518 by task kworker/u33:6/5222
[  855.909141][ T5222] 
[  855.910262][ T5222] CPU: 1 PID: 5222 Comm: kworker/u33:6 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  855.914241][ T5222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  855.919424][ T5222] Workqueue: hci0 hci_rx_work
[  855.921356][ T5222] Call Trace:
[  855.922610][ T5222]  <TASK>
[  855.927385][ T5222]  dump_stack_lvl+0x116/0x1f0
[  855.935720][ T5222]  kasan_report+0xd9/0x110
[  855.937827][ T5222]  ? l2cap_sock_resume_cb+0xd0/0x130
[  855.940747][ T5222]  ? l2cap_sock_resume_cb+0xd0/0x130
[  855.943386][ T5222]  kasan_check_range+0xef/0x1a0
[  855.945874][ T5222]  l2cap_sock_resume_cb+0xd0/0x130
[  855.948221][ T5222]  l2cap_security_cfm+0x78d/0x11d0
[  855.950680][ T5222]  ? __mutex_lock+0x1a6/0x9c0
[  855.952948][ T5222]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  855.955433][ T5222]  ? hci_encrypt_cfm+0x124/0x720
[  855.957640][ T5222]  ? find_held_lock+0x2d/0x110
[  855.959705][ T5222]  ? __pfx___mutex_lock+0x10/0x10
[  855.961847][ T5222]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  855.964198][ T5222]  hci_encrypt_cfm+0x194/0x720
[  855.966243][ T5222]  hci_encrypt_change_evt+0x554/0x10f0
[  855.968643][ T5222]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  855.971177][ T5222]  ? skb_pull_data+0x166/0x210
[  855.973209][ T5222]  hci_event_packet+0x9eb/0x1180
[  855.975322][ T5222]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  855.977559][ T5222]  ? __pfx_hci_event_packet+0x10/0x10
[  855.979580][ T5222]  ? kcov_remote_start+0x3e1/0x6e0
[  855.981501][ T5222]  hci_rx_work+0x2c6/0x1610
[  855.983188][ T5222]  process_one_work+0x9c5/0x1b40
[  855.984903][ T5222]  ? __pfx_lock_acquire+0x10/0x10
[  855.986583][ T5222]  ? __pfx_process_one_work+0x10/0x10
[  855.988886][ T5222]  ? assign_work+0x1a0/0x250
[  855.990661][ T5222]  worker_thread+0x6c8/0xf20
[  855.992466][ T5222]  ? __pfx_worker_thread+0x10/0x10
[  855.994418][ T5222]  kthread+0x2c1/0x3a0
[  855.996107][ T5222]  ? _raw_spin_unlock_irq+0x23/0x50
[  855.998366][ T5222]  ? __pfx_kthread+0x10/0x10
[  856.000405][ T5222]  ret_from_fork+0x45/0x80
[  856.002335][ T5222]  ? __pfx_kthread+0x10/0x10
[  856.004335][ T5222]  ret_from_fork_asm+0x1a/0x30
[  856.006376][ T5222]  </TASK>
[  856.007715][ T5222] ==================================================================
[  856.020187][ T5222] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  856.023318][ T5222] CPU: 0 PID: 5222 Comm: kworker/u33:6 Not tainted 6.10.0-syzkaller-11185-g2c9b3512402e #0
[  856.027760][ T5222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  856.032128][ T5222] Workqueue: hci0 hci_rx_work
[  856.033946][ T5222] Call Trace:
[  856.035236][ T5222]  <TASK>
[  856.036399][ T5222]  dump_stack_lvl+0x3d/0x1f0
[  856.038248][ T5222]  panic+0x6f5/0x7a0
[  856.039915][ T5222]  ? __pfx_panic+0x10/0x10
[  856.041788][ T5222]  ? irqentry_exit+0x3b/0x90
[  856.043750][ T5222]  ? lockdep_hardirqs_on+0x7c/0x110
[  856.045940][ T5222]  ? preempt_schedule_thunk+0x1a/0x30
[  856.048199][ T5222]  ? preempt_schedule_common+0x44/0xc0
[  856.050516][ T5222]  check_panic_on_warn+0xab/0xb0
[  856.052745][ T5222]  end_report+0x117/0x180
[  856.054660][ T5222]  kasan_report+0xe9/0x110
[  856.056539][ T5222]  ? l2cap_sock_resume_cb+0xd0/0x130
[  856.058381][ T5222]  ? l2cap_sock_resume_cb+0xd0/0x130
[  856.061010][ T5222]  kasan_check_range+0xef/0x1a0
[  856.062990][ T5222]  l2cap_sock_resume_cb+0xd0/0x130
[  856.064798][ T5222]  l2cap_security_cfm+0x78d/0x11d0
[  856.066759][ T5222]  ? __mutex_lock+0x1a6/0x9c0
[  856.068766][ T5222]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  856.071106][ T5222]  ? hci_encrypt_cfm+0x124/0x720
[  856.073135][ T5222]  ? find_held_lock+0x2d/0x110
[  856.075012][ T5222]  ? __pfx___mutex_lock+0x10/0x10
[  856.076796][ T5222]  ? __pfx_l2cap_security_cfm+0x10/0x10
[  856.078625][ T5222]  hci_encrypt_cfm+0x194/0x720
[  856.080245][ T5222]  hci_encrypt_change_evt+0x554/0x10f0
[  856.082065][ T5222]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  856.084507][ T5222]  ? skb_pull_data+0x166/0x210
[  856.086379][ T5222]  hci_event_packet+0x9eb/0x1180
[  856.088286][ T5222]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[  856.090535][ T5222]  ? __pfx_hci_event_packet+0x10/0x10
[  856.092870][ T5222]  ? kcov_remote_start+0x3e1/0x6e0
[  856.095095][ T5222]  hci_rx_work+0x2c6/0x1610
[  856.097153][ T5222]  process_one_work+0x9c5/0x1b40
[  856.099331][ T5222]  ? __pfx_lock_acquire+0x10/0x10
[  856.101418][ T5222]  ? __pfx_process_one_work+0x10/0x10
[  856.103846][ T5222]  ? assign_work+0x1a0/0x250
[  856.106048][ T5222]  worker_thread+0x6c8/0xf20
[  856.108670][ T5222]  ? __pfx_worker_thread+0x10/0x10
[  856.110931][ T5222]  kthread+0x2c1/0x3a0
[  856.112829][ T5222]  ? _raw_spin_unlock_irq+0x23/0x50
[  856.115134][ T5222]  ? __pfx_kthread+0x10/0x10
[  856.117254][ T5222]  ret_from_fork+0x45/0x80
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  856.119007][ T5222]  ? __pfx_kthread+0x10/0x10
[  856.120991][ T5222]  ret_from_fork_asm+0x1a/0x30
[  856.123070][ T5222]  </TASK>
[  856.124887][ T5222] Kernel Offset: disabled
[  856.126797][ T5222] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:17:28  Registers:
info registers vcpu 0

CPU#0
RAX=00000000011d2757 RBX=0000000000000000 RCX=ffffffff8aeeb249 RDX=0000000000000000
RSI=ffffffff8b2cbac0 RDI=ffffffff8b909200 RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20
R8 =0000000000000001 R9 =ffffed100d606fe1 R10=ffff88806b037f0b R11=0000000000000000
R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe75158 R15=0000000000000000
RIP=ffffffff8aeec63f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b30316ff8 CR3=00000000298bc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a0d8 ffffffff8100a093
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a093
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81ceb279 ffffffff81ceb279 ffffffff81ceb216 ffffffff81ceb216
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eed23d100 00007f1eec6d4440 00007f1e00040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec6d4498 00007f1eec6d4490 00007f1eec6d4488 00007f1eec6d4480
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000da4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff84fca565 RDI=ffffffff94e406e0 RBP=ffffffff94e406a0 RSP=ffffc9000357f340
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303030307257
R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fca500 R15=0000000000000000
RIP=ffffffff84fca58f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c01300
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c01300
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b100000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000020019680 CR3=00000000298bc000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8100a093 ffffffff8100a093
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a093
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98a93e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8436a94f ffffffff8436a7f1 ffffffff820f3122 ffffffff820f30ce
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8436a99f ffffffff8436a96d ffffffff00040008 0000000f0010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff820f3122 ffffffff820f30ce ffffffff814f9e87 ffffffff814f9e6d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f5258a44b67ad4e4 813ee4009280c443 edf136f8f8e15e3f bae3c25af125cd94
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 94917d934debb3eb 6341af5773edb1fe 959529aa7ccedbc4 1d3819b7cb53e317
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0da2ddea14d9ab0c 8e9da6a27b136f4e c9ba777451638336 928f1dc4240cace4
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9aff2422c7ee60a7 b1eda32faff71767 63d5a213204eab6e 534a2140deca09c3
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000ba9e5f RBX=0000000000000002 RCX=ffffffff8aeeb249 RDX=0000000000000000
RSI=ffffffff8b2cbac0 RDI=ffffffff8b909200 RBP=ffffed1002fda000 RSP=ffffc90000197e08
R8 =0000000000000001 R9 =ffffed100d646fe1 R10=ffff88806b237f0b R11=0000000000000000
R12=0000000000000002 R13=ffff888017ed0000 R14=ffffffff8fe75158 R15=0000000000000000
RIP=ffffffff8aeec63f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b200000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000001b3031aff8 CR3=000000002bd24000 CR4=00350ef0
DR0=0000000000000158 DR1=00000000872c9164 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8130765d ffffffff8130763d
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8130763d ffffffff8130765d
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8130765d
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f93487e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8436a94f ffffffff8436a7f1 ffffffff820f3122 ffffffff820f30ce
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8436a99f ffffffff8436a96d ffffffff00040008 000c00000010000c
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff820f3122 ffffffff820f30ce ffffffff814f9e87 ffffffff814f9e6d
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f5258a44b67ad4e4 813ee4009280c443 edf136f8f8e15e3f bae3c25af125cd94
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 94917d934debb3eb 6341af5773edb1fe 959529aa7ccedbc4 1d3819b7cb53e317
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0da2ddea14d9ab0c 8e9da6a27b136f4e c9ba777451638336 928f1dc4240cace4
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9aff2422c7ee60a7 b1eda32faff71767 63d5a213204eab6e 534a2140deca09c3
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=ffffffff942ce4f0 RBX=000000000000075f RCX=ffffffff81673f2e RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff942ce4e8 RBP=ffffc900060678b8 RSP=ffffc90006067750
R8 =0000000000000000 R9 =fffffbfff2859c9d R10=ffffffff942ce4ef R11=0000000000000000
R12=ffff8880228b4880 R13=0000000000000004 R14=0000000000000002 R15=1ffff92000c0cef6
RIP=ffffffff81e69a3b RFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88806b300000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007f1eed3affa8 CR3=000000001259e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc7833c220 0000003000000018
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4337
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4344
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e433e
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e4352
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e43d8
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1eec5e44b6
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000da4
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000da4
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000